Site icon PrestaShop | General Knowledge

Prestashop roles, profile & permissions for different users groups

Got it πŸ‘ PrestaShop Roles, Profiles & Permissions can feel confusing at first, so let’s break it down cleanly and practically (PrestaShop 1.7 & 8.x).


πŸ” PrestaShop Roles, Profiles & Permissions (Explained Simply)

1️⃣ What is a Profile?

A Profile = a user role in the Back Office.

Examples:

πŸ“ One employee = one profile


2️⃣ What is a Role / Permission?

A Role defines what a profile can do for each menu or module.

For every section, you can allow:


3️⃣ Where to Manage Profiles?

Back Office β†’ Advanced Parameters β†’ Team β†’ Profiles

Default Profiles

ProfileTypical Access
SuperAdminEverything
AdministratorAlmost everything
SalesmanOrders, Customers
LogisticianStock, Carriers
TranslatorTranslations
Read onlyView only

4️⃣ Create a Custom Profile (Best Practice)

Example: β€œOrder Manager”

  1. Go to Team β†’ Profiles
  2. Click Add new profile
  3. Name it β†’ Order Manager
  4. Save

5️⃣ Set Permissions (Very Important Step!)

Menu Permissions

Team β†’ Permissions

  1. Select the Profile
  2. Configure permissions for:
    • Catalog
    • Orders
    • Customers
    • Modules
    • Design
    • International
    • Advanced Parameters

Example:

SectionViewAddEditDelete
Ordersβœ…βŒβœ…βŒ
Customersβœ…βŒβŒβŒ
Modules❌❌❌❌

πŸ“Œ Tip: Start with View only, then allow more.


6️⃣ Module Permissions (Often Missed!)

Some modules have their own permissions.

πŸ“ Path:
Team β†’ Permissions β†’ Modules

You can allow:

Example:


7️⃣ Assign Profile to Employees

  1. Go to Team β†’ Employees
  2. Add / Edit employee
  3. Select Profile
  4. Save

πŸ‘€ Employee is now restricted correctly


8️⃣ Customer Groups (Different from Profiles!)

⚠️ Important: Customer groups β‰  Employee profiles

Customer Groups:

Shop Parameters β†’ Customer Settings β†’ Groups

Examples:

Used for:

❌ They do NOT affect Back Office access


9️⃣ Real-World Recommended Setup

πŸ”Ή Store Owner

πŸ”Ή Order Processing Staff

πŸ”Ή Content Manager

πŸ”Ή Developer


πŸ”Ÿ Security Best Practices πŸ”’


⚠️ Common Mistakes

❌ Giving module access accidentally
❌ Forgetting module permissions
❌ Confusing customer groups with employee profiles


Β 

Exit mobile version