Security Roles in Restaurant365 determine the access a User has in Restaurant365.  Security Roles are broken down by two types: Primary and Secondary.  Each User must have a Primary Role to be able to log in to the system.  Additional Secondary Roles can then be applied as needed to grant (or restrict) the User's access to additional modules, screens, features, menus etc.  For steps on how to assign Security Roles to Users, please refer to the User Setup, Security, and Location Access training.


Primary Roles

  • Accounting Manager - Access to almost all functions in the system.  It includes access associated with most other roles.  The only roles this does not include and need to be assigned separately are:  
    • Franchising
    • Recipe Costing
    • Unapprove
    • Business Analytics
    • User Setup
  • Accounting Clerk - Access to all the same screens and functions as the Accounting Manager except not able to approve by default.  Since this User cannot approve transactions, they will be created as unapproved.  Individual approve roles for specific transaction types can be given to this User if they should be able to approve certain transaction types
  • AP Data Entry - Access to the 'AP Transactions' and 'Docs to Process' lists in the Accounting module only.  Access to create and save AP Invoices and AP Credit Memos only.  This role can be used by external vendors to directly input AP Invoices and AP Credit Memos in to R365.  Click here to view an example image of the left nav and Vendor menu for a User with AP Data Entry.
  • Catering Manager - Access to all functions in the Catering Module
  • Catering Rep - Access to limited functions in the Catering Module.  Users can create and manage events, but will have limited access to settings
  • Catering Read Only - this will allow users to view the Catering Module, without the ability to create, update, or delete any information
  • Commissary Manager - Access to all Commissary functions (account manager has this access by default and restaurant manager has some limited access to these features by default)
  • Employee App Access - Enables Employee Users to have access to the R365 App.  An R365 user is created with this role assigned for each employee that has 'App Access' checked on their Employee Record
  • Franchising - Access to the Franchising Module (can be Primary or Secondary role)
  • Manager Log Admin - Full access to the Manager Log module
  • Read Only Executive - Access to all the same screens and reports as Accounting Manager but unable to edit anything, so the entire system is read only
  • Read Only Operations - Access to all the same screens and reports as Restaurant Manager but unable to edit anything, so the entire system is read only
  • Restaurant Manager - Access to the Operations, Manager Log, and Scheduling Module (includes Commissary feature within Operations).  By default this User can't approve transactions or edit master records but can be given specific abilities by assigning secondary security roles.
  • Scheduler - Access to the Scheduling Module only.  This will generally be assigned to shift leads and others who may manage parts of the schedule but shouldn't have additional system access to transactions.  This role doesn't see pay rates.


Secondary Roles

Secondary Roles allow you to tailor the access to meet the needs of each individual User.  Secondary Roles can be assigned to grant additional access, or restrict existing access based on the User's Primary role.  The roles have been broken up as such in the following lists: 1) Additional Access and 2) Restrict Access


Additional Access - Secondary Roles:

  • ACH Payments - This role is to be used in conjunction with the 'Hide Print Checks' Role (see Restrict Access section below for more information).  When a User has 'Hide Print Checks', but needs to produce/process ACH Payments, this role will returns access to be able to 'Pay via ACH' on AP Invoices, and produce ACH Payments on the Check Run.  This role does not function when not paired with 'Hide Print Checks'.
  • Approve AP Credit - Allows User with lower security level to approve AP Credit Memos
  • Approve AP Invoice - Allows User with lower security level to approve AP Invoices
  • Approve AR Payment - Allows User with lower security level to approve AR Payments
  • Approve DSS - Allows User with lower security level to approve Daily Sales Summaries
  • Approve Item Transfer - Allows User with lower security level to approve Item Transfers
  • Approve Journal Entry - Allows User with lower security level (Accounting Clerk) to approve Journal Entries
  • Approve Stock Count - Allows User with lower security level to approve Stock Counts
  • Approve Waste Log - Allows User with lower security level to approve Waste Logs
  • Business Analytics Admin - This role only functions if the Business Analytics module has been purchased and enabled.  Assigning this role adds the 'Dashboard' link to the User’s left navigation pane so they can view Dashboards.  This role also allows Users to create/modify Dashboards and Ad Hoc reports and to use the Ad Hoc Designer to further analyze data.  On the Dashboard form they will see the additional fields of Create/Edit Dashboard button as well as Dashlets and Ad Hoc report selectors
  • Business Analytics View Only - Assigning this role adds the 'Dashboard' link to the User’s left navigation pane so they can view Dashboards.  On the Dashboard form this limits the User to only see the Dashboard selectors as well as the Set Default Dashboard button.  The User cannot create/modify dashboards or Ad Hoc reports and cannot use the Ad Hoc report tool.
  • Commissary Entry - Allows User to create a Commissary Order on demand
  • Forecasting - Allows user to create and modify Sales Forecasts in the 'Reports' section of the Operations module
  • Manager Log Creator - elevated access to the Manager Log module
  • Manager Log User - user level access to the Manager Log module.  Should be used for Employees in conjunction with 'Employee App Access'
  • Master Record Delete - Allows User with lower security level to also delete master records such as Purchased Items, Payment Terms, etc
  • Master Record Save - Allows User with lower security to modify and save master records such as Purchased Items, Payment Terms, etc
  • P&L Comparison Screen - Allows User to see and use the 'P&L Comparison Screen' in the Operations module
  • Pay AP Invoice - Allows User with lower security to click 'Pay Bill' on AP Invoice form and to create and open AP Payments (does not give access to Check Run screen)
  • Pay Check Run - Can be given to a User with the 'Accounting Clerk' Primary Role.  Grants Users access to the 'Create Checks' prompt on the Check Run (this prompt is not accessible for Accounting Clerks by default).  This will allow the Accounting Clerk to create Payments via the Check Run.  They will be able to print checks, export ACH etc.  This role gives full access to the Check Run.
  • Print Check Signature - allows User to print signatures on to Checks from the Pay Bill feature, Manual Payment and Check Run
  • Recipe Costing - access to all functions associated with Recipe Costing.  Primarily gives access to create new recipes, modify existing recipes, view recipe list and view ingredient list
  • Renovo - access to the Renovo financial reporting tool
  • Submit Purchase Order - Allows User with lower security level to submit Purchase Orders that have been created using the Purchasing Assistant
  • Unapprove All - access to unapprove all Approved transactions
    • Unapprove AP - access to unapprove AP Transactions (AP Invoice, AP Payment, AP Credit Memo)
    • Unapprove AR - access to unapprove AR Transactions (AR Invoice, AR Payment, AR Credit Memo)
    • Unapprove Banking - access to unapprove Banking Transactions (Bank Withdrawal, Bank Deposit, Bank Transfer, Bank Reconciliation)
    • Unapprove DSS - access to unapprove DSS records (this will also unapprove the DSS Journal Entries associated with the DSS)
    • Unapprove Inventory - access to unapprove Inventory Transactions (Stock Counts)
    • Unapprove JE - access to unapprove Journal Entries (Journal Entries, Beginning Balance Journal Entries, Payroll Journal Entries)
  • User Setup - access to create and manage Users, Security, Location Access and the R365 Theme Builder 


Restrict Access - Secondary Roles:


  • Hide DSS Journal Entry Tab -  to be used in conjunction with 'Restaurant Manager'.  Will hide the 'Journal Entry' tab on all DSS screens
  • Hide Print Checks -  to be used in conjunction with 'Accounting Clerk'.  Will hide the 'Print Checks' prompts / options
  • Mask Bank Account - Masks bank account and routing numbers for this User so they can't see them in forms or reports even though they might have access to the Bank Account screen or other transaction screens that use the Bank Account
  • Mask Bank Account Numbers - Masks bank account and routing numbers for this User so they can't see them in forms or reports even though they might have access to the Bank Account screen or other transaction screens that use the Bank Account