Verano Regional controls access through five distinct roles. Every action in the platform — from proposing a research project to running the allocation algorithm — is gated by aDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/AngelZurita28/VeranoRegional/llms.txt
Use this file to discover all available pages before exploring further.
requireRole() check that verifies the current session against an allowed list of role IDs. Understanding which role you hold determines what you can see and do.
The five roles
Administrador (role 1)
The super-administrator. Can access every section of the platform, trigger the automated student-project allocation algorithm, manage institutions, campuses, careers, and validate or invalidate any user account. The only role that can run
run_allocation_process.Coordinador Institucional (role 2)
Manages all projects and researchers across their entire institution. Can view the institution-wide project catalog, validate or invalidate projects, and add researchers or students directly from the dashboard without going through the OTP pre-registration flow.
Coordinador de Campus (role 3)
Scoped to a single campus. Has the same validation and management capabilities as the Institutional Coordinator but only sees projects, researchers, and students belonging to their campus.
Investigador (role 4)
Proposes and manages research projects. Can create up to the limit set by the active summer period, view all applicants for their projects, and validate or reject student reports after the program ends.
Alumno (role 5)
Browses the validated project catalog, submits up to five applications with a personal priority ranking, manages their application list, and uploads their final report once assigned.
Role capabilities at a glance
| Capability | Admin (1) | Inst. Coord. (2) | Campus Coord. (3) | Researcher (4) | Student (5) |
|---|---|---|---|---|---|
| Trigger allocation algorithm | ✓ | ||||
| Manage institutions & campuses | ✓ | ||||
| Validate / invalidate users | ✓ | ✓ | ✓ | ||
| View institution project catalog | ✓ | ✓ | ✓ | ||
| Toggle project validation | ✓ | ✓ | ✓ | ||
| Add researchers / students from dashboard | ✓ | ✓ | ✓ | ||
| Propose research projects | ✓ | ✓ | ✓ | ||
| View & manage own projects | ✓ | ✓ | ✓ | ||
| View applicants for own project | ✓ | ||||
| Validate student reports | ✓ | ✓ | ✓ | ||
| Browse validated project catalog | ✓ | ✓ | ✓ | ✓ | |
| Submit applications | ✓ | ||||
| Upload final report | ✓ | ||||
| Generate participation certificate | ✓ | ✓ | ✓ | ✓ |
How role checks work
Every protected controller method callsrequireRole() with an array of permitted role IDs before executing any logic. For example, the project catalog (showProjectList) allows roles [5, 1, 2, 3], while the allocation trigger (run_allocation_process) allows only [1]. If your session role is not in the permitted list, the platform denies access immediately.