User autorization

Retailys has extensive setting options for individual system users. Easily set authorization for specific activities in your organization to one employee as tens of people.

Each user can be allowed or denied access to a particular section, work only with certain types of data and the rights to combine arbitrarily.

You grant user authorization not only to system users, but also to external applications, so-called extensions. This allows third-party applications to access only the data they can process. This makes it much easier to adapt your security policy to GDPR.

List of user authorization

In Retailys, it is possible to combine a set of rights for each user, which gives them different possibilities of working with the system. It can access various sections, vary data or delete it.

If you use multiple company entities in Retailys, only a particular company can be given access to a particular user. Analogously, when managing multiple warehouses, you can only set up a warehouse operator to access a specific warehouse. You will only allow different sales channel managers to access specific channels. If the law applies to a specific entity (company / warehouse / sales channel), this help contains the entity's numeric identifier (ID) in square brackets {}.

E.g. the following entry indicates warehouse access number 5.

Rights are inherited "right"; that the following right will allow access to all warehouses (current and future!).

Each user authority contains a set of operations (see Operations by user authorization). In this way, you can set the access option for each authorization (display, insert, edit, delete, run, inherit)

By incorrectly setting user rights, you can deny specific users access to certain sections of the system or allow access to inappropriate people.

System

The main administrator (usually the founder of an account in Retailys) has the common right System. The logged in user has access to all sections of the system and settings, regardless of other rights set. It can add additional managers and revoke current managers.

System.Channel

Access to all channels.

System.Channels {ID}

Access to data of the specific channel.

System.Content

Ability to edit content - products, categories, variants, ...

System.People

Allows editing or creating users.

Each user can change their profile settings regardless of whether they have the System.People privilege or not.

System.Orders

Authorization to order section and its subsections. According to the set operations, it enables manipulation with orders. When you set up several operations automatically, these operations are also available in subsections

You must also have at least read permissions to the company and warehouse to view orders (see System.Settings.Companies, System.Settings.Stores)

System.Orders.Overview

Authorization only to subsection order overview

  • Allows you to view the order overview

System.Orders.Notifications

Permission only to the notification subsection

System.Orders.Statuses

Permissions only to subsection statuses (user statuses)

System.Marketing

Access to the Marketing section.

System.Invoices

Access to your documents and invoices for using the Retailys system.

System.Settings

Access to all Retailys settings and administration

System.Settings.Companies

Access to all company settings, visibility of orders of all companies

System.Settings.Companies {ID}

Access to your business settings. A user with this right can only see orders for specific businesses.

System.Settings.Stores

Access to all warehouses.

System.Settings.Stores (ID)

Access only specific warehouse data.

??? System.Extensions ???

Access extension settings.

System. Extensions.NAME_EXTENSION.RIGHTS_EXTENSION

Extensions can define their own permissions.

User autotization operations

This allows you to set restrictions for a given right for a given type of operation

Display

Allows the right to read given data.

We want to give the user access to the order overview view. So right

Insert

Allows the right to insert data

Edit

Delete

Start

Inheritance

Examples of using

Main administrator

The main administrator (often the owner or main technician of the company) has access to all system functions, assigns other user roles, and monitors data from all parts of the administration. He needs only one right to all operations:

Warehouse operator

The warehouse operator will have access only to the orders he / she is handling. Works in a warehouse with number 1.

Warehouse / Store manager

The store manager sees all orders from his store (who has ID 1), but is also responsible for recruiting new staff to whom he can grant access to his store.

Accountant

Accounting firm "ABC accounting s.r.o." processes documents, so it will have access only to them. Retailys user has four companies in the system, but ABC accounting s.r.o. only companies 1 and 2 other companies are managed by other accountants, so they are for ABC accounting s.r.o. invisible. Company ABC accounting s.r.o. it also manages the invoices received for the use of the Retailys system

Webdesigner of e-shop

Webdesigner manages sales channels and their graphic design. He has no access to orders, sees no inventory or anything else and can see products.

Marketing worker

A marketing worker is responsible for creating and distributing newsletters, monitoring customer discussions, editing content on websites.

External Extension Rights

Just as you set up user rights, you can also set rights for specific extensions, which are programmed by third parties. By analogy, external modules will have the same level of access as users.

Inappropriate setting of user permissions you can affect the functionality of external applications. Always read the instructions for each extension for the rights it requires for its functionality!

See the documentation for each extension for how to enable external extensions and how to assign them the appropriate rights.