MDVA-29959 Magento patch available in the Quality Patches Tool (QPT) tool version 1.0.5 fixes the issue where a restricted admin user with all permissions for "Customer" ACL cannot manage companies (add or delete a company). Please note, that the issue is fixed in Magento Commerce B2B 2.3.4.
Affected products and versions
Magento Commerce B2B v2.3.0-2.3.3-p1
Note: the patch might become applicable to other versions with new Quality Patches Tool releases. To check if the patch is compatible with your Adobe Commerce version, update the
magento/quality-patches package to the latest version and check the compatibility on the QPT landing page. Use the patch ID as a search keyword to locate the patch.
Admin user with all permissions for "Customer" ACL cannot manage companies (add or delete a company).
Steps to reproduce
- In the Magento Admin, create a new admin role and assign a user to that role.
- Assign only "Customer" resources to the role.
- Login as a user with this role.
- Try to delete a company account.
The company account is successfully deleted.
You are not able to delete the company account. You get the Sorry, you need permissions to view this content. error message.
Apply the patch
To apply individual patches use the following links depending on your version of Magento:
- Magento Commerce: DevDocs Software Update Guide > Apply patches .
- Magento Commerce Cloud: DevDocs Upgrades and Patches > Apply Patches .
The patch adds new ACL for managing companies. Following is an illustration of the ACL you get after the patch is installed:
To learn more about Quality Patches Tool, refer to:
- KB Quality Patches Tool released: a new tool to self-serve quality patches .
- KB Check if patch is available for your Magento issue using Quality Patches Tool .
For info about other patches available in QPT tool, refer to the Patches available in QPT tool section.