Magento 2 Restrict access to CMS page

Question

I am looking a way to restrict access to specific CMS page, allowing only logged in customers with a special customer group to see it. EDIT: I have this function, but observer isn't working properly it is redirecting in loops.

public function execute(Observer $observer)
{

    if(!$this->_session->isLoggedIn() && !$this->_helper->isB2DCustomer($this->_session->getCustomer()))
    {
        $request = $this->_objectManager->get('Magento\Framework\App\Request\Http');
        //get instance for URL interface
        /** @var \Magento\Framework\UrlInterface $urlInterface */
        $urlInterface = $this->_objectManager->get('Magento\Framework\UrlInterface');
        // URL to redirect to
        $url = $urlInterface->getUrl('/');
        if(strpos($request->getOriginalPathInfo(), '/b2d') == 0)
        {
            # redirect to root page
            $observer->getControllerAction()
                ->getResponse()
                ->setRedirect($url);
        }
    }
}

Accept answer to help other developers to find solutions. – Prince Patel Jun 11 '17 at 12:54 — Prince Patel, Jun 11 '17 at 12:54

Marius · Answer 1 · 2016-06-22T11:03:23.660

3

You can write an around plugin for the method \Magento\Cms\Helper\Page::prepareResultPage().
You receive the page id as a parameter.
From the page id you can get the identifier and if that identifier (or id) should be restricted just redirect to the login page.

edited Jun 22 '16 at 11:03

answered Jun 22 '16 at 09:28

Marius

197,939
53
422
830

Prince Patel · Answer 2 · 2019-01-31T09:07:26.893

With Object Manager:

$obm = \Magento\Framework\App\ObjectManager::getInstance();
$redirect = $obm->get('\Magento\Framework\App\Response\Http');
$context = $obm->get('Magento\Framework\App\Http\Context');
$cmsPage = $obm->get('\Magento\Cms\Model\Page');

$pageIdentifier = $cmsPage->getIdentifier(); // CMS Page Identifier

$isLoggedIn = $context->getValue(\Magento\Customer\Model\Context::CONTEXT_AUTH);

if($pageIdentifier == 'cms-page-identifier' && !$isLoggedIn)
{
   $redirect->setRedirect('customer/account/login/');
}

With dependency injection:

protected $_responseHttp;
protected $_httpContext;
protected $_page;

public function __construct(
    \Magento\Framework\App\Response\Http $responseHttp,
    \Magento\Framework\App\Http\Context $httpContext,
    \Magento\Cms\Model\Page $page
) {
    $this->_responseHttp = $responseHttp;
    $this->_httpContext = $httpContext;
    $this->_page = $page
}

public function execute(Observer $observer)
{
    $pageIdentifier = $this->_page->getIdentifier(); // CMS Page Identifier

    $isLoggedIn = $this->_httpContext->getValue(\Magento\Customer\Model\Context::CONTEXT_AUTH);

    if($pageIdentifier == 'cms-page-identifier' && !$isLoggedIn)
    {
       $redirect->setRedirect('customer/account/login/');
    }
}

Note: Don't use Object Manager instance directly check this for more details: Link

Direct use of ObjectManager is a bad practice, for details take a look at https://magento.stackexchange.com/questions/117098/magento-2-to-use-or-not-to-use-the-objectmanager-directly. Adding logic inside a template in another bad practice. — Lorenzo, Jan 31 '19 at 08:42

Magento 2 Restrict access to CMS page

2 Answers2

Linked