Suivez votre progression
Accueil Trailhead
Accueil Trailhead

Configure Roles and Permissions

Learning Objectives

After completing this unit, you’ll be able to:
  • Explain what a role is in Business Manager.
  • Explain the difference between functional and module permissions.
  • List three types of permissions that admins can grant.
  • Explain how each of the permissions work.

What Are Roles All About?

As Linda Rosenberg, Cloud Kick’s administrator, learned on her first day, in Business Manager a role is a group of permissions that you grant to set of users. Users can have multiple roles. Business Manager comes with sample roles, such as the administrator role that’s assigned to Linda.

Roles contain Business Manager module permissions and functional permissions and are defined in the context of an organization. Module permissions grant access to Business Manager modules, while functional permissions grant permission to perform certain tasks. For example, Traude Beck, the Cloud Kicks merchandiser, needs to edit data in the catalog. To do that she needs write access to the Catalogs module in the Merchant Tools area and functional permission to manage catalogs. She must have both types of permissions to edit the data.

A role must also specify the permitted languages or locales. Permissions are additive. A user has all of the permissions of all the roles they are assigned to.

Module Permissions

You grant module permissions in the context of a site or organization, depending on the module’s functionality. For example, if you have users who manage orders in the context of a site, you grant them permission on the Ordering module within that site’s context.

Module permissions can prevent programmatic access by unauthorized users, and they include the ability to transfer, replicate, and edit the respective storefront data.

Functional Permissions

Functional permissions grant the user the ability to perform certain tasks. For example, Linda can specify that a role can allow users to:

  • Manage a library and its assets for the selected site.
  • Delete an order.
  • Add or delete a price adjustment at the item level.

Functional permissions vary by context. Some are only available at the site or organizational level and not both.

WebDAV Permissions

Linda occasionally needs to grant access to WebDAV folders to developers. These folders can contain code or data such as:

  • /cartridges
  • /realmdata
  • /securitylogs

Add a Role

The Cloud Kicks site already has the following roles and assigned permissions.

Role Module Permissions Functional Permissions
corporate
  • Products and Catalogs
  • Content
None
admin Organization permissions:
  • Replication
  • Site Development module
  • Import & Export
  • Site Import & Export Operations
Cloud Kicks site:
  • All Batch Processes
  • All Import & Export modules
  • Replication_Run_For_Org
  • WebDAV_Realm_Access
  • WebDAV_Manage_Customization
  • WebDAV_Transfer_Files
developer Cloud Kicks site:
  • Custom Objects
  • Analytics
  • SEO
  • Site Preferences
  • WebDAV_Realm_Access
  • WebDAV_Manage_Customization

Linda sees that the existing admin role gives the new admin Peter all the functionality he needs to do his job. But it looks like she needs to add a new merchandiser role for Traude. Traude’s job requires that she create and edit storefront data such as products and content. Traude needs the following permissions.

Module Functional
  • Products and Catalogs
  • Content
  • Search
  • Online Marketing
  • Ordering
  • Analytics
  • Manage_Site_Catalog
  • Manage_Site_PriceBooks
  • Manage_Site_Inventory

Here’s how Linda creates a new merchandiser role for Traude.

  1. Open Business Manager.
  2. Select Administration > Organization > Roles & Permissions. Business Manager Roles page
  3. Linda’s Administrator role, which is marked with a yellow triangle, is security-sensitive. This role is what grants her the permission she needs to manage users and access roles.
  4. Click New to create a new role. Business Manager new role page
  5. Enter merchandiser and click Apply.
  6. Click the Business Manager Modules and Functional Permissions tabs to add permissions.

Add Permissions

Linda adds permissions to this role.

  1. Open Business Manager.
  2. Select Administration > Organization > Roles & Permissions.
  3. Click the Business Manager Modules tab.
  4. Select the Cloud Kicks site and click Apply. Business Manager Modules Permissions page
  5. Select the modules for:
    • Products and Catalogs
    • Content
    • Search
    • Online Marketing
    • Ordering
    • Analytics
  6. Click Update.
  7. Click the Functional Permissions tab.
  8. Select the Cloud Kicks site and click Apply. Business Manager Functional Permissions page
  9. Assign these functional permissions:
    • Manage_Site_Catalog
    • Manage_Site_PriceBooks
    • Manage_Site_Inventory
  10. Click Update.

Assign Locale Permissions

Linda now assigns permissions on the English locale to the merchandising role. Traude needs this permission so she can view or edit localized English attributes and create English storefront data.

  1. From the merchandiser role, click the Locale Permissions tab. Business Manager Locale permissions page
  2. Click the checkbox to grant write access to the English locale.
  3. Click Apply.

Assign WebDAV Permissions

Next, Linda’s manager asks her to add WebDAV permissions to the existing developer role. Here’s what she does.

  1. In the Roles & Permissions module, select the developer role.
  2. Click the WebDAV Permissions tab. Business Manager WebDAV Permissions page
  3. Grant write access to all the folders.
  4. Update the role.

Assign Users to Roles

Now Linda can assign the merchandiser role to Traude so she can do her job. As a merchandiser, Traude needs to be able to edit the site catalog, pricing, and inventory. She should only see the data for her site.

  1. On the Roles & Permissions page, select the merchandisers role. Business Manager Roles page
  2. Click the Users tab, and click Assign.
  3. Select the user ID and click Assign.

Linda follows the same steps to assign the admin role to Peter. Now both new users can start doing their work at Cloud Kicks.

Let's Sum It Up

In this module Cloud Kicks’ new administrator, Linda Rosenberg, created new user records and a new role. She assigned permissions to the new role so that Traude, one of her new users, can access the data she needs to work with in her job. Linda also added WebDAV permissions to an existing developer role and added password protection to a fledgling site.

Now it’s time to test your knowledge and earn a new badge!