This section describes how to manage access rights for users such as editors, administrators, and marketers working both in Episerver Commerce and Episerver CMS. When a user is created, you can set desired access rights depending on whether the user will work with CMS, catalog content, Commerce Manager, or all parts.
You need administrative access rights in CMS to manage users and access rights. This description refers to a default implementation of Episerver Commerce. Your website may be configured differently, and have customized user and user group management.
Managing users and groups
You manage users and access rights to various parts of the system from the CMS admin view. For easier and safer maintenance, it is recommended to base access rights on groups rather than individual users. Provide access rights by adding a user to appropriate groups, see Managing users and user groups.
Be aware that both contacts (visitors registering on your public site or manually created in Commerce Manager) and system users created from the CMS admin view, are visible in the same listing in CMS admin view and Commerce Manager. By default, registered visitors belong to the "Everyone" and "Registered" groups.
Groups and access rights
In addition to the default groups described in Access rights , Commerce adds a set of groups, which can be used to assign access rights to Commerce functions. Use the groups described below to control access rights to various parts of the system.
The CommerceAdmins, CommerceSettingsAdmins and CatalogManagers groups must be manually created in the CMS administration view before you can add users to them. Go to CMS > Admin > Set Access Rights and add the groups under Administer Groups.
Groups for controlling access to basic parts of the system
|Group||Provides access to|
|Administrators||All parts of the system, including Administration in Commerce Manager. Usually restricted to developers for implementation and maintenance.|
|WebAdmins||All parts of the editing and administration views in CMS and Commerce. All parts of Commerce Manager except Administration. Usually restricted to very few users.|
|WebEditors||All parts of the CMS edit view except Visitor Groups. Required for all users (if not members of WebAdmins). Additional editing access rights in the CMS page tree is required for CMS content editors (see below).|
|CatalogManagers||The Catalogs user interface.|
|CommerceSettingsAdmins||The Settings option for adding dictionary property values for Commerce content.|
|CommerceAdmins||All parts of Commerce Manager except Administration, but not the admin view in CMS.|
Groups for providing specific access in Commerce Manager
You can use these groups for providing specific access to functionality in Commerce Manager.
|Group||Provides access to|
|Management Users||All parts of Commerce Manager except Administration.|
|Order Supervisor||Full administration of the order management procedure.|
|Order Managers||Creating returns and exchanges, viewing and editing orders, sending notifications, processing payments and split shipments.|
|Receiving Manager||Viewing shipments and receiving returns.|
|Shipping Manager||Viewing, packing, and completing shipments.|
In addition to these pre-defined groups, you can also use permissions for functions to set up customized access rights to functions in Commerce Manager. See below for more information.
You can manage access to Commerce functions on a very detailed level. A standard installation of Episerver Commerce has a set of predefined commerce-specific roles. By assigning these roles to users or user groups, you provide them with access rights to perform tasks such as editing orders or deleting catalogs.
In the CMS admin view, go to Config > Security > Permissions for Functions, select a function and assign users or groups as desired.
See Permission for functions
Controlling access to the content structure
The WebEditors group provides access to the editing view only, so you also must grant editing access in the content structure to users who edit content in CMS. You can do this by creating "structure groups". For example, you can create a Site_Editors group with editing permission in the entire tree structure, and Product_Editors or News_Editors groups with limited editing access to selected parts of the tree. Define access rights for the groups in the page tree, and then add users to the groups as appropriate.
See access rights
In this example, we create a user who works with enrichment of product information and landing pages in CMS, catalog content in Commerce, and all parts of Commerce Manager.
- In the CMS admin view, go to Access Rights > Create User.
- Enter the user information, select Active, and add the user to the desired groups. In this example, WebEditors is needed to access the editing views, and CommerceAdmins is needed for access to Commerce Manager. Site_Editors is a structure group which provides editing access to all parts of the page tree structure on this website.
- Click Save.
- Log in as the user to verify that proper access rights are applied.