[MAGETWO-54158]:+ Corrected ACL rules for the sendfriend module and s…

[jspoe]

Description

Added an acl.xml to the send-friend module
Added upgrade data script for backward compatibility for ACL-roles that were already selected for users.

Changed the acl.xml for the backend module
Added upgrade data script for backward compatibility for ACL-roles that were already selected for users.

Fixed Issues (if relevant)

1. magento/magento2#MAGETWO-54158: ACL not defined for Magento_Backend::web

Manual testing scenarios

1. Install Magento latest develop version
2. Go to Admin side
3. Click "System > User Roles"
4. Click "Add new Role" enter Role name
5. In left side choose Role Resources and check "Dashboard", "Web Section", "Email to a friend", "Currency Setup", "Store E-mail addresses"
6. Save Role
7. Click "System > All Users"
8. Click "Add new User"
9. Enter data in required fields
10. In left side click "User Role" and choose early created role.
11. Click "Save"
12. Sign out and Log in using credentials of new user
13. Click "Stores > Configuration"

Expected result:
All the tabs that were selected in the role should be visible

Contribution checklist

• Pull request has a meaningful description of its purpose
• All commits are accompanied by meaningful commit messages
• All new or changed code is covered with unit/integration tests (if applicable)
• All automated tests passed successfully (all builds on Travis CI are green)

[magento-cicd2]

All committers have signed the CLA.

[ishakhsuvarov]

Is there any reason for this method is protected? Looks like private is more suitable in this case.

[ishakhsuvarov]

{@inheritdoc} is sufficient in this case.

[ishakhsuvarov]

Would be nice to add a comment which explains background under this action.

[ishakhsuvarov]

Did you consider introducing these resources in the Backend/etc/acl.xml?

[ishakhsuvarov]

Please consider making this method private

[ishakhsuvarov]

Hi @jspoe
Would you like to continue work on this PR or should someone else pick it up?

[jspoe]

Hi @ishakhsuvarov

Thank you for your feedback!
I will pickup the requested changes in a couple of days. Should not take a lot of time.

[ishakhsuvarov]

@jspoe Thanks, we will proceed with review shortly.

[ishakhsuvarov]

@jspoe It looks like these changes introduce some unwanted dependencies between the modules in question. We will look into possible solution and let you know how we can fix it.

[jspoe]

Yes I understand. It is either part of the Magento_Config module or the Magento_Backend module.
It should not be both. Then there is also the part of the setup script where there is a (small) dependency for to map the roles for backward compatibility.

Please let me know as soon as possible if I can fix this in a better way for you.

[ishakhsuvarov]

@jspoe Looks like the best solution in this case would be to move upgrade scripts to the specifically created modules, something like SendfriendAcl or SendfriendAuthorization, which would have correct dependencies and would allow other modules to be disabled/removed safely.
Would you like to continue on that, since it is some more work to do, or do you want someone else to pick up?
Thanks!

[jspoe]

Hi @ishakhsuvarov,

I agree, and I will pick up the requests myself if possible.
I will push a change as soon as I can.

Thanks!

[ishakhsuvarov]

@jspoe Thank you

[ishakhsuvarov]

@jspoe I am closing this PR for now due to inactivity. Please feel free to update and reopen whenever you wish to continue work on it.
Thank you!