Getting Started
The Entity Access Control plugin provides row-level access control for the Vendure admin API. It lets you define access policies that restrict which records an administrator can see based on configurable filter conditions -- for example, "order managers can only see orders in the Shipped or Delivered state" or "customer managers can only see customers in specific customer groups."
This builds on top of Vendure's built-in Role/Permission system. While Vendure core controls what operations an admin can perform (e.g. ReadProduct, UpdateOrder), this plugin controls which records are visible to them.
Features
Exclusive to Vendure Platform
This page is part of the Vendure Platform documentation. Access requires a valid Vendure Platform license.