E-commerce permissions

To prevent users from accessing and modifying certain on-line store data, and to prevent them from configuring the store, you need to assign E-commerce Solution permissions.

The Kentico E-commerce Solution uses the following permissions:

E-commerce permissions

  • Read data - allows users to access orders, reports, customers, products, product options, discount coupons, manufacturers and suppliers.
  • Modify data - allows users to create, modify and delete data; see Read data.
  • Modify global data - allows users to create, modify and delete global customers, global products, global product options, global discount coupons, global discount levels, global manufacturers and global suppliers.
  • Read configuration - allows users to access E-commerce Solution configuration, i.e. your on-line store settings, departments, shipping options, payment methods, tax classes, currencies, exchange rates, order statuses, product statuses, invoices and discount rules.
  • Modify configuration - allows users to modify E-commerce Solution configuration; see Read configuration.
  • Modify global configuration - allows users to modify E-commerce Solution global configuration.
  • Read orders - allows users to access orders.
  • Modify orders - allows users to create, modify and delete orders.
  • Read reports - allows users to access reports.
  • Read customers - allows users to access customers.
  • Modify customers - allows users to create, modify and delete customers.
  • Access all departments - allows users to access products from all departments.
  • Read products - allows users to access products and product options.
  • Modify products - allows users to create, modify and delete products and product options.
  • Read discounts - allows users to access discounts and free shipping offers.
  • Modify discounts - allows users to create, modify and delete discounts and free shipping offers.
  • Read manufacturers - allows users to access manufacturers.
  • Modify manufacturers - allows users to create, modify and delete manufacturers.
  • Read suppliers - allows users to access suppliers.
  • Modify suppliers - allows users to create, modify and delete suppliers.
  • Destroy - allows users to destroy e-commerce object version history.

Example

To allow members of a selected role to edit site-specific manufacturers, you need to assign this role permissions in one of the following combinations:

  • Read data + Modify data
  • Read data + Modify manufacturers
  • Read manufacturers + Modify data
  • Read manufacturers + Modify manufacturers

Similarly, to allow the role members to edit global customers, you need to assign permissions in one of the following combinations:

  • Read data + Modify global data
  • Read customers + Modify global data

You can perform this configuration in the E-commerce Solution permissions matrix in the Permissions application.

Product permissions

Permissions described on this page affect E-commerce Solution objects only. If you need to restrict access to modifications of products, you need to distinguish between:

Products as stand-alone SKUs

The corresponding above-described permissions apply fully, i.e. you don’t need any other permissions.

Products as SKUs + documents

You need to have:

  • corresponding E-commerce permissions,
  • document-related permissions.