I’m trying to implement a new custom user role to allow only certain backend modules to be visible/accessible.
So far everything works as expected but visibility of custom backend modules; these modules that should not be accessible keep being visible ending in a 403 error is the user tries to access them (correctly).
I developed, during time, several modules taking inspiration from core modules (policies and configuration is basically copied and renamed according to needs) so now i can’t understand what’s missing in my modules in order to hide them completely if they are not accessbile.
Could anyone point me to the right direction? What am I missing here?