Security levels inside Managament


#1

Wish we could set who can access what features in this list, I.e user a can change prices hence access only the products part, user b can access users menu and may be products… etc


#2

This was brought up not so long ago.
I defiantly agree it would be handy.
Boss/admin can allow a manager to change price or add new employee but not mess around in automation. Etc


#4

@emre
can u add more permissions for each user in 5.1.51 version ??


#5

What kind of permissions? It’s hard for him to just add more permissions without seeing a need first.

I think a lot of this may be solved through API implementation as it grows.


#6

let’s say if i created manger role that access managment . this way he can do anything like reset data , delete backup , change prices and edite user’s role . i want him only to add user’s to role not to access all managment .


#7

Ok so hopefully I am understanding you correctly but it sounds like you want a user to have the ability to add other users but not access anything else in management? I think I misunderstood you?

What is your specific need? How would you use this feature? I mean can you give an example of a user you would create and what you want him to have access too and why.


#8

ok . let’s say i want to add user called account can only access inventory only . to add new purchase items and recpie only not to access all mangment


#9

Well with version 5 you can create a user that does not have access to management that can access inventory. Inventory can be done through the Warehouse menu now. Are there other scenarios?


#10

Recipe would not be in the where house section though would it?
I personally would like the ability to at least select the ‘main tabs’ within the permissions level to allow say a management level user access to configure products and add their menu listings but not have access to the automation section.
The ability for a manager to be able to add new ‘staff’ users is a finer line as you would need to prevent them setting the user role as admin as they could create a new account as admin and then gain full access.
The main tabs of Settings, Products, Tickets, Entities, Accounts, Inventory, Printing, Reports, Automation and Users would be a good start however implementing this would then lead to request for the ‘sub tabs’ within each ie;
Products --> Product List, Menu List, Product Tag Editor, Price List Editor etc.


#11

I think your viewpoint might be different. I understand your view you are speaking like a vendor providing preconfigured POS for customer and you want to prevent them from destroying their POS on accident and then coming to you wondering what happened.

But for the average restaurant manager the need is a little different. That is why its good to hear from that perspective. Many things that the average restaurant manager would need might be better implemented in a different way. For example adding inventory transactions was moved to warehouse screen.


#12

I understand what your saying however even a restaurant owner could easily want to allow a manager to edit prices but not be able to access automatioons etc.


#13

Yes but what if we discover that the actual flow for a restaurant manager would be simpler if they didnt have to enter manage screen at all. I am a firm beleiver that manage screen really should be for configuration of POS and daily tasks should move to systems outside manage.

Prices can be something that some venues need to change on a more frequent basis so it might make sense to have a screen outside of manage that can handle price changes.

Dont get me wrong I am not against adding more permissions I just think the discussion should be more than just simply slapping in that feature.


#14

Ok but how could you edit the price list or make a new product without going to management screen? :stuck_out_tongue:

A new entity screed ‘widget’ which can show a ‘tab’ of the manage section?

That could indeed be a much more flexible way to go.


#15

You didnt ask that question when the only way to make purchase transactions was inside manage… now its not :stuck_out_tongue:

I am saying maybe we should look at it differently.

I mean instead of just adding permissions which can be done… maybe we should look at other scenarios and include them in the design change.


#16

I wasn’t on the forum back then I don’t think :stuck_out_tongue:

But I think a flexible alternative route might be;

This could lead to much more intricate access control beyond adding permissions to the management section


#17

Ive shared this before and its made some strides and for most part I am happy personally now, but I could see more improvement being done in future. I think Manage screen should contain specifically POS structure related settings and the actual business operations stuff should be separate from Manage screen.

I would love to be able to create custom screens with access to things like Price list etc. We could then manage access through mapping. However this would probably require some specific actions that may cause havok if used wrong.


#18

You mean to split and have say ‘POS Managment’ and ‘Settings’ options on main menu?


#19

Not specifically. My thought is that I too would not want a manager to mess with rules etc… only I should do that. But I might want to give manager access to some things like Price List or Menu. However I dont think they should need to go through Manage to do that.


#20

Thats is my thinking,
There is always someone who thinks they know better and make changes which they dont understand trying to help.

I think the entity screen widget to show a management tab could be a potential solution which offers allot of options covering both permissions and workflow optimizations.


#21

We discussed it here. It is in my todo list.

http://forum.sambapos.com/t/setting-roles-to-restrict-access/5763