Episerver imageAccess rights

This section describes how to manage access rights for users such as editors, administrators, and marketers working in Episerver Commerce. When a user is created, you assign appropriate access rights depending on whether the user will work with CMS, catalog content, Commerce Manager, or all parts.

To manage users and access rights, you need administrative access rights in CMS. This description refers to a default implementation of Episerver Commerce. Your website may be configured differently, and have customized user and user group management.

Managing users and groups

You manage which users can access various parts of the system from the CMS admin view.

For easier and safer maintenance, it is recommended to base access rights on groups rather than individual users. Then, provide access rights to users by adding them to appropriate groups. See Managing users and user groups.

Be aware that both contacts (visitors registering on your public site or manually created in Commerce Manager) and system users created from the CMS admin view are visible in the same listing in CMS admin view and Commerce Manager. By default, contacts belong to the "Everyone" and "Registered" groups.

Groups and access rights

In addition to the default groups described in Access rights, Commerce has its own groups that you use to assign access rights for Commerce functions.

You must manually create the CommerceAdmins, CommerceSettingsAdmins and CatalogManagers groups before adding users to them. To do this, go to CMS > Admin > Access Rights > Administer Groups.

CMS groups for controlling access to Commerce

Group Provides access to Comment
Administrators All parts of the system, including Administration in Commerce Manager.

Usually restricted to developers for implementation and maintenance.

A built-in user group created when Episerver CMS is installed.
WebAdmins
  • All editing and administration views in CMS and Commerce.
  • All parts of Commerce Manager except Administration.
Usually restricted to very few users.
A built-in user group created when Episerver CMS is installed.
WebEditors The ability to edit Commerce content. Required for all users (if not members of WebAdmins or Administrators). Catalog editors need additional editing access rights in the catalog page tree (see Controlling access to catalogs and categories).
A built-in user group created when Episerver CMS is installed.
Everyone Derived from Windows, this group provides “anonymous” visitors with read access to content. All unregistered visitors to a public website are anonymous, meaning that they cannot be identified by the system. A built-in user group created when Episerver CMS is installed.

Commerce groups for controlling access to user interface areas

Group Provides access to Comment
CommerceAdmins All parts of Commerce Manager except Administration and the CMS admin view.  
CatalogManagers The Catalog user interface.  
MarketingManagers The Marketing user interface.  
CommerceSettingsAdmins The Commerce Settings tab, which allows editing of dictionary property values for Commerce content. See Dictionaries.

Commerce groups for controlling access to order management functions

Group Provides access to Comment
Order Supervisor All order management procedures.  
Order Managers
  • Creating returns and exchanges
  • Viewing and editing orders
  • Sending notifications
  • Processing payments and split shipments
  
Receiving Manager
  • Viewing shipments
  • Receiving returns
  
Shipping Manager Viewing, packing, and completing shipments.  

To determine more granular access rights to Commerce Manager functions for any standard group, custom group, or individual users, use the permissions for functions screen. See Customizing group access to functions.

Customizing group access to functions

You can customize which groups and users can perform Commerce functions beyond the levels listed in Groups and access rights. For example, you can grant the Receiving Manager group the ability to allow refund credits, even though that group cannot access that function by default. Or, you can remove from the Order Managers group the ability to add, edit, delete payments for orders.

Permissions for Functions are only applied in Commerce Manager, not in the Catalog user interface.

To do this

  1. Go to CMS admin view> Config > Security > Permissions for Functions.
  2. Select a function.
  3. Assign or remove users or groups to/from that function.
Closed—Image: Config tab—

Episerver image

See Permission for functions.

Controlling access to catalogs and categories

Members of user groups have default access rights to catalog content, as described in Groups and access rights. You can override these settings, and grant predefined groups and users access to individual catalogsCommerce: a top-level container for catalog entries such as categories, products, and variants (SKUs). and categoriesCommerce: Categories let you adjust the structure and range of a catalog to optimize the selling potential of products. You can use categories to search for products. You can also assign products to categories by creating relations.. You can also create custom groups then assign to their members the ability to perform various tasks on products in any category or catalog.

For example, a Site_Editors group has change permission for the entire catalog structure, while members of the Fashion_Editors group only have change permission for the Fashion catalog, and Automotive_Editors group members only have change permission for the Automotive catalog.

Note that you cannot set access rights for individual products. Products inherit permissions from their direct parents (but not "linked" parents).

Access rights set in the Catalog do not carry over to Commerce Manager (CM). So, users with CM access can still edit entries there despite the catalog settings.
You can restrict access to CM through Customizing group access to functions. However, most users who edit catalogs cannot access CM.

Closed—Image: Set access rights—

Episerver image

To control access to catalogs or categories, follow these steps.

Prerequisite: To work with catalog and categories, users must belong to the WebEditors and CatalogManagers user groups.

Part 1: Create custom groups

Set up user groups that will have edit access to specific catalogs. See Managing users and user groups.

Part 2: Assign groups to catalogs/categories

  1. In the Catalog, navigate to the catalog or category for which you want to grant access to groups or users.
  2. Go to All properties view.
    Closed—Image: Visible to > Manage—

    Episerver image

  3. Next to Visible to, click Manage. The Set Access Rights screen appears.
    Closed—Image: Visible to > Manage—

    Episerver image

  1. Uncheck Inherit settings from parent item.
  2. Assign groups and users to appropriate actions for the catalog or category. If you do not see a group or user for which you want to assign access rights, click Add Users/Groups.

    To learn about the access levels, see Access rights.

The image below illustrates an editor’s ability to edit the Mens Shoe category but no other categories under the parent.

Closed—Image: Ability to edit a single category—

Episerver image

ClosedEXAMPLE: Creating a user with access rights in CMS and Commerce

In this example, you create a user who enriches product information and landing pages in CMS, catalog content in Commerce, and all parts of Commerce Manager.

  1. In the CMS admin view, go to Access Rights > Create User.
  2. Enter the user information, select Active, and add the user to the desired groups. In this example:
    • WebEditors provides access to editing views
    • CommerceAdmins provides access to Commerce Manager.
    • Site_Editors structure group provides access the entire catalog structure (as illustrated in the above image).
      Closed—Image: Admin tab, Create user—

      Episerver image

  3. Click Save.
  4. Log in as the user to verify that proper access rights are applied.



Help topics   Need help?   FAQs   Glossary   Site map   Videos

Episerver User Guide 18-5 | Released: 2018-09-10 | © Episerver 2018 | Send feedback to us