Authorisation Import
Short description
Authorisations can be used to determine in great detail which items customers are allowed to see in the shop. This is done using authorisation profiles. Both customers and articles are linked to one or more such profiles. A customer then only sees the articles that are linked to at least one of the profiles to which that customer is also linked.
Authorisations can also be used for general content blocks. By linking content blocks to authorisation groups in the content editor in the Vendisto CMS, those blocks are only visible to visitors who are also linked to those groups.
When authorisation is activated, a choice can be made between Basic Authorisation (where only standard system authorisation profiles are used) and Advanced Authorisation (where custom profiles can also be defined).
The system profile with profile code PUB is reserved for the Public Authorisation profile. This profile is always present. When Basic Authorization is active, a non-signatory user automatically gets this profile.
The system profile with profile code DEB is reserved for the Debtor Authorization profile. When Basic Authorization is active and this profile is activated, a logged on user who has not been assigned a custom authorization profile, will automatically receive this profile.Als er gebruik wordt gemaakt van Advanced Authorization kunnen ook eigen autorisatieprofielen worden gedefinieerd. Hiermee kan worden bereikt dat verschillende groepen van ingelogde gebruikers, of zelfs individuele gebruikers, verschillende assortimenten zien.
When Advanced Authorization is used, the customer import must include which authorization profiles a customer is linked to. With Basic Authorization system profiles are used and this is not necessary. In both cases it is of course necessary to link articles to authorization profiles with an authorization import.
If custom authorisation profiles are used, they replace the DEB and PUB system profiles. If it is desired that users with their custom authorisation profile also see all articles that a non-logged-in user can see, the PUB profile should be explicitly linked to the user.
Authorisations are handled in the shop as follows:
A non-logged-in user gets the system profile PUB
A logged on user gets the authorisation profiles defined by the User, or if there are none by the Customer to which the User belongs.
A logged on user for whom no profile has been defined gets the system profile DEB if active, otherwise the system profile PUB.
Part of the definition of an authorisation profile is the AccessMode. The latter defines whether the items supplied in the authorisation file belong to this profile by default or not. The AccessMode has two possible values: Allow and Deny. Accessmode Allow is occasionally used for very specific purposes. For standard situations, only the Deny access mode should be used.
Within an authorisation profile with Accessmode Deny, articles are not visible until an article is explicitly indicated that the article should be visible to a profile. By including authorisation profile codes in the Allow node within the Authorisation node of an article, the article becomes visible to all users to whom those authorisation profiles are linked.
The import file contains a list of authorisation profiles, and then for each article a list of the authorisation profiles that are allowed to see the article.
Aanleverwijze
Update Frequentie: Batch minimal 1x per day
Incremental ora complete set: Incremental
Filetype: Zipped XML
Bestandsbenaming: [SHOPNAME]_Authorizations_[INDEXNUMBER].xml Transport: over FTPS, FTPS Vendisto server is hosted by INTEGRACE, file is deposited by ERP party on FTPS server.
Location within FTP root: \Vendisto\Integration\
Structure XML
Fields XML
Import element:
Name
Description
Type
Required/Optional
ImportSettings
Container element for importsettings
Element
Optional
AuthorizationProfiles
Container element for AuthorizationProfile data
Element
Required
Articles
Container element for Article data
Element
Required
ImportSettings element:
Name
Description
Type
Required/Optional
Importer
Name of the importer. Should be Authorization.
Text,
default Authorization
Optional
Version
Version of the import xml. To be used for backward compatibility issues.
Text, default 1.0
Optional
AuthorizationProfile element:
Name
Description
Type
Required/Optional
Name
Descriptive name of the authorization profile
Text
Required
Code
Code of the authorization profile
Char[3]
Required
DefaultAccess
Default behavior of authorization profile
AccessMode
Required
Article element:
Name
Description
Type
Required/Optional
Number
Article number
Text
Required
Authorizations
Container element
Element
Optional
Authorizations element:
Name
Description
Type
Required/Optional
Allow
Container for list of allowed profiles
Element
Optional
Deny
Container for list of denied profiles
Element
Optional
Allow element:
Name
Description
Type
Required/Optional
Profile
Profile code
Text
Optional
Deny element:
Name
Description
Type
Required/Optional
Profile
Profile code
Text
Optional
Types:
Type
Values
AccessMode
Allow, D
Last updated