Privilege is a permission to perform a certain operation, or a set of operations. The entire set of operations define all capabilities of CloudBlue Commerce and are created during initial installation, upgrade or component addition.
Privileges are created and mapped to operations by CloudBlue Commerce components during component installation. The area of applicability for each privilege (types of users that can have privilege) is also defined during component installation. Privileges are divided into the following:
- Providers’ privileges
- Resellers’ privileges
- Customers’ privileges
Privileges are used through Roles. A newly created privilege does not belong to a role until it is explicitly added to one.
Note: The exception is the Account Administrator role created when CloudBlue Commerce is installed for the provider. All the available privileges are automatically added to this role, and all new privileges that appear in the system are also automatically added to it when they appear in the system.
Keep in mind that an account with a restricted privilege propagates this restriction to any child account. That is, any restricted privilege for an L1 reseller is propagated to an L2 reseller and their L1 and L2 customers.
Important: Adding a privilege (for example, from View to Admin) to any child account with the restricted privilege inherited from a parent account does not override the privilege state of the child account.