User role to edit orders only

  • Resolved mbaierl

    (@mbaierl)


    3 months ago

    Right now it is impossible to create a user role that is allowed to edit orders only (but not to edit anything else in WordPress or WooCommerce).

    Reason being that inside the PageController.php / function verify_edit_permission / line 70 there is a check for current_user_can( ‘manage_woocommerce’ ).

    So “order managers” have to be able to manage all of WooCommerce to simply manage orders…

    Please change that line to current_user_can( ‘manage_woocommerce_orders’ ) or, even better, ship Woocommerce with a default role “Orders Manager”.

    Thanks,

    Michael

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support Shameem R. a11n

    (@shameemreza)

    Hi @mbaierl

    I understand your concern about permissions for user roles in WooCommerce. Currently, the manage_woocommerce capability encompasses all WooCommerce management, including orders.

    However, we appreciate your suggestion for a more granular permission system. While I can’t guarantee a change, It would be great to have you add your ideas as a feature request, where developers look for future plugin features and improvements.

    In the meantime, you may consider using a plugin that allows for more detailed user role customization. There are several available that may meet your needs.

    Thank you for your understanding and for helping us improve WooCommerce.

    Thread Starter mbaierl

    (@mbaierl)

    Hi Shameen,

    thanks for your suggestion. The problem is that the plugins, which allow editing the user roles, won’t work because of the above issue. There is simply no way to customize the roles in a way that a user can only edit orders, but not the rest of WooCommerce.

    Reason being the line of code I mentioned above… the order editing is tied to the manage_woocommerce capability, no external plugin will be able to change that…

    Thus: please fix this by adding a new capability.

    Thanks,

    Michael

    Plugin Support Shameem R. a11n

    (@shameemreza)

    Hi @mbaierl

    Unfortunately, as you’ve rightly pointed out, even plugins that allow role customization may not be able to bypass this particular issue due to the way the code is structured.

    As mentioned earlier, you can submit it as a feature request or ask development questions on the #developers channel of the WooCommerce Community Slack. Many of our developers hang out there and will be able to offer insights into your question.

    I wish I could help more, but hopefully, this gets you going in the right direction to get some further insight/information.

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.