Got it ๐ PrestaShop Roles, Profiles & Permissions can feel confusing at first, so letโs break it down cleanly and practically (PrestaShop 1.7 & 8.x).
๐ PrestaShop Roles, Profiles & Permissions (Explained Simply)
1๏ธโฃ What is a Profile?
A Profile = a user role in the Back Office.
Examples:
- SuperAdmin โ Full access
- Administrator โ Almost full access
- Salesman โ Orders & customers
- Translator โ Translations only
- Logistician โ Stock & carriers
๐ One employee = one profile
2๏ธโฃ What is a Role / Permission?
A Role defines what a profile can do for each menu or module.
For every section, you can allow:
- ๐ View
- โ Add
- โ๏ธ Edit
- ๐ Delete
3๏ธโฃ Where to Manage Profiles?
Back Office โ Advanced Parameters โ Team โ Profiles
Default Profiles
| Profile | Typical Access |
|---|---|
| SuperAdmin | Everything |
| Administrator | Almost everything |
| Salesman | Orders, Customers |
| Logistician | Stock, Carriers |
| Translator | Translations |
| Read only | View only |
4๏ธโฃ Create a Custom Profile (Best Practice)
Example: โOrder Managerโ
- Go to Team โ Profiles
- Click Add new profile
- Name it โ
Order Manager - Save
5๏ธโฃ Set Permissions (Very Important Step!)
Menu Permissions
Team โ Permissions
- Select the Profile
- Configure permissions for:
- Catalog
- Orders
- Customers
- Modules
- Design
- International
- Advanced Parameters
Example:
| Section | View | Add | Edit | Delete |
|---|---|---|---|---|
| Orders | โ | โ | โ | โ |
| Customers | โ | โ | โ | โ |
| Modules | โ | โ | โ | โ |
๐ Tip: Start with View only, then allow more.
6๏ธโฃ Module Permissions (Often Missed!)
Some modules have their own permissions.
๐ Path:
Team โ Permissions โ Modules
You can allow:
- View
- Configure
- Uninstall
Example:
- Sales team โ Configure orders module
- Tech team โ Configure payment modules
7๏ธโฃ Assign Profile to Employees
- Go to Team โ Employees
- Add / Edit employee
- Select Profile
- Save
๐ค Employee is now restricted correctly
8๏ธโฃ Customer Groups (Different from Profiles!)
โ ๏ธ Important: Customer groups โ Employee profiles
Customer Groups:
Shop Parameters โ Customer Settings โ Groups
Examples:
- Visitor
- Guest
- Customer
- VIP / Wholesale
Used for:
- Discounts
- Prices
- Shipping rules
- Visibility
โ They do NOT affect Back Office access
9๏ธโฃ Real-World Recommended Setup
๐น Store Owner
- Profile: SuperAdmin
๐น Order Processing Staff
- Profile: Custom (Orders + Customers only)
๐น Content Manager
- Profile: Custom (CMS, Products, Images)
๐น Developer
- Profile: Admin (No orders/customers)
๐ Security Best Practices ๐
- Never give SuperAdmin to everyone
- Disable Modules access for non-tech staff
- Use Read-only for auditors
- Change default admin URL
- Enable 2FA (if module available)
โ ๏ธ Common Mistakes
โ Giving module access accidentally
โ Forgetting module permissions
โ Confusing customer groups with employee profiles
