Employee & Role-Based Access

Employee & Role-Based Access — simple guide for shop owners

What this page is for Manage shop staff, create roles, assign permissions, and control who can do what in your shop’s admin area. Use it to limit sensitive actions to trusted people, streamline daily operations, and keep an audit trail of role changes and assignments.

Top summary (what you see immediately)

  • Roles list — all roles defined for this shop (name, description, number of permissions, assigned employees).

  • Employees list — employees with basic info and current role assignment.

  • Create / Edit Role — form to create a new role or edit an existing one (name, description).

  • Manage Permissions — assign or remove granular permissions (routes/features) to a role.

  • Assign / Remove Employee — attach an employee to a role or unassign them.

  • Employee dashboard — view permissions available to the logged-in employee.

Why it matters: role-based access reduces risk (least-privilege), prevents mistakes, and makes it simple to onboard or offboard staff.

Features & behavior (detailed)

Multi-tenant safety & authorization

  • Only authorized shop owners/managers can access role management. The system validates the shop (place_id) and tenant DB before showing or changing roles.

Role CRUD

  • Create, view, edit, and delete roles scoped to the shop. Role names are unique per shop.

  • When creating a role it starts with an empty permission set; you add permissions separately.

Permissions model

  • Permissions are stored as IDs (global permission catalog) and mapped to routes/features.

  • When editing a role, you see all available global permissions with an assigned flag for quick toggling.

  • Permissions can be add-ons or core features; the UI exposes descriptions and related route names.

Employee assignment

  • Employees are assigned to roles by setting their role_id.

  • The system prevents assigning an employee who is already in another role (you must remove them from their existing role first).

  • Removing an employee from a role simply clears their role_id.

Safe deletion

  • Roles that have employees assigned cannot be deleted. This prevents accidental breakage of employee access.

Employee dashboard & runtime enforcement

  • Employees authenticate via an employee guard and see only a menu of features they have permissions for.

  • Permissions are resolved from the employee’s role at runtime.

Validation & logging

  • Robust validation for inputs (role name uniqueness, role ID formats).

  • All important actions (create, update, assign, remove, delete, permission changes) are logged with place_id, role_id, employee_id and acting user, for auditing.

How to use — quick steps

  1. Open Roles & Access from your Dashboard.

  2. To create a role, click Create Role, give it a name and optional description.

  3. Open the role and assign permissions by checking the features/routes the role should have. Save.

  4. From the role page, assign employees by selecting an employee and clicking Assign. If an employee is already assigned, remove them from that role first.

  5. To change a role’s name/description, use Edit. To delete a role, ensure it has zero assigned employees and then delete.

  6. Employees log in via the employee interface and will only see features allowed by their role.

Recommended roles & sample permissions (starter set)

  • Owner / Manager

    • Full access: manage roles, view financial reports, manage employees, expenses, subscriptions.

  • Cashier / Sales

    • Create sales, print invoices, redeem loyalty rewards, view product prices, accept payments.

  • Inventory Clerk

    • View/manage stock, record stock adjustments, view purchase orders, mark stock received.

  • Marketing

    • Manage promotions, loyalty campaigns, view customer segments, send broadcasts.

  • Accountant

    • View financial reports, export reports, view invoices, manage taxes (no staff management).

  • Support / Associate

    • View orders, customer contact info, basic product pages; no financial or role management.

Adjust names and permissions to match your shop size and trust boundaries.

Benefits for brick-and-mortar shops

  • Operational safety: Restrict financial or sensitive actions (refunds, discounts, deleting records) to trusted staff.

  • Faster onboarding/offboarding: Assign a role to new hires to give them the right access instantly; remove access when someone leaves.

  • Reduced human error: Cashiers see only sales tasks, inventory staff see only inventory tools — fewer accidental changes.

  • Clear separation of duties: Accounting, inventory, and sales responsibilities stay separate for compliance and internal control.

  • Auditability: Logged role and assignment events help with troubleshooting and internal reviews.

Best practices & policies

  • Least privilege: Start with minimal permissions and add only what’s necessary.

  • Role naming convention: Use clear names (Cashier, Inventory Clerk, Store Manager) so responsibilities are obvious.

  • Limit super admin: Keep one or two Owner/Super Admin users — don’t assign super powers to many accounts.

  • Periodic review: Audit roles and assignments monthly; remove permissions not used in 90 days.

  • Document exceptions: If someone needs temporary elevated access, record why, who approved it, and when it should be revoked.

  • Onboarding checklist: Tie role assignment to HR onboarding so people aren’t given access until verified.

Auditing & security

  • Action logs record who created/edited/deleted roles and assignments with timestamps. Use logs for investigations.

  • Prevent deletion of in-use roles — the system blocks role deletion if employees are assigned.

  • Required validation prevents malformed IDs and duplicate role names.

  • Employee guard isolates employee sessions from owner/admin sessions (separate authentication flows possible).

Troubleshooting & common issues

  • “Employee already assigned” error: The employee has a role_id. Remove them from their current role first, or transfer role via management UI.

  • Cannot delete role: Remove all assigned employees first. Check the role’s employees relation to identify who is assigned.

  • Permissions not applying: Confirm the employee’s role_id is set and that the global permission IDs assigned to the role match the permission catalog. Clear session cache or re-login for employees to refresh runtime permissions.

  • Role name conflict on create: Role names must be unique per shop — choose a different name or edit the existing role.

  • Invalid role ID errors: Some actions validate the role_id format — ensure the role ID is a valid MongoDB ObjectId (24 hex characters).

Recommended cadence & workflows

  • Daily: Manager checks critical assignments (cashiers, on-duty staff).

  • Weekly: HR/Manager reconciles any temporary elevated permissions granted during promotions.

  • Monthly: Audit roles, permissions and check logs for unusual changes.

  • Before a sale event: Create temporary marketing role for limited-time campaigns and revoke after the event.

Quick checklist to get started (10–20 minutes)

  1. Create 3 core roles: Owner/Manager, Cashier, Inventory Clerk.

  2. Assign sensible default permissions to each role.

  3. Assign current employees to their appropriate roles.

  4. Test by logging in as an employee (or simulate) to confirm the menu/options are correct.

  5. Review logs to ensure all changes were recorded.

PreviousLoyalty & Reward ProgramNextDocuments

Last updated