Permissions

The purpose of this document is to describe the available individual permissions that can be enabled for each role and how you manage these roles in Admin.

Permissions are based on roles. Roles are fully configurable to allow you to specify the actions and access available, and define the available stores, for an specific role. Additionally, you can easily change the timezone for a user.

Admin menu

Managing Permissions

In System > Permissions you can access both the Users, where you create a new user, and Roles, where you set permissions for a user, sections. Both roles and users are fully configurable to meet your unique permissions needs.

Roles

A role defines which actions a user is able to execute within the system. Create roles first, then users assigned to those roles.

Hierarchy

An administrator should be granted a role with a value of 1 in the Hierarchy field, which gives them the permissions to create additional roles for others as needed. With this permission they can define role names and check permissions to be granted to users per role (via the tickbox in the Resources section).

The following rules apply to hierarchy levels:

  • Roles with a hierarchy of 1 have the ability to view other roles with a hierarchy of 1, as well as all roles with a hierarchy greater than 1.
  • Roles with a hierarchy of 2 are not able to view roles with a hierarchy of 1 or other roles with a hierarchy of 2. They can only see roles with a hierarchy of 3.
  • Roles with a hierarchy of 3 are not able to view any roles in the Roles view.

Once roles have been defined (see the Add a role section below) a new user can be created and assigned to the role.

Add a role

  1. Click System > Roles.

  2. Click Add Role.

    Add Role

  3. Add a name for this role and set the hierarchy.
  4. Tick the applicable Stores and Resources options for this role.

  5. Tick None, All Sales Channels, or Specific Sales Channels to select which, if any, sales channels this role should have access to.

    If a role needs to have visibility to orders that have not yet been sourced (such as orders pending sourcing, backorders, and pre-orders) the role will require access to all sales channels/sources. To achieve this, tick the Allow access to all Sales Channels/Sources option, which allows visibility to those orders without applying filters.

    • If Specific Sales Channels is selected, search for and select, or tick, the desired channel options and click Done.

  6. Click Create.

    When you navigate back to the Roles page a list of all the Roles that have been created will be displayed.

    Roles

Delete a role

To delete a role:

  1. Click System > Roles.

  2. Click Delete for the role you want to remove.

    Delete Button

Modify a role

To modify an existing role:

  1. Click the name of the role in the left-hand column of the Roles page.
  2. Edit the Name, Hierarchy, Resources, or Stores options as desired.

  3. Click Update.

    Update button

You cannot filter information by source and store, so you must define one of them. If a user has one or more sources selected as part of their defined role, all active pages as defined for the role will only show details for the selected sources.

Typically, omnichannel users are interested in source filters and single channels in store-level filters.

Users

A user is an individual that has a particular role within an specific environment. A user can perform specific actions based on their configured role, and they can see relevant information based on the permissions assigned to them (via their role).

Once a new role is created you can create a new user and assign a role to the user.

When creating a user it is important to specify which sources the user has access to. For instance, a store associate role will most likely be interested in only seeing orders that have been sourced to their applicable source (the one designated for their store), so will only need access to that source.

You can add a user via:

  • The Admin panel.
  • An uploaded template.

Add user through Admin panel

To add a user in the Admin panel:

  1. Click System > Users.

  2. Click Add User.

    Add User

  3. Fill in the following information per the user’s specifics:

    • Copy from (optional) - Copy user information from an existing user
    • User name - Create a user name
    • E-mail - Add user email
    • Timezone - Configure the appropriate timezone
    • Role - Choose their role, such as Super Admin, admin, Store assistant, Customer service agent, etc.

    • Allow access Sources - Select the applicable sources for the user: None, All Sources, or Specific Sources. By default, None will be selected.

      If you selected None, the user will not have access to any source and pages with source filtering capabilities will display an error message.

      If you selected All Sources, there is no source restriction for the user. When a new source is created, the user will automatically have permissions to see related data for the pages they have access to.

    a. If you selected Specific Sources, search for and select, or tick, the desired options and click Done.

    When assigning sources to a user (or updating a current user), you will only see sources available for the User role you selected.

    The new user will receive an email from Backoffice User Service containing a password reset link. In order to access the admin interface new users are required to reset their password.

When you navigate back to the Users page you will see a searchable list of all configured users, showing user name, e-mail, User role, and whether or not they are active roles.

Add/update user by uploading template

This option is ideal if you want to create many users at one time.

To add a user by uploading a template:

  1. Click System > Users.

  2. Click Upload users.

    Upload Users

  3. Click Download template and populate it with multiple user’s information to do a bulk upload and configuration of a set of users, or to update existing users.

    CSV template file fields

    Columns Description Example Important
    Username Name the user will use to access the UI storeAssistant21 Do not use spaces
    E-mail Email that will be use to manage the user’s account, reset the password, and send any email storeAssistant21@site.com -
    Enabled Defines whether user is active; for use in deactivating multiple users at the same time 1/0 Available values are 0 (not active) or 1 (active)
    Access all sales channels Define user access to all sales channels for this client 1/0 Available values are 0 (source restriction) or 1
    Access all sources Define user access to all sources for this client to avoid having to select from many sources 1/0 Available values are 0 (source restriction) or 1; access to all sources requires ALL_SOURCES, access
    Timezone Timezone in which the user is located UTC -
    Role Defines the actions the user can perform and available access to the UI Corporate Super Admin roles are for use by internal Magento users
    Sources Comma separated list of sources the user will have access to (external ID) WAREHOUSE, test-store Column must list external ID of sources
    Action Indicates whether you are updating or creating a new user Create/Update -

    Upload Users View

  4. Click Choose File, select your edited template, and click Upload.

    The new users will receive an email from Backoffice User Service containing a password reset link. In order to access the admin interface new users are required to reset their password.

You can also edit existing users by clicking Download CSV and editing the information as explained.

When you navigate back to the Users page you will see a searchable list of all configured users, showing user name, e-mail, User role, and whether or not they are active roles.

Available individual permissions

There are eight different areas of permission: Sales Management, Customer Service, Order Modification, Stock Management, Omnichannel Management, Reports, Configuration, Internal Tools.

See the permissions their descriptions below.

Sales Management

Manage orders Access to the Sales > Orders page
Manage pre-orders Access to see the pre-order dashboard
Export order data Capability to export information XML/CSV on the Sales section (/admin/sales/orders/)
Manage payment authorizations  
Manage backorder Access to see the backorder dashboard

Customer Service

Manage Orders Access to the Customer service > Orders pages
Export order data Capability to export information XML/CSV on the Customer service section (/admin/customer-service/orders/)
Cancel line Display cancel button and allow to cancel order lines
Request returns Access and permission to manually initiate a return from OMS Admin
Approve returns Access and permission to manually initiate approve a return if the flow is configured to require an approval
Request appeasement Access and permission to manually request an appeasement of a specified amount
Request reshipment Access and permission to request an order re-shipment
Request exchange Access and permission to request an order exchange
Release refunds Permission to request a release of a refund
Exchanges  
Resend emails Access and permission to resend any selected email

Order Modification

Update Shipping Address Capability to manually update shipping address
Update Custom Attributes Capability to manually update custom attributes

Stock Management

Source Engine Provides visibility into:
- the queue of orders pending sourcing
- display exception of the orders pending sourcing as overdue
Manage inventory Display the stock information for each SKU and source. The user can see also historical information for any stock change (i.e.: past updates to the stock quantities)
Manage stock aggregates Allows the user to display, create and update the configured sales channels and stock aggregates.
From the stock aggregates page the user can update which sources are associated to the aggregate (meaning will provide the stock to be aggregated for the final available to sell stock for the frontend provider).
Here the safeties stock at aggregate level can be configured for each item status (default, outlet, end of life).
Manage sources Access to create new source, update existing source information, upload from a csv a list of sources, define the allocation waves per each source
Manual stock update Allows a user to manually change the stock of any given SKU for a specific source from Admin. This feature should be used for very specific updates, given the stock snapshot processes will override the manual changes

Omnichannel Management

Manage ship from store orders Access to:
Home page > Ship From Store Dashboard
Dashboard > Ship From Store Dashboard
Sales > Ship From Store
Manage ISPU orders Access to:
Home page > In-store Pickup Dashboard
Sales > In Store Pick Up
Sales > Orders: from this page on the pick list “view” page users will be redirected to the ISPU pick list
Sales > Orders > Order overview: access to the pick list(s) from several links
Pending arrival Access to:
Sales > Pending arrival page that is required for Ship to Store (STS)
ISPU dashboard Access to:
Dashboard > In-Store Pickup (ISPU) Dashboard
ISPU Configuration Access to:
System > I configurations to define pick and customer decline reasons

Reports

Reports Access to download csv reports within a defined date range. Available reports are:
- master order
- shipments
- returns
- refunds

Configuration

Manage catalogue Provides visibility into all items and options created in the OMS catalog and allows to manually create new items/options.
From the item page the user can see the stock available for the specific SKU for each one of the sources
Manage users Access to:
System > Users page
Manage roles Access to:
System > Roles page, users with permissions to this page will be able to update roles with the limitation of the hierarchy as a user will never be able to make a role with a higher hierarchy as his own.

Internal Tools

Developer Tools -
Events -
Message Log -
Force Shipment -
Force Soft Allocation -
Extensions -
© 2019 Magento. All rights reserved.