This topic provides an overview of two key security-related features in Prism:
- Role-based access control via permissions
- Web Application and Server Security features
Role-Based Access Control via Permissions
Employees and group assignments are copied to the Prism server during initialization; however, security permissions are not. RP Prism has its own Group Management area where you can allow (or deny) permission for common tasks. (Only users who belong to the "Admin" group have access to the Admin Console and the Permissions area.) You won't be able to create new transactions until you have configured Permissions.
- Allow If selected, group members can perform the task freely. Allow All: If you click the Allow All button, all permissions are set to Allow for the selected group.
- Override If selected, group members can perform the task only if a manager or other override user logs in first. With Override selected, when a group member tries to perform the task, a login prompt is displayed. A user who belongs to a group with the permission must enter login credentials. Some permissions do not have an Override option available.
- Deny If selected, group members are prevented from performing the task. The buttons or other interface elements associated with the task are disabled. Deny All: If you click the Deny All button, all permissions are set to Deny for the selected group.
If the Override radio button is selected, then when the employee tries to perform the task, a dialog is displayed. A manager or other user who belongs to a group with the "Allow" option for the permission must enter his/her username and password and click OK, and then RP Prism will allow the original user to perform the task. The override user is logged out and the original user is logged back in. If the action would require multiple overrides, the Multiple Permission Override dialog is displayed. This saves the override user from having to enter credentials into a separate dialog multiple times.
For a list of available permissions, see Appendix D: Permissions.
Application and Server-Side Security
Prism helps support the policies that retailers may put in place to increase security. Here are just a few of the Prism preferences that can be used to support a retailer's security-related policies:
- Open Cash Drawer Prevents New Receipt
- Require Customer option (Sale, Return, Manual Discount)
- Auto Lock Workstation
- Default Max Discount for Items
- Required fields for individual tenders