1. Extending Oracle Commerce
  2. Manage an Account-based Storefront
  3. Access rights in Storefront

Access rights in Storefront

Access rights can be used to control a user’s access to parts of Oracle Commerce and the actions they can perform on Storefront. Access rights can be used for property level access control (GDPR), custom access control or for specific functionalities provided by Oracle commerce. An access right cannot be assigned directly to a user; instead, you must create a custom role that contains the access right, and then assign the role to the appropriate users. A custom role can include privileges, generic access rights, or both.

Access rights can be used to control a user’s access to parts of Oracle Commerce and the actions they can perform on Storefront. Access rights can be used for property level access control (GDPR), custom access control or for specific functionalities provided by Oracle commerce. An access right cannot be assigned directly to a user; instead, you must create a custom role that contains the access right, and then assign the role to the appropriate users. A custom role can include privileges, generic access rights, or both.

This section describes how to create and view access rights and how to work with privileges and access rights. The use of generic access rights to control access to properties is described in detail in Control access to shopper data.

Privileges

A privilege confers access to a specific function on the storefront. You can assign privileges to roles, but cannot create new privileges, or edit or delete existing privileges. Note that privileges can be assigned in either standard or account roles but they cannot be added to a predefined role.

Following are the privileges in the storefront access control system:

Privilege ID Description
Manage Roles ora.manageRolesPrivilege A contact assigned a role with this privilege can create, update and view account roles for the account the role is effective within. A contact with this privilege can also view the list of access rights and privileges in the system. For details on managing roles in Storefront, see …………….
View Account Orders ora.viewAccountOrdersPrivilege A contact assigned a role with this privilege can view all orders for the account the role is effective within. (A contact without this privilege can view only their own orders). If the privilege is in a role that is assigned to a user globally, it allows the user to view all orders placed by account members in all accounts he is part of. For more details on this privilege, see Understand the View Account Orders privilege.

Understand the View Account Orders privilege

By default, contacts can view only their own orders on the storefront. Certain contacts, however, such as managers in an account, may need to monitor or review all orders created in the account. To enable this, you can create a custom role that has the View Account Orders privilege and assign this role to the contacts who require this access.

A storefront user with the View Account Orders privilege can do the following using the endpoints for orders and scheduled orders in the Store API:

  • List all orders or scheduled order templates created in the user's current account and site context, regardless of status. (Note, however, that the listScheduledOrdersByProfile endpoint only lists the user's own scheduled orders, regardless of whether they have the View Account Orders privilege.)
  • View the details of any of these orders or scheduled order templates.
  • View a return request for any order the user can view.
  • View the payment groups associated with any order the user can view.

By default, the widgets that list orders include only the contact's own orders, but you can customize these widgets to list all account orders for contacts that have the View Account Orders privilege.

Generic access rights

You can use generic access rights to limit which contacts can access specific items on the storefront. Generic access rights can be used in property-level access control, to help satisfy the requirements of the General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA). Note that you can add generic access rights to a predefined role, but a more flexible and less potentially confusing approach is to leave the predefined roles as is and add generic access rights to custom roles only.

Generic access rights can also be used to control access to functionality on the storefront. For example, suppose an account includes a page of financial data that only certain contacts are permitted to access. Access to this page might be implemented like this:

  • An internal user with the appropriate privileges creates a storefront access right called View Financial Data.
  • A contact with the Manage Roles privilege creates a custom account role called Financial Analyst that includes the View Financial Data access right.
  • A contact with the storefront Administrator role assigns the Financial Analyst role to contacts that are permitted to view financial data.
  • The storefront includes logic so if a contact attempts to access the financial results data, the page is displayed only if the contact has the Financial Analyst role.

Create generic access rights

You create generic access rights using the createAccessRight endpoint in the Admin API.

The following example creates an access right that can be used with shopper roles:


POST /ccadmin/v1/accessRights HTTP/1.1 Authorization: Bearer <access_token>
Content-Type: application/json 
    {    
        "displayName": "Shopper Email Access Right 1",    
        "name": "shopperEmailAr1",    
        "repositoryId": "shopperEmailAr1",    
        "description": "First of several storefront access rights."
    }

The response is similar to this:


{  
"displayName": "Shopper Email Access Right 1",  
"name": "shopperEmailAr1",  
"repositoryId": "shopperEmailAr1",  
"description": "First of several storefront access rights.",  
"links": [    
         {      
            "rel": "self",      
            "href": "http://www.example.com:7002/ccadmin/v1/accessRights"    
         }  
         ]
}

To update an existing access right, use the updateAccessRight Admin endpoint.

List access rights

To list all available access rights and privileges for Storefront, use the listAccessRights Admin endpoint. For example: 


GET /ccadmin/v1/accessRights  
HTTP/1.1Authorization: Bearer <access_token> 
Content-Type: application/json

Storefront account contacts, like delegated admins who need to create and manage roles in their accounts also need to be able to see the access rights available to them. You can provide the ability to view access rights to contacts. Note that Storefront users cannot create or update any existing access rights.

A Storefront user needs the Manage Roles privilege to be able to view the list of all access rights. To list the access rights, use the listAccessRights Store endpoint.

For example:


GET /ccstore/v1/accessRights  
HTTP/1.1Authorization: Bearer <access_token>
Content-Type: application/json

The response will include both generic access rights as well as privileges. Following shows part of response for the list of access rights:


...
    "items": [
    {
      "displayName": "Manage Roles",
      "name": "Manage Roles",
      "repositoryId": "ora.manageRolesPrivilege",
      "description": "Privilege for managing roles",
      "id": "ora.manageRolesPrivilege",
      "type": "privilege"
    },
    {
      "displayName": "Shopper Email Access Right 1",
      "name": "shopperEmailAr1",
      "repositoryId": "shopperEmailAr1",
      "description": "First of several storefront access rights.",
      "id": "shopperEmailAr1",
      "type": "generic"
    },
...