How to Build Admin ACL in Magento 2 Platform?

Learn how to create an admin ACL in Magento 2 platform in a few steps with a neat flow here.

Admin Access Control List(ACL)  Rules Magento 2 allows users to authorize access to the admin in the Magento system. In this blog, we will explain to you how to create and employ the ACL to authorize the administrator menu and the controller in Magento 2.

Get build your own Magento multi-vendor store with 300+ features today!!!

Step 1: Build acl.xml file

Step 2: Build the latest role with custom resources

Step 3: Use ACL for the menu

Step 4: Use ACL for action

How to Build Admin ACL in Magento 2 Platform?

Build acl.xml file

Magento 2 uses XML files to explain the ACL role. We can create an ACL role from our module. In this topic, we will work with the CustomMenu module.

File directory: app/code/Webnexs/CustomSetting/etc/acl.xml

<?xml version="1.0"?>

<config xmlns:xsi="" xsi:noNamespaceSchemaLocation="urn:magento:framework:Acl/etc/acl.xsd">



            <resource id="Magento_Backend::admin">

                <resource id="Webnexs_CustomMenu::menu" title="Custom Menu" sortOrder="10" >

                    <resource id="Webnexs_CustomMenu::create" title="Manage Items" sortOrder="0" />

                    <resource id="Webnexs_CustomMenu::menu_configuration" title="Settings" sortOrder="100" />






In the above-mentioned example, we have created 3 ACL resources for the “custom menu” parent and “manage item” and “settings” are children. There are 3 attributes for every resource:

ID: illustrate ACL resource (unique)

Title: The name of the source is given in the source tree.

SortOrder: Resource’s place in a resource tree

Conclusion: Notice Step 2

Construct the latest role with custom resources

  • Go to System > Permissions > User Roles then tap to “Add New Role”. Input role information then selects the Resource tab..
  • Please decide resources then save

Use ACL for the Magento menu

File: app/code/Webnexs/CustomSetting/etc/adminhtml/menu.xml

<?xml version="1.0"?>

<config xmlns:xsi="" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Backend:etc/menu.xsd">


     <add id="Webnexs_CustomMenu::menu" title="Custom Menu" module="Webnexs_CustomMenu" sortOrder="10" resource="Webnexs_CustomMenu::create"/>

     <add id="Webnexs_CustomMenu::menu_item" title="Manage Items" module="Webnexs_CustomMenu" sortOrder="10" parent="Webnexs_CustomMenu::menu" action="custommenu/create/index" resource="Webnexs_CustomMenu::menu_item"/>

     <add id="Webnexs_CustomMenu::menu_configuration" title="Setting" module="Webnexs_CustomMenu" sortOrder="20" parent="Webnexs_CustomMenu::menu" action="adminhtml/system_config/edit/section/menu" resource="Webnexs_CustomMenu::menu_configuration"/>



Use ACL for action

  • Magento 2 uses an interface to check user permission Magento\Framework\AuthorizationInterface
  • All admin controller file extends \Magento\Framework\App\Action\Action demonstrate we want only rewrite _isAllow() protected function
  • File: app/code/Webnexs/CustomSetting/Controller/Adminhtml/Create/Index.php
Protected function _isAllowed()


 return $this->_authorization->isAllowed(Webnexs_CustomMenu::menu');


If the user does not have permission, this action page will illustrate like that:

These steps are the easiest process for you to build Admin ACL in Magento 2. By following this guide, you can hold the Admin ACL in Magento 2 simply. Every store has an Admin ACL Magento 2 in Magento 2 with different features.

How to Build Admin ACL in Magento 2 Platform?



, ,



Leave a Reply

Your email address will not be published. Required fields are marked *