Permission Access Levels¶
Overview¶
This feature allows the definition of various permissions in the application. Based on defined permissions, specific actions might be allowed or restricted.
Control who can see what within the system, site features such as search or ecommerce can be public or member only or available only to a specific member subset.
Examples:
- Users of given type can be viewable by anonymous users/other profiles or not
- Users belonging to a given group can/cannot view specific resources
- Users that are not approved by admins can't use the platform
- Users that have not attached a credit card and haven't subscribed to a given plan, cannot use the platform
- Users of given type can be closed from registration
- Specific objects should be hidden from public
- and many more
Topics¶
Topic | Description |
---|---|
Feature in action | Here you can see an example of how the Permissions & Access Level Control feature can work. |
Moderation | For further details please see moderation specific documentation. |
Conditional Object Viewing | Conditional ability to view objects, e.g. Only view Object whose value matches a value on your profile. |
Restricted Object Viewing | Viewing an object could be restricted depending on state of object. |
Content Approval | Detail pages of Users not approved by admin, are not visible to any logged in user. |
Profile View Control | Add restrictions so users can't view each others profiles, or only under certain conditions. |
Model View Control | Users can't view other users requests/offers if user does not match specified criteria. |
Anonymous User Restrictions | Possible to restrict anonymous users so they only have access to public website. |
Use cases¶
Real-life examples:
-
Products managed by Sellers who are not approved by admin, cannot be purchased by Customers.
-
Campsite Managers can log in to the platform and manage their campsites but no-one can register as such user, as they are precreated by admin.
-
Patient profiles are not viewable publicly and Medical Providers profiles are viewable by Patients only when they are logged in.
Related documentation¶
Depending on what you are trying to do documentation for the feature is split into the following roles.
- As a developer (restricted)
- As a superuser (restricted)
- As a site administrator (this page)
- As an end user
Feature in action¶
Here you can see an example of how the Permissions & Access Level Control
feature can work.
In this case, we have a Customer and a Seller. Sellers run their own shops, they manage and publish products that can be purchased by Customers. Any user can become a Customer on the platform, but Sellers need to meet specific criteria.
Groups¶
For that purpose we define following groups:
-
for Customers:
Customers
group
-
for Sellers:
Sellers Pending Approval
groupApproved Sellers
groupDeclined Sellers
group
Customers¶
By default all newly registered customers belong to "Customers" group
Sellers¶
For sellers and their products to appear in search results, be public and purchasable by customers, Sellers need to:
-
be verified by admin
-
be connected with Stripe
-
have their shop visibility marked as
public
in their profile
Without meeting all aforementioned criteria, neither Sellers nor their products would be visible in search or publicly viewable
After the criteria are met, products become searchable, viewable and purchasable for customers
Moderation¶
Tip
For further details please see moderation specific documentation.
By default all new sellers belong to Sellers Pending Approval
group
If seller is waiting for their profile to be approved by administrator, they cannot access many pages, except their profile/account details pages. They are also asked to fill their profile details so admin can approve them
Admin can approve seller profile if their profile details are correct
If admin approves seller profile, they land in Approved Sellers
group
Admin can also decline sellers any time. Declined sellers will have same access level as Sellers Pending Approval
.
Conditional Object Viewing¶
Conditional ability to view objects, e.g. Only view Object whose value matches a value on your profile.
Note
Please contact support for assistance, documentation to be updated.
Restricted Object Viewing¶
Viewing an object could be restricted depending on state of object.
A seller can decide at any time to unlist themselves and their products from public search and public access.
Once they decide do so, they just need to select Unpublished
in Store Visibility
dropdown.
Note
Documentation to be updated.
Shop visibility¶
In Online Store Details > Profile Details
there's a switch Store Visibility
Content Approval¶
Detail pages of Users not approved by admin, are not visible to any logged in user.
Note
Please contact support for assistance, documentation to be updated.
Profile View Control¶
Add restrictions so users can't view each others profiles, or only under certain conditions.
Note
Please contact support for assistance, documentation to be updated.
Model View Control¶
Users can't view other users requests/offers if user does not match specified criteria.
Note
Please contact support for assistance, documentation to be updated.
Connecting with Stripe¶
Seller need to connect with Stripe to sell products
Anonymous User Restrictions¶
Possible to restrict anonymous users so they only have access to public website.
Note
Please contact support for assistance, documentation to be updated.