@@ -30,6 +30,10 @@ abstract class Create extends \Magento\Backend\App\Action
3030 * Controller name for edit actions
3131 */
3232 private const CONTROLLER_NAME_ORDER_EDIT = 'order_edit ' ;
33+ /**
34+ * Controller name for loadblock actions
35+ */
36+ private const CONTROLLER_NAME_LOADBLOCK = 'loadblock ' ;
3337 /**
3438 * @var \Magento\Framework\Escaper
3539 */
@@ -382,13 +386,8 @@ protected function _isAllowed()
382386 */
383387 protected function _getAclResource ()
384388 {
385- $ actionstrtolower ($ this getRequest ()->getActionName () ?? '' );
386- if (in_array ($ action'index ' , 'save ' , 'cancel ' ]) && $ this _getSession ()->getReordered ()) {
387- $ action'reorder ' ;
388- }
389- if (strtolower ($ this getRequest ()->getControllerName () ?? '' ) === self ::CONTROLLER_NAME_ORDER_EDIT ) {
390- $ action'actions_edit ' ;
391- }
389+ $ action$ this getAclResourceAction ();
390+
392391 switch ($ action
393392 case 'index ' :
394393 case 'save ' :
@@ -403,10 +402,34 @@ protected function _getAclResource()
403402 case 'actions_edit ' :
404403 $ aclResource'Magento_Sales::actions_edit ' ;
405404 break ;
405+ case 'actions_sidebar ' :
406+ $ aclResource'Magento_Customer::customer ' ;
407+ break ;
406408 default :
407409 $ aclResource'Magento_Sales::actions ' ;
408410 break ;
409411 }
410412 return $ aclResource
411413 }
414+
415+ /**
416+ * Get acl resource action
417+ *
418+ * @return string
419+ */
420+ private function getAclResourceAction (): string
421+ {
422+ $ actionstrtolower ($ this getRequest ()->getActionName () ?? '' );
423+
424+ if (in_array ($ action'index ' , 'save ' , 'cancel ' ]) && $ this _getSession ()->getReordered ()) {
425+ $ action'reorder ' ;
426+ }
427+ if (strtolower ($ this getRequest ()->getControllerName () ?? '' ) === self ::CONTROLLER_NAME_ORDER_EDIT ) {
428+ $ action'actions_edit ' ;
429+ }
430+ if ($ actionself ::CONTROLLER_NAME_LOADBLOCK && $ this getRequest ()->getPost ('sidebar ' )) {
431+ $ action'actions_sidebar ' ;
432+ }
433+ return $ action
434+ }
412435}
0 commit comments