The CustomerSID Admin Page

The Item Admin page displays the SID (Security IDS) for customer accounts and provides the ability to add/edit/delete SID records.

All accounts that have access to the admin pages need an CustomerSID record.

General Description of how to operate this Admin pages

Adding Access Control to an Employee or Customer Account:

  1. You must first create a customer account record (using the customer admin page) before you can assign access permissions. You do not have to enter address information for the customer account record (just the name and userid+password is enough).

  2. Once you have created a customer record, you need to create a matching SID Record for the customer account. The SID record must contain the CustomerId for the record you created above (the customer Record).

  3. The SID entity type should be set to 1 unless this record is also used for browsing restrictions in which case set the entity = 2.

  4. You must list each Admin page that this account will be allowed to view in the ReadPerm field (see below)

  5. You must list each Admin page that this account will be allowed to modify or delete in the WritePerm field (see below). Listing a page only in the write permission field will not grant read permission. You must list it in read permission field also; if you do not then the account will be able to modify the record but not view it.

  6. You must list each restricted-access-shopping page that this account will be allowed to access in the readPerm field (see below)

  7. Items that are displayed in browser and single order forms may be restricted using customerSID (see Limiting Products Displayed)

See also: login access control, CustomerSID Record, and Limiting Product Displayed

Listing Admin pages in the Read and Write Permission fields:

Both the ReadPerm and WritePerm fields contain ‘/’ (slash) delimited file names (i.e. /v2.adminform.asp/v2.AdminPolicy.asp/ would create permission to these two admin page).

SID access control can be added to any page on a website with only minor modifications to that page. Please contract CPrompt if you would like SID access control added to non-admin pages

Superuser:

You can also enter the keyword "superuser" (without any slashes). This will create a superuser who will have full access rights to all admin pages. There is also a permission variation on the superuser which includes record override unlock permission. If a superuser CustomerSID record has an "ex" postfix then this superuser has the ability to override unlock any record lock; syntax: "superuser ex"