Customizing default access control policies
The default access control policies provided by WebSphere Commerce address the basic requirements that organizations have for regulating the actions and information available to their users. Often, the default policies may be sufficient for your site's needs. At the same time, the default policies are highly customizable, which enables you to tailor them to your own requirements.
This topic provides information about how to make basic changes to the default access control policies included with WebSphere Commerce. You begin by introducing certain concepts and relationships you'll need to understand.
Access control enables you to manage your business work flows and ensure that users only carry out those activities that are appropriate with their roles and responsibilities. Not only does WebSphere Commerce provide you with default policies that are ready to use "out of the box," but it also provides you with the tools and capacity to customize the policies to suit your business needs.
The following table outlines just a few examples of how simple modifications can customize access to your business environment.
What users are allowed to do by default What users are allowed to do after customization Customers can self-register. Only seller administrators can register new customers. Buyers can display RFQs that they created. Only sellers can display RFQs if the RFQ resulted in a contract. Only customers can cancel orders they created if the order is in pending state. Customer Service Representatives can also cancel orders in pending state, if the total product price is less than $1000. An order can be modified by the person who created it. Only a user from the buyer organization with the role of purchaser can modify an order that has been created. Account representatives can display all accounts. Account Representatives can only display active accounts. Employees with the Logistics Manager role can create and modify fulfillment centers. Employees with the Logistics Manager role can create but not modify fulfillment centers.