Role-based policies

The following are the role-based policies for each default role in WebSphere Commerce:

The following table displays the role-based policies by role, access group, resource group, and view.

Notes:
  1. Most items in the table except for the Role column have been split across each cell for display purposes as they are lengthy.
  2. Not all of the roles below are defined roles in WebSphere Commerce. For more information on defined WebSphere Commerce roles, see Roles.
  3. The SiteAdministratorsCanDoEverything policy is a special default policy that grants super-user access to administrators with the Site Administrator role. In this policy, a Site Administrator can perform any action on any resource, even if those actions or resources have not been defined. It is important to be aware of this when assigning this role to users.
Role-based policies by role, access group, resource group, and view
Role Access Group used in role-based policies Resource Group used in role-based policies for Controller commands Action Group used in role-based policies for Views
Account Representative
Account
Representatives
AccountRepresentativesCmd
ResourceGroup
AccountRepresentatives
Views
All Users4
AllUsers
ResellerUserCmd
ResourceGroup5
ResellerUserViews5
AllSiteUserCmd
ResourceGroup6
AllSiteUsersViews6
Buyer (buy-side)
Buyers(buy-side)
Buyers(buy-side)
CommandsResourceGroup
Buyers(buy-side)Views
Buyer (sell-side)
Buyers(sell-side)
Buyers(sell-side)
CommandsResourceGroup
Buyers
(sell-side)Views
Buyer Administrator
BuyerAdministrators
BuyerAdministrators
CommandsResource
Group
BuyerAdministrators
Views
Buyer Approver
BuyerApprovers
BuyerApproversCmd
ResourceGroup
BuyerApproversViews
Category Manager
CategoryManagers
CategoryManagers
CmdResourceGroup
CategoryManagersViews
Channel Manager
ChannelManagers
ChannelManagersCmd
ResourceGroup
ChannelManagersViews
Customer Service Representative
CustomerService
Representatives
CustomerService
RepCmdResourceGroup
CustomerService
Representative
Views
Customer Service Supervisor
CustomerService
Supervisors
CustomerService
Supervisor
CmdResourceGroup
CustomerService
SupervisorViews
Guest1
Guests
GuestUsersCmd
ResourceGroup
GuestUsersViews
Logistics Manager
LogisticsManagers
LogisticsManagersCmd
ResourceGroup
LogisticsManagersViews
Marketing Manager
MarketingManagers
MarketingManager
CmdResourceGroup
MarketingManagersViews
Non-Rejected User3
NonRejectedUsers
NonRejectedUserCommands
ResourceGroup
NonRejectedUsersViews
Operations Manager
OperationsManagers
OperationsManagersCmd
ResourceGroup
OperationsManagersViews
Pick Packer
PickPackers
PickPackersCmd
ResourceGroup
PickPackersViews
Procurement Buyer
ProcurementBuyers
ProcurementBuyersCmd
ResourceGroup
n/a
Product Manager
ProductManagers
ProductManagers
CmdResourceGroup
ProductManagersViews
Receiver
Receivers
ReceiversCmdResourceGroup
ReceiversViews
Registered Approved User2
RegisteredApproved
Users
RegisteredApprovedUsers
CommandsResourceGroup
RegisteredApproved
UsersViews

Registered Customer (with OrgandAncestorOrgs role qualifier)

Registered
CustomersForOrg
RegisteredUserCmd
ResourceGroup
RegisteredUserViews
Returns Administrator
ReturnsAdministrators
ReturnsAdministratorsCmd
ResourceGroup
ReturnsAdministrators
Views
Sales Manager
SalesManagers
SalesManagersCmd
ResourceGroup
SalesManagersViews
Seller Administrator
Seller
Administrators
SellerAdministrators
CommandsResourceGroup
SellerAdministrators
Views
Seller
Sellers
SellersCmdResourceGroup
SellersViews
Site Administrator
SiteAdministrators
n/a
n/a
Notes:
  1. "Guest" is not a true role. Users who have a registration status set to "G" (the USER.REGISTERTYPE column is set to "G") implicitly belong to the Guests access group.
  2. "Registered Approved User" is not a true role. Users who have a registration status set to "R" ( the USER.REGISTERTYPE column column is set to "R") and whose status is approved (the MEMBER.STATE column is set to 1 ) implicitly belong to the RegisteredApprovedUsers access group.
  3. "Non-Rejected User" is not a true role. Users whose registration status is not-rejected (MEMBER.STATE column is not set to 2) implicitly belong to the NonRejectedUsers access group.
  4. "All Users" is not a true role. All users in the system implicitly belong to the AllUsers access group.
  5. These action groups and resource groups belong to policies that are part of the B2CPolicyGroup. This policy group likely applies only to organizations that follow the B2C business model.
  6. These action groups and resource groups belong to policies that are part of the ManagementAndAdministrationPolicyGroup. This policy group likely applies to all organizations.

Feedback