Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/JuseAR27/Unisierra-eats/llms.txt

Use this file to discover all available pages before exploring further.

The Admin Moderation API provides three endpoints for managing reviews that have been flagged by users. Administrators can inspect reported content, restore reviews that were incorrectly flagged, or permanently remove content that violates community standards.
These endpoints have no server-side authorization check. Any client that knows the URL can call them regardless of the caller’s rol_id. Access control is enforced only in the frontend UI. Do not expose these endpoints on a public network without adding a server-side auth layer.

GET /api/admin/resenas-reportadas

Returns all reviews whose estado is 'reportada', ordered from most recent to oldest. The query joins both Usuarios and Productos tables so the response includes the reviewer’s name and the product name alongside each reported review.

SQL Query

The endpoint executes the following query internally: 
SELECT r.id, r.comentario, r.fecha, r.calificacion,
       u.nombre AS usuario_nombre, p.nombre AS producto_nombre
FROM Resenas r
JOIN Usuarios u ON r.usuario_id = u.id
JOIN Productos p ON r.producto_id = p.id_producto
WHERE r.estado = 'reportada'
ORDER BY r.fecha DESC

Request

No request body or query parameters are required.

Response — 200 OK

Returns a JSON array. Each element has the following fields:
id
integer
Unique identifier of the reported review.
comentario
string
Text body of the flagged review.
fecha
string
Timestamp of when the review was originally created.
calificacion
integer
Star rating of the flagged review (1–5).
usuario_nombre
string
Display name of the user who wrote the review, joined from Usuarios.
producto_nombre
string
Name of the product the review was written for, joined from Productos.

Response — 500 Internal Server Error

{ "error": "<sqlite error message>" }

Example

curl http://localhost:3000/api/admin/resenas-reportadas

[
  {
    "id": 22,
    "comentario": "Este producto es una estafa.",
    "fecha": "2024-11-20 09:15:00",
    "calificacion": 1,
    "usuario_nombre": "Pedro Gómez",
    "producto_nombre": "Torta de pierna"
  }
]

PUT /api/admin/resenas/:id/aprobar

Restores a reported review to active public status by setting its estado back to 'activa'. After this call, the review reappears in GET /api/resenas/usuario/:usuario_id and GET /api/resenas/producto/:producto_id responses and is counted in the product’s average rating.

Path Parameter

ParameterTypeDescription
idintegerThe id of the reported review to restore.

Request Body

None required.

Response — 200 OK

mensaje
string
Confirmation message: "Reseña restaurada.".

Response — 500 Internal Server Error

{ "error": "<sqlite error message>" }

Example

curl -X PUT http://localhost:3000/api/admin/resenas/22/aprobar

{ "mensaje": "Reseña restaurada." }

DELETE /api/admin/resenas/:id

Permanently deletes a single review from the database. This endpoint is intended for admin moderation — removing content that violates community guidelines after it has been reviewed. The action is irreversible.
DELETE /api/admin/resenas/:id and DELETE /api/resenas/:id both execute DELETE FROM Resenas WHERE id = ? and return different but equivalent success messages. The distinction is semantic: the admin endpoint is the moderation pathway for content that has been reported and reviewed; the user endpoint is for a user self-deleting their own review. Neither endpoint cascades to other tables.

Path Parameter

ParameterTypeDescription
idintegerThe id of the review to permanently delete.

Request Body

None required.

Response — 200 OK

mensaje
string
Confirmation message: "Reseña eliminada permanentemente.".

Response — 500 Internal Server Error

{ "error": "<sqlite error message>" }

Example

curl -X DELETE http://localhost:3000/api/admin/resenas/22

{ "mensaje": "Reseña eliminada permanentemente." }

Build docs developers (and LLMs) love

Get started for freeTalk to us