Security and Users

See all
Edit on GitHub

Types of users

There are 4 different types of users in the system which define the actions each user can perform. These types are:

  • Guest User
  • Registered User
  • Administrator
  • Super Administrator

From these types only Administrators can access and use Commerce Manager / Administration console.

Working with Permissions

Some functionality is available only if user has corresponding Permission. Initial set of permissions is created during DB setup. Permissions are stored in Permission datatable. Developer can add new Permissions by creating new rows in the Permission datatable directly. The PermissionId should be used for checking if user has access to restricted information or functionality. Depending on PermissionId, Permissions are divided into groups inside Commerce Manager roles management UI. The rules for Permission grouping:

  1. if PermissionId ends with ":config", the group is "Settings". Usually this group includes Permissions for Commerce Manager Settings section.
  2. the group name is the beginning of PermissionId until a ":" delimiter is reached. E.g. permission named "Manage Catalog Items" has PermissionID "catalog:items:manage" and belongs to "catalog" group.

The group and Permission names are localizable. That means a manager can give any name to a Permission or Permission group using Localization UI.