HomeHome Product Discus... Product Discus...Enhancement Req...Enhancement Req..."Store Manager" role"Store Manager" role
Previous
 
Next
New Post
1/3/2011 6:28 AM
 

It would be nice.... *REALLY* nice... to have a separate role for "Store Managers".

RIght now, in order for me to give the warehouse the ability to see orders and so forth, I have to make them administrators. Not cool. Additionally, it shows the CC No's and so forth; not PCI compliant. Not cool again.

So, a "Store Manager" role, would allow a store manager limited access. Reports, the ability to look at an order, but not to look at payment information, and so forth.

What would be the cat's meow is to be able to grant access on different levels; for example, one role ("Store Manager", perhaps) could see everything, but not have DNN Administrator access. Another role, ("Warehouse", for example), could see orders, but not CC numbers, and couldn't "change" anything.

This granular level of control would allow the people (for example, warehouse workers) to see the orders, but not be able to change anything. The "Store Manager" would be able to change things, see reports, and so forth, but optionally not see CC Numbers. Perhaps the ability to see CC numbers would be another role ("Accounting")?

Anyway... a level of control over what different roles could see / not see would be fantastic, and certainly would secure the cart in a much more compliant way.

.... not to mention, it would keep people from making changes to the page, modules, etc. which they could do now as DNN Admins.

 
New Post
1/3/2011 9:23 AM
 

Thanks for the feedback those are all really good ideas. I will add these to the feature enhancemnet request list. I'm sure you know about these two items but I wanted to point them out for the benefit of others reading. The cart is fully PCI compliant and in the buynow settings under the general cart setup section there is a setting titled "Do Not Save Credit Card" when checked will not save the credit card to the database. This will prevent users that have access to the admin menu from viewing credit cards. Also, the cart is not meant to be a reporting engine to provide DSS/EIS to all departments in a company. The cart takes orders online and I would expect that this data would be agregrated to a datawarehouse with other order sources where canned reports and adhoc reports are developed using the reporting tool of your choice. If you want to keep your reporting in dnn Indogrid is a good dnn reporting module. Again, I'm sure you know all this but I wanted to point it out for the benefit of others reading.

-Scott


Scott Kelly
Project Manager
DotNetNuke Consulting, DotNetNuke Store and DNN Ecommerce
 
Previous
 
Next
HomeHome Product Discus... Product Discus...Enhancement Req...Enhancement Req..."Store Manager" role"Store Manager" role