To prevent users from accessing and modifying certain on-line store data and from configuring the on-line store, you will need to assign E-commerce module permissions. This procedure is described in more detail in the Membership, permissions and security -> Permissions chapter in the Development section of the Developer's Guide.
The E-commerce module has the following permissions:
•Read data - allows to access Orders, Reports, Customers, Products, Product options, Discount coupons, Discount levels, Manufacturers and Suppliers.
•Modify data - allows to create, modify and delete data; see Read data.
•Modify global data - allows to create, modify and delete global Customers, global Products, global Product options, global Discount coupons, global Discount levels, global Manufacturers and global Suppliers.
•Read configuration - allows to access E-commerce module configuration (Store settings, Departments, Shipping options, Payment methods, Tax classes, Currencies, Exchange rates, Order status, Public status, Internal status, Invoice).
•Modify configuration - allows to modify E-commerce module configuration; see Read configuration.
•Modify global configuration - allows to modify E-commerce module global configuration.
•Read orders - allows to access Orders.
•Modify orders - allows to create, modify and delete Orders.
•Read reports - allows to access Reports.
•Read customers - allows to access Customers.
•Modify customers - allows to create, modify and delete Customers.
•Access all departments - allows to access Products from all departments.
•Read products - allows to access Products and Product options.
•Modify products - allows to create, modify and delete Products and Product options.
•Read discounts - allows to access Discount coupons.
•Modify discounts - allows to create, modify and delete Discount coupons.
•Read manufacturers - allows to access Manufacturers.
•Modify manufacturers - allows to create, modify and delete Manufacturers.
•Read suppliers - allows to access Suppliers.
•Modify suppliers - allows to create, modify and delete Suppliers.
•Destroy - allows to destroy E-commerce module object version history.
To allow members of a particular role to edit e.g. a site-bound Manufacturer, you will need to assign this role permissions in one of the following combinations:
•Read data + Modify data
•Read data + Modify manufacturers
•Read manufacturers + Modify data
•Read manufacturers + Modify manufacturers
Similarly, to edit e.g. a global Customer, you will need to assign permissions in one of the following combinations:
•Read data + Modify global data
•Read manufacturers + Modify global data
This can be configured in the E-commerce module permissions matrix in Site Manager -> Administration -> Permissions, as described in detail in the Permissions chapter in the Development -> Membership, permissions and security section of the Developer's Guide.
You may also need to restrict access to modifications of product documents in the content tree. In such case, you can use document-level permissions as described in detail in the Permissions -> Document permissions chapter in the same section of the Developer's Guide.