How to manage Magento 2 user roles?

If you want to arrange your backend tasks fluently and make different admin users work together smoothly, Magento 2 stores need a special tool to assign the various permissions to each admin individually.

In this blog, we provide you a few facts of Magento default limitation in user role management. Then, you are going to be exposed to Magento 2 Admin Permissions which likely can be your great solution. Let’s dive more into the details below!

What are user roles in Magento 2 stores?

In Magento store, user role is used to define the permission of specific admins. This is useful for Magento stores with a huge product catalog, multiple admin users and numerous store views. In this case, store owners just want to give permission to certain users so that each user role is in charge of different tasks and work.

Though, Magento’s function is pretty limited that it allows permission on store pages only. Then after accessing certain webpage, these admin users have all permissions on that page. This seems not really effective and high-functional for online stores when sometimes, you need deeper and more detailed permissions. That’s why an advanced module assisting this purpose is built. Let’s see how Admin Permissions benefits your store management and performance in the next part.

How important user roles are in a Magento Store?

User roles are essential in maintaining safe and efficient store operations. They are the portal that allows business owners to control permission for each admin, making sure that important data is protected.

Security

By limiting the access of certain users, you can make sure that only authorized people can access. As a result, the risk of serious data falling into the wrong hands will be reduced significantly.

Efficiency

Assigning specific roles ensures that the backend operations of your store run smoothly. Each user understands their responsibilities, and there’s no overlap or confusion about who should do what.

Control

User roles enable the store owner or main administrator to control the store’s operations. They can easily handle user roles, add new users, or change the permissions of existing users.

Flexibility

You can tailor Magento 2 user roles to match your store’s specific requirements. This allows you to create user roles that precisely align with each member’s tasks and responsibilities.

Audit Trail

Additionally, tracking any activities or changes on the backend will be much easier when each admin has a unique user role. This can contribute a lot when store owners trying to trace an issue or find out who is responsible for it.

How to create user roles in Magento 2?

Now that you’ve identified the benefits as well as highlight features of Mageplaza’s Admin Permission extension, let’s discover how to create user roles with our Magento 2 Admin Permissions extension.

Establishing Magento 2 user roles is a crucial security measure to implement before introducing any users to your store. This process allows you to specify the permissions granted to users, thereby controlling their access to various sections of the Magento 2 admin panel.

To create a user role in Magento 2, follow these steps:

• Go to the Admin Panel, then navigate to System > Permissions > User Roles.

This will display a list of existing user roles that you can modify.

• Click the Add New Role button to create a new user role.

• Provide the necessary Role Information:

Enter a name for the user role in the Role Name field.

In the Your Password field, input the current password of the user you are logged in as. This step is a security measure, ensuring that you can add or edit roles only after confirming your password.

• Navigate to the Role Resources tab and determine the resources the admin user will have access to.

To grant access to all pages and capabilities of the admin panel, select All in the Resource Access field.

If you prefer a more customized approach, choose Custom in the Resource Access field.

After completing the configuration, ensure to click the Save Role button.

The benefits of Admin Permissions for multiple admins

More advanced permissions, more effective backend performance

Specialization is no longer strange to businesses in which they divide the work into smaller tasks and assign different people to them. That will utilize the best of each person to aim for the same purpose of the whole company.

Similarly in the Magento backend, specialization is necessary to manage numerous work tasks and areas such as customers, sales, product supply, and so on. You need advanced permissions to allocate admin users to specific fields which they are best at.

As said, Admin Permissions extension supports you to assign authorization in the following layers:

• Accessible sections: sales, products, categories, product attributes, customer, user role
• Accessible section scope: view, edit, delete
• Time validity for permissions: hours, days

A solution to the multi-vendor store

With multi- vendor stores, each vendor should have separated authorities to access their products stock. With this module, managing multi-vendors in your website backend is no longer the tackle. Different vendor admins cannot interfere with others in case to protect products information and transaction. Only the head admin can control and see the whole picture of their store. That is how the module helps in the decentralization of a store.

Enhance backend, boost frontend

Specialization one more time helps each admin focus and do their best in assigned tasks and allowed fields. This is a mechanism which leverages the backend performance and surely contributes to frontend effectiveness. There is no doubt of a very close relationship between two parts of an online store, right?

Highlight features of Mageplaza’s Admin Permissions extension

Set admin permissions to access sales data

For any stores, sales information is not the published data to everyone. Hence, stores’ owners need Admin Permissions to help them authorize the permissions to the selected people. In term of sales, admin can be limited to access these sections by follow storeview options:

• Allow access to sales with any store views
• Allow access to sales with specific store views
• Deny sales access with specific store views

This function keeps sensitive information safe and accessible to the authorized admins. Store owners do not need to worry about information security.

Restrict admin permission on products

Similar to sales information, product management is the core of any business. If an online store requires several admins to manage and control the performance, store owners may need different rights for individual admins. By Admin Permission module, they can be entitled to access the following products data types:

• All products in store
• Specific products
• Products created by this admin only
• Products created by the same-role users

Furthermore, with certain permission scope, admin users can be allowed to view, edit or/and delete products as well.

Limit access to product categories and attributes

Beside sales and products data, this extension also allows admins to be limited in term of product categories and attributes.

Regarding product categories, actions restricted can be:

• Create new categories
• View categories
• Edit categories
• Delete categories
• Access scope: All categories/ Specific ones

Moreover, the plugin also enables store owners to limit permission to attributes for certain admin users such as

• Create new attributes
• View attributes
• Edit attributes
• Delete attributes

By this function, admins can have separated actions and access scope to the product attributes at the store.

Limit access to customers

It is necessary to limit access to customers’ information for specific admin users who are entitled to care about customer care. Thus, this module allows the biggest admin to assign permission to sub-admins in the following cases:

• Create new customers
• Permission scope: all customers or specific ones
• View customer information
• Edit customer information
• Delete customer information

Set user role-related actions

Similarly, each store admin can be assigned different permissions when it comes to User Role actions. In details, the extension allows configuring an admin can take one or some actions as:

• Create new user roles
• View user roles
• Edit user roles
• Delete user roles
• Action scope: for all or specific user roles

Depending on the permission settings at the backend, each admin can have different impact power over other admins.

Set valid duration for admin permission

Set time valid for a restriction configuration is necessary when online stores want to change the policy over time. By this, after allocating specific permissions for store admins, store owners can set the time to validate the permissions. There are two fields supported including Apply From Date (set the beginning day) and Apply To Date (set the ending day).

With Admin Permission, it is possible to select the days of the week and the hour time that specific permissions are authorized. After the valid time, the system will stop applying the permission settings.

Full features offered by Mageplaza’s Admin Permission extension

General

• Turn on/off the module
• Set sales permission
• Limit based store views
• Limit access to sales data: orders, invoices, shipments, credit memo, transaction

Category permission

• Allow/ Disallow creating new categories
• Select actions: view, edit, delete
• Select access extent: all or specific categories

Product permission

• Enable creating new products
• Activate actions: view, edit, delete
• Select access extent: all products, specific products, products created by this user, products created by the same-role users

Customer permission

• Allow creating new customers
• Choose actions related customer account: view, edit, delete
• Select access fields: all customers, specific customers

Product attributes

• Allow making new product attributes
• Select related actions: view, edit, delete
• Choose the access scope: all product attributes or specific product attributes

User roles

• Enable generating new user roles
• Choose action permitted: view, edit, delete
• Select access scope: all user roles, specific user roles

Time Validity

• Activate/Deactivate time valid setting
• Choose the date to begin applying time valid
• Choose the date to stop applying time valid
• Select days to activate the admin permission
• Select hour time activate the admin permission

Final words

All in all, Magento 2 Admin Permissions is the great tool in allocating permissions for different store admins effectively. The difference comes from the section access (sales, products, categories, product attributes, customer, user role), the action extent (view, edit, delete), the valid time for each user role. Managing your store work tasks simpler by this extension right away!