Only show admin menu items with available Configuration pages according to permissions

I'm experiencing this issue as well. I have a role set up that has the permission "Use the administration pages and help". This is so that the user can see the structure menu item wth the taxonomy menu item as a child. But when I add this persmission, the "Configuration" menu item also becomes visible along with all child items. When visiting any of these pages however, all of them return "You do not have any administrative items."

Expected behavior would be that items returning this error would be hidden, and since all child elements of Configuration would be hidden, also Configuration should be hidden.

I'm unsure if this is an issue with Admin Toolbar or if its actually a core issue. I found a discussion in a similar issue for the Navbar module: #2434655: Menu items not hidden when user has no permission. In comment #3 it is shown that the "structure" and "configuration" menu items are shown based on the "Use the administration pages and help" permission, no matter if the user has permissions to view pages underneath those items or not. I have not found any core issue for this however. Maybe one should be created, since the behavior seems broken?

Edit:

Found this core issue which is still active since 2008(!): #296693: Restrict access to empty top level administration pages

As I understand it we cannot do anything in the Admin Toolbar module. It is more related to Drupal core. So issue is closed.

My current workaround - create a separate menu for the role 'editor'. Menu is called 'editor-menu' in my case. I override admin_toolbar to use editor menu as source in the toolbar.

/**
 * Implements hook_toolbar_alter().
 *
 * @see admin_toolbar_toolbar_alter()
 */
function MYMODULE_toolbar_alter(&$items) {
  $items['administration']['tray']['toolbar_administration']['#pre_render'] = ['MYMODULE_prerender_toolbar_administration_tray'];
}

/**
 * Renders the toolbar's administration tray.
 *
 * Override admin_toolbar to use editor menu as source in the toolbar.
 *
 * @param array $element
 *   A renderable array.
 *
 * @return array
 *   The updated renderable array.
 *
 * @see admin_toolbar_prerender_toolbar_administration_tray()
 * @see toolbar_prerender_toolbar_administration_tray()
 */
function MYMODULE_prerender_toolbar_administration_tray(array $element) {
  $menu_tree = \Drupal::service('toolbar.menu_tree');
  $parameters = new MenuTreeParameters();

  $roles = Drupal::currentUser()->getRoles();
  if (in_array('editor', $roles) && !in_array('administrator', $roles)) {
    $tree = $menu_tree->load('editor-menu', $parameters);
  }
  else {
    $parameters->setRoot('system.admin')->excludeRoot()->setMaxDepth(4)->onlyEnabledLinks();
    $tree = $menu_tree->load(NULL, $parameters);
  }

  $manipulators = [
    ['callable' => 'menu.default_tree_manipulators:checkAccess'],
    ['callable' => 'menu.default_tree_manipulators:generateIndexAndSort'],
    ['callable' => 'toolbar_tools_menu_navigation_links'],
  ];
  $tree = $menu_tree->transform($tree, $manipulators);
  $element['administration_menu'] = $menu_tree->build($tree);

  return $element;
}

For anyone who is looking for a solution until this gets solved in core, consider using this module:
https://www.drupal.org/project/admin_links_access_filter

a.milkovsky, thank you, works with admin_toolbar 8.x-1.21+8-dev.
before 2-nd function there should be
use Drupal\Core\Menu\MenuTreeParameters;

For new people looking at this issue, the admin_links_access_filter module has been added as a submodule of admin_toolbar as of 8.x-1.21. It seems to work for me!

The #7 worked for me.

Adding admin_links_access_filter module (sub-module of admin_toolbar) fixed the issue for me. Thanks