Rank: Advanced Member
Groups: Authorized User, Developers
Joined: 2/17/2019(UTC)
Posts: 827
Thanks: 3 times
Was thanked: 13 time(s) in 13 post(s)
|
Are there any plans to revisit the admin security section of Ablecommerce. My understanding is that this hasn't been enhanced in quite a long time. In fact it's rather weak compared to even the basic of what other shopping carts can offer.
The admin groups which are provided today are pretty much useless, and the edit button only provides the ability to change names. It would be nice if there was a detail checklist of what admin's can do and not do.
Examples:
Can edit products?
Can export products?
Can view products?
Can delete products?
I think you guys know that this particular portion of the shopping cart lacks options and is way behind the times.
Many thanks for your consideration, I do believe this will benefit a tremendous amount of people that are interested in website security.
Thanks
|
|
|
|
|
|
Rank: Advanced Member
Groups: Authorized User, Developers
Joined: 2/17/2019(UTC)
Posts: 827
Thanks: 3 times
Was thanked: 13 time(s) in 13 post(s)
|
Would love to hear a response from tech support to see if an upgrade to the built-in admin security is in the works anytime soon, many thanks.
|
|
|
|
|
|
Rank: Advanced Member
Groups: System, Administrators, Developers, Registered, HelpDesk
Joined: 10/29/2018(UTC)
Posts: 423
Thanks: 4 times
Was thanked: 34 time(s) in 33 post(s)
|
Hello Ray, Here is a direct link to the Merchant Guide which has a breakdown of the admin groups and page accessibility. http://help.ablecommerce.../Admins/Admin_Groups.htmIf you have something specific you would like to see improved, then by all means make your suggestions. We generally like to have a more direct feature request, if you don't mind. About 99% of our development work revolves around requests by customers and bug reports. It's rare that we would change something that we thought was working fine. But still, I'm interested to know what we can improve. Thank you, Katie |
Thanks for your support!
Katie
Secure eCommerce Software and Hosting |
|
|
|
|
|
Rank: Advanced Member
Groups: Authorized User, Developers
Joined: 2/17/2019(UTC)
Posts: 827
Thanks: 3 times
Was thanked: 13 time(s) in 13 post(s)
|
Hi Katie, The admin groups are extremely weak, take for example I need to have an admin group that only has to deal with orders and customers, but not give my users the ability to export, delete or modify products. Not only is the existing system weak it is also full of bugs which gives the user the ability to do something which has been restricted. This has to do because of the HTML breadcrumb trails which they can now use to get into other parts of the system with they are not supposed to be in. I can assure you if you look at other carts, what ablecommerce offers is very weak, I know this hasn't been touched in a while, and if this is something that you're open to I can definitely provide extreme details, but only if you're open to it. Edited by user Thursday, October 29, 2020 1:05:03 PM(UTC)
| Reason: Not specified
|
|
|
|
|
|
Rank: Advanced Member
Groups: System, Administrators, Developers, Registered, HelpDesk
Joined: 10/29/2018(UTC)
Posts: 423
Thanks: 4 times
Was thanked: 34 time(s) in 33 post(s)
|
I opened up a new issue report so we can investigate the breadcrumbs and retest the admin groups with respect to the features that are accessible. Once we have identified any bugs, then we'll have them fixed in the next version.
Thanks
Katie |
Thanks for your support!
Katie
Secure eCommerce Software and Hosting |
|
|
|
|
|
Rank: Advanced Member
Groups: Authorized User, Developers
Joined: 2/17/2019(UTC)
Posts: 827
Thanks: 3 times
Was thanked: 13 time(s) in 13 post(s)
|
I appreciate your response to this however it still does not solve the original issue. It looks like I'm going to have to hire a developer for this.
Just so you are aware how serious this is, why would you give anybody, except an owner, the ability to export orders, customers, or anything else, to be able to give it to a competitor if they are an upset employee.
What's even worse, they have the ability to modify and delete products, customers, and orders. This is not very good in the event your ever audited by either state or federal.
Again this is a very weak part of the system and I wish more serious attention was devoted to this particular area that hasn't been touched in years.
Many thanks for your input.
|
|
|
|
|
|
Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.
Important Information:
The AbleCommerce Forums uses cookies. By continuing to browse this site, you are agreeing to our use of cookies.
More Details
Close
