Role-based policies

The following are the role-based policies for each default role in WebSphere Commerce:

AccountRepresentativesExecuteAccountRepresentativesViews
AccountRepresentativesExecuteAccountRepresentativesCmdResourceGroup
AllUsersExecuteAllSiteUserCmdResourceGroup
AllUsersExecuteAllSiteUsersViews
AllUsersExecuteResellerUserCmdResourceGroup
AllUsersExecuteResellerUserViews
BecomeUserCustomerServiceGroupExecutesBecomeUserCmdsResourceGroup
BuyerAdministratorsExecuteBuyerAdministratorsViews
BuyerAdministratorsExecuteBuyersAdministratorsCommands
BuyerApproversExecuteBuyerApproversCmdResourceGroup
BuyerApproversExecuteBuyerApproversViews
Buyers(buy-side)ExecuteBuyers(buy-side)CommandsResourceGroup
Buyers(buy-side)ExecuteBuyers(buy-side)Views
Buyers(sell-side)ExecuteBuyers(sell-side)CommandsResourceGroup
Buyers(sell-side)ExecuteBuyers(sell-side)Views
CategoryManagersExecuteCategoryManagersCmdResourceGroup
CategoryManagersExecuteCategoryManagersViews
ChannelManagersExecuteChannelManagersCommands
ChannelManagersExecuteChannelManagersViews
CustomerServiceRepresentativesExecuteCustomerServiceRepresentativeViews
CustomerServiceRepresentativesExecuteCustomerServiceRepCmdResourceGroup
CustomerServiceSupervisorsExecuteCustomerServiceSupervisorViews
CustomerServiceSupervisorsExecuteCustomerServiceSupervisorCmdResourceGroup
CustomersExecuteCustomersViews
LogisticsManagersExecuteLogisticsManagersCmdResourceGroup
LogisticsManagersExecuteLogisticsManagersViews
MarketingManagersExecuteMarketingManagerCmdResourceGroup
MarketingManagersExecuteMarketingManagersViews
MarketingDirectorsExecuteMarketingDirectorCmdResourceGroup
OperationsManagersExecuteOperationsManagersCmdResourceGroup
OperationsManagersExecuteOperationsManagersViews
PickPackersExecutePickPackersCmdResourceGroup
PickPackersExecutePickPackersViews
ProcurementBuyersExecuteProcurementBuyersCmdResourceGroup
ProductManagersExecuteProductManagersCmdResourceGroup
ProductManagersExecuteProductManagersViews
ReceiversExecuteReceiversCmdResourceGroup
ReceiversExecuteReceiversViews
RegisteredApprovedUsersExecuteRegisteredApprovedUsersCommandsResourceGroup
RegisteredApprovedUsersExecuteRegisteredApprovedUsersViews
RegisteredCustomersForOrgExecuteRegisteredUserCmdResourceGroup
RegisteredCustomersForOrgExecuteRegisteredUserViews
ReturnsAdministratorsExecuteReturnsAdministratorsCmdResourceGroup
ReturnsAdministratorsExecuteReturnsAdministratorsViews
SalesManagersExecuteSalesManagersCmdResourceGroup
SalesManagersExecuteSalesManagersViews
SellerAdministratorsExecuteSellerAdministratorsCommands
SellerAdministratorsExecuteSellerAdministratorsViews
SellersExecuteSellersCmdResourceGroup
SellersExecuteSellersViews
SiteAdministratorsCanDoEverything
WorkspaceManagersExecuteWorkspaceManagersViews
WorkspaceManagersExecuteWorkspaceManagersCmdResourceGroup
AttachmentManagersExecuteAttachmentManagersCmdResourceGroup
WorkspaceTaskgroupApproversExecuteWorkspaceTaskgroupApproversViews
WorkspaceTaskgroupApproversExecuteWorkspaceTaskgroupApproversCmdResourceGroup
WorkspaceContentContributorsExecuteWorkspaceContentContributorsViews
WorkspaceContentContributorsExecuteWorkspaceContentContributorsCmdResourceGroup

The following table displays the role-based policies by role, access group, resource group, and view.

Notes:

Most items in the table except for the Role column are split across each cell for display purposes as they are lengthy.
Not all of the roles that are shown in the following table are defined roles in WebSphere Commerce. See the notes that follow the table for details.
The SiteAdministratorsCanDoEverything policy is a special default policy that grants super-user access to administrators with the Site Administrator role. In this policy, a Site Administrator can perform actions on any resource, even if those actions or resources are not defined. It is important to be aware of this access when you are assigning this role to users.

Table 1. Role-based policies by role, access group, resource group, and view
The following table displays the role-based policies by role, access group, resource group, and view.
Role	Access Group that is used in role-based policies	Resource Group that is used in role-based policies for Controller commands	Action Group that is used in role-based policies for Views
Account Representative	Account Representatives	AccountRepresentativesCmd ResourceGroup	AccountRepresentatives Views
All Users4	AllUsers	ResellerUserCmd ResourceGroup5	ResellerUserViews5
All Users4	AllUsers	AllSiteUserCmd ResourceGroup6	AllSiteUsersViews6
Buyer (buy-side)	Buyers(buy-side)	Buyers(buy-side) CommandsResourceGroup	Buyers(buy-side)Views
Buyer (sell-side)	Buyers(sell-side)	Buyers(sell-side) CommandsResourceGroup	Buyers (sell-side)Views
Buyer Administrator	BuyerAdministrators	BuyerAdministrators CommandsResource Group	BuyerAdministrators Views
Buyer Approver	BuyerApprovers	BuyerApproversCmd ResourceGroup	BuyerApproversViews
Category Manager	CategoryManagers	CategoryManagers CmdResourceGroup	CategoryManagersViews
Channel Manager	ChannelManagers	ChannelManagersCmd ResourceGroup	ChannelManagersViews
Customer Service Representative	CustomerService Representatives	CustomerService RepCmdResourceGroup	CustomerService Representative Views
Customer Service Supervisor	CustomerService Supervisors	CustomerService Supervisor CmdResourceGroup	CustomerService SupervisorViews
Guest1	Guests	GuestUsersCmd ResourceGroup	GuestUsersViews
Logistics Manager	LogisticsManagers	LogisticsManagersCmd ResourceGroup	LogisticsManagersViews
Marketing Manager	MarketingManagers	MarketingManager CmdResourceGroup	MarketingManagersViews
Marketing Director	MarketingDirectors	MarketingDirectorCmdResourceGroup	n/a
Non-Rejected User3	NonRejectedUsers	NonRejectedUserCommands ResourceGroup	NonRejectedUsersViews
Operations Manager	OperationsManagers	OperationsManagersCmd ResourceGroup	OperationsManagersViews
Pick Packer	PickPackers	PickPackersCmd ResourceGroup	PickPackersViews
Procurement Buyer	ProcurementBuyers	ProcurementBuyersCmd ResourceGroup	n/a
Product Manager	ProductManagers	ProductManagers CmdResourceGroup	ProductManagersViews
Receiver	Receivers	ReceiversCmdResourceGroup	ReceiversViews
Registered Approved User2	RegisteredApproved Users	RegisteredApprovedUsers CommandsResourceGroup	RegisteredApproved UsersViews
Registered Customer (with OrgandAncestorOrgs role qualifier)	Registered CustomersForOrg	RegisteredUserCmd ResourceGroup	RegisteredUserViews
Returns Administrator	ReturnsAdministrators	ReturnsAdministratorsCmd ResourceGroup	ReturnsAdministrators Views
Sales Manager	SalesManagers	SalesManagersCmd ResourceGroup	SalesManagersViews
Seller Administrator	Seller Administrators	SellerAdministrators CommandsResourceGroup	SellerAdministrators Views
Seller	Sellers	SellersCmdResourceGroup	SellersViews
Site Administrator	SiteAdministrators	n/a	n/a
Workspace Manager	WorkspaceManagers	WorkspaceManagersCmdResourceGroup	WorkspaceManagersViews
Attachment Manager	AttachmentManagers	AttachmentManagersCmdResourceGroup	n/a
Workspace Taskgroup Approver	WorkspaceTaskgroupApprovers	WorkspaceTaskgroupApproversViews	WorkspaceTaskgroupApproversCmdResourceGroup
Workspace Content Contributors	WorkspaceContentContributors	WorkspaceContentContributorsViews	WorkspaceContentContributorsCmdResourceGroup
Notes: "Guest" is not a true role. Users who have a registration status set to "G" (the USER.REGISTERTYPE column is set to "G") implicitly belong to the Guests access group. "Registered Approved User" is not a true role. Users who have a registration status set to "R" (the USER.REGISTERTYPE column is set to "R") and whose status is approved (the MEMBER.STATE column is set to 1) implicitly belong to the RegisteredApprovedUsers access group. "Non-Rejected User" is not a true role. Users whose registration status is not-rejected (MEMBER.STATE column is not set to 2) implicitly belong to the NonRejectedUsers access group. "All Users" is not a true role. All users in the system implicitly belong to the AllUsers access group. These action groups and resource groups belong to policies that are part of the B2CPolicyGroup. This policy group likely applies only to organizations that follow the B2C business model. These action groups and resource groups belong to policies that are part of the ManagementAndAdministrationPolicyGroup. This policy group likely applies to all organizations.