updateCompanyRole mutation
Magento Commerce for B2B only
Use the updateCompanyRole
mutation to update the company role and permissions.
You can get the role ID and the list of all resources defined within the company using the company
query.
The following table lists all the resources that are available to the customers defined with a company. To visualize the resource hierarchy, log in to a store as the Company Admin and select Roles and Permissions, then click the Edit action next to the Default User role.
Display name | Resource name |
---|---|
All | Magento_Company::index |
Sales | Magento_Sales::all |
Allow Checkout | Magento_Sales::place_order |
Use Pay On Account method | Magento_Sales::payment_account |
View orders | Magento_Sales::view_orders |
View orders of subordinate users | Magento_Sales::view_orders_sub |
Quotes | Magento_NegotiableQuote::all |
View | Magento_NegotiableQuote::view_quotes |
Request, Edit, Delete | Magento_NegotiableQuote::manage |
Checkout with Quote | Magento_NegotiableQuote::checkout |
View quotes of subordinate users | Magento_NegotiableQuote::view_quotes_sub |
Order Approvals | Magento_PurchaseOrder::all |
View My Purchase Orders | Magento_PurchaseOrder:view_purchase_orders |
View for subordinates | Magento_PurchaseOrder:view_purchase_orders_for_subordinates |
View for all company | Magento_PurchaseOrder:view_purchase_orders_for_company |
Auto-approve POs created within this role | Magento_PurchaseOrder:autoapprove_purchase_order |
Approve Purchase Orders without other approvals | Magento_PurchaseOrder:super_approve_purchase_order |
View Approval Rules | Magento_PurchaseOrder:view_approval_rules |
Create, Edit and Delete | Magento_PurchaseOrder:manage_approval_rules |
Company Profile | Magento_Company::view |
Account Information (View) | Magento_Company::view_account |
Edit | Magento_Company::edit_account |
Legal Address (View) | Magento_Company::view_address |
Edit | Magento_Company::edit_address |
Contacts (View) | Magento_Company::contacts |
Payment Information (View) | Magento_Company::payment_information |
Shipping Information (View) | Magento_Company::shipping_information |
Company User Management | Magento_Company::user_management |
View roles and permissions | Magento_Company::roles_view |
Manage roles and permissions | Magento_Company::roles_edit |
View users and teams | Magento_Company::users_view |
Manage users and teams | Magento_Company::users_edit |
Company credit | Magento_Company::credit |
view | Magento_Company::credit_history |
Syntax
1
2
3
4
5
6
7
mutation {
updateCompanyRole(
input: CompanyRoleUpdateInput!
) {
UpdateCompanyRoleOutput
}
}
Example usage
The following example updates the name of a company role.
Request:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
mutation {
updateCompanyRole(
input: {
id: "Mg=="
name: "Company Admin (updated)"
}
) {
role {
id
name
permissions {
id
text
sort_order
children {
id
text
sort_order
children {
id
text
sort_order
}
}
}
}
}
}
Response:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
{
"data": {
"updateCompanyRole": {
"role": {
"id": "Mg==",
"name": "Company Admin (updated)",
"permissions": [
{
"id": "Magento_Company::index",
"text": "All",
"sort_order": 100,
"children": [
{
"id": "Magento_Company::view",
"text": "Company Profile",
"sort_order": 100,
"children": [
{
"id": "Magento_Company::view_account",
"text": "Account Information (View)",
"sort_order": 100
},
{
"id": "Magento_Company::view_address",
"text": "Legal Address (View)",
"sort_order": 200
},
{
"id": "Magento_Company::contacts",
"text": "Contacts (View)",
"sort_order": 300
},
{
"id": "Magento_Company::payment_information",
"text": "Payment Information (View)",
"sort_order": 400
},
{
"id": "Magento_Company::shipping_information",
"text": "Shipping Information (View)",
"sort_order": 450
}
]
},
{
"id": "Magento_Company::user_management",
"text": "Company User Management",
"sort_order": 200,
"children": [
{
"id": "Magento_Company::roles_view",
"text": "View roles and permissions",
"sort_order": 100
},
{
"id": "Magento_Company::users_view",
"text": "View users and teams",
"sort_order": 300
}
]
},
{
"id": "Magento_Company::credit",
"text": "Company Credit",
"sort_order": 500,
"children": [
{
"id": "Magento_Company::credit_history",
"text": "View",
"sort_order": 500
}
]
}
]
}
]
}
}
}
}
You can change or add permissions to the company role using “permissions” attribute.
To add new or change current permissions, you also must send all the current permissions every time you use the “permissions” attribute. The company role permissions are rewritten completely from the “permissions” attribute.
Input attributes
The CompanyRoleUpdateInput
input object defines the company role data.
CompanyRoleUpdateInput attributes
The CompanyRoleUpdateInput
object contains the following attributes:
Attribute | Data Type | Description |
---|---|---|
id |
ID! | The encoded company role ID for updating |
name |
String | Role name. |
permissions |
[String!] | A list of role permission resources. |
Output attributes
The UpdateCompanyRoleOutput
output object contains the following attribute:
Attribute | Data Type | Description |
---|---|---|
role |
CompanyRole! | Contains company role data |
CompanyRole attributes
The CompanyRole
object contains details about a company role and permissions. It contains the following attributes.
Attribute | Data Type | Description |
---|---|---|
id |
ID! | Role ID |
name |
String | The display name of the role |
permissions |
[CompanyAclResource] | A list of permission resources defined for a role |
users_count |
Int | Total number of users with such role within company structure |
Errors
Error | Description |
---|---|
User role with this name already exists. Enter a different name to save this role. |
The company cannot have multiple company roles with the same name. |
Unable to set "allow" for the resource because its parent resource(s) is set to "deny". |
To allow permission for the company role, you must allow all the permissions of the parent tree. |
No such entity with roleId = xxx |
The company role with ID xxx doesn’t exist. |