Turnero uses ASP.NET Core Identity to secure every part of the application. Three built-in roles —Documentation Index
Fetch the complete documentation index at: https://mintlify.com/pabloeferreyra/Turnero/llms.txt
Use this file to discover all available pages before exploring further.
Admin, Medico, and Ingreso — map to the distinct responsibilities of clinic staff. An administrator controls who can access the system and what they can do; reception staff book and manage appointments; and doctors interact with patient records and mark arrivals. All routes under the Administration and Role controllers are guarded by the Admin role, so only a user holding that role can manage other users, create roles, or assign claims.
Built-in Roles
Turnero defines its three roles as constants inRolesConstants:
Role / Permission Matrix
| Permission | Admin | Medico | Ingreso |
|---|---|---|---|
| Manage users, roles & claims | ✅ | ❌ | ❌ |
| Register new users | ✅ | ❌ | ❌ |
| Manage medic records | ✅ | ❌ | ❌ |
| Manage time slots | ✅ | ❌ | ❌ |
| Create / edit / delete appointments | ✅ | ❌ | ✅ |
| View appointment list | ✅ | ✅ | ✅ |
| Access patient records & medical data | ✅ | ✅ | ❌ |
| Mark patient as arrived | ✅ | ✅ | ❌ |
The very first user in a fresh installation cannot be promoted through the UI — there is no administrator yet. Promote the first user to
Admin by seeding the role and the AspNetUserRoles mapping directly in the database, or by writing a one-time startup seed method in Program.cs.Listing Users
Navigate to GET/Administration/ListUsers to see every registered IdentityUser in the system. From this page you can open any user’s edit form or delete a user entirely via POST /Administration/DeleteUser.
Creating a Role
Enter the role name
Type the role name into the Name field. Role names are case-sensitive; use the exact casing from
RolesConstants (Admin, Medico, Ingreso) for the built-in roles./Administration/CreateRole and GET/POST /Administration/EditRole/{id}. The EditRoleViewModel exposes the role’s Id, its RoleName, and a List<string> Users that shows every username currently assigned to that role.
Assigning Users to a Role
Open the EditUsersInRole form
Navigate to GET
/Administration/EditUsersInRole?roleId={roleId}. The view renders a checklist of every user in the system, with those already in the role pre-checked. Each row is backed by a UserRoleViewModel:Toggle user membership
Check users you want to add to the role and uncheck users you want to remove.
Editing a User
Navigate to GET/Administration/EditUser/{id} to load a user’s profile. The view model exposes:
| Field | Description |
|---|---|
Id | The Identity user ID (read-only) |
Email | The user’s email address |
UserName | The user’s login name |
Roles | Current role assignments (read-only display) |
Claims | Current claim values (read-only display) |
/Administration/EditUser to persist changes. Only Email and UserName are writable through this form; role and claim changes use their dedicated screens.
Managing User Claims
Turnero defines three fine-grained claims inClaimsStore that can supplement role-based access for role administration tasks:
| Claim | Purpose |
|---|---|
Create Role | Grants the ability to create new Identity roles |
Edit Role | Grants the ability to rename existing roles |
Delete Role | Grants the ability to delete roles |
Open the ManageUserClaims form
Navigate to GET
/Administration/ManageUserClaims?userId={userId}. The view loads the UserClaimsViewModel, which contains the user’s ID and the full list of available claims with each one marked selected or unselected based on what the user already holds.Claims are additive on top of roles. A user with the
Ingreso role who also holds the Create Role claim will be able to create roles, even though Ingreso alone does not grant that capability.