[Issue] Bulk ACL management for AsynchronousOperations Admin UI

[m2-assistant[bot]]

This issue is automatically created based on existing pull request: magento/magento2#27580: Bulk ACL management for AsynchronousOperations Admin UI

---

Description (*)

After Migrating of Asynchronous Operations from Magento Commerce to Magento Open Source, looks like part of functionality was extended.

In details: In magento_bulk table was added user_type, which defines type of the user who created Bulk Operation.

Possible types are:

• Admin
• Integration
• Guest
• Customer

In current implementation all Admin UI components have no idea about user type:

https://github.com/magento/magento2/blob/2.4-develop/app/code/Magento/AsynchronousOperations/view/adminhtml/ui_component/bulk_listing.xml - in default Grid there are NO DataSource is defined, so Admin see the whole operations, but at the same time, he cannot see Details of those operations:

https://github.com/magento/magento2/blob/2.4-develop/app/code/Magento/AsynchronousOperations/Controller/Adminhtml/Bulk/Details.php#L52

But at you can see from implementation, https://github.com/magento/magento2/blob/2.4-develop/app/code/Magento/AsynchronousOperations/Model/AccessValidator.php#L58

that permissions are checked based on UserID and fully ignoring UserType. Which means, that Admin has access to All transactions or all user types with the same ID.

Fixed Issues (if relevant)

Current implementation will add:

• New ACL roles for give possibilities for Admin define permissions for Admin/Integration user to have access only to specific user types operations.
• With restricted user role, Admin will be able to see only operations that are assigned to him, View detailes or Restart them
• Also Admin notifications will be restricted only to allowed.

Questions or comments

Auto tests still in process, but main implementation can be already reviewed.

Contribution checklist (*)

• [ ] Pull request has a meaningful description of its purpose
• [ ] All commits are accompanied by meaningful commit messages
• [ ] All new or changed code is covered with unit/integration tests (if applicable)
• [ ] All automated tests passed successfully (all builds are green)

[m2-assistant[bot]]

Hi @engcom-Charlie. Thank you for working on this issue. In order to make sure that issue has enough information and ready for development, please read and check the following instruction: :point_down:

• [ ] 1. Verify that issue has all the required information. (Preconditions, Steps to reproduce, Expected result, Actual result).

  Details

  If the issue has a valid description, the label Issue: Format is valid will be added to the issue automatically. Please, edit issue description if needed, until label Issue: Format is valid appears.

• [ ] 2. Verify that issue has a meaningful description and provides enough information to reproduce the issue. If the report is valid, add Issue: Clear Description label to the issue by yourself.

• [ ] 3. Add Component: XXXXX label(s) to the ticket, indicating the components it may be related to.

• [ ] 4. Verify that the issue is reproducible on 2.4-develop branch

  Details

  - Add the comment @magento give me 2.4-develop instance to deploy test instance on Magento infrastructure.
  - If the issue is reproducible on 2.4-develop branch, please, add the label Reproduced on 2.4.x.
  - If the issue is not reproducible, add your comment that issue is not reproducible and close the issue and stop verification process here!

• [ ] 5. Add label Issue: Confirmed once verification is complete.

• [ ] 6. Make sure that automatic system confirms that report has been added to the backlog.

[github-jira-sync-bot]

:white_check_mark: Jira issue https://jira.corp.magento.com/browse/AC-3002 is successfully created for this GitHub issue.

[m2-assistant[bot]]

:white_check_mark: Confirmed by @engcom-Alfa. Thank you for verifying the issue.
Issue Available: @engcom-Alfa, You will be automatically unassigned. Contributors/Maintainers can claim this issue to continue. To reclaim and continue work, reassign the ticket to yourself.