Role permissions

  • Updated

Optimizely Configured Commerce has unique roles for the Admin Console and storefront to manage various tasks. Admin Console roles are prefaced with "ISC_" to differentiate them from website user roles.

Each role can only access certain areas based on predefined permissions. The lists below provide the default permissions for each role, but you can customize these permissions.

Console user permissions

Admin Console permissions

  • ISC_System (Optimizely-only role)
  • ISC_Admin
    • Manage integration jobs.
    • Manage admin and system users.*
    • Access CKFinder.
    • View and update website SEO settings.
    • Access the Application Dictionary.
    • Create revision (CK editor).
    • Publish (CK editor).
    • Delete revision (CK editor).
    • Preview revision (CK editor).
    • View and update settings.*
    • Impersonate users.
  • ISC_Implementer
    • Manage integration jobs.
    • Manage admin and system users.*
    • Access CKFinder.
    • View and update website SEO settings.
    • Access debug menu.
    • Access the Application Dictionary.
    • Access the Themes & Content menu.
    • Create revision (CK editor).
    • Publish (CK editor).
    • Delete revision (CK editor).
    • Preview revision (CK editor).
    • View and update settings.*
    • Impersonate users.
  • ISC_FrontEndDev
    • Access CKFinder.
    • Access the Themes & Content menu.
    • Create revision (CK editor).
    • Publish (CK editor).
    • Delete revision (CK editor).
    • Preview revision (CK editor).
  • ISC_Integration
    • Manage integration jobs.
    • Access CKFinder.
  • ISC_User
    • Manage admin and system users.*
    • Impersonate users.
  • ISC_ContentAdmin
    • Access CKFinder.
    • Create revision (CK editor).
    • Publish (CK editor).
    • Delete revision (CK editor).
    • Preview revision (CK editor).
  • ISC_ContentEditor
    • Access CKFinder.
    • Create revision (CK editor).
    • Preview revision (CK editor).
  • ISC_ContentApprover
    • Publish (CK editor).
    • Delete revision (CK editor).
    • Preview revision (CK editor).
  • ISC_StoreFrontApi
    • Controls access to custom properties in the Application Dictionary, including whether they are returned from or editable on the website.

* – denotes limited permissions

Content management system permissions

These roles let users manage storefront content in the CMS along with Admin Console access. 

A user needs the ISC_User role and the necessary storefront roles to access the Admin Console and edit the storefront.

  • ISC_Implementer 
    • Use CMS shell.
    • Create page.
    • Edit page.
    • Delete page.
    • Add linked page.
    • Unlink page.
    • Edit widgets.
    • Edit templates.
    • Preview page.
    • Publish page.
    • Clear future publish.
    • Rollback.
    • Rollback and publish.
  • ISC_FrontEndDev
    • Use CMS shell.
    • Create page.
    • Edit page.
    • Delete page.
    • Add linked page.
    • Unlink page.
    • Edit widgets.
    • Edit templates.
    • Preview page.
    • Publish page.
    • Clear future publish.
    • Rollback.
    • Rollback and publish.
  • ISC_ContentAdmin
    • Use CMS shell.
    • Create page.
    • Edit page.
    • Delete page.
    • Add linked page.
    • Unlink page.
    • Edit widgets.
    • Edit templates.
    • Preview page.
    • Publish page.
    • Clear future publish.
    • Rollback.
    • Rollback and publish.
  • ISC_ContentEditor
    • Use CMS shell.
    • Create page.
    • Edit page.
    • Add linked page.
    • Unlink page.
    • Edit widgets.
    • Preview page.
    • Rollback.
  • ISC_ContentApprover
    • Use CMS shell.
    • Preview page.
    • Publish page.
    • Clear future publish.

Spire-only roles

  • CMS_ContentEditor
    • Add widgets to a content page.
    • Delete widgets from a content page.
    • Rearrange widgets on a content page.
    • Edit existing content widgets on any page. These users cannot edit CSS fields or the Code Snippet widget.
    • Create content pages.
    • Delete content pages.
    • Create a page variant.
    • Delete a page variant.
    • Copy a page.
    • Rearrange pages in the page tree.
  • CMS_ContentDeveloper You must enable the Advanced Spire CMS Features setting under Administration > Settings > Site Configurations to assign this role.
    • Add widgets to a content page.
    • Delete widgets from a content page.
    • Rearrange widgets on a content page.
    • Edit existing content widgets on any page, including CSS fields and the Code Snippet widget.
    • Create content pages.
    • Delete content pages.
    • Create a page variant.
    • Delete a page variant.
    • Copy a page.
    • Rearrange pages in the page tree.
  • CMS_SiteEditor
    • Add widgets to a content page.
    • Delete widgets from a content page.
    • Rearrange widgets on a content page.
    • Edit existing content widgets on any page. These users cannot edit CSS fields or the Code Snippet widget.
    • Create content pages.
    • Delete content pages.
    • Create a page variant.
    • Delete a page variant.
    • Copy a page.
    • Rearrange pages in the page tree.
    • Update content.
    • Edit settings and content of commerce widgets.
    • Compose commerce pages.
    • Add widgets to a commerce page.
    • Delete widgets from a commerce page.
    • Rearrange widgets on a content page.
  • CMS_Publisher
    • Approve content for users who do not have publishing permissions.
    • Publish content, including bulk publish, future publish, rollback, and immediate publish.
  • CMS_SystemAdmin
    • Can do all actions listed previously.
    • Edit a site's global style guide.

Website user permissions

The following list describes the permissions users have when accessing the website.

  • Administrator
    • Access budget management.
    • Submit items for requisition.
    • Create users.
    • Deactivate users.
    • Edit users.
    • Assign and edit ship-to.
    • View and approve requisitions.
    • View invoice history.
    • Approve orders.
    • View saved orders.
    • Save orders.
    • View order history.
    • Request quote.
    • View quotes.
    • View approvals.
    • Add wishlist.
    • Edit wishlist.
    • Delete wishlist.
  • Buyer1
    • Can only place orders for approval.
    • View saved orders.
    • Save orders.
    • View order history.
    • Request quote.
    • View quotes.
    • View approvals.
    • Add wishlist.
    • Edit wishlist.
    • Delete wishlist.
  • Buyer2
    • Place orders within a specific budget.
    • View saved orders.
    • Save orders.
    • View order history.
    • Request quote.
    • View quotes.
    • View approvals.
    • Add wishlist.
    • Edit wishlist.
    • Delete wishlist.
  • Buyer3
    • Place orders without approval and act as an approver.
    • View invoice history.
    • Approve orders.
    • View saved orders.
    • Save orders.
    • View order history.
    • Request quote.
    • View quotes.
    • View approvals.
    • Add wishlist.
    • Edit wishlist.
    • Delete wishlist.
  • Requisitioner
    • Request to order items.
    • Submit items for requisition.
    • Add wishlist.
    • Edit wishlist.
    • Delete wishlist.

Custom roles

If you choose to create a custom role related to content creation or storefront access, the ability to publish content is assigned only to the applicable roles listed below, and you cannot add the ability to publish to your custom role.