Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/ElthonJohan/Sistema-MRP/llms.txt

Use this file to discover all available pages before exploring further.

The superadmin is the root administrator of Sistema MRP. From the Admin panel (/admin), the superadmin creates and manages all client accounts, controls their access, and can impersonate any client to view the system exactly as they do.

The superadmin role

There is exactly one superadmin account in the system. It cannot be deleted and does not appear in the client list. After login, the superadmin is redirected to pages/admin.py rather than the client dashboard. Attempting to access any operational page (inventory, requirements, dispatches) while logged in as superadmin triggers a redirect back to /admin. The default credentials seeded by init_db.py are:
FieldValue
Usernamesuperadmin
PasswordAdmin123!
Change the default password immediately after the first login. The default credential Admin123! is public knowledge. Any superadmin account running with this password is a critical security risk.

Creating a client account

New client accounts are created from the Registrar nuevo cliente expander on the Admin panel. All new accounts receive the role cliente automatically — there is no UI option to assign a different role. The registration form requires:
  • Username — 3–20 characters, letters, numbers, and underscores only ([a-zA-Z0-9_]).
  • Email — a valid address in the format user@domain.tld.
  • Password — minimum 8 characters. A real-time strength indicator grades the password as Insecure, Moderate, Secure, or Very Secure based on the presence of lowercase letters, uppercase letters, digits, and special characters.
  • Confirm password — must match the password field exactly.
On success, the new account is immediately active and appears in the client list.

Activating and deactivating accounts

Each client row in the Admin panel shows a Deshabilitar (active accounts) or Habilitar (inactive accounts) button.
  • Deactivating a client (set_user_active(db, id, False)) immediately invalidates all of that client’s active sessions and prevents new logins. The account and all its data are preserved.
  • Reactivating restores login access without any data loss.
A deactivated client who tries to log in sees the message: “Tu cuenta está deshabilitada. Contacta al administrador.”

Impersonation

The Visualizar button on each client row sets two session state values and redirects to the dashboard: 
st.session_state["impersonating"]          = True
st.session_state["impersonating_user_id"]  = cliente.id
st.session_state["impersonating_username"] = cliente.username
While impersonating, get_current_user_id() returns impersonating_user_id instead of the superadmin’s own ID. Because every data query filters by Warehouse.owner_id == get_current_user_id(), all inventory, requirements, dispatches, and movements are automatically scoped to the impersonated client with no special-case code required. A visible orange warning banner appears on every page during an impersonation session.
All data queries automatically scope to the impersonated user’s warehouses and records. You do not need to take any extra steps — navigating to any operational page will show only that client’s data.
Use impersonation to troubleshoot client-reported issues. You will see the exact same data and UI state the client sees, which makes it straightforward to reproduce problems and verify fixes.

Deleting a client

Clicking Eliminar on a client row triggers a confirmation prompt. Confirming the deletion:
  1. Immediately invalidates all of the client’s active sessions (delete_user_sessions).
  2. Permanently deletes the User record via delete_client(db, user_id).
  3. Cascades to all related data — warehouses, inventory records, requirements, dispatches, movements, and login logs associated with that user are removed. Note: materials are a global catalogue shared across all clients and are not deleted.
This action cannot be undone. There is no soft-delete or archive; all data is gone permanently.

Build docs developers (and LLMs) love

Get started for freeTalk to us