I am trying to disable a users ability to create / edit / delete a product based on acl permissions. I have built the permissions correctly and tested them to assure they work. I can check of a permission like so:
Mage::getSingleton('admin/session')->isAllowed('add_product');
This is the name I gave my add_product acl. I also have a edit_product and delete_product acl properly created.
I need to stop a product from saving or creating or deleted based on this permissions.
This is my xml snippet that calls the observer for the given event:
<catalog_product_save_before>
<observers>
<mymodule>
<type>singleton</type>
<class>Namespace_Mymodule_Model_Observer</class>
<method>catalog_product_save_before</method>
</mymodule>
</observers>
</catalog_product_save_before>
And my Observer Class:
class Namespace_Mymodule_Model_Observer {
public function catalog_product_save_before($observer) {
if( ! Mage::getSingleton('admin/session')->isAllowed('add_product') ) {
//stop creating the product
}
}
}
My question is two fold.
First, what observers should I be using for creating a product, deleting a product, and editing a product? I believe the above event is triggered only before a product is edited. Is this true? What other events should I be observing?
Second, once I observe the correct event. How do i tell magento "don't save" or "skip saving"? Same applies for creating and deleting? What about on image upload?
I have added changes to several blocks to remove certain buttons based on these acl's. I want to make sure I am stopping all actions and not just the buttons I have found.
