Users & Permissions
Phase 1 central authorization foundation. Server-side API routes enforce protected actions; UI hiding is not security.
Roles
6 approved launch roles.
Departments
13 internal departments.
Locations
8 approved launch locations.
Approved role behavior
| Role | Description |
|---|---|
| Owner | Full company authority. |
| Admin | Broad system administration except Owner/Admin management by default. |
| Store Manager | Own-location management for eligible users. |
| Department Manager | Future department workflow management; no Phase 1 permission management. |
| Staff | Standard employee access. |
| Read Only | View-only access to assigned active modules. |