Customer Roles and Administrator Access - v2.20

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.
Hace 12 años
I am trying to setup a new Client Administrator role, which gives a user access to the CMS to amend product, order and customer details.   (ie Manage their data - but not configure their setup)

I've set up a new role and configured the ACL list so they can't manage customer roles, but can manage customers.  

Unfortunately, if they go into their own customer record, on the customer roles tab they can make themselves to an administrator user.

Is there any way to do what I am trying to do?  Surley only administrator users should be able to set other users as administrators?

Thanks
Nick


I am new to nopC, so please excuse me if this has already been discussed.  I have searched the forum and not found this topic.
0
Hace 12 años
Just add some validation in Edit(CustomerModel model, bool continueEditing) method of CustoemrController. Something like
"if (current customer is not in system admin role ) then don't save new role mapping"
Interested in the dedicated Premium support services provided by core developers? Please visit https://www.nopcommerce.com/nopcommerce-premium-support-services

Regards,
Andrei Mazulnitsyn
nopCommerce team
0
Hace 12 años
Thanks.   Makes sense.

Just out of interest might it be an idea to seperate our admin users from customers?   I would have thought from security perspective it would be best.  

It might also be nice to change the admin menu, based upon admin user ACL - so that they have a clear usable interface, rather than a lot of options they don't need to worry about.
0
Hace 12 años
NMorley wrote:
It might also be nice to change the admin menu, based upon admin user ACL - so that they have a clear usable interface, rather than a lot of options they don't need to worry about.

Just set 'SecuritySettings.HideAdminMenuItemsBasedOnPermissions' setting to 'true'
Interested in the dedicated Premium support services provided by core developers? Please visit https://www.nopcommerce.com/nopcommerce-premium-support-services

Regards,
Andrei Mazulnitsyn
nopCommerce team
1
Hace 12 años
Hi

I have added SecuritySettings.HideAdminMenuItemsBasedOnPermissions in Configuration==>Settings==>All Settings(Advanced), then i have logged in with another role.. but menu will not hiding
Christopher
0
Hace 12 años
Hi Christopher,

I have got this working in both v2.20 and 2.30 code bases.   Once you have set the setting to true, you need to make sure the access levels you want are set correctly in the ACL list.

I have created myself a client admin user, that only has access to modify products and look at orders.  They only see the menu items based upon what is set for that user in the ACL list.

It definately is working for me.  Just re-tested it.

Nick
0
Hace 12 años
Hi,

Thanks for your reply, Currently i'm using nopcommerce 2.1. I have modified source code for my need, is there any option to upgrade from 2.1 to 2.2 ?
Christopher
0
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.