PMS & POS User roles and permissions

Modified on Wed, 22 Jan at 8:21 AM

This article covers:

Set up/Edit user roles and permissions for the PMS
Assigning roles to users in the PMS
Set up/Edit permissions for the POS
Review which users by role and role capabilities

User role management forms a key part of Identity & Access Management within the cyber security environment. HART recommends adhering to the principle of Least Privileged Access, this is to give the sufficient access for a team member to complete their role but no further access beyond this.

Regular reviews of the roles in circulation is advised along with a regular review of who has live access to the PMS & POS and at what level.

Set up/Edit user roles and permissions

User roles are created via Configuration> Access > Security:

Within the lower left hand panel (red box) the different roles are created e.g. HART Champion, Reception Supervisor etc. To create a new role right mouse click and select Add Entry. Please note the 'Read Only' option is currently under development
Within the lower middle panel (green box) the attributes connected to that role are created

Role attributes are based on the master and sub menu options that can be accessed. In the example below the 'AAA Role' has access to the Reservations master menu and all the sub options within it (e.g. Availability, Room Rack), however any user with this role would not be able to access the Reception menu

It is also possible to assign access to specific sub options within a menu. In the example below the AAA Role has access to the Reservations menu however note that the 'All' box is not ticked. Below this the specific sub options that can be access are defined i.e. Availability and Facility.

In some circumstances it may be more efficient to exclude certain sub menu options from a master menu, for example all but one sub menu option should be available to the user. Building on the previous example, this user role has been granted access to all of the Reception master menu except the Close Day sub menu option. This has been achieved by adding the Close Day sub menu option below ticking the 'X' to exclude it.

When selecting sub menu options if the master menu that the sub option belongs to is not currently assigned to the role there will be a red mark to the left of the sub menu name

When trying to access a menu or sub menu option that access hasn't been granted to, user will see the message below

Assigning roles to users

Whilst it is possible for users to hold multiple roles simultaneously please be aware that HART works to the principle of Least Privileged Access meaning that where there is a cross-over between the roles (e.g. one role allows access to Close Day and the other doesn't), that with the lowest access will be taken.

Assigning roles is carried out via Configuration > Access > Users

Once the relevant user has been selected the role(s) should be assigned via a right mouse click and selection from the list

Whilst access to Configuration > Facilities must be specified as part of the role configuration please note access to the Rotas and Personnel tabs requires additional permission due to the nature of the information held here. This is granted via the Special Permissions area:

In this area it is also possible to lock an account via the ticked the 'Locked check box:

Set up/Edit permissions for the POS

Via Configuration > Outlets > Operators users of the POS are managed

It is recommended that Operator codes are a minimum of 4 digits long

The options available are:

With the management passcode also, this operator can

Discount: apply discounts to checks
Void: void parts or whole orders
Price: amend the pricing of items
Reopen: re-open checks after they have been closed
Manager: the ability to re-open an outlet after it has been closed (shift close)

Additionally the user can:

All Tables: see all tables within the outlet when clicking on the Open button on the POS (rather than just their own)
SC: apply/remove service charge from a check
Split: split a check between multiple parties
Merge: merge tables together
Tables: able to change the table assigned to the guest via the POS
All POS: the operator can access any outlet that's set up (*please see below)
Neg. Qty: post negative quantities of items to the check (and as such a negative value)

Where operators should be tied to specific outlets this is managed via Configuration > Outlets > Configuration:

In the example below the AAA operator has been linked to the 'Anna' outlet and on the basis the 'All POS' option is not ticked then this is the only outlet this operators code will be able to access

Review which users by role and role capabilities

Via Reports > Financial > User Roles it is possible to run a series of reports around roles and access.

User - Roles: details all users and the roles currently assigned to the, Users with a locked profile are shown in red. This report also details the date of the last password change and when the user last accessed HART
Role Description: details the capabilities assigned to each role
POS Operators: details all POS Operators and their rights
Audit Changes: details any changes in set up of a PMS user. Please note this can only be run with the system administrator log-in

It is is also possible to schedule a regular send of all except the Audit Changes report via Configuration > Reports. Please view our guide on scheduling reports for more detail.