The Sistema de Inventario Tecnológico enforces a three-tier role model that controls both what data a user can see and what operations they can perform. Every user is assigned exactly one role at creation time, and that role is embedded in their JWT token and validated against it on every protected API call. The three roles —Documentation Index
Fetch the complete documentation index at: https://mintlify.com/Danielings/Pasantia-Proyecto/llms.txt
Use this file to discover all available pages before exploring further.
Superadministrador, Administrador, and Visualizador — are defined as a strict enum in the frontend validation schema (userSchema.ts) and checked server-side through dedicated Express middleware.
The Three Roles
Superadministrador
Full system access across all offices and locations. Manages users and can read every asset in the inventory regardless of sede.
Administrador
Write access to inventory items and locations, scoped to their own sede. Cannot manage other users.
Visualizador
Read-only access to inventory items scoped to their sede. All write operations are blocked at the middleware layer.
Superadministrador
TheSuperadministrador role is the only role permitted to call GET /api/usuarios, which returns the full list of active user accounts. This restriction is enforced by the esSuperAdmin middleware, which runs after verificarToken and immediately returns HTTP 403 if the decoded token’s rol field is anything other than "Superadministrador".
sede filter applied to their queries. They can update any user profile (PUT /api/usuarios/:id) and soft-delete accounts (PUT /api/usuarios/eliminado/:id). Note that POST /api/usuarios (user creation) is an open endpoint — it requires no authentication — and is therefore accessible to any caller with network access. In practice, new users are created by a Superadministrador through the frontend registration form.
Administrador
TheAdministrador role has full write access to inventory items and locations within the system. The permitirEscritura middleware checks whether the authenticated user’s role is "Visualizador" and, if not, allows the request to proceed — meaning Administrators pass through freely.
sede value stored in their JWT token — queries against inventory collections are automatically filtered to return only assets assigned to their office.
Visualizador
TheVisualizador role is a read-only consumer of the system. Whenever a Visualizador attempts any POST, PUT, or DELETE request that is guarded by the permitirEscritura middleware, the server responds with:
sede.
Role × Capability Matrix
The table below summarises every major capability and which roles can exercise it. “Open” endpoints (noverificarToken) are accessible without a session; rows marked ✅ for all roles reflect that any authenticated user may call them.
| Capability | Superadministrador | Administrador | Visualizador |
|---|---|---|---|
View all users (GET /api/usuarios) | ✅ | ❌ | ❌ |
Create users (POST /api/usuarios) ¹ | ✅ | ✅ | ✅ |
Update users (PUT /api/usuarios/:id) | ✅ | ✅ | ✅ |
Soft-delete users (PUT /api/usuarios/eliminado/:id) | ✅ | ✅ | ✅ |
View own profile (GET /api/usuarios/me) | ✅ | ✅ | ✅ |
| View inventory items (own sede) | ✅ | ✅ | ✅ |
| View inventory items (all sedes) | ✅ | ❌ | ❌ |
| Create inventory items | ✅ | ✅ | ❌ |
| Update inventory items | ✅ | ✅ | ❌ |
| Delete inventory items | ✅ | ✅ | ❌ |
| Create / update locations | ✅ | ✅ | ❌ |
| View audit log (bitácora) | ✅ | ✅ | ✅ |
POST /api/usuarios carries no authentication middleware — it is an open endpoint. Access should be controlled at the network or application level in production.
How the Role Is Enforced at Runtime
Role enforcement is a two-step process on every protected request:Token extraction and verification
The
verificarToken middleware reads the acceso_token HTTP-only cookie and calls jwt.verify() using JWT_SECRET. The decoded payload — which includes id, rol, sede, username, and correo — is attached to req.user.The role value is read from the JWT on every request, but the JWT itself is signed from the Firestore document at login time. If an administrator changes a user’s role, the affected user must log out and log back in for their new role to take effect in the token.