The default setting for Omnium includes an administrator role that gives full access to all components in Omnium. If you wish to provide users with restricted access by assigning them a role other than administrator, you must create this role and define the necessary access levels. It is not possible to modify the administrator role or its access levels.
Roles
Roles define what actions users can perform and what navigation list item they can access.This is configured within the access rights tab. You can either view the list of roles or create a new role by navigating to configuration -> authorization -> roles. Currently, renaming or editing a role's name is not possible. You can only delete the role or create a new one.
Linked roles
A role can be linked to stores, markets, or other roles. Any user assigned this role will automatically inherit all linked permissions.
This is useful when many users share the same access. Instead of updating each user individually, you update the role once and the change applies to all users with that role.
Example: A role called "Customer Service West" is linked to a market and five stores. When a new store opens in the region, you add the store to the role — and all 200 users with that role automatically get access to the new store.
Note: Stores and markets can be set either directly on individual users, or through linked roles. Use linked roles when many users need the same store/market access to simplify ongoing management.
Access rights
To modify a role's access, navigate to Configuration > Authorization > Access Rights.
All the components correspond to navigation items in the navigation list.
You specify whether users with the specific role have reading, update or administer rights for each component.
Users
If roles have been created, they will be displayed under the "Roles" section for each user. Each user is required to specify their store and markets. Users have the ability to hold multiple roles, each with its own unique configurations.
Web Roles
There is a special built in role called Administrators which has access to all of Omnium. It's not possible to edit the access rights of this role.