Acrylitec enforces role-based access through Django’s built-in authentication and group system. Every view that exposes financial or configuration data is gated by a role check, so operators can create and manage orders without ever seeing revenue dashboards or pricing settings. The two roles — Administrator and Operator — are the only roles the application recognises, and they are distinguished by a single helper function evaluated on every protected request.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/YonAnn99/Acrylitec/llms.txt
Use this file to discover all available pages before exploring further.
Role Definitions
Administrator
A user who is a Django superuser (
is_superuser=True) or a member of the Administrador Django group. Administrators have unrestricted access to all views, including:- Dashboard (
/dashboard/) — KPIs, monthly/weekly/yearly revenue charts, and active order summaries - Pricing Configuration (
/configuracion/) — laser tariff, per-thickness cost factors, and per-product profit margins - All Operator-accessible views listed below
Operator
Any authenticated user who is not an Administrator. Operators can access day-to-day operational screens:
- New order (
/pedidos/nuevo/) — POS-style cart for creating sales - Sales list (
/ventas/) — view and update order statuses - Client list (
/clientes/) — browse and add clients - Materials list (
/materiales/) — browse and manage acrylic sheet stock - Products list (
/productos/) — browse and manage the product catalogue
How Roles Are Checked
Role evaluation happens through two helper functions defined inviews.py. Every protected view decorator references one of these functions:
@login_required:
Login Flow
Users authenticate at/login/. The login_view function checks the user’s role immediately after a successful credential check and redirects accordingly:
- Administrators →
/dashboard/ - Operators → redirected via the
lista_cotizacionesroute name (note: the cotizaciones URLs are currently commented out inurls.py, so this redirect will raise aNoReverseMatcherror until those routes are re-enabled)
/login/, the same redirect logic applies — they are never shown the login form again mid-session.
Access Denied
When a non-admin authenticated user attempts to reach an admin-only URL, Django’suser_passes_test decorator redirects them to /sin-permiso/. That route renders a simple blocked-access page:
/dashboard/. Operators who land on this page should use the navigation menu to return to an accessible section.
Creating Users and Groups
Log in as a superuser and open Django Admin
Navigate to
/admin/ and sign in with a superuser account. This is the account created with python manage.py createsuperuser.Create the Administrador group
Go to Authentication and Authorization → Groups and click Add group. Enter the name exactly as
Administrador (capital A, no accent). This name is hardcoded in the es_admin helper — any variation will prevent the role check from matching.Create new user accounts
Go to Authentication and Authorization → Users and click Add user. Fill in the username, password, and any profile details required.
Assign the correct role
- To grant Administrator access: open the user record, scroll to Groups, and add the user to the
Administradorgroup. Alternatively, tick Superuser status to bypass the group check entirely. - To create an Operator: leave the user unassigned to any group and leave Superuser status unchecked. Any authenticated account without the group is treated as an Operator automatically.
The
createsuperuser management command (python manage.py createsuperuser) creates a full Administrator account with is_superuser=True. The first user created this way should log into /admin/ to set up the Administrador group and any additional Operator accounts before handing the system to staff. Superuser accounts do not need to be added to the Administrador group — es_admin grants access to either condition independently.