Securing admin account
Before you start setting up access levels and permissions, make sure you have valid email address assigned to your admin account.
Admin account is the one who has the highest access level in the system. In case you set up some restrictions and forgot the password for admin account, the only way to reset it is using a valid email.
Access levels allows you to set wide range of permissions for your users. Access levels are presented as numbers, where application assumes that user with lower access level has lower permissions.
Simple example
Depending on your requirements and organization, you may wish to have cashiers as limited users, managers as users who can perform some business critical operations and an admin with unrestricted access. You can achieve that by setting the following access levels:
- Level 0 - Default for limited users. Will be able to access unprotected application sections only.
- Level 5 - You can assign this access level to managers and allow them to view reports in management sections, void orders, but not to edit or delete documents.
- Level 9 - You can use this level as a "master admin" account. In this example, user with access level 9 will have unrestricted access to all sections and actions.
NOTE: Access levels in this example (0, 5 and 9) are used for demonstration purposes only, you can use any numbers you want. Application will look if given access level is greater then required when deciding whether a user can access some protected section.
Admin account and unrestricted access
Any user with the highest access level currently set in application will always have unrestricted access.Access denied
If you cannot access a section or perform some operation (like void order), it only means that this section or operation is protected with a higher access level then the one assigned to you.
Also, if you assume you have the highest access level ("admin" account), but you are still not able to access some protected sections, it only means that there is another user with higher access level then yours.Protecting application sections with access levels
First step is to set required access levels to application areas, or sections you wish to protect from unauthorized access. To set access levels, open management, select users on the left and go to "Users & Security" section.
In this section you can adjust access level for some sections in Aronium or set security level for some critical operations.
For example, if you set access level "8" for Management section, users with access level 8 or higher will be able to access management section, while users with lower access level then 8 will be prompt for a user authentication with access level higher then 8.
Set users' access levels
Second step is to assign appropriate access levels to your users. You can do this in users' section when you create new users or by editing existing ones.
Access levels are set as in the screenshot below.
Remember
Setting required access level to application areas is the first step. To complete the process and grant access to the users, you need to update individual user accounts.
Sections
Access levels are separated into sections allowing you to easy find the settings you need, as described below.
General
This section contains general access setting.
Operation | Description |
---|---|
Management | Setting access level for management section |
Settings | Setting access level for Settings section |
End of day | Setting access level for end of day action (applies to "End of day" button) |
User profile | Setting access level for user profile and cash out |
Sales
This sections contains mostly used operations executed from main sales screen.
Operation | Description |
---|---|
View all open orders | Setting access level required to view all open orders (available if floor plans are enabled) |
Void order | Setting access level for void order action (applies to "Void order" button) |
Void item | Setting access level for void item action (applies to "Void" button) |
Lock sale | Setting access level for lock sale action (applies to "Lock sale" button) |
Unlock sale | Setting access level for unlock sale action (applies to "Unlock sale" button) |
Split order | Setting access level for split order action (applies to "Split order" button) |
Apply discount | Setting access level for discount action (applies to "Discount" button in sales screen and payment section) |
Delete document | Setting access level for delete document action (applies to "Delete" button in "View sales history" section) |
Refund | Setting access level for issuing refunds (applies to "Refund"button in main sales screen and "View sales history" section) |
View sales history | Settings access level for "View sales history" action |
Starting cash | Setting access level for "Cash In / Out" option |
Open cash drawer | Setting access level on Cash drawer button on sales screen |
Zero stock quantity sale | Preventing unauthorized users to sell items with insufficient quantities on hand |
Management
This section provides settings for management modules.
Operation | Description |
---|---|
Dashboard | Setting allows user to see the dashboard |
Documents | Allows user to open documents module and manage documents |
Products | Allows user to open products module and manage products |
Stock | Allows user to open stock module |
Reporting | Allows user to open reporting module and run reports |
Customers & Suppliers | Allows user to open customers & suppliers module and manage them |
Promotions & Actions | Allows user to open promotions module and manage them |
Users & Security | Allows user to access users module and manage them |
Payment Types | Allows user to access payment types module and manage them |
Countries | Allows user to access countries module and manage them |
Stock
This sections contains stock related operations.
Operation | Description |
---|---|
Quick inventory | Allows user to perform quick inventory operation |
View cost prices | Allows user to see cost prices in stock management |