Default Security Schema

The security schema delivered with Kore Commerce can be changed, so it is always a good idea to set your own user up with a role configuration and test to make sure it is what you expect. Before making any changes to security, it is also recommend that you make the security change on the test website first and evaluate before making the change(s) in production. That said, here is the basic idea of our schema

User Roles

  1. Each user should have one primary role. Primary roles do not say include in the name "(Add-on)", and provide basic scoping of data through the core objects (i.e. Companies, Contacts, Orders, Shipments, Invoices, etc.). The primary roles are:
    1. Customer: Users with this role can only see data for their assigned company
    2. Master Customer: Users with this role can see data for all companies that are related to the company they are associated (BillTo and ShipTos)
    3. SalesRep: Users see all company data where they are the assigned salesrep in Eclipse. Requires some additional setup to link the sales rep ID to their own user.
    4. Employee: Users here are for internal personal and have access to all companies. Kind of an extension of Eclipse.
  2. Users can have one or more Add-on roles, which simply add capabilities you want them to have. The add-on roles are:
    1. Web Administrator: Intended to be add access to all of the Web Administration menu choices
    2. Store Manager: Intended to be add access to all of the Store Management menu choices
    3. Content Editor: For marketing personnel that need the ability to create and edit pages on the website
    4. ReviewApproval: Gives the user the ability to approve or reject product reviews.
    5. OrderApproval: Gives the user the ability to approve or reject B2C Orders before sending to Eclipse.
    6. Customer Admin: Ability to add/remove contacts for the users level of company scope. If added to a user with “Customer” role, they can only add/remove contacts for their own company.
    7. UserAdmin: Coupled with the CustomerAdmin this allows users to able to enable/disable web access for the contacts
Related Topics Link IconRelated Topics