Adobe Summit is here.

Experience keynotes, Sneaks, sessions, and more — all on demand.

Watch now
DocumentationCommerceTools

ACSD-57570: Fix for restricted admin user access to shared catalogs

Last update: January 8, 2025
  • Topics:
  • B2B
  • Companies
  • Roles/Permissions

CREATED FOR:

  • Experienced
  • Admin
  • Developer

The ACSD-57570 patch fixes the issue where a restricted admin user with access to a particular store cannot consistently view all shared catalogs assigned to products or save customer information, leading to system inconsistencies. This patch is available when the Quality Patches Tool (QPT) 1.1.57 is installed. The patch ID is ACSD-57570. Please note that the issue is scheduled to be fixed in Adobe Commerce 2.5.0.

Affected products and versions

The patch is created for Adobe Commerce version:

  • Adobe Commerce (all deployment methods) 2.4.4-p3

Compatible with Adobe Commerce versions:

  • Adobe Commerce (all deployment methods) 2.4.3 - 2.4.4-p9
NOTE
The patch might become applicable to other versions with new Quality Patches Tool releases. To check if the patch is compatible with your Adobe Commerce version, update the magento/quality-patches package to the latest version and check the compatibility on the Quality Patches Tool: Search for patches page. Use the patch ID as a search keyword to locate the patch.

Issue

A restricted admin user with access to a particular store cannot always see all shared catalogs or save customers, leading to inconsistencies. With multiple stores, the restricted admin cannot see new companies or custom shared catalogs.

Steps to reproduce:

  1. Set up stores in the following order:

    • Create a new website named W2.
    • Create a new store view for the default website.
    • Create a new store named W2S2 for website W2.
    • Create a new store view named W2S2SV1 for the store W2S2.
    • Create another new store view named W2S2SV2 for the store W2S2.
    • Create a company for W2.

  2. Assign products:

    • Assign some products to W1 only.
    • Assign some products to W2 only.
    • Assign some products to both W1 and W2.

  3. Create a custom shared catalog and assign all products to it.

  4. Create a custom admin role with access to only W2S2, not W2.

  5. Assign the restricted admin user to the new custom admin role.

  6. Log in as the restricted admin user.

  7. Verify access:

    • Check which companies you can see.
    • Check which shared catalogs you can see.
    • Open the products list and verify if you can see all the shared catalogs to which the products are assigned.

Expected results:

The behavior should be consistent.

Actual results:

If you create only one additional website, store, and store view, the restricted admin user can see the company, the shared catalog, and both shared catalogs in the product list. With the above setup, the restricted admin cannot see the new company or the custom shared catalog, and only the Default shared catalog is displayed in the product list.

Apply the patch

To apply individual patches, use the following links depending on your deployment method:

  • Adobe Commerce or Magento Open Source on-premises: Quality Patches Tool > Usage in the Quality Patches Tool guide.
  • Adobe Commerce on cloud infrastructure: Upgrades and Patches > Apply Patches in the Commerce on Cloud Infrastructure guide.

Related reading

To learn more about Quality Patches Tool, refer to:

  • Quality Patches Tool: A self-service tool for quality patches in the Tools guide.
recommendation-more-help
c2d96e17-5179-455c-ad3a-e1697bb4e8c3