Create roles, assign granular permissions per module, and restrict users to specific warehouses so each person sees only what they need.
SehaCore uses role-based access control: you create roles (e.g. Manager, Cashier, Warehouse) and assign permissions per feature. Permissions cover products (manage products, categories, brands, variations, units, opening stock, warranties), adjustments, quotations, purchases (create, receive, return, import), sales (manage sales, returns, quotations, proforma, import), transfers, expenses and categories, payment accounts, accounting (chart of accounts, warehouse accounts, money transfers, journal, reports), warehouses, people (suppliers, customers, users), roles, settings (invoice, prefixes, mail), reports (each report can have its own view permission), POS, HRM (dashboard, employees, designations, shifts, attendance, leave, leave types, departments, payroll, payslips, sales target), email and SMS templates, recycle bin, and AI chat. Users are assigned one or more roles; the UI and API enforce permissions so menus and actions are hidden or blocked when the user lacks access. In multi-warehouse setups, roles can be restricted to specific warehouses so sales, stock, and reports are scoped to those locations. Admin typically has full access; other roles get only what you grant for secure, compliant operation.
Create and edit roles (e.g. Manager, Cashier); each role has a set of permissions that define what users can do.
Permissions per module: products, sales, purchases, adjustments, transfers, expenses, accounts, reports, HRM, settings, and more.
Assign one or more roles to each user; access is the union of permissions from all assigned roles.
Restrict roles to specific warehouses; users then see only sales, stock, and reports for those locations.
Sidebar and routes check permissions; menus and pages are hidden when the user lacks the required permission.
Backend APIs enforce the same permissions so direct API calls are blocked when the user is not allowed.
Admin users typically bypass permission checks for full access; other roles are restricted by their permission set.
Individual reports can have their own view permission (e.g. profit-loss detailed, activity log) for fine-grained control.
Ready to secure your data?