Magento Users and User Roles Tutorial

How to manage users and user roles in Magento

After you install Magento there's only one user that's allowed to access the admin panel and configure and manage all the settings there. That's the administrator. This admin account is created during the installation process. Magento has options which you can use to add more users who can access the admin panel and do various things there. You can give these users the permission to do everything that's available in the admin panel or you can configure the permissions so that the user can manage only specific options and functions. For example, you may give another person/employee the rights to manage only the store's orders and nothing else.

Each of these backend users is assigned to a user role. It's the user role that's configured with specific permissions which allow or forbid the user to manage the different settings in the admin panel. By default, Magento comes preconfigured with a single user role called Administrators. The admin user created during the installation belongs to that role; it has no limits in terms of the backend options that can be configured.

So before you add a user you have to create a user role with the necessary permissions according to what you want the user to be allowed to do. To add and edit user roles, log in to the admin panel of your Magento and go to System menu>Permissions>Roles. On the page that opens there's a table with the existing user roles. To edit a role click on its row in the table; to add a new role click on the Add New Role button in the upper right corner:

Adding and Editing User Roles

Whether you add a new role or edit an existing one the settings are the same. Let's review them by adding an example role. On the add/edit page there are a couple of buttons on the left. The Role Info button is clicked by default. It shows a single option for typing a name for the role:

User Role Settings-User Info

After you specify a name click on the Role Resources button on the left. This will show on the right a long list with checkboxes. Each checkbox corresponds to a specific action or set of options (e.g. Manage Ratings, Manage Attributes, etc.). At the top of the list there's a drop-down menu labeled Resource Access which by default is set to Custom; this makes all the actions/options in the list visible and you can mark/unmark the checkboxes:

User Role Settings-Role Resources

From the Resource Access drop-down menu you can also select All. This will have the effect of automatically marking all the checkboxes and consequently hiding the whole list. This will make the role equivalent to the default Administrators role. So to be able to restrict the things that users belonging to the role can do, leave the Resource Access drop-down menu to Custom and mark the checkboxes that you want. By marking checkboxes you can allow users assigned to that role to perform the actions corresponding to those checkboxes. For example, if you want to create a role for users who are allowed to manage only customer reviews and ratings, you should mark the respective checkboxes:

User Role Settings-Example Permissions

When you're done don't forget to click on the Save Role button in the upper right corner.

When you add/edit users you can use the roles that you've created and assign each user to one of these roles. To add and edit users, in the admin panel go to System menu>Permissions>Users. On the page that's displayed you'll see a table with the existing users. There should be at least one user, and that's the administrator account created during the installation. To edit a user click on the respective row in the table. To add a new one click on the Add New User button in the upper right corner:

Adding and Editing Admin Users

On the page that opens there are a few buttons on the left. The User Info one is clicked by default. It displays on the right several options regarding the personal information of the user:

User Settings-User Info

In the field for User Name type a name that the user should use when logging in. In the respective fields type the first and last name of the person, the email address, and the password for the account. If you want the account to be active, leave the drop-down menu This account is to the default value Active.

Then click on the User Role button on the left to select a role for the user:

User Settings-User Role

Just mark the button corresponding to the role. Then click on the Save User button in the top right corner.

Now the admin panel can be accessed from the new account. The things that the user can do there depend on the permissions of the user role to which the user is assigned. So the menus available in the admin panel will be determined by these permissions. For example, we've created a user role with permissions only to manage customer reviews and ratings, and we've added a new user and assigned that user to the newly created user role. When that user logs into the admin panel only a couple of options in the Catalog menu will be available (those responsible for reviews and ratings), and no other menu in the top navigation bar will be accessible:

Example User Logged in the Admin Panel