additional_permissions. Let's start with the normal permissions.
permissionsthis is usually the module name,
productin this case. Other keys could be for example
customers. The key is used to group the admin privileges, as seen in the picture above.
viewer: The viewer is allowed to view entities
editor: The editor is allowed to edit entities
creator: The Creator is allowed to create new entities
deleter: The Deleter is allowed to delete entities
permissions, which represent CRUD functionality, there are also
additional_permissions. These are intended for all functions that cannot be represented by CRUD.
additional_permissionshave their own card below the normal permissions grid. An example for
additional_permissionswould be: "clearing the cache". This is an individual action without CRUD functionalities. The key is still used for grouping. Therefore the role can be individual and does not have to follow the scheme.
addPrivilegeMappingEntryof the privilege service:
permissionsgrid or in the
permissionseach role will be in the same row.
additional_permissions: Use a custom key because the additional permissions don´t enforce a structure.
entity_name:operation, e.g. 'product:read'.
addPrivilegeMappingEntryto add a new entry:
main.jsfile which has to be placed in the
<plugin root>/src/Resources/app/administration/srcdirectory in order to be automatically found by Shopware 6.
additional_permissionsyou need to set
additional_permissionsin the property category. The main difference to normal permissions is that you can choose every role key you want.
systemto group the permission together with other system specific permissions. However, you can feel free to add your own names here.
getPrivilegesof the service.
product.viewerautomatically have access to all privileges from the
metaproperty in your route:
privilegeto your navigation settings to hide it:
aclservice to check if the user has the correct privileges to view or edit things, regardless of location in your app. The method you need is
acl.can(identifier): It checks automatically if the user has admin rights or the privilege for the identifier.
Shopware.Service('acl')) or inject the service in your component:
activewhich then returns a boolean or just the property
activeas boolean. In our case we need a function to check if the user has the privilege required to use the shortcut.