_aclBuilder = $aclBuilder; parent::__construct($context, $connectionName); $this->_rootResource = $rootResource; $this->_logger = $logger; $this->aclDataCache = $aclDataCache ?: ObjectManager::getInstance()->get( \Magento\Framework\Acl\Data\CacheInterface::class ); } /** * Define main table * * @return void */ protected function _construct() { $this->_init('authorization_rule', 'rule_id'); } /** * Save ACL resources * * @param \Magento\Authorization\Model\Rules $rule * @return void * @throws \Magento\Framework\Exception\LocalizedException */ public function saveRel(\Magento\Authorization\Model\Rules $rule) { $connection = $this->getConnection(); try { $connection->beginTransaction(); $roleId = $rule->getRoleId(); $condition = ['role_id = ?' => (int)$roleId]; $connection->delete($this->getMainTable(), $condition); $postedResources = $rule->getResources(); if ($postedResources) { $row = [ 'resource_id' => $this->_rootResource->getId(), 'privileges' => '', // not used yet 'role_id' => $roleId, 'permission' => 'allow', ]; // If all was selected save it only and nothing else. if ($postedResources === [$this->_rootResource->getId()]) { $insertData = $this->_prepareDataForTable( new \Magento\Framework\DataObject($row), $this->getMainTable() ); $connection->insert($this->getMainTable(), $insertData); } else { /** Give basic admin permissions to any admin */ $postedResources[] = \Magento\Backend\App\AbstractAction::ADMIN_RESOURCE; $acl = $this->_aclBuilder->getAcl(); /** @var $resource \Magento\Framework\Acl\AclResource */ foreach ($acl->getResources() as $resourceId) { $row['permission'] = in_array($resourceId, $postedResources) ? 'allow' : 'deny'; $row['resource_id'] = $resourceId; $insertData = $this->_prepareDataForTable( new \Magento\Framework\DataObject($row), $this->getMainTable() ); $connection->insert($this->getMainTable(), $insertData); } } } $connection->commit(); $this->aclDataCache->clean(); } catch (\Magento\Framework\Exception\LocalizedException $e) { $connection->rollBack(); throw $e; } catch (\Exception $e) { $connection->rollBack(); $this->_logger->critical($e); } } }