HandyCafe Docs
owner

How to Set Up Cashier Roles and Permissions

This guide covers creating cashier accounts, defining custom roles with granular permissions, and assigning those roles to your staff. Properly configured roles ensure that each staff member can only access the features they need for their job.

What You Will Need

  • Admin access to the HandyCafe Server (only admins can manage cashier accounts and roles).
  • A plan for which staff members need which level of access.
  • At least one role defined before creating cashier accounts (roles must exist to be assigned).

How to Create a Custom Role

Roles define what a cashier can and cannot do. HandyCafe uses six permission categories, each with individual permission settings. Create your roles first, then assign them to cashier accounts.

  1. Navigate to the Management section using the left sidebar.
  2. Open the Cashier Roles tab.
  3. Click Add Role.
  4. Enter a name for the role (e.g., "Day Shift Cashier"). Role names must be unique.
  5. Set the level. Higher levels indicate more authority. A cashier with a lower-level role cannot modify a cashier with a higher-level role.
  6. Configure the Auth permissions. These control login-related actions:
    • Login/logout ability.
    • Password reset capability.
  7. Configure the Member permissions. These control what the cashier can do with member accounts:
    • View members.
    • Create members.
    • Edit members.
    • Delete members.
    • Top up wallets.
    • View transaction history.
  8. Configure the Console permissions. These control session and console actions:
    • Start and stop sessions.
    • Pause and resume sessions.
    • Add time.
    • View console list.
  9. Configure the Log permissions. These control access to system logs:
    • View logs (today only or all dates).
    • Export logs.
  10. Configure the Report permissions. These control access to financial reports:
    • View cash reports (today only or all dates).
    • View statistics.
    • Export reports.
  11. Configure the Payment permissions. These control payment-related actions:
    • Accept payments.
    • Process refunds.
    • Modify payment methods.
    • View payment history.
  12. Click Save to create the role.

Expected result: The new role appears in the Cashier Roles list with all configured permissions. It is now available for assignment to cashier accounts.

Practical Example: Day Shift Cashier Role

This example creates a restricted role suitable for a regular cashier working a daytime shift.

  1. Navigate to Management > Cashier Roles.
  2. Click Add Role.
  3. Name: "Day Shift Cashier".
  4. Level: 1 (lowest level).
  5. Auth permissions: Enable login. Disable password reset.
  6. Member permissions:
    • Enable: View members, Create members, Top up wallets, View transaction history.
    • Disable: Edit members, Delete members.
  7. Console permissions:
    • Enable: Start sessions, Stop sessions, Pause sessions, Resume sessions, Add time.
    • Disable: (none; day shift cashiers need full session control).
  8. Log permissions:
    • Enable: View logs (today only).
    • Disable: View all logs, Export logs.
  9. Report permissions:
    • Enable: View cash report (today only).
    • Disable: View all reports, View statistics, Export reports.
  10. Payment permissions:
    • Enable: Accept payments, View payment history.
    • Disable: Process refunds, Modify payment methods.
  11. Click Save.

Expected result: The "Day Shift Cashier" role can start and manage sessions, create members, top up wallets, view today's logs and reports, and accept payments. It cannot delete members, modify payment methods, process refunds, or view historical reports beyond today.

Practical Example: Manager Role

This example creates a role with broader access for a trusted shift manager.

  1. Navigate to Management > Cashier Roles.
  2. Click Add Role.
  3. Name: "Shift Manager".
  4. Level: 5 (higher than Day Shift Cashier).
  5. Auth permissions: Enable all.
  6. Member permissions: Enable all (View, Create, Edit, Delete, Top up, History).
  7. Console permissions: Enable all.
  8. Log permissions: Enable all (View all logs, Export logs).
  9. Report permissions: Enable all (View all reports, Statistics, Export).
  10. Payment permissions:
    • Enable: Accept payments, Process refunds, View payment history.
    • Disable: Modify payment methods (reserve this for the admin/owner).
  11. Click Save.

Expected result: The "Shift Manager" role has nearly full access. The only restriction is that they cannot modify payment methods, which is typically an owner-level configuration change.

How to Create a Cashier Account

  1. Navigate to the Management section.
  2. Open the Cashiers tab.
  3. Click Add to create a new cashier.
  4. Enter a username. This is what the cashier will type to log in. It must be unique.
  5. Enter a password. Use a strong password. The cashier can change it later.
  6. Select a role from the dropdown. Only roles you have already created will appear.
  7. Optionally fill in full name, email, and mobile for record-keeping.
  8. Click Save.

Expected result: The new cashier account appears in the Cashiers list. The cashier can now log in to the HandyCafe Server using their username and password. Their access is restricted to the permissions defined by their assigned role.

How to Change a Cashier's Role

  1. Navigate to Management > Cashiers.
  2. Select the cashier whose role you want to change.
  3. In the cashier's detail panel, click the Role dropdown and select a different role.
  4. Click Save.

Expected result: The cashier's permissions change immediately. The next time they perform an action, the system checks against their new role. They do not need to log out and back in for the change to take effect.

How to Restrict a Cashier to Today's Reports Only

This is a common requirement: you want cashiers to see the current shift's numbers but not historical data.

  1. Open the role assigned to the cashier (Management > Cashier Roles).
  2. In the Report permissions section:
    • Enable "View cash report (today only)."
    • Disable "View all reports."
    • Disable "View statistics."
    • Disable "Export reports."
  3. In the Log permissions section:
    • Enable "View logs (today only)."
    • Disable "View all logs."
    • Disable "Export logs."
  4. Click Save.

Expected result: The cashier can view the Cash Report page but only sees data from the current day. The date picker (if visible) is locked to today. The Statistics page and export buttons are hidden or disabled for this cashier.

How to Deactivate a Cashier Account

When a staff member leaves, deactivate their account rather than deleting it. This preserves the audit trail.

  1. Navigate to Management > Cashiers.
  2. Select the cashier to deactivate.
  3. Toggle the Active switch to off (or click Deactivate).
  4. Click Save.

Expected result: The cashier can no longer log in. All their historical actions (sessions started, transactions recorded, logs) remain in the system. The account can be reactivated later if needed.

Common Mistakes to Avoid

  • Assigning the wrong role. Always double-check the role dropdown when creating a cashier. A cashier with a Manager role has far more access than intended for a regular shift worker.
  • Not testing the role after creation. Log in as the cashier (or use a test account with the role) and verify that restricted features are actually hidden or disabled. Do not rely on the permission checkboxes alone.
  • Forgetting that roles are enforced in the backend. Even if a UI element is visible, the backend will reject unauthorized actions based on the role's permission settings. However, for a clean user experience, the UI should also hide unauthorized features.
  • Setting all roles to level 0. The level determines hierarchy. If a role's level is lower than another, the lower-level cashier cannot edit the higher-level cashier. Plan your levels: 1 for basic cashiers, 5 for managers, 10 for senior managers.
  • Sharing cashier accounts. Each staff member should have their own account. Shared accounts make it impossible to trace who performed a specific action in the logs.
  • Deleting a cashier account instead of deactivating. Deletion removes the cashier reference from transactions and logs (set to NULL). Always deactivate instead to preserve the audit trail.
  • Leaving default payment method permissions enabled. Most cashiers should not be able to add or remove payment methods. This is a configuration change that should be restricted to owners or admins.