Introduction to Users and Permissions
Anyone working with EVA needs to authenticate somehow. In EVA, authentication is managed using users, as these hold a person's information and permissions.
Both employees and customers are managed in EVA as 'users', there's just a certain property telling EVA whether the user is a customer or an employee. Users have certain credentials they can use to log on to EVA. What they have access to and what they can do in EVA is managed using roles and permissions.
A user holds all information regarding a customer or employee. Basic information includes names, e-mail address, phone number and billing- and shipping addresses.
EVA ships with a buttload of functionalities, which translates into an equal buttload of permissions. For example; you wouldn't want a store employee to be able to alter complex routing logic or a logistics employee to perform refunds.
Permissions aren't directly attached to users, that would be kind of inefficient to say the least. You could customize permissions for individual users, but in general most of your employees share certain functions in your organization. For this reason, permissions are grouped in roles. You could create a role for a store manager, a district manager, a store employee, you name it. You think of a role, you determine what functionalities belong to which role, and you simply set it up.
Using this system, changes to roles are also a breeze. Want your store employees to handle incoming goods in your store instead of the managers? Simply add the functionality to the store employee role and all store employees gain access to the functionality.