I have a user who is a wordpress 'customer' role, and is flagged as an SK 'Sales Agent' who can access the standard 'backend' of wordpress/woocommerce and view 'orders'. This is working as intended, he can only view orders previously assigned to him and CANNOT create new orders (since he is a 'customer' and not a 'shop manager' or above). My issue is that if this user has an order that is open and has not yet been settled (payment not yet complete), he is able to edit the base price of items in the order details, generating a 'coupon' line.
In my 'Agent Capabiltiies' settings it is disabled that agents can edit prices- but using the backend of WP may bypass those controls. Is there a fix to restrict that access?
Hello,
I have a user who is a wordpress 'customer' role, and is flagged as an SK 'Sales Agent' who can access the standard 'backend' of wordpress/woocommerce and view 'orders'. This is working as intended, he can only view orders previously assigned to him and CANNOT create new orders (since he is a 'customer' and not a 'shop manager' or above). My issue is that if this user has an order that is open and has not yet been settled (payment not yet complete), he is able to edit the base price of items in the order details, generating a 'coupon' line.
In my 'Agent Capabiltiies' settings it is disabled that agents can edit prices- but using the backend of WP may bypass those controls. Is there a fix to restrict that access?
Thank you
Hello Marissa,
It should be possible to hide those options for agents editing orders, by adding the following PHP code snippet to your site:
add_action('admin_head', function(){ $user_id = get_current_user_id(); $agent_group = get_user_meta($user_id,'salesking_group',true); if ($agent_group !== 'none' && !empty($agent_group)){ ?> <style> button.button.add-line-item, .add-coupon, .wc-order-edit-line-item { display: none !important; } </style> <?php } });This snippet can be added to functions.php, or by following our guide here: https://woocommerce-b2b-plugin.com/docs/how-to-add-a-snippet-php-or-js/
Let me know if that works for you,
Kind regards,
Stefan