How to Control User Permissions in WooCommerce –

How To Guides
control user permissions

In 2020, eCommerce website stores need to take data privacy seriously.

We have already seen the GDPR guidelines in Europe and new privacy regulation in states like California. Even if you don’t live in Europe or the United States, you can expect privacy laws to impact you soon. It’s important to make sure that only approved users can access your customer and order information.

In this guide, I’ll explain how you can manage privacy on your WordPress eCommerce site. I’ll show you how to control access to the order permissions in WooCommerce, the most popular WordPress eCommerce plugin.

In Parts 1 and 2, we’ll see the default permissions for WooCommerce users. Then in Parts 3, 4 and 5, I’ll show you how to set customized permissions for user roles. We’ll create user roles that can view, edit and create orders for customers.

Part #1. Default Permissions for WooCommerce Users

When you install WooCommerce, you get two additional user roles: Shop Manager and “Customer”. If you go to the “Users” screen on your site, you’ll be able to see both of these roles in this dropdown menu:

By default, WooCommerce is locked down tightly. After installation, very few users are allowed to access your WooCommerce admin area. Only users who have the new “Shop Manager” role (or the default  “Administrator” role) can access the WooCommerce admin area.

In fact, WooCommerce will automatically block many users from accessing the WordPress admin area. Why does WooCommerce do this? I think it is to avoid distracting customers and also for security. Normal customers on your WooCommerce site do not need to see the WordPress admin dashboard or the WordPress toolbar.

If a user is in the “Administrator” or “Shop Manager” user roles, they will be able to access the entire WooCommerce admin. There are no default roles where users can access only some parts of WooCommerce features.

In this guide, I’ll show you how to customize WooCommerce permissions. For example, we will allow some users to edit orders and refunds. To do this we’re going to use the PublishPress Capabilities plugin.

Part #2. Default Permissions for WooCommerce Orders

You will find your eCommerce orders under the “Orders” link in WooCommerce. These orders are stored in a WordPress post type, so you can create, edit and delete them in exactly the same way as with regular posts.

Permissions per orders

When you have the PublishPress Capabilities plugin installed, go to “Capabilities” in your WordPress admin menu. You can see that link in the image above.

In the image below, you can see edit, delete and read permissions for many key areas of WooCommerce. Using PublishPress Capabilities, you can control permissions for WooCommerce products, orders, and coupons. We’re going to be using this screen throughout this tutorial.

Capabilities

Part #3. Give Access to View WooCommerce Orders

In this first section, I’ll show you how to give some extra users access to the “Orders” area.

These users will be able to VIEW all the orders on your site, but they won’t be able to EDIT those orders. This role is perfect for anyone who needs to help you fulfill orders, but should not be processing them.

  • Make sure you have the PublishPress Capabilities plugin installed.
  • Go to “Capabilities” in your WordPress admin area.
  • In the “Select Role to View / Edit box”, choose a role you want to access the “Orders” area. In this image, I’m choosing the “Editor” role:

Select Role

  • On the left side, check the box in the “Orders” row and “Edit” column.
  • On the right side, check the box “Orders” in the “Reading” area.

Reading Area

  • Click the “Save Changes” button.

Now you can test your updated “Editor” role. I find that one of the easiest ways to test a new permission change is to install the User Switching plugin. Rather than messing around with resetting passwords, that plugin allows you to move between user accounts with just a couple of mouse clicks.

When you view your site using the “Editor” role, you will now see the “Orders” menu link. However, notice that you can NOT see any other WooCommerce features. The main “WooCommerce” and “Products” links are both hidden.

Orders

This user will be able to SEE all the orders in your Wooommerce store. They can click the eye icon in the screen below and they will be able to see the order details. However, they will not be able to edit orders.

Edit Orders

Part #4. Give Access to Edit WooCommerce Orders

After our first changes, the “Editor” user can view orders for customers. However, they can not edit existing orders. In this next section, we’ll go a step further and allow Editors to also make changes to orders.

Here’s what do in order to allow Editors to update orders:

  • Go back to “Capabilities” in the WordPress admin menu.
  • Look in the right sidebar and make sure you have “Editor” selected again.
  • Check the “Orders” box in the “Edit Others” column.

Now going a step further, if you want to allow Editors to delete WooCommerce orders, do this:

  • Check these four boxes in the “Capabilities” area:

Capabilities area

These updated settings will allow Editors to change details of any order and also move orders to the trash. So, please be careful about giving access to these permissions. Your Editors will have full control over any existing orders in your store. They will be able to change the order status, email invoices and do anything they want with your orders.

Part #5. Give Access to Create WooCommerce Orders

Let’s take our “Editor” role a step further and also give them the ability to create new orders. This is an even more powerful permission than we granted them in the last action.

To do this, we’ll rely on the “Create posts” capability.

  • Go back to “Capabilities” in your WordPress admin menu.
  • Look for the “Type-Specific Capabilities” box in the right sidebar.
  • Check the “Orders” box.
  • Check the “Use create_posts capability” box.
  • Click the “Update” button.

The Update Button

  • Look in the right sidebar and make sure you have “Editor” selected.
  • Check the “Orders” box in the “Create” box column.

Orders Box

Now when you test your Editor role, you have permission to VIEW, EDIT, DELETE and CREATE WooCommerce Orders.

Look on the Orders screen, and this user will see an “Add order” button in the top left corner.

Add order

More on WooCommerce Permissions

In this guide, we focused on orders: one, single part of WooCommerce.

However, in this guide, you’ve seen that PublishPress Capabilities can control Products and Coupons, amongst other WooCommerce features.

If you want to learn more, this is a useful tutorial on permissions for WooCommerce coupons. If you want control access to WooCommerce refunds, this is a helpful guide.

Editorial Staff Editorial StaffLatest posts by Editorial Staff (see all)

Where Should We Send
Your WordPress Deals & Discounts?

Subscribe to Our Newsletter and Get Your First Deal Delivered Instant to Your Email Inbox.

Keep reading the article at WP Newsify. The article was originally written by Editorial Staff on 2020-05-13 07:08:48.

The article was hand-picked and curated for you by the Editorial Team of WP Archives.

Disclosure: Some of the links in this post are "affiliate links." This means if you click on the link and purchase the product, We may receive an affiliate commission.

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Start typing and press enter to search

Show Your ❤️ Love! Like Us
WPArchives
Scroll to Top