- Documentation >
- Permissions >
- Policies
Policies
Policies are the main building block of the permissions system.
Each Role you assign to user or user group consists of Policies which define, which parts of the application or website the user has access to.
Available Policies
Content
Content Types
Module |
Function |
Effect |
Possible Limitations |
class |
update |
modify existing Content Types. Also required to create new Content Types |
|
|
create |
create new Content Types. Also required to edit exiting Content Types |
|
|
delete |
delete Content Types |
|
Object States
Roles
Module |
Function |
Effect |
Possible Limitations |
role |
assign |
assign Roles to Users and User Groups |
|
|
update |
modify existing Roles |
|
|
create |
create new Roles |
|
|
delete |
delete Roles |
|
|
read |
view the Roles list in Admin. Required for all other role-related Policies |
|
Sections
Module |
Function |
Effect |
Possible Limitations |
section |
assign |
assign Sections to content |
Content TypeSectionOwnerNew Section |
|
edit |
edit existing Sections and create new ones |
|
|
view |
view the Sections list in Admin. Required for all other section-related Policies |
|
Setup
Module |
Function |
Effect |
Possible Limitations |
setup |
administrate |
access Admin |
|
|
install |
unused |
|
|
setup |
unused |
|
|
system_info |
view the System Information tab in Admin |
|
Sites
Module |
Function |
Effect |
Possible Limitations |
site |
view |
view the "Sites" in the top navigation |
|
|
create |
create sites in the Site Factory |
|
|
edit |
edit sites in the Site Factory |
|
|
delete |
delete sites from the Site Factory |
|
|
change_status |
change status of the public accesses of sites to Live or Offline in the Site Factory |
|
|
update |
|
|
Users
Module |
Function |
Effect |
Possible Limitations |
user |
login |
log in to the application |
|
|
password |
unused |
|
|
preferences |
access and set user preferences |
|
|
register |
register using the /register route |
|
|
selfedit |
unused |
|
|
activation |
unused |
|
|
invite |
create and send invitations to create an account |
|
Workflow
Module |
Function |
Effect |
Possible Limitations |
workflow |
change_stage |
change stage in the specified workflow |
Workflow Transition |
comparison |
view |
view version comparison |
|
Personalization
Module |
Function |
Effect |
Possible Limitations |
personalization |
view |
view scenario configuration and results for selected SiteAccesses |
Personalization access |
|
edit |
modify scenario configuration for selected SiteAccesses |
Personalization access |
Segments
Segment groups
Module |
Function |
Effect |
Possible Limitations |
segment_group |
read |
load Segment Group information |
|
|
create |
create Segment Groups |
|
|
update |
update Segment Groups |
|
|
remove |
remove Segment Groups |
|
Products
Product types
Module |
Function |
Effect |
Possible Limitations |
product_type |
create |
create a product type, a new attribute, a new attribute group and add translation to product type and attribute |
|
|
view |
view product types, attributes and attribute groups |
|
|
edit |
edit a product type, attribute, attribute group |
|
|
delete |
delete a product type, attribute, attribute group |
|
Regions
Module |
Function |
Effect |
Possible Limitations |
commerce |
currency |
manage currencies |
|
|
region |
manage regions |
|
Customer groups
Module |
Function |
Effect |
Possible Limitations |
customer_group |
create |
create a customer group |
|
|
view |
view customer groups |
|
|
edit |
edit a customer group |
|
|
delete |
delete a customer group |
|
Catalogs
Module |
Function |
Effect |
Possible Limitations |
catalog |
create |
create a catalog |
|
|
view |
view catalogs |
|
|
edit |
edit a catalog |
|
|
delete |
delete a catalog |
|
Taxonomy
Module |
Function |
Effect |
Possible Limitations |
taxonomy |
read |
view the Taxonomy interface |
|
|
manage |
create, edit, and delete tags |
|
|
assign |
tag or untag content |
|
Cart
Module |
Function |
Effect |
Possible Limitations |
cart |
view |
view a cart |
CartOwner |
|
create |
create a cart |
CartOwner |
|
edit |
change cart metadata (name, currency, owner), add/remove cart items |
CartOwner |
|
delete |
delete cart, for example, after successful checkout |
CartOwner |
Checkout
Module |
Function |
Effect |
Possible Limitations |
checkout |
view |
access checkout |
|
|
create |
create new checkout, for example, after workflow fails to complete |
|
|
update |
change currency, quantity |
|
|
delete |
delete checkout, for example, after workflow completes successfully |
|
Orders
Shipping methods
Module |
Function |
Effect |
Possible Limitations |
shipping_method |
create |
create a shipping method |
|
|
view |
view shipping methods |
|
|
update |
modify a shipping method |
|
|
delete |
delete a shipping method |
|
Shipments
Payment methods
Module |
Function |
Effect |
Possible Limitations |
payment_method |
create |
create a payment method |
|
|
view |
view payment methods |
|
|
edit |
modify a payment method |
|
|
delete |
delete a payment method |
|
Payments
Combining Policies
Policies on one Role are connected with the and relation, not or,
so when Policy has more than one Limitation, all of them have to apply.
If you want to combine more than one Limitation with the or relation, not and,
you can split your Policy in two, each with one of these Limitations.