Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/JuseAR27/Unisierra-eats/llms.txt

Use this file to discover all available pages before exploring further.

The UniSierra Eats admin panel is a restricted interface available exclusively to users with rol_id = 1. It is split across three dedicated HTML pages — inventory management, review moderation, and platform analytics — each powered by a shared admin.js file that routes logic based on the current URL path.

Role-Based Access

UniSierra Eats uses a two-role system stored in the Usuarios table:
Rolerol_idDescription
Administrator1Full access to admin panel
Student2Standard cafeteria user
Access control is enforced client-side. On public/index.html, the app reads localStorage.getItem('unisierra_sesion') after login and checks the rol_id field in the stored session object. If rol_id === 1, the user is automatically redirected to admin/panel_admin.html. Additionally, any student-facing page shows a Panel Admin button in the navbar when rol_id === 1, providing a direct shortcut to the admin panel from anywhere in the app.
The admin panel performs no server-side authentication check. Any user who navigates directly to admin/panel_admin.html, admin/moderacion.html, or admin/reportes.html can access the pages regardless of role. Role enforcement is client-side only and should not be relied upon as a security boundary in production.

Default Admin Account

A seed administrator account is created by init_db.js when the database is first initialized:
FieldValue
Emailadmin@unisierra.edu.mx
Passwordadmin123

Creating a New Admin Account

New admin accounts can be created at any time directly from the inventory panel (admin/panel_admin.html). Clicking the Nuevo Admin button (#btn-nuevo-admin) in the top navbar opens the #admin-modal overlay, which contains a form for the new administrator’s details. On submission, the form sends a POST request to /api/admin/registro: 
await fetch('/api/admin/registro', {
    method: 'POST',
    headers: { 'Content-Type': 'application/json' },
    body: JSON.stringify({ nombre, correo, password })
});
The server validates that correo ends with @unisierra.edu.mx and inserts the new user with rol_id = 1. If the email is already registered, the server returns a 400 error.
The new admin form is only available on panel_admin.html. It does not appear on the moderation or reports pages.

Panel Sections

Inventory

Create, edit, filter, and delete products in the cafeteria catalog. All changes are written immediately to the SQLite database via the REST API.

Moderation

Review student-flagged content. Restore reported reviews to public view or permanently remove them from the database.

Reports

View platform-wide analytics including total reviews, weighted average rating, the most-reviewed product, and top and lowest-rated product rankings.

Build docs developers (and LLMs) love

Get started for freeTalk to us