Roles & panels
Who works with the platform, what each one sees, and which interface they use for it. This section answers the client's question: "what will the admin look like for everyone, and the super-admin for the owner".
Four roles
Access follows RBACRBACRole-Based Access Control — access management based on roles. Permissions are granted to a role (Company Admin, Brand Admin, Restaurant Manager) rather than to each user individually.: permissions are tied to a role, not to a specific person. Each
role sees strictly its own slice of data — enforced by tenantTenantA logically isolated customer in a multi-tenant system. In Ghost Kitchen a tenant is a brand: its data is separated from others by `brand_id` and access rules. isolation on
brand_id.
What each role sees
| Role | Panel | Sees | Can |
|---|---|---|---|
| Company AdminCompany AdminThe platform owner. Sees and manages all brands, restaurants, orders and cross-brand analytics; creates new brands. | Super-admin (Company) | All brands, restaurants, orders, finances, cross-brand analytics | Create brands and kitchens, manage the platform, all users and pricing |
| Brand AdminBrand AdminAdministrator of a single brand. Manages its restaurants, menu and settings, and sees analytics for that brand only. | Brand admin | Their restaurants, menu, orders and brand analytics | Manage the brand's menu/prices, create kitchens, invite managers |
| Restaurant ManagerRestaurant ManagerManager of a specific kitchen. Works with incoming orders (KDS), the local menu and the settings of one location. | Kitchen panel + KDSKDSKitchen Display System — a screen in the kitchen showing incoming orders and their statuses instead of paper tickets. | Orders and menu of their kitchen only | Accept/cook orders, change statuses, put items on the stop-list |
| Customer | Storefront (web/mobile) | One brand's menu, their cart and orders | Order, pay, track status |
Panels and apps
:::tip Where the admin panels come from The basic data-management admin comes out of the box with DirectusDirectusAn open-source headless platform on top of PostgreSQL: provides the data model, REST/GraphQL API, authentication, RBAC and a ready-made admin UI without writing code. (RBACRBACRole-Based Access Control — access management based on roles. Permissions are granted to a role (Company Admin, Brand Admin, Restaurant Manager) rather than to each user individually. and per-table permissions). On top of it, dedicated screens are built on Nuxt/Vue for the convenient flows (dashboards, fast brand launch, KDS). Which flows stay in Directus and which move to a custom UI is the topic of the Frontend section. :::
Ownership hierarchy
- The platform owns all brands.
- A brand owns its kitchens/restaurants.
- A kitchen owns its orders and a local copy of the menu.
- A customer lives at the platform level — so one customer can be recognized across all brands (cross-brand loyalty and analytics), which is impossible on Shopify's siloed stores.