Skip to main content

Overview

StockPro’s user management system allows administrators to create employee accounts with different permission levels. Each user has their own authentication credentials and assigned role that determines their system access.
User management requires administrator privileges. Only admin users can create new employee accounts.

Understanding User Roles

StockPro supports three distinct user roles, each with different access levels:

Admin

  • Full system access
  • Can manage users and configuration
  • Access to all reports and analytics
  • Can modify business settings
  • Recommended for: Business owners, IT administrators

Gerente (Manager)

  • Operational management access
  • Can view reports and analytics
  • Manage inventory and products
  • Process and review sales
  • Cannot modify system configuration
  • Recommended for: Store managers, supervisors

Empleado (Employee)

  • Basic operational access
  • Process sales transactions
  • View inventory
  • Add products
  • Limited access to reports
  • Cannot modify settings or manage users
  • Recommended for: Sales staff, cashiers
Assign the minimum required permissions for each role to maintain security and prevent accidental changes.

Creating a New User

1

Access Employee Creation Form

Navigate to the employee creation interface (typically accessible from the configuration panel or user management section for administrators).
2

Enter User Information

Fill in the required user details:Required Fields:
  • Name (name): Employee’s full name
  • Email (email): Valid email address for authentication
  • Password (password): Secure password for the account
  • Tipo (tipo): User role selection (admin, gerente, empleado)
Passwords should be strong and unique. Firebase Authentication enforces password requirements.
3

Submit the Form

Click the submit button to create the account. The system will:
  1. Validate that the email isn’t already registered
  2. Create a Firebase Authentication account
  3. Store user profile in the usuarios Firestore collection
  4. Display a confirmation message

How User Creation Works

The user creation process involves several steps managed by agregar_empleado.js:

Step 1: Email Validation

Before creating an account, the system checks if the email is already in use:
agregar_empleado.js:16-26
fetchSignInMethodsForEmail(auth, emailToCheck)
    .then((signInMethods) => {
        if (signInMethods && signInMethods.length > 0) {
            console.log(`El correo ${emailToCheck} ya registrado.`);
        } else {
            console.log(`El correo ${emailToCheck} no está registrado.`);
        }
    })
    .catch((error) => {
        console.error("Error al verificar el correo:", error);
    });
If the email is already registered, the system will detect it and prevent duplicate accounts.

Step 2: Create Firebase Authentication Account

A new Firebase Authentication account is created with the provided email and password:
agregar_empleado.js:29-30
const credenciales = await createUserWithEmailAndPassword(auth, email, password);
const user = credenciales.user;
What happens:
  • Firebase creates an authentication account
  • Returns user credentials with unique uid
  • Password is securely hashed by Firebase
  • User can immediately log in with these credentials

Step 3: Store User Profile

User details are saved to the Firestore usuarios collection:
agregar_empleado.js:32-39
const usuario = {
    uid: user.uid,
    name: name,
    email: email,
    tipo: tipo
};

await addDoc(collection(db, "usuarios"), usuario);
Stored Fields:
  • uid: Firebase Authentication user ID (unique identifier)
  • name: User’s display name
  • email: User’s email address
  • tipo: Role type (admin, gerente, empleado)
The usuarios collection stores user profiles and permissions. See Firestore Collections for complete schema details.

Step 4: Confirmation

Upon successful creation, the system displays a confirmation alert:
agregar_empleado.js:41
alert(`Registrado como: Usuario ${name}, Tipo: ${tipo}`);

Error Handling

The user creation process includes error handling for common issues:
agregar_empleado.js:42-45
} catch (error) {
    console.error("Error al agregar usuario:", error);
    alert("Hubo un error al agregar el usuario. Por favor, intenta nuevamente.");
}

Common Errors

Error: auth/email-already-in-useCause: The email address is already registered in Firebase AuthenticationSolution: Use a different email address or reset the existing account’s password
Error: auth/weak-passwordCause: Password doesn’t meet Firebase’s minimum requirements (usually 6 characters)Solution: Choose a stronger password with at least 6 characters
Error: auth/invalid-emailCause: Email format is invalidSolution: Verify email format is correct (e.g., [email protected])
Error: permission-deniedCause: Firestore security rules don’t allow writing to usuarios collectionSolution: Verify security rules allow authenticated admins to create user documents

Best Practices

Use Strong Passwords

Enforce strong password policies for all employee accounts to maintain security

Assign Appropriate Roles

Give users the minimum permissions needed for their job functions

Use Work Emails

Use company email addresses for better accountability and password recovery

Document User Changes

Keep a record of when users are added or their roles change

Security Recommendations

  1. Role Segregation: Don’t give admin access to regular employees
  2. Password Policies: Require passwords to be changed periodically
  3. Email Verification: Consider enabling Firebase email verification for new accounts
  4. Activity Logging: Monitor user actions for suspicious activity
  5. Regular Audits: Review user accounts periodically and remove inactive users
Admin accounts have full system access including the ability to delete data and modify critical settings. Limit admin access to trusted personnel only.

Managing Existing Users

Viewing User List

Currently, user management is handled through Firebase Console. To view all users:
  1. Go to Firebase Console
  2. Select your project
  3. Navigate to Authentication > Users
  4. View all registered users and their details

Modifying User Roles

To change a user’s role type:
  1. Access Firestore in Firebase Console
  2. Navigate to the usuarios collection
  3. Find the user document by email or uid
  4. Edit the tipo field (admin, gerente, or empleado)
  5. Save the changes
Changes to user roles take effect on their next login or page refresh.

Deleting Users

To remove a user from the system:
  1. Delete from Authentication: Firebase Console > Authentication > Select user > Delete
  2. Remove from Firestore: Delete the corresponding document in the usuarios collection
Deleting a user is permanent and cannot be undone. Ensure you have a backup if needed.

Integration with Security Rules

User roles are enforced through Firestore security rules. See Security Rules for details on configuring role-based access control. Example security rule for role-based access:
firestore.rules
function isAdmin() {
  let userData = get(/databases/$(database)/documents/usuarios/$(request.auth.uid)).data;
  return userData.tipo == 'admin';
}

function isManager() {
  let userData = get(/databases/$(database)/documents/usuarios/$(request.auth.uid)).data;
  return userData.tipo in ['admin', 'gerente'];
}

Troubleshooting

User Can’t Log In After Creation

Check:
  • Verify email and password are correct
  • Confirm account exists in Firebase Authentication
  • Check that user document exists in usuarios collection
  • Verify Firestore security rules allow read access

Role Permissions Not Working

Check:
  • Confirm tipo field in Firestore matches role name exactly
  • Verify security rules are correctly checking user roles
  • Ensure user has logged in again after role change

Email Verification Issues

Check:
  • Firebase Authentication email verification settings
  • Email provider spam filters
  • Firebase project sender email configuration

Authentication API

Technical documentation for createUserWithEmailAndPassword and other auth functions

Firestore Collections

Complete schema for usuarios collection

Security Rules

Configure role-based security rules

Configuration Panel

Access user management from the configuration interface

Build docs developers (and LLMs) love

Get started for freeTalk to us