Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/ProyectoFerretek/FerreMarket/llms.txt

Use this file to discover all available pages before exploring further.

The Users module (/admin/usuarios) is the central hub for managing every account that has access to the FerreMarket back-office. From here, administrators can create new staff accounts, assign roles, monitor last-login activity, trigger password-recovery emails, and permanently remove accounts when needed. Access to this module is restricted exclusively to users whose role is admin and whose account status is activo — anyone else is shown an Acceso Restringido screen and must contact an administrator to request the necessary permissions.
Only administrators can access this page. The module calls puedeGestionarUsuarios() on every render and blocks access immediately if the check fails. Non-admin users — including those with the usuario or cliente role — will see a restricted-access message rather than the user list.

User Fields

Every account in FerreMarket is represented by the Usuario TypeScript interface defined in src/types/index.ts. The table below documents each field:
FieldTypeRequiredDescription
idstringInternal database record identifier.
uidstringSupabase Auth UUID — links the database row to the Supabase Auth user.
nombrestringFull display name of the user.
emailstringEmail address used for login and password recovery.
rol'admin' | 'usuario' | 'cliente'Access role. See Roles & Permissions for details.
estado'activo' | 'inactivo'Account status. Inactive accounts cannot log in or access the system.
fechaCreacionstring (ISO 8601)Timestamp when the account was first created.
ultimaModificacionstring (ISO 8601)Timestamp of the most recent update to the record.
ultimoAccesostring (ISO 8601)Last login time. Absent if the user has never signed in.
avatarstring (URL)Optional profile picture URL. Falls back to a generic icon when absent.
export interface Usuario {
  id: string;
  uid: string;
  nombre: string;
  email: string;
  rol: 'admin' | 'usuario' | 'cliente';
  estado: 'activo' | 'inactivo';
  fechaCreacion: string;
  ultimaModificacion: string;
  ultimoAcceso?: string;
  avatar?: string;
}

Creating a User

Clicking the Nuevo Usuario button (visible only to users who pass puedeRealizarAccion('crear')) opens the UsuarioModal in create mode. Complete the form and click Save to provision the new account.
1

Open the creation modal

Click the Nuevo Usuario button in the top-right corner of the Users page. The UsuarioModal component opens in create mode.
2

Fill in the required fields

Provide the following information:
FieldDescription
nombreFull name of the new user.
emailA unique email address — used for login and recovery emails.
passwordInitial password for the account.
confirmPasswordMust match password exactly.
rolChoose admin or usuario.
estadoSet to activo to allow immediate access, or inactivo to create the account in a disabled state.
3

Submit the form

On save, handleGuardarUsuario calls signUpNewUser(email, password), which invokes the Supabase Edge Function create-user. On success, the returned user.id (Supabase Auth UUID) is stored as uid in the usuarios table alongside the profile data.
The form is modelled by the UsuarioFormData interface:
export interface UsuarioFormData {
  id?: string;           // Omitted when creating; present when editing
  nombre: string;
  email: string;
  password: string;
  confirmPassword: string;
  rol: 'admin' | 'usuario' | 'cliente';
  estado: 'activo' | 'inactivo';
}
id
string
Internal record ID. Only present when editing an existing user.
nombre
string
required
Full display name.
email
string
required
Unique email address. Converted to lowercase before being sent to Supabase.
password
string
required
Plain-text password. Transmitted securely to the Edge Function; never stored in the client.
confirmPassword
string
required
Confirmation of the password. Must match password.
rol
'admin' | 'usuario' | 'cliente'
required
Access role to assign to the user. The creation and edit form presents admin and usuario as selectable options. The cliente value is stored in the database and readable but is not offered as a selection in the UI form.
estado
'activo' | 'inactivo'
required
Initial account status.

Editing a User

To edit an existing account, click the pencil icon (Edit) in the user’s row. The UsuarioModal opens in edit mode, pre-filled with the current values from the selected Usuario record.
Password fields are optional when editing. Leave them blank to keep the current password unchanged. Only nombre, email, rol, and estado are updated via actualizarUsuario() when performing an edit — the password is only changed through the dedicated Password Recovery flow.
The following fields are updatable:

Profile fields

nombre and email — update the user’s display name and login address.

Access fields

rol and estado — change the user’s permission level or activate/deactivate the account without deleting it.

Deactivating vs. Deleting

FerreMarket offers two distinct ways to remove a user’s access, each with different consequences.

Deactivate (Recommended)

Set estado to 'inactivo' by editing the user record. The account and all associated historical data are preserved in the database. The user cannot log in while deactivated but can be reactivated at any time by setting estado back to 'activo'.

Delete (Permanent)

Click the trash icon on a user row to open a confirmation dialog. Confirming the action calls deleteUser(uid) (Supabase Edge Function delete-user) followed by eliminarUsuario(id) to remove both the Supabase Auth entry and the database record. This action cannot be undone.
The primary administrator account (record with id === '1') cannot be deleted or sent a recovery email from the UI. The delete and recovery buttons are hidden for this account to prevent accidental lock-out.

Password Recovery

Every user row includes a lock icon button that allows an administrator to trigger a password-reset email for that user without knowing their current password.
1

Click the recovery icon

Click the lock icon on the target user’s row. A confirmation modal opens showing the user’s name and email address.
2

Confirm the action

Click Enviar Email in the modal. The UI calls recoverPassword(email), which invokes the Supabase Edge Function send-password-recovery-email with the user’s email address (lowercased).
3

User receives the link

The user receives an email containing a temporary link to set a new password. The link expires as configured in your Supabase project settings.
The Users page provides several controls for narrowing down the user list:
ControlOptionsDescription
Search barFree textFilters by nombre or email (case-insensitive).
Role filteradmin, usuario, clienteShows only users with the selected role.
Status filteractivo, inactivoShows only users matching the selected status.
Items per page10, 25, 50Controls how many users appear per page.
Column sortrol, estado, ultimoAcceso, fechaCreacionClick any column header to toggle ascending/descending sort.
Clear filtersResets all filters and returns to page 1.
All filtering, searching, and sorting is performed client-side via useMemo on the locally loaded usuarios array — no additional network requests are made when changing filters. The Last Access column uses colour-coded indicators to help administrators identify inactive accounts at a glance:
IndicatorMeaning
🟢 TodayThe user logged in today.
🟡 Within 7 daysThe user logged in within the last week.
🔴 More than 7 daysThe user has not logged in for over a week.
NeverThe user has never signed in.

Build docs developers (and LLMs) love