In 2020, eCommerce website stores need to take data privacy seriously.
We have already seen the GDPR guidelines in Europe and new privacy regulation in states like California. Even if you don’t live in Europe or the United States, you can expect privacy laws to impact you soon. It’s important to make sure that only approved users can access your customer and order information.
In this guide, I’ll explain how you can manage privacy on your WordPress eCommerce site. I’ll show you how to control access to the order permissions in WooCommerce, the most popular WordPress eCommerce plugin.
In Parts 1 and 2, we’ll see the default permissions for WooCommerce users. Then in Parts 3, 4 and 5, I’ll show you how to set customized permissions for user roles. We’ll create user roles that can view, edit and create orders for customers.
Part #1. Default Permissions for WooCommerce Users
When you install WooCommerce, you get two additional user roles: Shop Manager and “Customer”. If you go to the “Users” screen on your site, you’ll be able to see both of these roles in this dropdown menu:
By default, WooCommerce is locked down tightly. After installation, very few users are allowed to access your WooCommerce admin area. Only users who have the new “Shop Manager” role (or the default “Administrator” role) can access the WooCommerce admin area.
In fact, WooCommerce will automatically block many users from accessing the WordPress admin area. Why does WooCommerce do this? I think it is to avoid distracting customers and also for security. Normal customers on your WooCommerce site do not need to see the WordPress admin dashboard or the WordPress toolbar.
If a user is in the “Administrator” or “Shop Manager” user roles, they will be able to access the entire WooCommerce admin. There are no default roles where users can access only some parts of WooCommerce features.
In this guide, I’ll show you how to customize WooCommerce permissions. For example, we will allow some users to edit orders and refunds. To do this we’re going to use the PublishPress Capabilities plugin.
Part #2. Default Permissions for WooCommerce Orders
You will find your eCommerce orders under the “Orders” link in WooCommerce. These orders are stored in a WordPress post type, so you can create, edit and delete them in exactly the same way as with regular posts.
When you have the PublishPress Capabilities plugin installed, go to “Capabilities” in your WordPress admin menu. You can see that link in the image above.
In the image below, you can see edit, delete and read permissions for many key
This article was written by Editorial Staff and originally published on WP Newsify.