Access rights for Customized Commerce

  • Updated
You need administrative access rights in Optimizely Content Management System (CMS) to manage users and access rights. This topic refers to a default implementation of Optimizely Customized Commerce. Your website may be configured differently, and have customized user and user group management.

You can manage access rights for user roles such as administrators, marketers, and merchandisers working in Customized Commerce. You assign appropriate access rights, when you crate a user, to work with CMS, catalog content, Commerce Manager, or all parts.

For easier and safer maintenance, you should base access rights on groups rather than individual users. Then, provide access rights to users by adding them to appropriate groups. See Users and user groups.

Be aware that both contacts (visitors registering on your public site or manually created in Commerce Manager) and system users created from the CMS admin view are visible in the same listing in CMS admin view and Commerce Manager. By default, contacts belong to the Everyone and Registered groups.

Group access rights

In addition to the default groups described in Access rights for CMS users, Customized Commerce has its own groups that you use to assign access rights for Customized Commerce functions.

You must manually create the CommerceAdmins, CommerceSettingsAdmins and CatalogManagers groups before adding users to them. To do this, go to CMS > Admin > Access Rights > Administer Groups.

Built-in user group access

The following groups are built-in user groups that are created when Optimizely CMS is installed, and control access to Customized Commerce.

  • Administrators – Access to all parts of the system, including Administration in Customized Commerce Manager. Usually restricted to developers for implementation and maintenance. 
  • WebAdmins – All Editing and administration views in Optimizely CMS and Optimizely Customized Commerce. All parts of Commerce Manager except Administration. Usually restricted to very few users.
  • WebEditors – Can edit Customized Commerce content. Required for all users (if not members of WebAdmins or Administrators). Catalog editors need additional editing access rights in the catalog page tree (see Control access to catalogs and categories).
  • Everyone – Derived from Windows, provides “anonymous” visitors with read access to content. All unregistered visitors to a public website are anonymous, meaning that the system cannot identify them.

User interface access

The following groups control access to user interface areas in  Customized Commerce.

  • CommerceAdmins – Access to all parts of Commerce Manager except Administration and the CMS admin view.
  • CatalogManagers – Access to the Catalog user interface.
  • MarketingManagers – Access to the Marketing user interface.
  • CommerceSettingsAdmins – Access to the Customized Commerce Settings tab, which allows editing of dictionary property values for Customized Commerce content.

Order management access

The following groups control access to order management functions in Customized Commerce.

  • Order Supervisor – Access to all order management procedures.
  • Order Managers – Access to the following:
    • Creating returns and exchanges.
    • Viewing and editing orders.
    • Sending notifications.
    • Processing payments and split shipments.
  • Receiving Manager – Access to viewing shipments and receiving returns.
  • Shipping Manager – Access to viewing, packing, and completing shipments.

To determine refined access rights to Commerce Manager functions for any standard group, custom group, or individual users, use the permissions for functions screen. See Customize group access to functions.

Catalogs and categories access

Members of user groups have default access rights to catalog content, as described in Groups and access rights. You can override these settings, and grant predefined groups and users access to individual catalogs and categories. You can also create custom groups then assign to their members the ability to perform various tasks on products in any category or catalog.

For example, a SiteEditors group has change permission for the entire catalog structure, while members of the CommerceAdmins group only have change permission for the Fashion catalog, and AutomotiveEditors group members only have change permission for the Automotive catalog.

Access-rights-4.png

You cannot set access rights for individual products. Products inherit permissions from their direct parents (but not "linked" parents).

Access rights set in the Catalog do not carry over to Commerce Manager (CM). So, users with CM access can still edit entries there despite the catalog settings. You can restrict access to CM through Customizing group access to functions. However, most users who edit catalogs cannot access CM.

To control access to catalogs or categories, follow these steps.

Prerequisite: To work with catalog and categories, users must belong to the WebEditors and CatalogManagers user groups.
  1. Set up user groups that will have edit access to specific catalogs. See Users and user groups.
  2. In the Catalog, go to the catalog or category for which you want to grant access to groups or users.
  3. Go to All properties view.

    Image: Assign groups to catalogs/categories

  4. Next to Visible to, click Manage. The Set Access Rights screen appears.

    Image: Manage visibility

  5. Uncheck Inherit settings from parent item.
  6. Click Add Users/Groups if you do not see a group or user for which you want to assign access rights.
  7. Assign groups and users to appropriate actions for the catalog or category.

The image below illustrates an editor’s ability to edit the Mens Shoe category but no other categories under the parent.

Image: blocked content

Function access

You can customize which groups and users can perform Customized Commerce functions beyond the levels listed in Groups and access rights. For example, you can grant the Receiving Manager group the ability to allow refund credits, even though that group cannot access that function by default. Or, you can remove from the Order Managers group the ability to add, edit, or delete payments for orders.

Permissions for Functions are only applied in Commerce Manager, not in the Catalog user interface.
  1. Go to CMS admin view > Access Rights > Permissions for Functions.

    Access-rights-2.png

  2. Select a function.
  3. Assign or remove users or groups to/from that function.

    Access-rights-3.png

Example: Create a user with access rights

In this example, you create a user who enriches product information and landing pages in Optimizely CMS, catalog content in Customized Commerce, and all parts of Commerce Manager.

  1. Go to CMS Admin > Access Rights > Administer Users.
  2. Click Create User.
    1. Enter the username, email, and password information.
    2. Select Active.
    3. Select Add group to add the user to the desired groups, such as Order Managers and Shipping Managers.

      Access-rights-5.png

  3. Click Save.
  4. Log in as the user to verify that proper access rights are applied.