Magento 2 config sections are assigned to ACL resources. An example:
resource tag is not required by the XSD:
resource tag is absent then the config section is always forbidden:
resource tag is specified but is not exists (for example:
Absent_Absent::absent) then the config tab is always allowed.
This is inconsistency.
It would be more consistent to allow access to a config section in case the section has no
return isset($this->_data['resource']) ? $this->_authorization->isAllowed($this->_data['resource']) : true;
GitHub issue: 2024