Securing ERPNext POS - no multiple print - no breadcrumb - single conclude button

Here are the steps to secure the POS

  1. Hide the breadcrumbs: got to assets folder and edit the desk.min.css; set display values for #nav-breadcrumb to none; default is inline-block. This is good for users in pre v7; as the cashier cannot click the breadcrumb to access the list and reprint.

  2. Edit Sales Invoice; the on_submit method uses a single conclude button.

Overall effect; you have a single conclude button that prints and opens a new invoice so the previous invoice is gone, the popup is gone and a new invoice is created. Simple solution and works flawlessly.

Couple this with a fine plugin for firefox and you have a secure pos, ready for retail.

You will find in the image that the tab with the previous invoice is now holding a new invoice, previous invoice is closed up, no print, no breadcrumb.

Please share; this is critical for retail. thank you. For security, please use PM to request for the code fragments to update the POS to become this simple and secure.

Just some thoughts on these changes

  1. Breadcrumbs - This won’t stop a cashier from being able to use the awesome bar to access the list to reprint. I see more users navigate using the awesome bar than the breadcrumbs. It’s also pretty easy to modify display:none attributes.
  2. Conclude - This also won’t stop an enterprising cashier from editing source to remove the overlay and accessing the print button. Yes, that does require a bit more technical know-how, but it is a vector, and it seems like something you’re quite concerned with.

I don’t deny that your previous post has valid concerns. However, I would have to think that there would be more effective solutions.

Thanks @felix; the average cashier; especially in our part of the world; cannot do anything with codes.

For the awesome bar (you mean command right?) I’m also looking at a way of hiding that for the role ‘Accounts User’. That’s how things should work, these are easy solutions for the core team; I believe they could add such features to the role permissions in a blink‎.

For now; this method will secure clients upto 90% if we need to; we’ll take of the command bar altogether. I’ll do some digging into the framework; maybe you can even guide.

Kent@Live Mail


The search/command bar has been also set to display: none; that’s something we can also sacrifice. Now the system feels a lot more secure. Thanks