Documentation Index
Fetch the complete documentation index at: https://mintlify.com/AdriP-maker/JAAR_Antigravity/llms.txt
Use this file to discover all available pages before exploring further.
The five roles
SIMAP Digital uses Role-Based Access Control (RBAC) with five distinct roles defined insrc/utils/constants.js:
Role reference
| Role | Home Route | Allowed Routes | Description |
|---|---|---|---|
| admin | /admin | /admin, /puntos-admin | Full system administrator. Manages user accounts, approves registrations, configures system settings, views audit logs, and manages the gamification points program. |
| cobrador | /cobros | /cobros, /jornales, /gastos, /comisiones, /reporte, /foro, /chat, /mapa | Field collector / treasurer. Registers payments, logs community work jornales, records expenses, and generates reports — all operable offline. |
| minsa | /reporte | /reporte | Ministry of Health inspector. Read-only access to financial and activity reports; can filter by date range and export to Excel/PDF. Cannot modify any data. |
| cliente | /historial | /historial, /foro, /chat | Community member / water subscriber. Views their own personal payment history and reads community forum announcements. Cannot view other members’ data. |
| dev | /admin | /admin | Technical support. Lands on the admin panel but can only view the Auditoría (audit log) tab. Has no access to financial data or user management actions. |
Route home constants
After a successful login, each role is redirected to its home route as defined inROLE_HOME:
authService.getHomeRoute(role) looks up this map and falls back to /login for unknown roles:
How route guards work
Route authorization is enforced byisRouteAllowed(role, path) in src/services/authService.js. The function checks whether the current path starts with any of the role’s permitted prefixes:
startsWith means a route like /cobros/detalle/42 is correctly allowed for the cobrador role without needing to enumerate every sub-path explicitly.
The ProtectedRoute pattern
InApp.jsx, every authenticated route is wrapped in a <ProtectedRoute> component that calls isRouteAllowed. If the check fails, the user is redirected to their home route rather than shown a 404 or error page — this prevents role confusion on shared devices:
Account states
A registered user can be in one of four account states. The state is stored in Supabaseprofiles and checked immediately after credential validation:
| State | Description | Login result |
|---|---|---|
pendiente | Account submitted, awaiting admin approval | ⏳ Blocked — “Tu cuenta aún no ha sido aprobada.” |
activo | Approved and active | ✅ Allowed — session created and sync initiated |
rechazado | Registration request was denied by admin | ❌ Blocked — “Tu solicitud fue rechazada.” |
suspendido | Account suspended by admin (e.g. inactive subscriber) | ⚠️ Blocked — “Tu cuenta ha sido suspendida.” |
login() before the session is persisted:
Self-registration flow
Community members can request their own accounts through the public/registro route (no login required). The registration flow follows these steps:
Self-registration
The new member fills in their name, house number, desired username, and password at
/registro. registerUser() calls supabase.auth.signUp() which creates the account in pendiente state.Admin review
The administrator logs in to
/admin and sees the pending request in the Pendientes panel. They can approve, reject, or request more information.B2B junta registration
Water boards (juntas) wishing to onboard as organizations follow a separate path viaregisterJunta(). The junta record is created in Supabase with state pendiente_global pending review by the SIMAP platform super-admin, distinct from the per-junta admin approval flow.