B2B for Adobe Commerce only. Learn more.

createCompanyRole mutation

The createCompanyRole mutation defines a new company role. To create a role, you must provide an array of permissions that determine which resources the user can access.

The following table lists all the resources that are available to the customers defined with a company. To visualize the resource hierarchy, log in to a store as the Company Admin and select Roles and Permissions, then click the Edit action next to the Default User role.

Display name Resource name
  All Magento_Company::index
    Sales Magento_Sales::all
      Allow Checkout Magento_Sales::place_order
        Use Pay On Account method Magento_Sales::payment_account
      View orders Magento_Sales::view_orders
      View orders of subordinate users Magento_Sales::view_orders_sub
    Quotes Magento_NegotiableQuote::all
      View Magento_NegotiableQuote::view_quotes
        Request, Edit, Delete Magento_NegotiableQuote::manage
        Checkout with Quote Magento_NegotiableQuote::checkout
      View quotes of subordinate users Magento_NegotiableQuote::view_quotes_sub
  Order Approvals Magento_PurchaseOrder::all
    View My Purchase Orders Magento_PurchaseOrder:view_purchase_orders
      View for subordinates Magento_PurchaseOrder:view_purchase_orders_for_subordinates
      View for all company Magento_PurchaseOrder:view_purchase_orders_for_company
    Auto-approve POs created within this role Magento_PurchaseOrder:autoapprove_purchase_order
    Approve Purchase Orders without other approvals Magento_PurchaseOrder:super_approve_purchase_order
    View Approval Rules Magento_PurchaseOrder:view_approval_rules
      Create, Edit and Delete Magento_PurchaseOrder:manage_approval_rules
    Company Profile Magento_Company::view
      Account Information (View) Magento_Company::view_account
        Edit Magento_Company::edit_account
      Legal Address (View) Magento_Company::view_address
        Edit Magento_Company::edit_address
      Contacts (View) Magento_Company::contacts
      Payment Information (View) Magento_Company::payment_information
      Shipping Information (View) Magento_Company::shipping_information
    Company User Management Magento_Company::user_management
      View roles and permissions Magento_Company::roles_view
        Manage roles and permissions Magento_Company::roles_edit
      View users and teams Magento_Company::users_view
        Manage users and teams Magento_Company::users_edit
    Company credit Magento_Company::credit
      view Magento_Company::credit_history

Also, you can get the list of all resources defined within the company using the company query.

Syntax

1
2
3
4
5
6
7
mutation {
    createCompanyRole(
        input: CompanyRoleCreateInput!
    ) {
        CreateCompanyRoleOutput
    }
}

Example usage

This example creates a new company role with a list of company permissions available to the company.

Request:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
mutation {
  createCompanyRole(
    input: {
      name: "Company Admin"
      permissions: [
        "Magento_Company::index"
        "Magento_Company::view"
        "Magento_Company::view_account"
        "Magento_Company::edit_account"
        "Magento_Company::view_address"
        "Magento_Company::edit_address"
        "Magento_Company::contacts"
        "Magento_Company::payment_information"
        "Magento_Company::shipping_information"
        "Magento_Company::user_management"
        "Magento_Company::roles_view"
        "Magento_Company::roles_edit"
        "Magento_Company::users_view"
        "Magento_Company::users_edit"
        "Magento_Company::credit"
        "Magento_Company::credit_history"
      ]
    }
  ) {
    role {
      id
      name
      permissions {
        id
        text
        sort_order
        children {
          id
          text
          sort_order
        }
      }
    }
  }
}

Response:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
{
  "data": {
    "createCompanyRole": {
      "role": {
        "id": "Mg==",
        "name": "Company Admin",
        "permissions": [
          {
            "id": "Magento_Company::index",
            "text": "All",
            "sort_order": 100,
            "children": [
              {
                "id": "Magento_Company::view",
                "text": "Company Profile",
                "sort_order": 100
              },
              {
                "id": "Magento_Company::user_management",
                "text": "Company User Management",
                "sort_order": 200
              },
              {
                "id": "Magento_Company::credit",
                "text": "Company Credit",
                "sort_order": 500
              }
            ]
          }
        ]
      }
    }
  }
}

Input attributes

The CompanyRoleCreateInput input object defines the company role data for creating.

CompanyRoleCreateInput attributes

The CompanyRoleCreateInput object contains the following attributes:

Attribute Data Type Description
name String! The name of the role to create
permissions [String!]! A list of resources the role can access

Output attributes

The CreateCompanyRoleOutput output object contains the following attribute:

Attribute Data Type Description
role CompanyRole! Contains company role data

CompanyRole attributes

The CompanyRole object contains details about a company role and permissions. It contains the following attributes.

Attribute Data Type Description
id ID! Role ID
name String The display name of the role
permissions [CompanyAclResource] A list of permission resources defined for a role
users_count Int Total number of users with such role within company structure

Errors

Error Description
User role with this name already exists. Enter a different name to save this role. The company cannot have multiple company roles with the same name.
Unable to set "allow" for the resource because its parent resource(s) is set to "deny". To allow permission for the company role, you must allow all the permissions of the parent tree.