Categories


Archives


Recent Posts


Categories


Don’t Rely on Super Users for Development

astorm

Frustrated by Magento? Then you’ll love Commerce Bug, the must have debugging extension for anyone using Magento. Whether you’re just starting out or you’re a seasoned pro, Commerce Bug will save you and your team hours everyday. Grab a copy and start working with Magento instead of against it.

Updated for Magento 2! No Frills Magento Layout is the only Magento front end book you'll ever need. Get your copy today!

Just a quick bit of advice for folks getting into Magento 2 development, which probably applies to Magento 2 development as well. If you’re building backend admin components, it’s a good idea to not rely on the default, Super User admin account when you’re developing and testing.

There’s a few parts of the admin system that are completely bypassed for super users. For example, Magento admin controllers require an _isAllowed method where, as a module developer, you need to perform an ACL check. If you don’t perform this check, users will be rejected for having in sufficient permission. However, if you’re logged in as a super user, this check is de-facto skipped, and you’ll probably ship a module without the _isAllowed method, and no regular users will be able to access your feature.

I’ve gotten in the habit of creating a “Non Super User Admin” role that has every system permission assigned, and using that day to day for development. This way I’m sidestepping any potential use cases where a super user account behaves differently than a fully permissions regular user account.

Copyright © Alan Storm 1975 – 2019 All Rights Reserved

Originally Posted: 29th April 2016