At the moment, the finance role is only used to permit users to view and edit pricing and inventory value data.
Can you specify what those restriction levels might be and what they would allow the user to see or do? We are planning to refactor the security module in the 0.9.x release so it would be great to get feedback on how you’d expect it to work.
The finance role is a supplemental role, similar to the notification roles. It only adds a small amount of functionality (view / edit pricing info) to one of the primary roles (Superuser, Admin, Manager, etc).
In general, we don’t hide menu items based on role because we want the user experience to be consistent across roles. Instead we display an “Access Denied” message indicating that the user does not have access to a particular feature. This was based on UX research on access roles. I’ve included a non-exhaustive list of resources re: this debate.
With that said, this approach is debatable. We’d probably be ok with making this a configuration option 1) show access denied vs 2) hide features entirely.