Our PIM software offers good opportunities for efficient collaboration, both internally between employees and with external agencies or freelancers. The company can have its own product managers who prepare technical product descriptions. However, external experts can also be used to create good marketing or SEO texts and professional product images.
For this reason, the effective design of teamwork in a PIM system is of great importance both for the quality of the work results and for the speed of their achievement.
Access to the system can be granted both directly and via the portal functionality, which can be configured and used for a specific purpose. Examples of the use of portals are supplier portals and dealer portals.
An important specialty of AtroPIM is the possibility to manage the access not only to individual entities and their entries, but also at the field level.
By default, the not-set
option is specified for access permissions for each entity, which means that access to this entity has not yet been configured. If ACL Strict Mode
(inAdministration
→ Settings
) is activated, the user has no access rights by default if the access is not configured. If ACL Strict Mode
is not activated, the user has access to all entities for which his authorizations are not configured. We would recommend activating ACL Strict Mode
immediately after installing the system.
AtroPIM has a very flexible access control system based on roles, teams and users. The authorizations are configured individually for each role. You can set the permissions for both standard and custom entities individually.
A PIM user is an account for system access for a specific person. The user is assigned one or more roles that determine his or her authorizations in the system. A role can be assigned to one or more users.
Each user can belong to one or more teams. Each team can contain several users.
Teams are created to connect people who have the same duties, work on the same project, or are responsible for a specific region. Each user can belong to several teams at the same time.
To create a team, the administrator has to go to Administration
→Teams
→ Create Team
.
The creation of qualitative product descriptions requires cooperation between different teams and employees.
In order for the user who belongs to a certain team to have access to a certain entry, he must have access to this entity at the team level. This team must be assigned to this entry. Additional programming is required so that teams are automatically assigned to entries according to certain characteristics.
A correct setting gives your employees and teams access only to the entities and fields that they need to carry out their tasks. This enables the work of your employees to be optimally organized and their efficiency increases.
In order to have access to the system, the user needs his own account. The user can be assigned the role of 'Administrator'. In this case, he receives the highest access level with maximum permissions.
Each user can be assigned specific roles and the user himself can be assigned to specific teams. In order to be as flexible as possible, the user can have several roles and belong to several teams at the same time.
To create a new user, the administrator has to go to Administration
→Users
and click on the button Create User
.
Users should have access to the data and functions in the system that they need to fulfill their official duties.
Every PIM user can view and edit the data of their own account (if such authorizations are set for the role) and change the password. You can also see which permissions the user has, depending on which roles are assigned to him. For this you have to click on Access
in the settings of the personal account. It should be mentioned that the user receives the sum of all permissions for his roles.
Example:
Roles 1 and 2 are assigned to the user.
With role 1 he has access and authorizations to entities A and B. With role 2 he has access and authorizations to entities B and C. Since the user is assigned both roles, he receives access and authorizations to entities A, B and C.
A new role can be created by the administrator:
Administration
→Roles
→ Create Role
When creating a role, the authorizations for Create
,Read
, Edit
,Delete
and Stream
must be set for the required entities.
You can set up the authorizations for the following actions in the system:
The access level can be set for each authorization. For example, it can be set that users can only edit their own entries, entries from their own teams to which they belong, or all entries in the system. The following access levels can be set:
all
- the user has access not only to his own entries, but also to the entries of all other users.team
- the user has access to the entries created by the users of the teams to which he belongs. own
- the user has access to his own entries.no
- the user has no access rights.The authorizations of a user with regard to the entries in the system are recorded using their ownership information:
If the user is set as the owner or assigned user of an entry, he has access to this entry if his access level is own
or higher for this entity (e.g. products).
An entry can be assigned directly to one or more teams, so all users who belong to these teams have access to this entry if their access level is team
.
For each entity in the system you can activate or deactivate the possibility to assign Teams
,Assigned User
and Owner
to this entity.
To do this you have to go to Administration
→Еntity Manager
, open the required entity and click on Edit
. Then you have to tick the checkbox Team
,Assigned User
or Owner
and save the changes.
To better understand how permissions and access levels are determined, let's look at the following examples.
If it is necessary that the translator can translate the relevant product attributes, the one should
Translator
.translator
to this user.Edit
for the entity product attribute by selecting the access level own
.You have the following teams:
You have roles with the following access level for editing:
The following roles are assigned to the users:
There are the following products in the system:
Electric engine b124e
the specified Team "New Catalog Team"
Assigned User: Andrea
Owner: -
Electric engine c212f
the specified Team "New Catalog Team"
the specified Team "General Product Team"
Assigned User: Andrew
Owner: -
The authorizations to edit the product “Electric engine b124e” are given accordingly:
team
level. own
level. The authorizations to edit the product “Electric engine c212f” are given accordingly:
team
level.own
level.team
level.Although the user Bill belongs to the team that is specified for both products, these products are not displayed to him because the role assigned to him only has access to editing at the own
level.
AtroPIM offers among other things the possibility to configure the access rights on the field level of a certain entity. To do this, when editing the role on the Field Level
panel, click on the ✚
icon after the relevant entity. A popup is opened with the fields belonging to this entity. After selecting the field, you can set access to read or edit this field by specifying yes
orno
for the required action.
This function is necessary if the user needs access to certain entries, but is not allowed to change the values in other fields (e.g. to avoid accidental changes) or to see them. This function is particularly useful when different people are responsible for filling in various fields. For example, if you have an employee who only needs to enter technical details on the product page, it is advisable to restrict his permissions to edit the SKU
orProduct Status
fields.
Before setting the role, you must carefully and thoroughly analyze which tasks a particular user has to perform and which access rights he should be given.
For the Delete
authorization, it is advisable not to set the access level higher thanown
- to avoid that, the user deletes the entries that were not added by him.
Correct role settings make it possible to reduce the number of errors in the system, ensure data security and avoid accidental changes by users who are not supposed to have the permissions to do so. The general rule that you should adhere to when configuring roles is as follows: You only have to set the authorizations and access for the user to the entities and their fields to which he needs access to fulfill his official duties.