Skip to main content

Overview

The Assistant (asistente) role is designed for receptionists and administrative staff who handle appointment scheduling, patient check-in, and agenda management. Assistants have restricted access focused on scheduling and reception tasks within their assigned clinic.
Assistants are the front-line staff who manage daily operations, patient flow, and appointment scheduling.

Key Characteristics

Clinic-Specific Access

Access limited to their assigned clinic’s data only

Appointment Focus

Primary role is managing appointments and daily agenda

No Professional License

Does not require cedula_profesional (field is optional)

Limited Permissions

Cannot access clinical records or treatment details

Accessible Routes

Assistant routes are protected by the can:asistente-only middleware, which verifies the user’s role is asistente.

Dashboard

GET /asistente/dashboard
View reception-focused statistics including:
  • Today’s appointments (citasHoy)
  • Total patients in the clinic (totalPacientes)
  • Active treatments count (tratamientosActivos)
  • System alerts and notifications
Implemented in: app/Http/Controllers/Clinica/DashboardController.php:12
The assistant dashboard uses the same controller as the dentist dashboard but renders a different view (asistente.dashboard instead of dentista.dashboard) with reception-focused interface.
Source: DashboardController.php:24

Agenda Management

GET /agenda
Controller: AgendaController@index Purpose: View and manage the clinic’s appointment schedule Typical Functions:
  • View daily/weekly/monthly calendar
  • Schedule new appointments
  • Reschedule existing appointments
  • Mark patient arrivals (check-in)
  • View appointment details
Data Scope: Filtered by id_clinica to show only the clinic’s agenda Source: routes/web.php:45

Permission Boundaries

Cannot Access:
  • Patient clinical records or medical histories
  • Treatment plans or evolution notes
  • Patient-specific medical data beyond basic demographics
  • User management functions
  • Clinic configuration or settings
  • Super Admin routes (/admin/*)
  • Dentist-only routes (/dentista/*, /pacientes/*)
Can Access:
  • Appointment scheduling and calendar
  • Patient contact information (for scheduling)
  • Daily appointment list
  • Patient check-in workflow
  • Basic patient demographics (name, phone, address)

Typical Workflows

Patient Check-In Process

1

View Today's Appointments

Access the agenda to see all scheduled appointments for the day
2

Patient Arrival

Mark the patient as arrived when they check in at reception
3

Notify Dentist

System notifies the dentist that the patient is ready
4

Update Status

Track appointment status (waiting, in progress, completed)

Appointment Scheduling

1

Check Availability

View the dentist’s available time slots in the agenda
2

Select Patient

Choose existing patient or create basic patient record
3

Book Appointment

Schedule appointment with date, time, and appointment type
4

Confirm

Provide confirmation to patient (number, date, time)

Authentication & Authorization

Gate Definition

The asistente-only gate is defined in AppServiceProvider.php:34: 
Gate::define('asistente-only', function ($user) {
    return $user->rol === 'asistente';
});

Login Redirection

After successful authentication, Assistants are redirected to: 
/asistente/dashboard
Implemented in: AuthController.php:70

Session Validation

Assistants cannot log in if:
  1. Their user status is not 'activo' (checked at AuthController.php:33)
  2. Their clinic status is 'baja' (checked at AuthController.php:41)

Database Schema

Assistant users are stored in the usuario table:
FieldDescriptionRequired
id_usuarioPrimary key
id_clinicaForeign key to clinic
nombreFirst name (min 3 chars)
apellido_paternoPaternal surname (min 3 chars)
apellido_maternoMaternal surnameOptional
cedula_profesionalProfessional licenseNot Required
nom_usuarioUsername (4-20 alphanumeric)
passwordHashed password
rolMust be 'asistente'
estatus'activo' or 'baja'
Source: app/Models/Usuario.php:21
Unlike dentists, assistants do not require a cedula_profesional since they are administrative staff, not medical professionals.

Creating Assistant Accounts

Assistant accounts can only be created by Super Admins via: 
POST /usuarios
Required Fields:
  • id_clinica - Must be an active clinic
  • nombre - Min 3 chars, letters only
  • apellido_paterno - Min 3 chars, letters only
  • nom_usuario - 4-20 alphanumeric, unique
  • password - Min 8 chars, mixed case, numbers
  • rol - Set to 'asistente'
Optional Fields:
  • apellido_materno - Maternal surname
  • cedula_profesional - Leave empty/null for assistants
Validation Rule: The cedula_profesional is only required when rol is 'dentista' Source: app/Http/Controllers/Admin/UsuarioController.php:61

Account Management

Status Toggle

Super Admins can suspend or reactivate assistant accounts: 
PATCH /usuarios/{id}/toggle
This switches the estatus between 'activo' and 'baja'. When suspended, the assistant cannot log in. Source: app/Http/Controllers/Admin/UsuarioController.php:91

Profile Updates

Assistants cannot update their own profiles. Updates must be performed by Super Admins via: 
PUT /usuarios/{id}

Security Considerations

Data Privacy

Assistants should only have access to the minimum patient information necessary for scheduling:
  • Name and contact details
  • Appointment history
  • Basic demographics
They should not see:
  • Medical histories
  • Treatment details
  • Clinical notes
  • X-rays or medical documents

Password Security

Passwords are automatically hashed using Laravel’s built-in hashing (defined in Usuario model as 'password' => 'hashed').

Best Practices

  1. Minimal Access Principle: Only grant assistants access to scheduling and reception functions
  2. Training: Ensure assistants understand they should not access clinical data
  3. Appointment Management: Focus training on efficient scheduling and patient flow
  4. Communication: Establish clear protocols for communicating with dentists about patient arrivals
  5. Data Entry: Train on accurate data entry for appointments to avoid scheduling conflicts

Comparison with Other Roles

FeatureSuper AdminDentistAssistant
ScopeAll clinicsOwn clinicOwn clinic
Patient RecordsView allFull accessContact info only
AppointmentsView statsFull accessScheduling focus
Clinical DataView statsFull accessNo access
User ManagementFull controlNo accessNo access
License RequiredNoYesNo

Future Capabilities

Based on the system architecture, assistants may eventually have access to:
  • Patient Check-In System: Mobile or tablet-based check-in kiosks
  • SMS Notifications: Send appointment reminders to patients
  • Waitlist Management: Handle cancellations and fill empty slots
  • Reports: Generate daily/weekly appointment reports
  • Billing Support: Basic payment collection (if integrated)

Build docs developers (and LLMs) love

Get started for freeTalk to us