Skip to content

[Issue] Add ACL role ID to category tree cache id #28306

Closed
@ghost

Description

This issue is automatically created based on existing pull request: #27429: Add ACL role ID to category tree cache id


Preconditions: (*)

When an admin user views a product's category tree (by editing a product), the category tree is cached with an ID akin to CATALOG_PRODUCT_CATEGORY_TREE_0_ (the $filter option is not used in the Magento codebase).

This is not compatible with admin users that have limited Role Scopes. If the first admin user to view a product category tree has access to all websites (e.g. Administrator), this then caches the full category tree for all websites. Then the limited admin user will also see this full category tree even if they should be limited to a single website's category tree. Similarly, if the limited admin user views the category tree after the block cache is cleaned, the Administrator user will only see a limited category tree.

This pull request adds the admin's user's ACL role ID to the cache ID. This is probably about as performant as we can get.

Steps to reproduce: (*)

  1. Create a product, category -> Default Category/default and assign it to Main Website Store;
  2. Create a new root category with child (Second Category/second_category for ex.);
    Screenshot from 2020-04-27 13-39-26
  3. Create a new Website, Store, Store view ( Second Website, Second Website Store, Second Website Store view) and set Second Category as default;
    screenshot_1
  4. Assign a few products to the new website and new category;
  5. Create a new website-limited admin user with only access to the new website.
    Admin_GWS functionality
    newwww
  6. Clean block_html cache and view a product's category tree as an Administrator admin user;
  7. Log in as the website-limited admin user and view the category tree for any product.

Actual Result: (*)

✖️ The categories from Main Website is shown

Peek 2020-04-27 14-17afaf

Expected Result: (*)

✔️ user should only see a limited category tree

Contribution checklist (*)

  • Pull request has a meaningful description of its purpose
  • All commits are accompanied by meaningful commit messages
  • All new or changed code is covered with unit/integration tests (if applicable)
  • All automated tests passed successfully (all builds are green)

Metadata

Metadata

Labels

Component: AclComponent: BackendComponent: CatalogFixed in 2.4.xThe issue has been fixed in 2.4-develop branchIssue: ConfirmedGate 3 Passed. Manual verification of the issue completed. Issue is confirmedIssue: Format is validGate 1 Passed. Automatic verification of issue format passedIssue: Ready for WorkGate 4. Acknowledged. Issue is added to backlog and ready for developmentPriority: P2A defect with this priority could have functionality issues which are not to expectations.Reproduced on 2.4.xThe issue has been reproduced on latest 2.4-develop branchSeverity: S1Affects critical data or functionality and forces users to employ a workaround.Triage: DoneHas been reviewed and prioritized during Triage with Product Managers

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions