8. Access Management

fmUserAccess fmUserEdit fmRoleEdit

To grant access to your store database to another person without administrative rights, you have to register a new role, and specify the rules for your employees to manage data. This is possible due to the Access Management feature.

To use it, choose the "Store" tab and click the indicated button:

Access Management button

Next, select "Users and Permissions" from the drop-down list:

Users and Permissions

A warning message dialog will appear. To proceed, select [Yes].

Warning message

By default, you will have Administrator rights (login and password at startup are "admin"). Press [Add Role] to add users and provide them with access to your store data.

Open the "Roles" tab, and press the [Add] button. Specify the "Role Name", in the displayed form.

Roles tab Add button

Typical examples are Manager, Senior Manager, Operator, or Seller, etc.

Press [OK] to save your entry.

Role Name

Unselect the "Administrator rights" checkbox, to set special permissions for the current role.

Un-check field 'Administrator rights'

Specify what features will be available to the newly created role (viewing, modification, or both). You may also manage already existing roles (add, or remove access details, delete roles from the list, or create additional roles, and, or, permissions).

Permissions for new role

You may also change the default username, and, or, password, by pressing the [Edit] button, located on the toolbar.

Once a role has been created, you can proceed to add a new User and assign it to an appropriate role. Select the "Users" tab, and press the [Add] button. In the form which appears, complete the required information:

  • Specify "User Name", set and confirm "Password", choose the user's account status ("Active" or "Inactive"), etc.
Add new user form
  • You may also change the "Role" details. For this, choose the relevant option from the drop-down list:
Change role

By assigning roles to users, you assign permissions to users, that have been prior set up, for the role. E.g., if the role "Manager" has permissions to only view certain options, like "Custom Reports", "FTP Queue", "Attributes", but not modify them (not edit, add, delete, import or export), then the user "Nata", who has been assigned the role of Manager, will only be able to view (not modify) these options, but will be able to view, and modify, other options:

Check fields with permissions

Once a role and user are established in Store Manager, you may check the new Account's status, by switching from the user, "Administrator", to a newly created user.

Access management button

Press this button to open the drop-down list of commands.

Logout command

If "Logout" is selected, a message requesting confirmation of your actions will appear.

After pressing [Yes], in the resultant pop-up window, you will be able to login to the new account, in the corresponding form.

Login to SM form

Every time a user launches Store Manager, they should specify "Username" and "Password" in the registration form to work with the program. Note that the Access Management feature is primarily used to assign permissions for managing your store, within Store Manager. If you need to specify limited (non-administrative) rights to users, access the "Admin" panel in the back-end.

To disable Access Management, in Store Manager, click the relevant button from the drop-down list.

Remove Protection

Subsequent to this action, anyone will be able to work within the program, even without providing identification, with "Administrative" rights, and permissions, assigned by default.

The next video tutorial could be helpful to preview how to configure different permissions for different users via Access Management section:

Check the following article about Access Management functionality in Store Manager for Magento:

How to Enhance Security of Your Magento Store