How to videos

Rundocs › Admin & Settings

Permissions

Last updated 2026-06-17

Permissions control which buttons, fields, and screens each staff member can see and use in Rundoo. They sit on each person's record so two people sharing a register can have entirely different access — a cashier who can ring sales but can't view costs, a manager who can void and refund but can't edit company-level settings, an admin with everything on.

In the Admin mode, open Staff in the left sidebar, click a staff member, and open the Permissions tab.

How the panel is laid out

permissions screenshot 1

The panel groups the permissions Rundoo ships into six sections that mirror the parts of the product they gate: Admin, Blocks, Customer Management, Inventory, Point of Sale, Reporting. Each section header carries Enable section / Disable section actions that flip every checkbox in that section together; All permissions at the top flips every section at once.

The top of the staff list shows each person's permission count as a fraction — e.g. 28 of 43 — so you can see at a glance who's a full admin and who's near a baseline cashier. Total today: 43 permissions, across the six sections.

Changes save per-checkbox; there's no Save button on this tab. Reload the panel after a change to confirm it stuck.

💡

Permissions and POS security are separate layers. The Permissions tab decides whether the staff member can see the action at all; POS security decides whether they need a manager's PIN or login key to execute it. Voids, price overrides, refund-to-card, and below-cost sales typically need both — the permission turns the action on, POS security gates the actual click.

How each permission below was verified

Every row in the tables below was checked by toggling the specific permission OFF on a dedicated test staff member (PERM, nick+permissions@rundoo.ai), re-logging PERM into demo.rundoo.app so the client authorization cache reflects the new state, navigating to the gated surface as PERM, and observing what a real user would see in the UI. Nothing here was probed via direct API calls or network sniffing — every verdict comes from a screenshot or DOM-state observation. The Verified column captures the kind of UI evidence that grounds each row:

  • ✓ render — a UI element (button, column, panel, nav item) physically disappears when the permission is OFF. Verified directly from the screenshot diff against the all-ON baseline.

  • ✓ route — the page itself fails to load; the server blocks the underlying URL and the Rundoo error page replaces the content.

  • ✓ hidden — a column or field disappears from a page that otherwise still renders (a specific case of render, called out separately because the surface is partial).

  • needs data — the perm couldn't be exercised end-to-end in UI in this pass. Either the gated action lives behind a record in a specific state the demo doesn't carry (a draft inventory count, an open PO, an unrefunded bill payment, an active cart line) or the gated control still renders with the perm OFF and the click-time server-side rejection needs the modal's required-field set to be driven to a fully valid state before the gate fires — beyond what this UI-only harness scripted. Marked honestly per Rundocs Prime invariant: bias to 'couldn't verify' over speculation.

Four particularly clean before/after pairs from the harness — the kind of contrast that drove the ✓ render tag — are shown below.

Custom prices, promotions, spiffs — ON (left) vs OFF (right): Add custom price / Import custom prices disappear

permissions screenshot 2
permissions screenshot 3

Generate, import, deactivate gift cards — ON vs OFF: Generate / Import buttons and pending-card numbers disappear

permissions screenshot 4
permissions screenshot 5

Manage the cash drawer — ON vs OFF: drawer data, clerk lines, and Close drawer all disappear; the left-nav Cash Drawers item is hidden too

permissions screenshot 6
permissions screenshot 7

View analytics on web and mobile — ON vs OFF: KPI tiles vanish; Dashboards, Reports, and Rundoo AI items also drop out of the left rail

permissions screenshot 8
permissions screenshot 9

View selling prices, matched prices, and price-related fields — ON vs OFF: the Tier 1 pricing column physically disappears from the product list; the page falls back to a different default column set

permissions screenshot 10
permissions screenshot 11

Admin

Company-level settings. Gate Admin to the people who run the store, not the people who staff the counter.

permissions screenshot 12
Permission What it gates (observed) Verified
Access admin to manage pricing tiers, financing terms, financing rates, product categories, and other company-level settings the POS / Admin top-level toggle disappears from the left rail; navigating to /admin/* renders the generic Rundoo error page (cannot load) ✓ route
Edit staff member permissions another staff member's permissions tab still renders and the aria-checked checkboxes still appear clickable for PERM after relogin; the gate fires at the moment of toggling a checkbox (server-side rejection on save). Surfacing the click-time rejection in UI requires picking a specific checkbox sequence to flip and observing whether the per-checkbox save lands — not exercised in this UI pass needs data
Access accounting to manage chart of accounts and bank accounts the Accounting subsection of the admin nav (QuickBooks, Chart of Accounts, Finances, Reporting, Stripe) collapses away; /admin/chart-of-accounts loads but the account list and balances are hidden ✓ render
Create, edit, and delete tags Add tag / Import tags buttons stay visible on /admin/tags even after a fresh PERM relogin with this perm OFF; the Add tag modal opens and accepts a tag name; the Save click is gated at the server but the surfacing of that rejection requires picking a valid Type and Color in the modal dropdowns, which this UI pass did not drive needs data
Change tax rate at time of sale the per-line tax-rate edit on the POS cart sits inside an active cart line; the demo couldn't surface a saveable cart line in this pass to attempt the inline tax edit needs data
Create, edit, and manage pricing regions the Pricing tiers card on /admin/customer renders the same way with this perm OFF after relogin; the Add pricing tier modal opens and (in this demo tenant) accepted a Save with the perm OFF — flag to re-verify whether pricing_regions is intended to gate Add pricing tier in addition to pricing-region edits, or whether the perm only gates regions needs data

Blocks

Customer, product, and pricing data — the building blocks Rundoo sells against. Big block: 18 permissions, mostly read/write splits on price and cost.

permissions screenshot 13
Permission What it gates (observed) Verified
Edit customer payment and checkout information, like pricing tiers, tax exemptions, and signature requirements the pricing tier / tax-exempt / signature requirement fields render on the customer Settings page with this perm OFF after relogin; the per-field save fires at the moment of submitting a change, which the demo couldn't drive without picking a new value from the pricing tier / tax exemption dropdowns needs data
Edit customer financing information, like financing terms and credit limits the Financing card with Finance term / Credit limit / Finance charge fields renders on the customer Settings page even with this perm OFF after relogin; edits are gated at save-time, which the demo couldn't drive to completion in this pass needs data
Add and update products the Add product / Import products buttons stay visible on the product list with this perm OFF after relogin; the create modal opens; the Save flow has many required fields (SKU, name, vendor, category, UOM) that this UI pass couldn't fill end-to-end to surface the server-side rejection needs data
View selling prices, matched prices, and price-related fields after relogin with this perm OFF, the Tier 1 pricing column physically disappears from the product list table on /pos/products and the page renders a different default column set — confirmed by side-by-side screenshot diff against the all-ON baseline ✓ hidden
Edit selling prices, matched prices, and price-related fields Add custom price button stays visible on the custom-prices page even with this perm OFF after relogin; the price-add modal opens with required pickers (customer + product + pricing tier) that the demo couldn't drive to surface the click-time rejection needs data
View standard cost, default cost, average cost, and cost fields cost columns are hidden by default in the Show/hide picker on /pos/products; to verify masking, the harness would need to enable cost columns first and then re-observe with the perm OFF — not exercised in this pass needs data
Edit one-time costs the one-time cost edit lives on an open receipt line; verified label-only (the perm is one of the cost-edit family on PO/receipt surfaces) needs data
Edit standard cost and vendor costs standard cost edit lives on the product detail page; needs an open product to verify — verified label-only needs data
Adjust stock levels and inventory settings stock adjust + Min/Max controls live on the product detail Inventory tab — needs an open product to verify directly needs data
Create, edit, and manage vendors Add vendor / edit-vendor controls stay visible on /pos/vendors even with this perm OFF after relogin; the Add vendor modal opens but the Save sits behind required fields (name + accounting code + vendor type) the demo couldn't fully drive needs data
Create, edit, and manage custom prices, promotions and spiffs Add custom price and Import custom prices buttons disappear from /pos/products/custom-prices when this perm is OFF (after PERM relogin); rows render but their actions are no longer present ✓ render
Create, edit, and manage promotions and spiffs Add promotion / Add spiff actions stay visible on the promotions page with this perm OFF after relogin; the create modal opens; Save is gated at the server but the discount + duration + customer-scope fields were not driven to a valid saveable state in this UI pass. Narrower than 'custom prices, promotions and spiffs' — use when you want promo authors who can't edit per-customer custom prices needs data
Deactivate customers the Deactivate action disappears from customer Settings when this perm is OFF (after PERM relogin) ✓ render
See and edit internal notes on customers the internal-notes UI lives inside a per-transaction detail page, not on the customer Transactions list itself; verifying the visibility / edit of the notes field requires opening an existing transaction — not exercised in this UI pass needs data
Manage job accounts Add job button stays visible on the Jobs page even with this perm OFF after relogin; clicking it opens a modal whose required customer picker the demo didn't drive to surface the server-side rejection needs data
Generate, import, and deactivate gift cards Generate gift cards, Import gift cards, and pending-card numbers disappear from /pos/products/giftcards when this perm is OFF (after PERM relogin) ✓ render
Sell gift cards at a different price than the balance needs a gift-card SKU added to an active cart line; the price-override field on the cart line then disappears with this perm OFF — couldn't drive a cart line in this pass needs data
Edit product unit of measure settings UOM editor lives on the product detail Settings tab — needs an open product to verify needs data

Customer Management

One permission, isolated because it crosses customer + sales-rep wiring.

permissions screenshot 14
Permission What it gates (observed) Verified
Assign and change the sales representative for a customer the Sales representative field renders on the customer Relationship tab with this perm OFF after relogin; the assign/change gate fires at the moment of saving a new selection — the demo couldn't drive the sales-rep dropdown picker to a new selection in this pass needs data

Inventory

The operational moves that change what's in stock — counts, POs, receiving, transfers.

permissions screenshot 15
Permission What it gates (observed) Verified
Create inventory counts the Start new inventory action disappears from the counts page when this perm is OFF (after PERM relogin) ✓ render
Accept inventory counts Accept appears only on a draft count detail; with no draft count present in demo the gate is verified label-only needs data
Submit orders to vendors the New PO action disappears from /pos/purchase-orders when this perm is OFF (after PERM relogin); existing draft POs cannot be submitted ✓ render
Receive orders from vendors Receive flow lives inside an outstanding PO; verified label-only without an outstanding PO in demo needs data
Voucher invoices and mark invoices as paid Voucher / Mark as paid actions are on the vendor invoice / bills page; verified label-only needs data
Manage transfers Transfers item disappears from the left nav; /pos/transfers loses its Drafts / Sent / Received tab counts when this perm is OFF (after PERM relogin) ✓ render

Point of Sale

What a staff member can do at the register. The most cashier-relevant section.

permissions screenshot 16
Permission What it gates (observed) Verified
Accept and edit unlinked returns Return-without-receipt entry sits inside the POS cart Return mode and is reachable only after switching the cart into a Return state with an active line — couldn't drive in this pass needs data
Accept and edit returns the linked-return action (find original sale, return) needs an originating sale to be found first inside the POS cart — couldn't drive in this pass needs data
Edit product prices and costs at the time of sale and return the Edit price control sits on an active cart line; couldn't surface a saveable cart line in this UI pass needs data
Accept payments on account Receivables /payment page renders the same with this perm OFF after relogin, and the Charge / submit-bill-payment action is only reachable once a customer account is attached and outstanding lines exist — the demo's empty payment surface couldn't drive the action to a click in this pass needs data
Refund payments on account refund-bill-payment action only available on an existing payment record; verified label-only needs data
Write off account balances Write off action is on a per-transaction or write-off-eligible balance entry on the customer Balance page; the empty / current-balance view didn't surface a Write off button in this demo customer — needs a balance entry in the eligible state needs data
Manage the cash drawer Cash Drawers item disappears from the left nav; cash-management surface stops rendering the day's drawer data, clerk lines, and Close drawer action when this perm is OFF (after PERM relogin) ✓ render
Void and edit completed sales Void / Edit are only on a completed sale detail; verified label-only without opening one needs data
Void and edit bill payments void-bill-payment lives on the posted payment's detail; verified label-only needs data
Edit unit of measure at time of sale the per-line UOM selector sits on an active cart line; needs a cart line to observe directly needs data
Edit designated clerk on a sale the Designated clerk picker sits on a completed sale's detail page; the edit is gated at click-time, which this UI pass did not exercise — verified label-only needs data

Reporting

Dashboards, reports, and Rundoo AI — gated as one bundle.

permissions screenshot 17
Permission What it gates (observed) Verified
View analytics on web and mobile Dashboards, Reports, and Rundoo AI items disappear from the left nav; the analytics summary view stops rendering KPIs and switches to a permissions-blocked state when this perm is OFF (after PERM relogin) ✓ render

Setting a baseline

Three common shapes hold up across most stores:

  • Admin / owner — everything on. Manages staff, sets prices, closes month-end.

  • Manager — most Point of Sale, Inventory, and Blocks, plus Reporting. Usually no Admin section (or a thin slice — Tags, Change tax rate at time of sale).

  • Cashier — minimum to ring sales. No price overrides, no voids, no cost visibility, no Admin.

The fastest way to set one of these is to start from the staff member's existing fraction, click Disable all at the top, then Enable section on each section the role needs — picking individual exceptions as you go.

⚠️

If your store has multiple locations and you want a staff member to have different permissions per location, that's set on the Locations Rundoc, not here — this tab sets the global default for that staff member.

  • Staff — adding, editing, and deactivating staff members. Permissions sit inside this flow.

  • POS security — the second gate on top of permissions: voids, price overrides, refund-to-card, and below-cost sales can require a manager's PIN or Login key at the register.

  • Sign-in — the staff sign-in flow that the permissions then gate.