WooCommerce comes with a customer and shop manager roles and several capabilities. These roles and capabilities give you basic store administration. Using the Access plugin, you can create more fined grained access control and achieve better administration of your site.
To wet your appetite, here are some of the things that you can achieve with custom roles and capabilities:
- Allow an accountant to manage orders, issue refunds and produce reports, without being able to accidentally edit content in your site.
- Allow your service representatives to view and update orders, but not access your reporting and finances.
- Allows your content authors to edit product information, but not access sales data.
Access plugin lets you do all this and more, without writing a single line of code.
Remember that your WooCommerce store is only a part of the site. When you create new roles, you need to consider everything that they need to do on the site, including any e-commerce related tasks.
Use the following steps to create your own roles with custom permissions for WooCommerce.
- Create a custom role.
- Click on Change permissions for that role, click on Woocommerce capabilities to display related ones and grant the manage_woocommerce capability. This capability is required if you want the role to have access to any WooCommerce administration screen.
- Add more capabilities in this dialog or set permissions for WooCommerce-related post types on the Post Types tab.
- Change the role of the desired user to the new custom role you have just created.
When you create the new role, if you want the user to have no inherent capabilities (allowing you to add specific capabilities with Access), do not select any role to copy privileges from. This will give no permissions to the role and you will be able to add all capabilities manually.
In case you want to give users the same capabilities as authors (being able to write and edit their own content), select to copy privileges from Author role. To create users who can edit any content, select to copy privileges from Editor role. This setting will adjust the capabilities for content editing, so you can just set the WooCommerce capabilities manually.
Access to orders, coupons or products is set by the corresponding post type table and access to reports is set with a WooCommerce capability. In any case, a role must have manage_woocommerce capability, in order to be able to access WooCommerce administration pages.
You can use the following table as a starting point for useful roles in advanced WooCommerce sites. Of course, this is only our suggestion. You should enable the specific capabilities that you need for different roles in your own sites.
|Accountant||Service representative||Content author|
|Purpose 1||An accountant should be able to produce reports and view individual orders. No edit privileges are granted for products, coupons or promotions.||A service representative can see individual orders, but doesn’t have access to reports. No access to product editing.||A content author can edit products, as well as standard WordPress content. No access to sales information. A user level of 7 grants editing capabilities to WordPress content, without administration privileges.|
|Add copy privileges from 2||0||0||7|
|Orders post type table settings||Read, Edit any, Delete any, Publish||Read, Edit any, Delete any, Publish||Read, Edit any, Delete any, Publish|
|Coupons post type table settings||None||None||Read, Edit any, Delete any, Publish|
|Products post type table settings||None||None||Read, Edit any, Delete any, Publish|
1 We defined the purpose of these roles based on our experience running an online business. Your needs might be different, so you may need to create different roles with different capabilities. Access plugin lets you define any role that you choose and grant the capabilities that you need.
2 Copying the privileges from an existing role automatically sets the built-in WordPress capabilities, to match those of the closest built-in role. You can achieve the same capabilities by not copying privileges from any role and manually granting individual capabilities.