Ive bought this up before. and what better time to ask, than when one of my clients till has been wrecked by Staff completely the fault of the owner. Luckily it uploads backups to me so I can fix the problem, but we need to prevent it in the first place.
The Owner of the bar has decided to just share his RFID fob with the staff rather than create their own, for reasons I have no idea. Im set up as an Admin on their till, but id like to be able to not allow the owner to give himself Admin rights. I really need to restrict what they can do.
I really feel for the interest of security, that a role that has been given access to the ‘Create User’ Navigation AMC cannot create a role that is higher than their own. Or at least only allow 1 Admin role, or even create a higher role called Super Admin with only 1 assigned Super Admin allowed.
Not everyone uses Entities, and for my situation I feel using the original Users and User Role system works best for me.
This also leads on to a more flexible way of prmitting parts of manage section.
We can link to a specific page of managment with custom menu nav button but would be much cleaner to have permissions for viewing the subsections of admin as a user roll feature than just mapping a button for a specific page.
Creating users via SQL is super simple. I mean only 3 fields you need to create. PinCode, Name, UserRole_id Just find the role id that matches the role you want for the user and then insert that with the new user.
You should be able to pass parameters directly into the script. I have done many times but only with the SQL within the JScript not directly into the SQL using handlers. However not tried [?prompt] inside a {CALL:X}…
However have a slight concern in that username and pin must be unique… @Jesse will the insert just not happen if there are duplicate values? Is the uniqueness a column parameter?
So I would personally look to do a JScript which will be more manageable to do a couple of selects to check user and pin are not already used and then to the insert if all is ok.
SQL in script is fairly simple…
Here is a sample for getting a program setting;
function getValue(settingName) {
var qry = "SELECT [Value] FROM [ProgramSettingValues] WHERE [Name]='"+settingName+"'";
var r = sql.Query(qry).First;
return r;
}
the query is a string and then the ++ wrap the variables you want to put inline.
This update program setting maybe shows more into how you might do the unique user/pin verification;
function updateValue(settingName,settingValue) {
var qry = "SELECT count([Name]) as CT FROM [ProgramSettingValues] WHERE [Name]='"+settingName+"'"; //--check if the ProgramSetting EXISTS
var r = sql.Query(qry).First;
if (r==0)
{
qry = "INSERT INTO [ProgramSettingValues] ([Name], [Value]) VALUES ('"+settingName+"','"+settingValue+"')"; //--if ProgramSetting does NOT exist, insert a row
sql.ExecSql(qry);
} else {
qry = "UPDATE [ProgramSettingValues] SET [Value]='"+settingValue+"' WHERE [Name]='"+settingName+"'"; //--if ProgramSetting DOES exist, update the value
sql.ExecSql(qry);
}
}