User Roles and Permissions
Scottsdale Mint uses a multi-tier role system combining WordPress's built-in roles, WooCommerce roles, and custom roles specific to the site's business requirements.
Default WordPress Rolesโ
| Role | Description |
|---|---|
administrator | Full access to WordPress and WooCommerce admin; 2FA mandatory |
editor | Can manage pages and posts; limited WooCommerce access |
author | Can publish own posts |
contributor | Can write but not publish |
subscriber | Customer-level access; can log in and view My Account |
WooCommerce Rolesโ
| Role | Key Capabilities |
|---|---|
shop_manager | WooCommerce full access (orders, products, settings); 2FA mandatory |
customer | Default registered customer role; can place orders, track, and manage account |
Custom Rolesโ
dealerโ
| Property | Value |
|---|---|
| Registered by | suma-elementor theme or a custom plugin |
| Purpose | Wholesale/dealer customers who receive tiered pricing |
| Key differences | See dealer-tier prices instead of retail prices; may have volume discount overrides |
| Access | Same as customer role for WooCommerce; pricing logic checks for this role |
compliance_officerโ
| Property | Value |
|---|---|
| Registered by | Custom roles setup (in theme or dedicated plugin) |
| Purpose | Review KYC documents and approve/reject KYC-pending orders |
| Key capabilities | Can view restricted S3 KYC document links; can change wc-kyc-pending order status; cannot manage products or settings |
| Access | Limited WooCommerce admin โ orders only |
warehouse_managerโ
| Property | Value |
|---|---|
| Registered by | Custom roles setup |
| Purpose | Warehouse team โ view and ship orders |
| Key capabilities | Can view orders; can add tracking numbers; cannot modify prices or settings |
Role-Capability Matrixโ
| Capability | admin | shop_manager | compliance_officer | warehouse_manager | dealer | customer |
|---|---|---|---|---|---|---|
| Manage products | โ | โ | โ | โ | โ | โ |
| Manage orders | โ | โ | โ (limited) | โ (limited) | โ | โ |
| Add tracking numbers | โ | โ | โ | โ | โ | โ |
| View KYC documents | โ | โ | โ | โ | โ | โ |
| WooCommerce settings | โ | โ | โ | โ | โ | โ |
| WordPress settings | โ | โ | โ | โ | โ | โ |
| Place orders | โ | โ | โ | โ | โ | โ |
| Dealer pricing | โ | โ | โ | โ | โ | โ |
| View own orders | โ | โ | โ | โ | โ | โ |
Dealer Pricing Logicโ
The dealer role enables tiered pricing on the front-end:
// In \Suma\Product\Pricing
public function get_customer_discount_tier(): string {
if ( ! is_user_logged_in() ) {
return 'retail';
}
$user = wp_get_current_user();
if ( in_array( 'dealer', $user->roles, true ) ) {
return 'dealer';
}
return 'retail';
}
Dealer pricing rates are configured in the WooCommerce product editor or in a global discount settings page.
2FA by Roleโ
The WP 2FA Premium plugin enforces 2FA based on role:
| Role | 2FA Required |
|---|---|
administrator | Yes โ cannot skip |
shop_manager | Yes โ cannot skip |
compliance_officer | Yes โ cannot skip |
warehouse_manager | Recommended (configurable) |
dealer | Optional |
customer | Optional |
Managing Rolesโ
Roles can be managed via:
- WP Admin โ Users โ Edit User โ change role per user
- WP-CLI:
wp user update 42 --role=dealer - Custom roles are registered in code โ they persist across environments via the database but are registered by
register_activation_hookorinitaction in the plugin/theme
Related Resourcesโ
- KYC Documentation โ compliance_officer role usage
- Security โ 2FA enforcement details