aclResource for UIComponent buttons

[kassner]

Description

Currently is not possible to hide buttons based on the user role in the admin panel. As the example from this Pull Request, the Create new Order button is always shown, even when the user does not have the permission for it. Clicking on the button gives a permission denied page, as expected.

This PR introduces the possibility of defining an aclResource for UIComponents buttons, the same way that a dataSource can have.

Manual testing scenarios

1. Create an admin role without the Magento_Sales::create permission;
2. Assign the created role to a new (or existing) user;
3. Login on admin panel with the previous user;
4. Access the sales order grid on admin;
5. The Create New order button should not be available;

Contribution checklist (*)

• Pull request has a meaningful description of its purpose
• All commits are accompanied by meaningful commit messages
• All new or changed code is covered with unit/integration tests (if applicable)
• All automated tests passed successfully (all builds on Travis CI are green)

[magento-cicd2]

All committers have signed the CLA.

[magento-engcom-team]

Hi @kassner. Thank you for your contribution
Here is some useful tips how you can test your changes using Magento test environment.
Add the comment under your pull request to deploy test or vanilla Magento instance:

• @magento-engcom-team give me test instance - deploy test instance based on PR changes
• @magento-engcom-team give me 2.3-develop instance - deploy vanilla Magento instance

For more details, please, review the Magento Contributor Assistant documentation

[sivaschenko]

Hi @kassner thanks for your contribution! Please see my code review notes.

[sivaschenko]

Please change the access level to private

[sivaschenko]

Please add new dependency to constructor as the last optional parameter (backward compatibility)

[sivaschenko]

Please see "Adding constructor parameters" section for details https://devdocs.magento.com/guides/v2.3/contributor-guide/backward-compatible-development/#php

[kassner]

@sivaschenko also, are you able to remove the partner label? I'm not assigned to that partner anymore (I left the team on Github, dunno why it still assigned to).

[magento-engcom-team]

Hi @sivaschenko, thank you for the review.
ENGCOM-3918 has been created to process this Pull Request

[magento-engcom-team]

@kassner thank you for contributing. Please accept Community Contributors team invitation here to gain extended permissions for this repository.

[ghost]

Hi @kassner, thank you for your contribution!
Please, complete Contribution Survey, it will take less than a minute.
Your feedback will help us to improve contribution process.

[magento-engcom-team]

Hi @kassner. Thank you for your contribution.
We will aim to release these changes as part of 2.3.1.
Please check the release notes for final confirmation.