MDVA-41350: Exception when admin adds products outside their access
The MDVA-41350 patch fixes the issue where an exception error is thrown instead of a limited access notification when an admin user adds a product in the order by SKU which is outside their access. This patch is available when the Quality Patches Tool (QPT) 1.1.11 is installed. The patch ID is MDVA-41350. Please note that the issue is scheduled to be fixed in Adobe Commerce 2.4.5.
Affected products and versions
The patch is created for Adobe Commerce version:
- Adobe Commerce (all deployment methods) 2.3.5-p1
Compatible with Adobe Commerce versions:
- Adobe Commerce (all deployment methods) 2.3.0 - 2.4.3-p1
magento/quality-patches
package to the latest version and check the compatibility on the Quality Patches Tool: Search for patches page. Use the patch ID as a search keyword to locate the patch.Issue
When an admin user with restricted access adds a product by SKU outside their access in the order, an exception occurs instead of a message notifying the user of their limited access.
Steps to reproduce:
- Log into the admin as a user with access to only a specific website.
- Go to Sales > Orders and click Create New Order.
- Select a customer and a store view.
- Click on Add Products by SKU.
- Search for an SKU that is not assigned to any website or not assigned to the website for which you have access.
- Click Add to Order.
Expected results:
An appropriate error message is displayed.
Actual results:
An exception occurs.
Apply the patch
To apply individual patches, use the following links depending on your deployment method:
- Adobe Commerce or Magento Open Source on-premises: Software Update Guide > Apply Patches in our developer documentation.
- Adobe Commerce on cloud infrastructure: Upgrades and Patches > Apply Patches in our developer documentation.
Related reading
To learn more about Quality Patches Tool, refer to:
- Quality Patches Tool released: a new tool to self-serve quality patches in our support knowledge base.
- Check if patch is available for your Adobe Commerce issue using Quality Patches Tool in our support knowledge base.
For info about other patches available in QPT, refer to Patches available in QPT in our developer documentation.