Access lists are essential! If it is possible to cover just Control Panel items it will be great.

Just for anyone interested, I solve case with Access list. It is a hack for extension, and not so elegant, but it works perfect for me.

I used tutorial from here:
www.aclmanager.net/blog/general/31-how-t...rt-to-your-extension
And that's how I added ACL support for component. It is really very simple, and it will not take more then half hour to implement with no need for any PHP knowledge.

Then, I needed to hide configuration options from some group of users (Conltrol Panle, Global Configuration, Invoice Configuration, etc. leaving just Create New Order and Invoice Management).

To achieve that I repeat step 2 from tutorial and add access check to all views (view.html form folders config, fields, info, etc). Right below "defined('_JEXEC') or die;" I add:


Please note that I change autorise check form core.manage to core.admin
This returns user to admin panel if he don't have rights to change configuration.

It works perfect for me, even the solution is not so much elegant. I hope it will help someone too.

Hello,

thank you for your post and fast solution for other users. This is good idea to add ACL Manager to this component. We will try to add it there in next releases.

Remember that your changes can be modified by component update and you should check your modified file. Also reinstallation will modify the whole component and you will have to modify your files again. This will be necessary until we release our own solution for this problem.