All Collections
Settings
Security Roles & Permissions
Security Roles & Permissions
Andrew Day avatar
Written by Andrew Day
Updated over a week ago

The Seed-to-Sale software provides a menu of default security roles that determine the modules and functions users can access depending on their position or rank. Administrators can customize these roles, or create new roles altogether, to better suit the needs of their facility. However, Ample Organics recommends the licence holder adhere as closely as possible to the default security roles.

mceclip0.png

Select a security role from the list below to read a brief description and a list of permissions associated with the role.


Admin

The Admin security role grants the user access to all functions across the Seed-to-Sale platform and Gun App. An Admin user is the only role with access to the User Management tab in the Settings module, where they can create new users, assign security roles, and customize available security roles and their associated permissions. Ample Organics suggests that licence holders limit Admin access to select high-ranking managers.

Permissions

The Admin security role includes all permissions.

Permission Name

Description

address_archive

Grants permission to delete a vendor address in the Wholesale application.

address_update

Grants permission to create or update a vendor address in the Wholesale application.

address_read

Grants permission to delete a vendor address in the Wholesale application.

ample_care_read

Grants permission to view and open the AmpleCare tab in the Clients module.

ample_care_update

Grants permission to update existing clients through AmpleCare.

ample_care_create

Grants permission to accept or reject a new client or prescription though AmpleCare.

batch_update

Grants permission to update batches. This includes splitting or combining batches, opening a batch for harvest, marking a batch for wholesale, and destroying or restoring batch waste.

batch_create

Grants permission to create batches. This includes creating a new batch via splitting.

batch_read

Grants permission to view batch information.

batch_archive

Grants permission to archive batches.

reclaim_bottles_create

Grants permission to reclaim bottles.

bulk_lot_transfer

Grants permission to transfer weight between Bulk Lots.

bulk_lot_archive

Grants permission to archive Bulk Lots.

bulk_lot_update_name

Grants permission to update a Bulk Lot's name

bulk_lot_split

Grants permission to split Bulk Lots.

call_log_destroy

Grants permission to delete call logs.

call_log_update

Grants permission to update call logs.

call_log_create

Grants permission to create call logs.

call_log_read

Grants permission to view the Call Logs tab in the Clients module.

casing_run_read

Grants permission to view the Casing Runs tab in the Products module, and generate casing records.

casing_run_restock

Grants permission to restock cases.

casing_run_create

Grants permission to create Casing Runs.

client_delete

Grants permission to delete clients.

client_update_client_id

Grants permission to update a client's ID string, which serves as the client's username on the Client Portal.

client_create

Grants permission to create new clients, configure medical profiles, create new prescriptions, and create new registrations via amendment.

client_read

Grants permission to view client information.

client_update

Grants permission to update clients. This includes adding or removing clients from sales channels and sending emails through the Email Logs tab.

client_archive

Grants permission to archive clients and their associated registrations.

complaint_create

Grants permission to create complaints.

complaint_archive

Grants permission to archive complaints.

complaint_update

Grants permission to update complaints. This includes adding entries in the Pertains To section.

complaint_read

Grants permission to view the Complaints module, download Complaint PDF reports, and access Complaints Reports in the Reports module.

credit_card_create

Grants permission to log credit card information.

credit_card_destroy

Grants permission to delete credit card information.

destruction_lot_read

Grants permission to view the Destruction module and Destruction Lot information.

destruction_lot_archive

Grants permission to archive Destruction Lots and sublots.

destruction_lot_create

Grants permission to create Destruction Lots and sublots.

destruction_lot_update

Grants permission to update Destruction Lots and sublots. This includes closing, reopening, and destroying lots.

device_create

Grants permission to add scales, printers, and other devices.

device_update

Grants permission to update scale, printer, and other device information.

discount_code_update

Grants permission to update discounts.

discount_code_create

Grants permission to create discounts.

discount_code_read

Grants permission to view discount information.

discount_code_archive

Grants permission to archive discounts.

apply_discount

Grants permission to apply manual discounts to orders.

apply_discount_code

Grants permission to apply a discount code to an order.

discount_type_create

Grants permission to create discount types.

discount_type_read

Grants permission to view discount types.

document_destroy

Grants permission to destroy documents.

facility_information_read

Grants permission to view facility information in the Reports module's Settings tab.

facility_information_update

Grants permission to update facility information on the Reports module's Settings tab.

harvest_create

Grants permission to create harvests.

harvest_archive

Grants permission to archive harvests.

harvest_update

Grants permission to update harvests. This includes harvesting plants, outputting harvest weight to a Bulk Lot, destroying harvest waste, and closing or reopening harvests.

harvest_read

Grants permission to view harvest information.

lab_report_archive

Grants permission to archive lab reports.

lab_report_update

Grants permission to update lab reports. This includes updating lab report information, setting a public COA document, and setting a lab report as active.

lab_report_create

Grants permission to create lab reports.

lab_report_read

Grants permission to view lab report information.

location_archive

Grants permission to archive locations.

location_create

Grants permission to create locations. This includes both grow rooms and vault locations/picking bins.

location_read

Grants permission to view location information and print location labels.

location_update

Grants permission to update locations.

loyalty_point_destroy

Grants permission to destroy loyalty points.

loyalty_point_create

Grants permission to create loyalty points.

loyalty_point_update

Grants permission to update loyalty points.

archive_all_orders

Grants permission to archive all Shipped or Delivered orders.

order_create

Grants permission to create orders.

order_read

Grants permission to view the Orders module and order information.

order_update

Grants permission to update orders. This includes adding order items, selecting shipping options, applying policy coverage, applying line item discounts, and generating receipts.

order_archive

Grants permission to archive a Purchase Order.

order_discounts

Grants permission to apply discounts to orders.

order_refund

Grants permission to refund orders, including shipping costs.

order_return_bottles_when_shipped

Grants permission to return bottles.

order_set_delivered

Grants permission to set an order's status to Delivered.

order_placed_reset

Grants permission to reset an order to the Placed status.

packaging_run_archive

Grants permission to delete Packaging Runs.

packaging_run_update

Grants permission to close and reopen Packaging Runs.

packaging_run_set_release

Grants permission to release Packaging Runs.

packaging_run_move

Grants permission to move Packaging Runs between SKUs.

packaging_run_create

Grants permission to create Packaging Runs and Mass Packaging Runs.

packaging_run_read

Grants permission to generate a Packaging Run's bottling record.

permission_destroy

Grants permission to delete permissions.

permission_read

Grants permission to view the menu of permissions.

permission_update

Grants permission to update permissions.

permission_create

Grants permission to create permissions.

physician_update

Grants permission to update or disable physicians.

physician_archive

Grants permission to archive and restore physicians.

physician_create

Grants permission to create physicians.

physician_read

Grants permission to view physician information.

plant_read

Grants permission to view plant information and print plant labels.

plant_create

Grants permission to create plants.

plant_restore

Grants permission to restore destroyed plants or plant waste.

plant_archive

Grants permission to destroy plants.

plant_update

Grants permission to update individual plants. This includes moving a plant, advancing a plant, marking a plant for wholesale, and updating a plant's mother status.

policy_update

Grants permission to update client policies.

policy_unarchive

Grants permission to unarchive client policies.

policy_archive

Grants permission to archive and unarchive client policies.

policy_create

Grants permission to create client policies.

policy_type_update

Grants permission to update policy types.

policy_type_create

Grants permission to create policy types.

policy_type_archive

Grants permission to archive and unarchive policy types.

prescription_update

Grants permission to update, archive, and disable prescriptions.

prescription_destroy

Grants permission to delete prescriptions.

product_read

Grants permission to view product information, print product labels, and generate product reports.

product_create

Grants permission to create product types, products, and SKUs.

product_archive

Grants permission to archive products.

product_update

Grants permission to update product types, products, and SKUs.

production_update

Grants permission to update a production's name.

production_archive

Grants permission to archive and restore productions.

production_create

Grants permission to create productions.

production_read

Grants permission to view the Productions index and Production Profiles.

purchase_order_create

Grants permission to view, create, and update Payment Terms.

qa_release

Grants permission to release or unrelease Bulk Lots.

received_inventory_create

Grants permission to create Received Inventories.

received_inventory_update

Grants permission to update Received Inventories. This includes returning the inventory

received_inventory_finish

Grants permission to mark a Received Inventory as Finished.

received_inventory_release

Grants permission to release Received Inventories.

report_received_inventory_read

Grants permission to generate the Received Inventory report.

received_inventory_revert

Grants permission to revert Received Inventory.

received_inventory_read

Grants permission to view the Received Inventory tab in the Products module.

refusal_create

Grants permission to refuse clients and orders.

refusal_update

Grants permission to update order or client refusals.

report_product_read

Grants permission to run product reports.

report_order_read

Grants permission to run order reports.

report_inventory_read

Grants permission to run inventory reports.

report_hc_read

Grants permission to run Health Canada reports, including the CTLS and CRA reports.

report_complaint_read

Grants permission to run complaints reports.

report_grow_read

Grants permission to run reports on grow room materials.

report_client_read

Grants permission to run client reports.

report_physician_read

Grants permission to run physician reports.

retention_sample_create

Grants permission to create retention samples.

retention_sample_destroy

Grants permission to destroy retention samples.

retention_sample_read

Grants permission to view retention samples and print retention sample labels.

retention_sample_update

Grants permission to update retention samples.

returned_grams_update

Grants permission to update or delete a returned grams record.

returned_grams_create

Grants permission to return grams to a patient's prescription.

returned_grams_delete

Grants permission to delete a returned grams record.

sales_channel_update

Grants permission to update sales channels. This includes adding products or clients to a sales channel from the Settings module.

sales_channel_archive

Grants permission to archive sales channels.

sales_channel_read

Grants permission to view sales channel information.

sales_channel_create

Grants permission to create sales channels.

sales_order_read

Grants permission to view Sales Order information.

sales_order_create

Grants permission to create Sales Orders.

sales_order_update

Grants permission to update Sales Orders.

security_role_create

Grants permission to create security roles.

security_role_destroy

Grants permission to delete security roles.

security_role_update

Grants permission to update or archive security roles.

security_role_read

Grants permission to view security role information.

seed_lot_update

Grants permission to update Seed Lots. This includes moving lots, adding seeds to lots, and moving seeds between lots.

seed_lot_create

Grants permission to create Seed Lots.

seed_lot_read

Grants permission to view Seed Lot information and print Seed Lot labels.

seed_lot_archive

Grants permission to destroy seeds.

setting_update

Grants permission to update lab report threshold defaults.

shipment_batch_read

Grants permission to view shipment batch information and generate scan forms.

shipment_batch_update

Grants permission to update shipment batches. This includes adding and removing orders.

shipment_batch_archive

Grants permission to archive shipment batches.

shipment_batch_create

Grants permission to create shipment batches.

shipment_read

Grants permission to view shipment information.

shipment_update

Grants permission to update shipments in the Wholesale application.

shipment_create

Grants permission to create shipments in the Wholesale application.

strain_update

Grants permission to update cannabis strains.

strain_create

Grants permission to add cannabis strains.

strain_read

Grants permission to view cannabis strain information.

strain_archive

Grants permission to archive cannabis strains.

tote_update

Grants permission to update totes.

tote_create

Grants permission to create totes.

tote_read

Grants permission to view tote information.

tote_destroy

Grants permission to delete totes.

report_user_admin_read

Grants permission to generate the User Admin report.

user_destroy

Grants permission to disable and enable users.

user_create

Grants permission to create user accounts.

user_update

Grants permission to update users. This includes resetting a user's password and adjusting a user's security roles.

user_read

Grants permission to view user information.

vendor_archive

Grants permission to archive vendors in the Wholesale application.

vendor_read

Grants permission to view vendor information and vendor contact information.

vendor_update

Grants permission to update vendors and vendor contacts.

website_update

Grants permission to update or archive vendor websites.

website_read

Grants permission to view vendor website information.

website_create

Grants permission to add vendor websites.

weight_event_create

Grants permission to create manual weight events.

work_order_close

Grants permission to close Work Orders.

work_order_create

Grants permission to create Work Orders. This includes adding additional inputs to existing Work Orders.

work_order_update

Grants permission to update Work Orders.

work_order_finalize

Grants permission to finalize Work Orders.

tax_type_create

Grants permission to create a tax type in the Wholesale application.

tax_type_read

Grants permission to view tax type information.

tax_type_update

Grants permission to update or archive tax types.

CSR

The CSR security role is designed for the licence holder's team of Customer Service Representatives-or CSRs-and allows the user access to essential customer service functions in the Clients and Orders modules. This enables a user to create and manage Client Profiles, record customer complaints, and create and process orders. The CSR security role also grants the user complete access to the Discounts module, to create and modify discounts. Additionally, the user has access to the Physicians tab in the Medical Settings module, which allows them to add to and edit the index of prescribing physicians.

Permissions

Permission Name

Description

complaint_update

Grants permission to update complaints. This includes adding entries in the Pertains To section.

complaint_create

Grants permission to create complaints.

complaint_read

Grants permission to view the Complaints module, download Complaint PDF reports, and access Complaints Reports in the Reports module.

sales_channel_read

Grants permission to view sales channel information.

order_read

Grants permission to view the Orders module and order information.

order_create

Grants permission to create orders.

order_update

Grants permission to update orders. This includes adding order items, selecting shipping options, applying policy coverage, applying line item discounts, and generating receipts.

client_read

Grants permission to view client information.

client_create

Grants permission to create new clients, configure medical profiles, create new prescriptions, and create new registrations via amendment.

client_update

Grants permission to update clients. This includes adding or removing clients from sales channels and sending emails through the Email Logs tab.

client_archive

Grants permission to archive clients and their associated registrations.

product_read

Grants permission to view product information, print product labels, and generate product reports.

order_discounts

Grants permission to apply discounts to orders.

prescription_destroy

Grants permission to delete prescriptions.

physician_create

Grants permission to create physicians.

physician_read

Grants permission to view physician information.

physician_update

Grants permission to update or disable physicians.

physician_archive

Grants permission to archive and restore physicians.

production_read

Grants permission to view the Productions index and Production Profiles.

discount_code_create

Grants permission to create discounts.

discount_code_read

Grants permission to view information in the Discounts module.

discount_code_update

Grants permission to update discounts.

discount_code_archive

Grants permission to archive discounts.

apply_discount

Grants permission to apply manual discounts to orders.

apply_discount_code

Grants permission to apply a discount code to an order.

CSR Super

The CSR Super security role is designed for the licence holder's Customer Service Manager(s), and grants the user access to extended customer service functions. In addition to the permissions granted by the standard CSR security role, a CSR Super user has the authority to delete unapproved clients, update prescription information, and refund orders. The CSR Super security role also affords the user access to the Products module, where they can independently create new products and SKUs, and enables the user to create and modify sales channels in the Settings module. CSR Super is the only role, aside from Admin, with access to AmpleCare.

Permissions

Permission Name

Description

complaint_update

Grants permission to update complaints. This includes adding entries in the Pertains To section.

complaint_create

Grants permission to create complaints.

complaint_read

Grants permission to view the Complaints module, download Complaint PDF reports, and access Complaints Reports in the Reports module.

order_read

Grants permission to view the Orders module and order information.

order_create

Grants permission to create orders.

order_update

Grants permission to update orders. This includes adding order items, selecting shipping options, applying policy coverage, applying line item discounts, and generating receipts.

client_read

Grants permission to view client information.

client_create

Grants permission to create new clients, configure medical profiles, create new prescriptions, and create new registrations via amendment.

client_update

Grants permission to update clients. This includes adding or removing clients from sales channels and sending emails through the Email Logs tab.

client_archive

Grants permission to archive clients and their associated registrations.

client_delete

Grants permission to delete clients.

product_read

Grants permission to view product information, print product labels, and generate product reports.

product_create

Grants permission to create product types, products, and SKUs.

product_archive

Grants permission to archive products.

product_update

Grants permission to update product types, products, and SKUs.

order_discounts

Grants permission to apply discounts to orders.

sales_channel_read

Grants permission to view sales channel information.

sales_channel_update

Grants permission to update sales channels. This includes adding products or clients to a sales channel from the Settings module.

sales_channel_archive

Grants permission to archive sales channels.

sales_channel_create

Grants permission to create sales channels.

prescription_destroy

Grants permission to delete prescriptions.

prescription_update

Grants permission to update, archive, and disable prescriptions.

order_refund

Grants permission to refund orders, including shipping costs.

physician_create

Grants permission to create physicians.

physician_read

Grants permission to view physician information.

physician_update

Grants permission to update or disable physicians.

physician_archive

Grants permission to archive and restore physicians.

document_destroy

Grants permission to destroy documents.

production_read

Grants permission to view the Productions index and Production Profiles.

discount_code_create

Grants permission to create discounts.

discount_code_read

Grants permission to view information in the Discounts module.

discount_code_update

Grants permission to update discounts.

discount_code_archive

Grants permission to archive discounts.

apply_discount

Grants permission to apply manual discounts to orders.

apply_discount_code

Grants permission to apply a discount code to an order.

ample_care_read

Grants permission to view and open the AmpleCare tab in the Clients module.

ample_care_update

Grants permission to update existing clients through AmpleCare.

ample_care_create

Grants permission to accept or reject a new client or prescription though AmpleCare.

Vault

The Vault security role is designed for the licence holder's team of Packaging Associates and Fulfillment Associates, and grants the user access to essential packaging and shipping functions in the Productions and Shipping modules on the Seed-to-Sale platform, as well as to Packaging Runs and Order Fulfillment on the Gun App. This enables the user to organize bulk cannabis into totes, create Packaging Runs and Mass Packaging Runs, fulfill orders, and create and modify shipment batches. A Vault user can also move Packaging Runs between SKUs. Additionally, users with the Vault security role can view information in the Clients, Products, Orders, and Medical Settings modules, but the role restricts the user from altering data.

Permissions

Permission Name

Description

production_read

Grants permission to view the Productions index and Production Profiles.

product_read

Grants permission to view product information, print product labels, and generate product reports.

order_read

Grants permission to view the Orders module and order information.

client_read

Grants permission to view client information.

packaging_run_create

Grants permission to create Packaging Runs and Mass Packaging Runs.

archive_all_orders

Grants permission to archive all Shipped or Delivered orders.

physician_read

Grants permission to view physician information.

tote_create

Grants permission to create totes.

tote_update

Grants permission to update totes.

tote_read

Grants permission to view tote information.

sales_channel_read

Grants permission to view sales channel information.

shipment_batch_create

Grants permission to create shipment batches.

shipment_batch_read

Grants permission to view shipment batch information and generate scan forms.

shipment_batch_update

Grants permission to update shipment batches. This includes adding and removing orders.

shipment_batch_archive

Grants permission to archive shipment batches.

packaging_run_move

Grants permission to move Packaging Runs between SKUs.

Vault Super

The Vault Super security role is designed for Packaging and Fulfillment managers and supervisors, and grants the user complete access to packaging and shipping functions in the Productions and Shipping modules on the Seed-to-Sale platform, as well as the Packaging Runs and Order Fulfillment modules on the Gun App. In addition to the permissions granted by the standard Vault security role, a Vault Super user can update lab reports, destroy documents, and create and modify retention samples, vault locations, and picking bins in the Productions module. The Vault Super security role also affords the user access to the Products module, where they can independently create new products and SKUs. Vault Super is the only role, aside from Admin, with permission to archive or delete Packaging Runs.

Permissions

Permission Name

Description

packaging_run_create

Grants permission to create Packaging Runs and Mass Packaging Runs.

product_read

Grants permission to view product information, print product labels, and generate product reports.

product_create

Grants permission to create product types, products, and SKUs.

product_archive

Grants permission to archive products.

product_update

Grants permission to update product types, products, and SKUs.

production_read

Grants permission to view the Productions index and Production Profiles.

production_create

Grants permission to create productions.

production_update

Grants permission to update a production's name.

production_archive

Grants permission to archive and restore productions.

weight_event_create

Grants permission to create manual weight events.

client_read

Grants permission to view client information.

order_read

Grants permission to view the Orders module and order information.

sales_channel_read

Grants permission to view sales channel information.

packaging_run_update

Grants permission to close and reopen Packaging Runs.

packaging_run_read

Grants permission to generate a Packaging Run's bottling record.

packaging_run_archive

Grants permission to delete Packaging Runs.

lab_report_update

Grants permission to update lab reports. This includes updating lab report information, setting a public COA document, and setting a lab report as active.

archive_all_orders

Grants permission to archive all Shipped or Delivered orders.

physician_read

Grants permission to view physician information.

document_destroy

Grants permission to destroy documents.

packaging_run_move

Grants permission to move Packaging Runs between SKUs.

shipment_batch_create

Grants permission to create shipment batches.

shipment_batch_read

Grants permission to view shipment batch information and generate scan forms.

shipment_batch_update

Grants permission to update shipment batches. This includes adding and removing orders.

shipment_batch_archive

Grants permission to archive shipment batches.

tote_create

Grants permission to create totes.

tote_update

Grants permission to update totes.

tote_destroy

Grants permission to delete totes.

tote_read

Grants permission to view tote information.

retention_sample_create

Grants permission to create retention samples.

retention_sample_read

Grants permission to view retention samples and print retention sample labels.

retention_sample_update

Grants permission to update retention samples.

retention_sample_destroy

Grants permission to destroy retention samples.

location_create

Grants permission to create locations. This includes both grow rooms and vault locations/picking bins.

location_read

Grants permission to view location information and print location labels.

location_update

Grants permission to update locations.

location_archive

Grants permission to archive locations.

destruction_lot_read

Grants permission to view the Destruction module and Destruction Lot information.

received_inventory_read

Grants permission to view the Received Inventory tab in the Products module.

received_inventory_release

Grants permission to release Received Inventories.

received_inventory_update

Grants permission to update Received Inventories. This includes returning the inventory.

received_inventory_revert

Grants permission to revert Received Inventory.

received_inventory_create

Grants permission to create Received Inventories.

report_received_inventory_read

Grants permission to generate the Received Inventory report.

QA

The QA security role is designed for the licence holder's Quality Assurance team, and grants the user access to basic QA functions in the Productions module. This enables the user to create and update lab reports, create and update retention samples, and manually create weight events. A QA user also has limited access to the Complaints module, where they can view, create, and update complaints from clients. Additionally, the QA security role allows the user to view information in the Clients, Orders, Products, Medical Settings, and Destruction modules, but restricts the user from altering data.

Permissions

Permission Name

Description

complaint_update

Grants permission to update complaints. This includes adding entries in the Pertains To section.

complaint_create

Grants permission to create complaints.

complaint_read

Grants permission to view the Complaints module, download Complaint PDF reports, and access Complaints Reports in the Reports module.

lab_report_create

Grants permission to create lab reports.

lab_report_update

Grants permission to update lab reports. This includes updating lab report information, setting a public COA document, and setting a lab report as active.

retention_sample_create

Grants permission to create retention samples.

retention_sample_read

Grants permission to view retention samples and print retention sample labels.

retention_sample_update

Grants permission to update retention samples.

sales_channel_read

Grants permission to view sales channel information.

order_read

Grants permission to view the Orders module and order information.

client_read

Grants permission to view client information.

production_read

Grants permission to view the Productions index and Production Profiles.

product_read

Grants permission to view product information, print product labels, and generate product reports.

physician_read

Grants permission to view physician information.

weight_event_create

Grants permission to create manual weight events.

destruction_lot_read

Grants permission to view the Destruction module and Destruction Lot information.

QA Super

The QA Super security role is designed for Quality Assurance managers and supervisors, and grants the user complete access to all QA functions in the Productions module. In addition to the permissions granted by the standard QA security role, a QA Super user has the authority to create and modify Productions and Bulk Lots, create and modify vault locations and picking bins, and destroy retention samples and COA documents. A QA Super also has access to the Products module, where they can create and modify products and SKUs. The QA Super should be the only role with permission to release or unrelease Bulk Lots.

Permissions

Permission Name

Description

complaint_update

Grants permission to update complaints. This includes adding entries in the Pertains To section.

complaint_create

Grants permission to create complaints.

complaint_read

Grants permission to view the Complaints module, download Complaint PDF reports, and access Complaints Reports in the Reports module.

lab_report_create

Grants permission to create lab reports.

lab_report_update

Grants permission to update lab reports. This includes updating lab report information, setting a public COA document, and setting a lab report as active.

product_read

Grants permission to view product information, print product labels, and generate product reports.

product_create

Grants permission to create product types, products, and SKUs.

product_archive

Grants permission to archive products.

product_update

Grants permission to update product types, products, and SKUs.

weight_event_create

Grants permission to create manual weight events.

sales_channel_read

Grants permission to view sales channel information.

order_read

Grants permission to view the Orders module and order information.

client_read

Grants permission to view client information.

production_read

Grants permission to view the Productions index and Production Profiles.

production_update

Grants permission to update a production's name.

production_create

Grants permission to create productions.

production_archive

Grants permission to archive and restore productions.

qa_release

Grants permission to release or unrelease Bulk Lots.

packaging_run_update

Grants permission to close and reopen Packaging Runs.

archive_all_orders

Grants permission to archive all Shipped or Delivered orders.

physician_read

Grants permission to view physician information.

document_destroy

Grants permission to destroy documents.

retention_sample_create

Grants permission to create retention samples.

retention_sample_read

Grants permission to view retention samples and print retention sample labels.

retention_sample_update

Grants permission to update retention samples.

retention_sample_destroy

Grants permission to destroy retention samples.

location_create

Grants permission to create locations. This includes both grow rooms and vault locations/picking bins.

location_read

Grants permission to view location information and print location labels.

location_update

Grants permission to update locations.

location_archive

Grants permission to archive locations.

destruction_lot_read

Grants permission to view the Destruction module and Destruction Lot information.

received_inventory_read

Grants permission to view the Received Inventory tab in the Products module.

received_inventory_release

Grants permission to release Received Inventories.

received_inventory_update

Grants permission to update Received Inventories. This includes returning the inventory.

received_inventory_revert

Grants permission to revert Received Inventory.

received_inventory_create

Grants permission to create Received Inventories.

report_received_inventory_read

Grants permission to generate the Received Inventory report.

bulk_lot_transfer

Grants permission to transfer weight between Bulk Lots.

bulk_lot_split

Grants permission to split Bulk Lots.

bulk_lot_archive

Grants permission to archive Bulk Lots.

Grow

The Grow security role is designed for Grow Technicians, and grants the user basic access to the Grow module and the corresponding Grow Room module on the Gun App. This enables the user to perform basic grow room functions such as creating batches and moving or advancing plants.

Permissions

Permission Name

Description

seed_lot_read

Grants permission to view Seed Lot information and print Seed Lot labels.

seed_lot_update

Grants permission to update Seed Lots. This includes moving lots, adding seeds to lots, and moving seeds between lots.

strain_read

Grants permission to view cannabis strain information.

batch_create

Grants permission to create batches. This includes creating a new batch via splitting.

batch_read

Grants permission to view batch information.

batch_update

Grants permission to update batches. This includes splitting or combining batches, opening a batch for harvest, marking a batch for wholesale, and destroying or restoring batch waste.

plant_create

Grants permission to create plants.

plant_read

Grants permission to view plant information and print plant labels.

plant_update

Grants permission to update individual plants. This includes moving a plant, advancing a plant, marking a plant for wholesale, and updating a plant's mother status.

plant_archive

Grants permission to destroy plants.

destruction_lot_read

Grants permission to view the Destruction module and Destruction Lot information.

harvest_read

Grants permission to view harvest information.

Grow Super

The Grow Super security role is designed for Grow Room managers and supervisors, and grants the user complete access to all functions within the Grow module and the corresponding Grow Room module on the Gun App. In addition to the permissions granted by the standard Grow security role, a Grow Super user has the authority to create new Seed Lots, create new strains, perform harvests, and destroy plant material. The Grow Super also has increased access to the Destruction module, and can create, close, and destroy Destruction Lots.

Permissions

Permission Name

Description

seed_lot_create

Grants permission to create Seed Lots.

seed_lot_read

Grants permission to view Seed Lot information and print Seed Lot labels.

seed_lot_update

Grants permission to update Seed Lots. This includes moving lots, adding seeds to lots, and moving seeds between lots.

strain_create

Grants permission to add cannabis strains.

strain_read

Grants permission to view cannabis strain information.

strain_update

Grants permission to update cannabis strains.

strain_archive

Grants permission to archive cannabis strains.

batch_create

Grants permission to create batches. This includes creating a new batch via splitting.

batch_read

Grants permission to view batch information.

batch_update

Grants permission to update batches. This includes splitting or combining batches, opening a batch for harvest, marking a batch for wholesale, and destroying or restoring batch waste.

batch_archive

Grants permission to archive batches.

plant_create

Grants permission to create plants.

plant_read

Grants permission to view plant information and print plant labels.

plant_update

Grants permission to update individual plants. This includes moving a plant, advancing a plant, marking a plant for wholesale, and updating a plant's mother status.

plant_archive

Grants permission to destroy plants.

plant_restore

Grants permission to restore destroyed plants or plant waste.

destruction_lot_create

Grants permission to create Destruction Lots and sublots.

destruction_lot_read

Grants permission to view the Destruction module and Destruction Lot information.

destruction_lot_update

Grants permission to update Destruction Lots and sublots. This includes closing, reopening, and destroying lots.

destruction_lot_archive

Grants permission to archive Destruction Lots and sublots.

harvest_create

Grants permission to create harvests.

harvest_read

Grants permission to view harvest information.

harvest_update

Grants permission to update harvests. This includes harvesting plants, outputting harvest weight to a Bulk Lot, destroying harvest waste, and closing or reopening harvests.

harvest_archive

Grants permission to archive harvests.

View Only

The View Only security role allows the user to view all modules and pages on the Seed-to-Sale platform, but restricts the user from altering data.

Permissions

Permission Name

Description

client_read

Grants permission to view client information.

order_read

Grants permission to view the Orders module and order information.

sales_channel_read

Grants permission to view sales channel information.

location_read

Grants permission to view location information and print location labels.

physician_read

Grants permission to view physician information.

product_read

Grants permission to view product information, print product labels, and generate product reports.

production_read

Grants permission to view the Productions index and Production Profiles.

lab_report_read

Grants permission to view lab report information.

complaint_read

Grants permission to view the Complaints module, download Complaint PDF reports, and access Complaints Reports in the Reports module.

packaging_run_read

Grants permission to generate a Packaging Run's bottling record.

shipment_batch_read

Grants permission to view shipment batch information and generate scan forms.

Report Only

The Report Only security role allows the user to generate any report in the Reports module. A Report Only user can also view information in the Grow, Medical Settings, and Destruction modules, but the role restricts the user from altering data.

Permissions

Permission Name

Description

sales_channel_read

Grants permission to view sales channel information.

report_client_read

Grants permission to run client reports.

report_physician_read

Grants permission to run phyisican reports.

report_product_read

Grants permission to run product reports.

report_order_read

Grants permission to run order reports.

report_inventory_read

Grants permission to run inventory reports.

report_hc_read

Grants permission to run Health Canada reports, including the CTLS and CRA reports.

report_complaint_read

Grants permission to run complaints reports.

report_sales_read

Grants permission to run sales reports.

report_accounting_read

Grants permission to run accounting reports.

physician_read

Grants permission to view physician information.

destruction_lot_read

Grants permission to view the Destruction module and Destruction Lot information.

strain_read

Grants permission to view cannabis strain information.

batch_read

Grants permission to view batch information.

report_grow_read

Grants permission to run reports on grow room materials.


Visit the User Management tab in the Settings module to Create a New Security Role.

Did this answer your question?