Page 1 of 1

Define user roles

Posted: 10 Mar 2021, 09:33
by jpeters
Hello Jan,
can you add options to define roles of users
- Administrator (all Rights)
- Employee (manage orders) (create, order payment state, shipping state)
- Warehous (order status (shipping state)
- Manager (Manage products, Groups, pricing)
-

alternativly add feature to define roles and rights.
so show owner can define roles and rights inside Phoco Cart.

it would be nice to have a frontend interface for non administrative users.

Re: Define user roles

Posted: 10 Mar 2021, 14:28
by Jan
Hi, this you can do in Joomla! Why to duplicate this and confuse users?

Jan

Re: Define user roles

Posted: 10 Mar 2021, 19:42
by jpeters
Reading right details in joomla phoca cart i dont see options like only change order status for example..

That why i ask.. extend right options.. then joomla user rights can be defined specificly to joomla users or groups

Or do i mis something here?

Re: Define user roles

Posted: 11 Mar 2021, 08:28
by David-Spring
Three steps that can get you close to what you want. First, create the custom Joomla User Groups and assign your staff to the groups. Second, assign custom access control levels (ACL) to the groups. Some can view, some can edit, some can delete, some can approve, etc. Third, visit Phoca Cart, OPTIONS (button in upper right corner), Permissions tab. I am not certain if one person can be put in charge of Orders. It more applies to ACTIONS a person in a group can take rather than pages they can visit. Limiting both actions and Phoca Cart pages may require some sort of template override. However, Joomla has one of the most flexible access control systems in existence. My understanding is that it will be even better in Joomla 4. My advice is to spend a few days reading the documentation on setting up custom Joomla Access Control Levels. It is truly one of the best features of Joomla.

Re: Define user roles

Posted: 11 Mar 2021, 15:58
by jpeters
i know Joomla user level and rights.. that's not the issue.
but i would like to define specific roles inside phoca cart (for example only adjust order status). as far as i know that it currently not possible because the right structure.
so giving user modify rights a user can modify a lot of fields inside phoca cart , not only orders.

Re: Define user roles

Posted: 12 Mar 2021, 00:33
by David-Spring
I agree that currently, the Phoca Cart component is a matter of defining the access for the entire component. But this is because there is only an access section defined in Options for the entire component. I believe that you can choose individual parts of Phoca Cart and do a template override by adding the component Permissions section to individual sections, such as the Order section and then setting permissions within the Orders section. I have not done this exact template override. But I have done many other template overrides with Phoca Cart and they worked every time. Have you considered or tried to do a Template Override to achieve what you want?

Re: Define user roles

Posted: 12 Mar 2021, 17:12
by jpeters
Hello David,
no i did not tried a template override.. and in my uppinion that could work but its only solves a visable solution and not a rights solution. based on template overrides you customize the user interface but not the effective user rights on the component.
that's why i ask for this feature request to extend the current user rights options to more define the rights of specific users / roles inside Phoca Cart. (multi user, multi vendor, etc).

Re: Define user roles

Posted: 14 Mar 2021, 12:52
by Jan
I agree that currently, the Phoca Cart component is a matter of defining the access for the entire component
Access for the entire whole component is purposely not extended in Phoca extensions. The problem is that one of the reasons why people leave Joomla! is too much options and too much rules which are very complicated and hard to maintain.

So this is very problematic part, because e.g. 5% of all users will use such rule system but for 95% of them are negatively impacted. Not only because they are confused when setting the rights but even checking different rights can slow down the system.

Just imagine, you have rights rule for each taks, for each button, if you start with small group of rights and then you will never end because you will always find some task or button which can be individually manages by rights. When setting it, you will slowly lose control over it

Added to feature request list:
https://github.com/PhocaCz/PhocaCart/issues/94

And of course, will be grea to get more detailed information so there can be discussion - what to check if permissions, what not, etc. :idea:

Jan