Security foundation explained
With Ucommerce comes the ability to maintain security for multi store solutions. This means that you can maintain security on a per-store level. In this article we'll briefly explain what concepts are present and how to configure them properly.
Security model
All roles are always enabling access to view and edit different sub areas of Ucommerce. If you wish to remove access to view or edit, simply remove the role from the user.
All roles are a union of roles gathered from the user itself and from the roles assigned from any of the user roles. If you have the role in either levels you will get the proper access.
Integration with Users and roles in the CMS
Regardless of the CMS integration (Kentico, Sitecore, Sitefinity, or Umbraco) Ucommerce is using the CMS to figure out if and who is logged in. Besides that we know about what user role they belong to. This makes it easier for you to maintain access rights as they only need to maintain one set of users and roles. They are always maintained within the CMS user area.
Segmentation of roles
All roles are assigned on a per-store level. This means that if you have multiple stores within your solution and you need to access multiple stores, you need multiple roles.
Avaiable roles
Roles assigneable for users and roles includes access for:
- view and edit a store.
- view and edit a catalog, access for it's categories and view it's products.
- edit, create and delete products within a specific catalog.
- create and delete catalogs under a specific store.
- marketing foundation - but only for the store you have access for.
- view orders under a store.
- Edit order under a store.
- Change order status under a store.
- Maintain multi lingual properties under a store.
- Create and delete stores.
- Access to the settings area in general.
- Maintain pricepoints under a store.
Super users
If you have an administrator user, he will automatically get access to view all objects in the entire system. This flag is also picked up from the CMS.