Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature #1106: Limit admins to stores PART II #1178

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Feature #1106: Limit admins to stores PART II #1178

wants to merge 6 commits into from

Conversation

bandieramonte
Copy link

This PR is the mandatory continuation of PR #1113, and intends to finish implementation of feature #1106.
While the previous PR only added filtering for orders, so that customers can only view orders from stores they have access to, this work was far from complete. This PR completes implementation by adding the same filtering to the rest of the models present in the dashboard:

  • products
  • categories
  • manufacturers
  • checkout attributes
  • shipments
  • customers
  • online customers
  • customer reports
  • bestsellers
  • the dashboard home is also filtered, including the statistics in the bottom right corner.

If a customer has access to all of the existing stores, then nothing is filtered away (it works as it originally did).

In addition, the customer role Super Admin has been further developed, to help manage administer these new store restrictions, as follows:

  • Super admins have access to all stores, plus they can also restrict themselves to certain stores just to play with the dashboard and view statistics for certain stores. They are able to add themselves access back to some or all of the stores.
  • Admins have access only to the stores the super admins gave them access to. So super admins control access to admins.
  • Admins cannot give themselves access to additional stores, not can they set themselves as super admins.
  • On a fresh install of Smartstore, there will be no super admins. In this case, any admin is able to give itself super admin privilege. Once at least one super admin exists, this is not anymore possible.
  • Only Super admins can create other super admins.
  • Admins cannot edit super admin customer roles, whereas super admins can edit any roles.
  • Admins cannot see, create or edit super admin customers.

Finally, this PR introduces the implementation restricting customers to create any of the aforementioned models only to stores it has access to. Super admins are able to create any model to any stores. Likewise, when editing any model, non super admins can only add stores they have access to.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@bandieramonte