Hi i have create a new user role in my magento2 admin panel . in that role i have only given access to catalog . So once that user login to admin panel they can only update product and category information .
Now i want to restrict some more thing from that user . I need to block delete product , update product price and update product quantity from that users . How can i do this ?
I am not sure about update product price and quantity, but you can restrict delete action by create a after plugin for "Magento\Catalog\Ui\Component\Product\MassAction" class "isActionAllowed()" method.
Add plugin configuration in etc/adminhtml/di.xml
<?xml version="1.0"?> <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:ObjectManager/etc/config.xsd"> <type name="Magento\Catalog\Ui\Component\Product\MassAction"> <plugin name="restrict_delete_product_plugin" type="Vendor\Module\Plugin\MassAction" sortOrder="1" disabled="false"/> </type> </config> Plugin class in Vendor/Module/Plugin/MassAction.php
<?php namespace Vendor\Module\Plugin; use Magento\Catalog\Ui\Component\Product\MassAction as ProductMassAction; use Magento\Framework\AuthorizationInterface; class MassAction { /** * @var AuthorizationInterface */ private $authorization; public function __construct( AuthorizationInterface $authorization ) { $this->authorization = $authorization; } public function afterIsActionAllowed(ProductMassAction $subject, $result, $actionType) { $isAllow = $this->authorization->isAllowed("Vendor_Module::resource_id"); if (($actionType == "delete") && (!$isAllow)) { return false; } return $result; } } 