search

magento / magento2

Prior to making any Submission(s), you must sign an Adobe Contributor License Agreement, available here at: https://opensource.adobe.com/cla.html. All Submissions you make to Adobe Inc. and its affiliates, assigns and subsidiaries (collectively “Adobe”) are subject to the terms of the Adobe Contributor License Agreement.
http://www.magento.com
Open Software License 3.0
11.54k stars 9.32k forks source link

Admin user can't login as customer if a GWS scope not including the default store is set on their role #36434

Closed TheBadong closed 1 year ago

TheBadong commented 1 year ago

Preconditions and environment

Steps to reproduce

  1. Have a magento commerce 2.4.4 setup with the module admin-gws enabled
  2. Create a secondary website, store and store view (all linked to each other)
  3. Create a user role with only the second website scope, not the default one
  4. Create an admin user and assign them this role
  5. Log in to this admin user account
  6. Find some frontend customer belonging to any scope (even the admin user one) and add them to the login_as_customer_assistance_allowed table
  7. Try to login as this customer with the admin user

Expected result

Admin user can log in as customers belonging to their scope

Actual result

Error pops up "an has occured during application run"

image

Additional information

Tested on a 2.4.3, works as expected. While debugging, I found that the error occurs when trying to get the default store view in the LAC feature, vendor/magento/module-login-as-customer-admin-ui/Controller/Adminhtml/Login/Login.php->getLoginProceedRedirectUrl(). The admin-gws module adds a plugin on the store collection (vendor/magento/module-admin-gws/Plugin/CollectionFilter.php) that adds a filter to the stores collection, that prevents returning stores that do not belong in the current admin user scope. Which means that sometimes, storeManager->getDefaultStoreView() can return NULL, a behavior thats is not taken into account by the LAC module.

Release note

No response

Triage and priority

m2-assistant[bot] commented 1 year ago

Hi @TheBadong. Thank you for your report. To speed up processing of this issue, make sure that you provided the following information:

Make sure that the issue is reproducible on the vanilla Magento instance following Steps to reproduce. To deploy vanilla Magento instance on our environment, Add a comment to the issue:

@magento give me 2.4-develop instance - upcoming 2.4.x release

For more details, review the Magento Contributor Assistant documentation.

Add a comment to assign the issue: @magento I am working on this

To learn more about issue processing workflow, refer to the Code Contributions.

:clock10: You can find the schedule on the Magento Community Calendar page.

:telephone_receiver: The triage of issues happens in the queue order. If you want to speed up the delivery of your contribution, join the Community Contributions Triage session to discuss the appropriate ticket.

:pencil2: Feel free to post questions/proposals/feedback related to the Community Contributions Triage process to the corresponding Slack Channel

thomas-kl1 commented 1 year ago

Hi, it seems related to this modification: https://github.com/magento/magento2/commit/c16c12bba2a19a4d85d0bdef7b589a80f1a2bff3

Indeed GWS has plugins over the getDefaultStore method and checks if the current admin user is allowed to load it. If the admin user has only permission for a specific website, then it fails and returns null.

m2-assistant[bot] commented 1 year ago

Hi @engcom-November. Thank you for working on this issue. In order to make sure that issue has enough information and ready for development, please read and check the following instruction: :point_down:

thomas-kl1 commented 1 year ago

This could be fixed like it has been done for the page builder: https://github.com/magento/magento2-page-builder/commit/1e2bcadef49fb6ff5cbc198265e84d26bea74b74

thomas-kl1 commented 1 year ago

@magento I am working on this

engcom-November commented 1 year ago

Hi @TheBadong , Thank you for reporting and collaboration. Verified the issue on Magento 2.4-develop enterprise edition but observed different behavior with below steps performed:

  1. Stores - Configuration - Customers - Enabled login as customer
  2. Stores - Configuration - Customer configuration - Share Customer Accounts - Set to Global
  3. Created a customer from front end main website with "Allow remote shopping assistance" selected. (For every new customer account created, new record is generated in login_as_customer_assistance_allowed table)
  4. Setup 2nd store as per Magento devdocs
  5. Created admin user role with Role scope set to 2nd store
  6. Created new admin user and assigned new user role created.
  7. Logout and Login to Admin with new user
  8. Navigate to Customers - All Customers No customers are displayed to login as customer Customers created in Main website are not displayed in Admin Customers page for the 2nd admin user.
  9. Created a Customer from 2nd store front end website
  10. Admin - Customers - All Customers page - Edit Customer - Login as Customer No issue: Login as Customer is working fine from admin using 2nd store customer image

image

Main Admin user account: image Kindly check the behavior on Magento 2.4-develop enterprise edition and let us know if we are missing on anything. Thank you.

engcom-November commented 1 year ago

Hi @TheBadong , We are closing this issue as there has been no latest update on the same. Kindly reopen / create new issue if you are still facing any issues. Thank you.

thomas-kl1 commented 1 year ago

Please @engcom-November give the link of the proper fix / commit reference. Don't close issues/MRs without words

thomas-kl1 commented 1 year ago

@engcom-November please?

jordanvector commented 1 year ago

@engcom-November why is this closed without a solution. This is still an issue on 2.4.5-p1

engcom-Hotel commented 1 year ago

Hello @thomas-kl1 @jordanvector,

According to the @engcom-November's comments https://github.com/magento/magento2/issues/36434#issuecomment-1314783281, we have tried to reproduce the issue but the issue is not reproducible for us. Hence we have marked this issue as Needs update and waited for 14 days for a reply.

And as per the process, we have closed this issue because we haven't gotten any reply in 14 days with this https://github.com/magento/magento2/issues/36434#issuecomment-1330665912.

We request you to please go through with this https://github.com/magento/magento2/issues/36434#issuecomment-1314783281 and let us know if we have missed anything.

Thanks

jordanvector commented 1 year ago

@engcom-Hotel What is missing from the test case, is the

Created admin user role with Role scope set to 2nd store - This user needs to have access ONLY to the 2nd store and not the default store. This issue appears when the admin user does not have access to the default store.

Regardless, this issue was confirmed by Adobe support and solution provided, which fixes the issue for us. ACSD-45399_2.4.4.patch

thomas-kl1 commented 1 year ago

@jordanvector the fix provided by Adobe support is so much overkill for what is needed to be fixed. Di you try with the changes from https://github.com/magento/magento2/pull/36460/files ?

BTW @engcom-Hotel , the method $this->storeManager->getDefaultStoreView(); may return null by its definition, so https://github.com/magento/magento2/pull/36460 is still needed

jordanvector commented 1 year ago

@jordanvector the fix provided by Adobe support is so much overkill for what is needed to be fixed. Di you try with the changes from https://github.com/magento/magento2/pull/36460/files ?

BTW @engcom-Hotel , the method $this->storeManager->getDefaultStoreView(); may return null by its definition, so https://github.com/magento/magento2/pull/36460 is still needed

I did try your PR before this patch, it did not work for me. Using this patch on 2.4.5-p1 did solve it.

engcom-November commented 1 year ago

Hi @thomas-kl1 , I re-verified the issue again on latest Magento 2.4-develop instance with enterprise edition but the issue is still not reproducible with below steps performed: Steps performed:

  1. Enabled Login as customer from admin - Stores - Configuration - Customers - Login as Customer
  2. Created 2nd website, store and store view as per Magento devdocs
  3. Created Customers from front end both the websites (Main website and 2nd website)
  4. Created Admin user role - assigned to only 2nd store scope
  5. Created new Admin user with only new user role assigned to this admin user
  6. Login to admin using new admin user
  7. Customers - All Customers - Only customers created on 2nd store are displayed to the user
  8. Open/edit the customer for which login as customer is enabled already - Click on Login as Customer No issue: User is logged as customer
  9. Open other customer for which login as customer is not enabled. - Enable login as customer from account information page and save
  10. Click on Login as Customer - No issue. User is logged as customer image image image Kindly recheck the issue on latest Magento 2.4-develop instance as it is having latest code base and provide missing steps if any if the issue is still reproducible. Unable to find the commit link having fix for this issue. We are checking on it and get back to you. Thank you.