Creating Roles and Assigning Permissions

Within Salesforce B2C Commerce, a role is essentially a named group of permissions. For example, you can group all of the permissions related to Catalog Management into a role called Catalog Manager. You can then assign this role to the user whose job it is to manage the catalog.

The SiteGenesis application contains several roles predefined for your convenience; one of these is the Administrator role. You can export these roles and import them into Sites and use the roles without modification, or you can customize them to suit your application needs. If necessary, you can remove the roles and create your own set of roles. Make sure you grant at least one user with access to the Roles and Permissions module. If there is no user with access to the Roles and Permissions module, contact Commerce Cloud Support to reinstate access to this module.

Note: A list of assigned roles also appears on the Roles page of a user definition.
  1. Select Administration > Organization > Roles & Permissions.
    To manage roles and permissions, you must have permissions to the Roles & Permissions module. To add a new user and to manage user login and credential information, you must have permissions to the Users module. To assign or unassign roles to users, you must have permissions to both the Users module and the Roles & Permissions module.
    The Roles page opens, listing the existing roles in the organization. Roles marked with a yellow triangle are security-sensitive. They have permission to manage users or access roles or both. Use care when changing these roles so you don't give unintentionally access privileges to the wrong users.
  2. Click New to create a new role.
  3. On the New Role page General tab, enter the ID and description.

    When creating a new role or importing a role, the set of characters that you can use for the role ID is limited to the following:

    • letters (including non-Latin)
    • numbers
    • whitespace
    • special characters: _ ! " & \ ' ( ) + - . , / : < > ? @ [ ]

    IDs that contain not-allowed characters are rejected and the access role can't be created or imported.

  4. Click Apply.
  5. Assign users.
    1. Click the Users tab.
    2. Select the users.
    3. Click Assign.
    4. On the Select Users page, select the users you want to add and click Assign.
    To use the Users tab to assign users to a role, you must also have permissions to the Users module.
  6. Grant permissions to Business Manager Modules for this role:
    1. Click the Business Manager Module tab.
      Click the Select Context link if context has already been specified and you want to change it.
    2. On the Select Context window, select the context in which you want to assign permissions.
      Select Organization or Sites.
      If you want to revert from individual sites to Organization, uncheck All Sites before checking Organization.
    3. If you selected Sites, you can select one or more sites.
      All sites are listed. Any user can select a site without having permission. However, if a user doesn't have access to the Business Manager modules within that site, they see an empty navigation bar.
    4. Click Apply.
    5. Select Read or Write per module to enable or disable permissions. Select the Write checkbox or, if applicable, the Read checkbox for the modules that you want to allow all users assigned to this role to access.
      This grants read or write access to all users assigned to this role.
      If you have read-only permission, although you might see the respective module, you are unable to create, edit, or configure settings in that module. This also applies to access via Salesforce B2C Commerce API calls.
    6. Click Update.
    7. Click <<Back to List.
  7. Assign functional permissions to this role:
    1. Click the Functional Permissions tab.
      Click the Select Context link if context has already been specified and you want to change it.
    2. On the Select Context window, select the context in which you want to assign permissions.
      Select Organization or Sites.
      If you want to revert from individual sites to Organization, uncheck All Sites before checking Organization.
    3. If you selected Sites, you can select one or more sites.
      All sites are listed. Any user can select a site without having permission. However, if a user doesn't have access to the Business Manager modules within that site, they only see an empty navigation bar.
    4. Click Apply.
    5. Select the permissions you want to assign (using the check boxes) to this role and click Update.

      All permissions are cumulative.

    6. Click <<Back to List.
  8. Assign WebDAV permissions to this role:
    1. Click the WebDAV Permissions tab.
    2. Grant read or write access to specific folders (using the checkboxes) and click Update.
    3. Click <<Back to List.
  9. Assign Locale permissions to this role.
    Administrators can assign permissions on individual locales to a role. A user who has no permission on a locale is unable to view or edit localized attributes in that locale.
    1. Click the Locale Permissions tab.
      A list appears, showing all locale permissions available for the current role.
    2. On the Locale Permissions page, click a locale link, for example, de.
    3. Grant read or write access to specific locales (using the checkboxes) and click Update.
    4. On the Local - General tab (for example, German - General), you can view general read-only information about the locale.
    5. You can also configure the Fallback Locale.
      For example, you can set it to Default or disable it.
    6. Click Delete to delete the locale.
    7. Click the Regional Settings tab.
    8. On the Locale - Regional Settings tab, you can specify number and currency settings.
      See Configuring Organization Locales, the regional settings instructions.
    9. Click Apply to save your settings.
  10. Assign price adjustment limits to this role.