MDVA-41350: Exception when admin adds products outside their access

Last update: Thu Jul 27 2023 00:00:00 GMT+0000 (Coordinated Universal Time)

CREATED FOR:

Admin

The MDVA-41350 patch fixes the issue where an exception error is thrown instead of a limited access notification when an admin user adds a product in the order by SKU which is outside their access. This patch is available when the Quality Patches Tool (QPT) 1.1.11 is installed. The patch ID is MDVA-41350. Please note that the issue is scheduled to be fixed in Adobe Commerce 2.4.5.

Affected products and versions

The patch is created for Adobe Commerce version:

Adobe Commerce (all deployment methods) 2.3.5-p1

Compatible with Adobe Commerce versions:

Adobe Commerce (all deployment methods) 2.3.0 - 2.4.3-p1

NOTE

The patch might become applicable to other versions with new Quality Patches Tool releases. To check if the patch is compatible with your Adobe Commerce version, update the magento/quality-patches package to the latest version and check the compatibility on the Quality Patches Tool: Search for patches page. Use the patch ID as a search keyword to locate the patch.

Issue

When an admin user with restricted access adds a product by SKU outside their access in the order, an exception occurs instead of a message notifying the user of their limited access.

Steps to reproduce:

Log into the admin as a user with access to only a specific website.
Go to Sales > Orders and click Create New Order.
Select a customer and a store view.
Click on Add Products by SKU.
Search for an SKU that is not assigned to any website or not assigned to the website for which you have access.
Click Add to Order.

Expected results:

An appropriate error message is displayed.

Actual results:

An exception occurs.

Apply the patch

To apply individual patches, use the following links depending on your deployment method:

Adobe Commerce or Magento Open Source on-premises: Software Update Guide > Apply Patches in our developer documentation.
Adobe Commerce on cloud infrastructure: Upgrades and Patches > Apply Patches in our developer documentation.

To learn more about Quality Patches Tool, refer to:

Quality Patches Tool released: a new tool to self-serve quality patches in our support knowledge base.
Check if patch is available for your Adobe Commerce issue using Quality Patches Tool in our support knowledge base.

For info about other patches available in QPT, refer to Patches available in QPT in our developer documentation.

recommendation-more-help

8bd06ef0-b3d5-4137-b74e-d7b00485808a

MDVA-41350: Exception when admin adds products outside their access

Affected products and versions

Issue

Apply the patch

Related reading