Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Henry4ndrew/saborGestion/llms.txt

Use this file to discover all available pages before exploring further.

SaborGestion uses Laravel Breeze for authentication and a custom RoleMiddleware to enforce per-route access control. Every user has exactly one role stored on the users table, and that role determines which dashboards and resource routes they can reach.

Login flow

1

Navigate to the landing page

Open /inicio in your browser. The landing page renders resources/views/home.blade.php.
2

Click Iniciar Sesión

The login button redirects to /login, the standard Laravel Breeze authentication page.
3

Submit your credentials

Enter your email and password. Breeze validates the credentials against the users table (password is stored as a bcrypt hash).
4

Redirect to your role dashboard

After a successful login, the system reads Auth::user()->role and sends you to your role-specific dashboard:
RoleDashboard route
admin/dashboard/administrador
mesero/dashboard/mesero
cocinero/dashboard/cocinero
cajero/dashboard/cajero

The four roles

The admin role has unrestricted access to every section of the application. Admins can manage all resources and are the only role that can create, edit, or delete other users via /usuarios.Accessible sections: dashboard, productos, inventario, mesas, pedidos, comandas, delivery, facturas, pagos, cierres, usuarios

Role vs. access matrix

Sectionadminmeserococinerocajero
Dashboard
Productos (/productos)
Inventario (/inventario)
Mesas (/mesas)
Pedidos (/pedidos)
Comandas (/comandas)
Delivery (/delivery)
Facturas (/facturas)
Pagos (/pagos)
Cierres (/cierres)
Usuarios (/usuarios)

RoleMiddleware

All authenticated routes run under the auth middleware. Resource routes that require a specific role are additionally wrapped with role:<roles>: 
// routes/web.php
Route::resource('productos', ProductoController::class)->middleware('role:admin,cocinero');
Route::resource('mesas', MesaController::class)->middleware('role:admin,mesero');
Route::resource('pedidos', PedidoController::class)->middleware('role:admin,cajero');
The middleware class at app/Http/Middleware/RoleMiddleware.php handles each request as follows: 
public function handle(Request $request, Closure $next, ...$roles)
{
    if (!Auth::check()) {
        return redirect('login');
    }

    $userRole = Auth::user()->role;

    if (in_array($userRole, $roles)) {
        return $next($request);
    }

    abort(403, 'No tienes permiso para acceder a esta página.');
}
The middleware accepts one or more role names as variadic arguments (the ...$roles spread). If the authenticated user’s role appears in that list, the request proceeds. Otherwise a 403 response is returned.
Attempting to access a route your role does not permit returns a 403 Forbidden response with the message “No tienes permiso para acceder a esta página.” There is no silent redirect — the error is shown immediately.

Users table schema

The role column was added to the standard Breeze users table via a dedicated migration: 
// database/migrations/2026_03_20_235344_add_role_to_users_table.php
Schema::table('users', function (Blueprint $table) {
    $table->enum('role', ['admin', 'mesero', 'cocinero', 'cajero'])->default('mesero');
});
The User model exposes helper methods for role checks: 
$user->isAdmin();    // role === 'admin'
$user->isMesero();   // role === 'mesero'
$user->isCocinero(); // role === 'cocinero'
$user->isCajero();   // role === 'cajero'
The default role for new users is mesero. When creating users via /usuarios, an admin must explicitly select the desired role from the admin, mesero, cocinero, or cajero options.

Build docs developers (and LLMs) love

Get started for freeTalk to us