Magento Catalog Permissions Module Bug: Product set to Hidden

[Vishrootways]

Preconditions and environment

• Magento Version: Commerce Cloud 2.4.3
• Magento Shared Catalog is setup.

Steps to reproduce

Below are steps to reproduce this issue, $product->getData('grant_catalog_category_view') value should be -2 and $this->_catalogPermData->isAllowedCategoryView() value should 1 and then you will face this issue.

Expected result

Expected result is that product should access from the website front-end.

Actual result

Actual Result is product is not accessible and redirects to home page

Additional information

From last few days, we faced one issue of product is not accessible from the website front-end and redirecting to the home page.

Below is the error log in the exception.log file.

report.CRITICAL: You may need more permissions to access this product. {"exception":"[object] (Magento\Framework\Exception\LocalizedException(code: 0): You may need more permissions to access this product. at /app/fgvmfeeirpu5w/vendor/magento/module-catalog-permissions/Observer/ApplyProductPermissionObserver.php:94)"} []

 We debug the code and found that the below code is responsible for that. and it hides the product for the login customer group.

file location: \Magento\CatalogPermissions\Observer\ApplyPermissionsOnProduct.php
public function execute($product)
{
        if ($product->getData('grant_catalog_category_view') == -2
            || $product->getData('grant_catalog_category_view') != -1
            && !$this->_catalogPermData->isAllowedCategoryView()
        ) {
            $product->setIsHidden(true);
        }
        ......
}

I think this is due to wrong OR AND added to the if statement. I think OR condition should be wrapped in ( ) as below.

file location: \Magento\CatalogPermissions\Observer\ApplyPermissionsOnProduct.php
public function execute($product)
{
        if (($product->getData('grant_catalog_category_view') == -2
            || $product->getData('grant_catalog_category_view') != -1)
            && !$this->_catalogPermData->isAllowedCategoryView()
        ) {
            $product->setIsHidden(true);
        }
        ......
}

If we update the if condition as above, then I think that issue will be fixed.

Release note

No response

Triage and priority

• [ ] Severity: S0 - Affects critical data or functionality and leaves users without workaround.
• [ ] Severity: S1 - Affects critical data or functionality and forces users to employ a workaround.
• [ ] Severity: S2 - Affects non-critical data or functionality and forces users to employ a workaround.
• [ ] Severity: S3 - Affects non-critical data or functionality and does not force users to employ a workaround.
• [ ] Severity: S4 - Affects aesthetics, professional look and feel, “quality” or “usability”.

[m2-assistant[bot]]

Hi @Vishrootways. Thank you for your report. To speed up processing of this issue, make sure that you provided the following information:

• Summary of the issue
• Information on your environment
• Steps to reproduce
• Expected and actual results

Make sure that the issue is reproducible on the vanilla Magento instance following Steps to reproduce. To deploy vanilla Magento instance on our environment, Add a comment to the issue:

@magento give me 2.4-develop instance - upcoming 2.4.x release

For more details, review the Magento Contributor Assistant documentation.

Add a comment to assign the issue: @magento I am working on this

To learn more about issue processing workflow, refer to the Code Contributions.

---

• Join Magento Community Engineering Slack and ask your questions in #github channel.

  :warning: According to the Magento Contribution requirements, all issues must go through the Community Contributions Triage process. Community Contributions Triage is a public meeting.

:clock10: You can find the schedule on the Magento Community Calendar page.

:telephone_receiver: The triage of issues happens in the queue order. If you want to speed up the delivery of your contribution, join the Community Contributions Triage session to discuss the appropriate ticket.

:pencil2: Feel free to post questions/proposals/feedback related to the Community Contributions Triage process to the corresponding Slack Channel

[engcom-Hotel]

Hello @Vishrootways,

Thanks for the reporting and collaboration!

We have tried to reproduce the issue in Magento 2.4-develop instance with EE but the issue is not reproducible for us. We are able to browse the category.

Please refer to the screenshots for reference:

Stores => Configuration

Category Configuration

Frontend for logged person

Please help us with the screenshots of your configurations.

Thanks

[Vishrootways]

Hello @engcom-Hotel

Thank you for your feedback but the issue is not in category page but it's on product detail page.

Just set product like below condition meets in if condition of public function execute($product) of this file \Magento\CatalogPermissions\Observer\ApplyPermissionsOnProduct.php

$product->getData('grant_catalog_category_view') value should be -2 and $this->_catalogPermData->isAllowedCategoryView() value should 1

When product meets above condition you will face issue like product view page can not be accessed.

Kindly review my original message again for more details.

Thanks, Vish

[engcom-Hotel]

@magento give me 2.4-develop instance with edition ee

[magento-deployment-service[bot]]

Hi @engcom-Hotel. Thank you for your request. I'm working on Magento instance for you.

[magento-deployment-service[bot]]

Hi @engcom-Hotel, here is your Magento Instance: https://d4453e0b93e0a1d717960d03615052cd.instances.magento-community.engineering Admin access: https://d4453e0b93e0a1d717960d03615052cd.instances.magento-community.engineering/admin_d15f Login: cfec2a40 Password: e6651bf5a639

[engcom-Hotel]

Hello @Vishrootways,

Thanks for the reply!

We have gone through as per your comment, to make the below condition true:

if ($product->getData('grant_catalog_category_view') == -2
            || $product->getData('grant_catalog_category_view') != -1
            && !$this->_catalogPermData->isAllowedCategoryView()
        ) {
            $product->setIsHidden(true);
        }

For this we have made the below configurations:

1. Create a user with the "General" type.
2. Pick a category and make "Deny" for Browsing Category, Display Product Prices, and Add to Cart:

In the above case, $product->setIsHidden(true this function has been called. And as per the configuration, the user should not allow viewing that page, which is working as expected.

Please let us know if we missed anything.

Thanks

[Vishrootways]

@engcom-Hotel This condition should not be true when the value of if is as below.

$product->getData('grant_catalog_category_view') value is -2 and $this->_catalogPermData->isAllowedCategoryView() value is 1

Please check do you get above values in that function? If yes then THIS CONDITION SHOULD NOT BE TRUE AND PRODUCT SHOULD NOT BE SET AS HIDDEN.

Thanks, Vish

[engcom-Hotel]

Hello @Vishrootways,

Thanks for your reply!

Let me explain the flow here:

1. For us we have a "Test" category in which we have some products. So we are setting the permission for this category. The permission for the "Test" category is looking as follows:

   

2. After saving the above permissions, the database entry for the table magento_catalogpermissions_index is as follows:

   

You can see the value for column grant_catalog_category_view is -2.

3. And in the file ApplyPermissionsOnProduct.php line no. $this->_catalogPermData->isAllowedCategoryView() this line is returning false which makes the condition true.

due to which the product has been set to hidden.

Please let us know if we missed anything in order to get this issue.

Thanks

[Vishrootways]

@engcom-Hotel When $this->_catalogPermData->isAllowedCategoryView() is trueat that time it should not call that if condition right? If yes then this is what i want to tell from my first message that when $this->_catalogPermData->isAllowedCategoryView() is true then also if condition called and product set to hidden.

I think simple trick is just set static value for this if condition and check from your side and you will understand what i am trying to tell you here

Thank you.

[engcom-Hotel]

Hello @Vishrootways,

Thanks for the reply!

As per your comment, we have used the trick to set the static value for that condition and the issue is reproducible but still we need proper steps without any trick to reproduce the issue.

So we request you to please provide the same.

Thanks

[Vishrootways]

@engcom-Hotel We are not sure exactly which changes of product or category meets this condition and but currently we have few products on our website which meets this condition and we are having this issue.

We only knows that this is due to shared catalog but unfortunately we don't know how to reproduce this but this is happens many time on our cloud website.

Thanks, Vish

[engcom-Hotel]

Hello @Vishrootways,

Thanks for the reply!

In this case, Is this possible for you to share the screenshot for the below configuration:

• Catalog -> Categories (for which Category Permissions is applied)
• Stores -> Configurations -> Catalog -> Catalog -> Category Permissions
• Catalog -> Products (For which the condition is true)

It will help us in getting the issue exactly.

Thanks

[Vishrootways]

@engcom-Hotel Here are the screenshots.

[engcom-Hotel]

Hello @Vishrootways,

Thanks for the reply!

We have gone through with the Shared catalog documentation from the below link:

https://experienceleague.adobe.com/docs/commerce-admin/b2b/shared-catalogs/catalog-shared.html

According to the documentation:

When the shared catalog feature is enabled in the configuration, each category permission for the catalog is set to Deny for all customer groups automatically. Also, when a new category is created, it has the Deny category permissions by default to prevent showing that category on the storefront site before assignment to the shared catalog.

All existing group permission settings are ignored by all categories in the catalog when the Shared Catalog feature is enabled. Shared Catalog fully controls all category permissions in the catalog when it is enabled.

May this is the reason, that particular products redirect to the home page.

Thanks

[Vishrootways]

Hello @engcom-Hotel The shared catalog is already assigned to category and product both.

Just forget about the everything and let us know did you you not find anything wrong with below condition? Do you think below if condition code is correct? If yes then you can close this ticket. Thank you.

if ($product->getData('grant_catalog_category_view') == -2
            || $product->getData('grant_catalog_category_view') != -1
            && !$this->_catalogPermData->isAllowedCategoryView()
        ) {

        }

Thanks, Vish

[engcom-Hotel]

Hello @Vishrootways,

As per my comment here, I already told you that, if we are using changes in the codebase, the issue is reproducible for us.

But as the process and also to fix any issue we need a proper scenario that can be generated via without making any code changes.

Thanks

[engcom-Hotel]

Dear @Vishrootways,

We have noticed that this issue has not been updated for a period of 14 Days. Hence we assume that this issue is fixed now, so we are closing it. Please raise a fresh ticket or reopen this ticket if you need more assistance on this.

Regards

[Vishrootways]

@engcom-Hotel This is not fixed yet but anyway you can close this ticket. We know where is the issue but unfortunately don't have steps to reproduce the issue and as we don't have it Magento/Adobe team may not solve the issue so please close this. Thank you.