diff --git a/essenza/templates/base.html b/essenza/templates/base.html
index b15bfc6..d68aa8a 100644
--- a/essenza/templates/base.html
+++ b/essenza/templates/base.html
@@ -513,21 +513,20 @@
       <a href="{% url 'info-home' %}" class="info-button" title="Información">i</a>
       <a href="{% url 'dashboard' %}" class="brand">ESSENZA</a>
       <nav class="nav-links" aria-label="Navegación principal">
-        {% if not user.is_staff and not user.is_superuser %}
+        {% if user.is_authenticated and user.role == 'admin'%}
+          <a href="{% url 'stock' %}">Stock</a>
+          <a href="{% url 'product_list' %}">Productos</a>
+          <a href="{% url 'order_list_admin' %}">Pedidos</a>
+          <a href="{% url 'user_list' %}">Usuarios</a>
+        {% else %}
           <a href="{% url 'dashboard' %}">Escaparate</a>
           <a href="{% url 'catalog' %}">Catalogo</a>
           {% if user.is_authenticated %}
-            <a href="{% url 'order_history' %}">Mis Pedidos</a>
+          <a href="{% url 'order_history' %}">Mis Pedidos</a>
           {% else %}
-            <a href="{% url 'order_search' %}">Localiza tu envío</a>
-          {% endif  %}
-        {% endif %} {% if user.is_staff or user.is_superuser %}
-          <a href="{% url 'stock' %}">Stock</a>
-          <a href="{% url 'product_list' %}">Productos</a>
-          <a href="{% url 'order_list_admin' %}">Pedidos</a>
-          <!-- LA SIGUIENTE LINEA ES PROVISIONAL -->
-          <a href="#">Usuarios</a>
+          <a href="{% url 'order_search' %}">Localiza tu envío</a>
         {% endif %}
+        {% endif  %}
       </nav>
     </div>
 
diff --git a/essenza/templates/order/order_list_admin.html b/essenza/templates/order/order_list_admin.html
index 48c343c..4e88f88 100644
--- a/essenza/templates/order/order_list_admin.html
+++ b/essenza/templates/order/order_list_admin.html
@@ -2,7 +2,7 @@
 {% load humanize %}
 {% load static %}
 
-{% block title %}Mis pedidos · Essenza{% endblock %}
+{% block title %}Pedidos · Essenza{% endblock %}
 
 {% block extra_head %}
 <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css">
@@ -284,8 +284,8 @@
 <div class="page-container">
   
   <div class="page-header">
-    <h1>Mis pedidos</h1>
-    <p>Historial y seguimiento de tus compras</p>
+    <h1>Pedidos</h1>
+    <p>Historial de todas las compras</p>
   </div>
 
   <!-- BARRA DE FILTROS (BOTONES SEPARADOS) -->
diff --git a/essenza/templates/product/stock.html b/essenza/templates/product/stock.html
index 972694c..cc98cca 100644
--- a/essenza/templates/product/stock.html
+++ b/essenza/templates/product/stock.html
@@ -223,7 +223,7 @@ <h1>Stock Essenza</h1>
           {% endif %} {% endwith %}
         </div>
 
-        {% if user.is_staff or user.is_superuser %}
+        {% if user.is_authenticated and user.role == 'admin' %}
         <form
           action="{% url 'stock' %}"
           method="post"
diff --git a/essenza/templates/user/confirm_delete_user_admin.html b/essenza/templates/user/confirm_delete_user_admin.html
new file mode 100644
index 0000000..0925f77
--- /dev/null
+++ b/essenza/templates/user/confirm_delete_user_admin.html
@@ -0,0 +1,151 @@
+{% load static %}
+<!DOCTYPE html>
+<html lang="es">
+  <head>
+    <meta charset="utf-8" />
+    <title>Eliminar Usuario · Essenza Admin</title>
+    <meta name="viewport" content="width=device-width, initial-scale=1" />
+    <style>
+      /* === ESTILOS GLOBALES (Porque ya no hay base.html) === */
+      body {
+        margin: 0;
+        font-family: "Segoe UI", Arial, sans-serif;
+        background-color: #faf7f2; /* Color de fondo base */
+      }
+
+      /* === ESTILO DE ALERTA ROJA === */
+      .danger-wrapper {
+        --color-principal: #c06b3e;
+        --color-fondo: #faf7f2;
+        --color-fondo-tarjeta: #fff;
+        --color-error: #b00020;
+        --color-error-hover: #8e0019;
+        --color-texto-base: #333;
+
+        background-color: var(--color-fondo);
+        min-height: 100dvh; /* Ocupa toda la pantalla */
+        display: flex;
+        flex-direction: column;
+        justify-content: center;
+        align-items: center;
+        padding: 20px;
+        box-sizing: border-box;
+      }
+
+      .brand-danger {
+        color: var(--color-error); /* Marca en rojo */
+        font-size: 48px;
+        margin: 0 0 20px 0;
+        text-align: center;
+        font-weight: bold;
+      }
+
+      .form-card {
+        width: min(450px, 90vw);
+        background: var(--color-fondo-tarjeta);
+        border: 3px solid var(--color-error); /* Borde Rojo Grueso */
+        border-radius: 16px;
+        box-shadow: 0 12px 28px rgba(176, 0, 32, 0.1);
+        padding: 30px;
+        box-sizing: border-box;
+        text-align: center;
+      }
+
+      h2 {
+        color: var(--color-error);
+        margin-top: 0;
+        font-size: 1.5rem;
+        font-weight: 800;
+      }
+
+      .warning-text {
+        color: var(--color-texto-base);
+        font-size: 16px;
+        line-height: 1.5;
+        margin: 20px 0;
+      }
+
+      .user-preview {
+        background: #fff5f5;
+        border: 1px dashed var(--color-error);
+        padding: 15px;
+        border-radius: 8px;
+        margin: 20px 0;
+        color: #555;
+        font-weight: 600;
+      }
+      .user-preview span {
+        display: block;
+        color: #000;
+        font-size: 1.1rem;
+        margin-top: 5px;
+      }
+
+      /* Botón de peligro */
+      .btn-danger {
+        width: 100%;
+        padding: 14px;
+        border-radius: 10px;
+        background: var(--color-error);
+        color: white;
+        border: none;
+        cursor: pointer;
+        transition: background-color 0.3s;
+        font-weight: 700;
+        font-size: 1rem;
+        text-transform: uppercase;
+        letter-spacing: 0.5px;
+      }
+      .btn-danger:hover {
+        background-color: var(--color-error-hover);
+      }
+
+      .cancel-link {
+        margin-top: 20px;
+        display: block;
+        font-size: 14px;
+      }
+      .cancel-link a {
+        color: #666;
+        text-decoration: none;
+        font-weight: 600;
+      }
+      .cancel-link a:hover {
+        text-decoration: underline;
+      }
+    </style>
+  </head>
+  <body>
+    <div class="danger-wrapper">
+      
+      <h1 class="brand-danger">ATENCIÓN</h1>
+      
+      <div class="form-card">
+        <h2>Eliminar Usuario</h2>
+        
+        <p class="warning-text">
+          Estás a punto de eliminar permanentemente la siguiente cuenta.
+          <br>
+          <strong>Esta acción borrará todos sus pedidos y datos asociados.</strong>
+        </p>
+
+        <div class="user-preview">
+            Usuario:
+            <span>{{ object.email }}</span>
+            <small style="font-weight: normal; font-size: 0.8rem;">({{ object.first_name }} {{ object.last_name }})</small>
+        </div>
+
+        <form method="post">
+          {% csrf_token %}
+          <button type="submit" class="btn-danger">
+            CONFIRMAR ELIMINACIÓN
+          </button>
+        </form>
+
+        <p class="cancel-link">
+          <a href="{% url 'user_list' %}">Cancelar y volver (No hacer nada)</a>
+        </p>
+      </div>
+    </div>
+  </body>
+</html>
\ No newline at end of file
diff --git a/essenza/templates/user/user_create_admin.html b/essenza/templates/user/user_create_admin.html
new file mode 100644
index 0000000..f5ae513
--- /dev/null
+++ b/essenza/templates/user/user_create_admin.html
@@ -0,0 +1,238 @@
+{% extends "base.html" %}
+{% load static %}
+
+{% block title %}Crear Usuario · Essenza{% endblock %}
+
+{% block extra_head %}
+<style>
+  /* === ESTILOS IDÉNTICOS A TU REFERENCIA === */
+  .register-wrapper {
+    /* Variables de tu referencia */
+    --color-principal: #c06b3e;
+    --color-principal-hover: #a35a34;
+    --color-fondo: #faf7f2;
+    --color-fondo-tarjeta: #fff;
+    --color-texto-base: #333;
+    --color-borde-claro: #eee;
+    --color-error: #b00020;
+    --color-foco-sombra: rgba(192, 107, 62, 0.2);
+
+    background-color: var(--color-fondo);
+    font-family: "Segoe UI", Arial, sans-serif;
+    /* Ajuste para centrar dentro del base.html */
+    min-height: calc(100vh - 80px); 
+    display: grid;
+    place-items: start center;
+    padding: 40px 0;
+  }
+
+  .brand-title {
+    color: var(--color-principal);
+    font-size: 48px;
+    margin-bottom: 10px;
+    text-align: center;
+    font-weight: bold;
+  }
+
+  .form-card {
+    width: min(420px, 88vw);
+    background: var(--color-fondo-tarjeta);
+    border: 2px solid var(--color-principal);
+    border-radius: 16px;
+    box-shadow: 0 12px 28px rgba(0, 0, 0, 0.06);
+    padding: 22px 24px;
+    box-sizing: border-box;
+  }
+
+  /* Labels e Inputs */
+  .register-wrapper label {
+    display: block;
+    font-size: 13px;
+    color: var(--color-texto-base);
+    margin: 10px 0 6px;
+  }
+
+  .register-wrapper input[type="text"],
+  .register-wrapper input[type="email"],
+  .register-wrapper input[type="password"],
+  .register-wrapper select { /* Añadido select para el Rol */
+    width: 100%;
+    padding: 10px 12px;
+    border: 1px solid var(--color-borde-claro);
+    border-radius: 10px;
+    background: #fafafa;
+    outline: none;
+    box-sizing: border-box;
+    font-size: 14px;
+    color: #333;
+  }
+
+  .register-wrapper input[type="file"] {
+    width: 100%;
+    font-size: 13px;
+    color: #555;
+    margin: 10px 0 15px;
+    padding: 8px;
+    border: 1px solid var(--color-borde-claro);
+    border-radius: 10px;
+    background: #fafafa;
+    box-sizing: border-box;
+  }
+
+  .register-wrapper input:focus,
+  .register-wrapper select:focus {
+    border-color: var(--color-principal);
+    box-shadow: 0 0 0 3px var(--color-foco-sombra);
+  }
+
+  /* Checkbox para 'Activo' */
+  .checkbox-wrapper {
+    display: flex;
+    align-items: center;
+    margin: 15px 0;
+    gap: 8px;
+  }
+  .register-wrapper input[type="checkbox"] {
+    accent-color: var(--color-principal);
+    width: 16px;
+    height: 16px;
+    margin: 0;
+  }
+  .checkbox-label {
+    margin: 0 !important; /* Override del margen default */
+    font-weight: 600;
+    cursor: pointer;
+  }
+
+  /* Botón Principal */
+  .btn-primary {
+    width: 100%;
+    margin-top: 14px;
+    padding: 10px 12px;
+    border-radius: 10px;
+    background: var(--color-principal);
+    color: var(--color-fondo-tarjeta);
+    border: none;
+    cursor: pointer;
+    transition: background-color 0.3s;
+    font-size: 15px;
+    font-weight: 600;
+  }
+  .btn-primary:hover {
+    background-color: var(--color-principal-hover);
+  }
+
+  /* Botón Volver Flotante (Estilo Referencia) */
+  .return-button {
+    position: fixed;
+    top: 100px; /* Ajustado para no chocar con el navbar del base */
+    left: 20px;
+    width: 80px;
+    height: 30px;
+    background-color: #c06b3e;
+    border-radius: 15px;
+    text-align: center;
+    line-height: 30px;
+    font-size: 14px; /* Un poco más pequeño para encajar 'Volver' */
+    font-weight: bold;
+    color: white;
+    text-decoration: none;
+    cursor: pointer;
+    box-shadow: 0 2px 4px rgba(0, 0, 0, 0.2);
+    transition: background-color 0.3s;
+    z-index: 100;
+  }
+  .return-button:hover {
+    background-color: #a35a34;
+    text-decoration: none;
+    color: white;
+  }
+
+  .form-error {
+    color: var(--color-error);
+    font-size: 13px;
+    margin: 6px 0;
+  }
+  
+  /* Separador visual para zona admin */
+  .divider {
+    border-top: 1px dashed #ddd;
+    margin: 20px 0;
+  }
+  .section-title {
+    font-size: 11px;
+    text-transform: uppercase;
+    color: var(--color-principal);
+    font-weight: bold;
+    margin-bottom: 10px;
+    display: block;
+  }
+  
+  /* Help text contraseñas */
+  .helptext { font-size: 11px; color: #777; margin-top: 3px; display: block; }
+</style>
+{% endblock %}
+
+{% block content %}
+<div class="register-wrapper">
+    
+    <a href="{% url 'user_list' %}" class="return-button" title="Volver al listado">Volver</a>
+
+    <div class="page">
+      <h1 class="brand-title">ESSENZA ADMIN</h1>
+      <div class="form-card">
+        <h2 style="text-align:center; color:#555; font-size:1.2rem; margin-top:0; border-bottom:1px solid #eee; padding-bottom:10px;">Crear Usuario</h2>
+
+        <form method="post" enctype="multipart/form-data" novalidate>
+          {% csrf_token %}
+
+          <label for="{{ form.first_name.id_for_label }}">Nombre</label>
+          {{ form.first_name }}
+
+          <label for="{{ form.last_name.id_for_label }}">Apellidos</label>
+          {{ form.last_name }}
+
+          <label for="{{ form.email.id_for_label }}">Correo electrónico (Login)</label>
+          {{ form.email }}
+          {% if form.email.errors %}<p class="form-error">{{ form.email.errors.0 }}</p>{% endif %}
+
+          {% for field in form %}
+            {% if 'password' in field.name %}
+                <label for="{{ field.id_for_label }}" style="margin-top: 10px;">{{ field.label }}</label>
+                {{ field }}
+                {% if field.errors %}
+                    <p class="form-error">{{ field.errors.0 }}</p>
+                {% endif %}
+            {% endif %}
+          {% endfor %}
+
+          <div class="divider"></div>
+          <span class="section-title">Configuración Admin</span>
+
+          <label for="{{ form.role.id_for_label }}">Rol Asignado</label>
+          {{ form.role }}
+
+          <div class="checkbox-wrapper">
+            {{ form.is_active }}
+            <label for="{{ form.is_active.id_for_label }}" class="checkbox-label">Cuenta Activa (Permitir acceso)</label>
+          </div>
+
+          <div class="divider"></div>
+          <label for="{{ form.photo.id_for_label }}">Foto (Opcional)</label>
+          {{ form.photo }} 
+
+          {% if form.non_field_errors %}
+          <div style="margin-top: 15px; border: 1px solid #b00020; padding: 10px; border-radius: 8px; background: #fff5f5;">
+            {% for error in form.non_field_errors %}
+            <p class="form-error" style="margin:0;">{{ error }}</p>
+            {% endfor %}
+          </div>
+          {% endif %}
+
+          <button type="submit" class="btn-primary">Crear Usuario</button>
+
+        </form>
+      </div>
+    </div>
+</div>
+{% endblock %}
\ No newline at end of file
diff --git a/essenza/templates/user/user_edit_admin.html b/essenza/templates/user/user_edit_admin.html
new file mode 100644
index 0000000..3df9bdd
--- /dev/null
+++ b/essenza/templates/user/user_edit_admin.html
@@ -0,0 +1,296 @@
+{% extends "base.html" %}
+{% load static %}
+
+{% block title %}Administrar Usuario · Essenza{% endblock %}
+
+{% block extra_head %}
+<style>
+  /* === ESTILOS DE TU REFERENCIA (Adaptados a bloque) === */
+  
+  /* Definimos las variables en el scope local para asegurar fidelidad */
+  .admin-wrapper {
+    --color-principal: #c06b3e;
+    --color-principal-hover: #a35a34;
+    --color-fondo: #faf7f2;
+    --color-fondo-tarjeta: #fff;
+    --color-texto-base: #333;
+    --color-borde-claro: #eee;
+    --color-error: #b00020;
+    --color-foco-sombra: rgba(192, 107, 62, 0.2);
+    --color-success: #2e7d32; /* Extra para el switch de activo */
+
+    background-color: var(--color-fondo);
+    font-family: "Segoe UI", Arial, sans-serif;
+    /* Ajuste para centrar verticalmente descontando el header */
+    min-height: calc(100vh - 80px); 
+    display: flex;
+    flex-direction: column;
+    justify-content: center;
+    align-items: center;
+    padding: 40px 20px;
+  }
+
+  .brand-admin {
+    color: var(--color-principal);
+    font-size: 48px;
+    margin: 0 0 20px 0;
+    text-align: center;
+    font-weight: bold;
+  }
+
+  .form-card {
+    width: min(420px, 88vw);
+    background: var(--color-fondo-tarjeta);
+    border: 2px solid var(--color-principal);
+    border-radius: 16px;
+    box-shadow: 0 12px 28px rgba(0, 0, 0, 0.06);
+    padding: 22px 24px;
+    box-sizing: border-box;
+  }
+
+  /* Inputs y Labels */
+  .admin-wrapper label {
+    display: block;
+    font-size: 13px;
+    color: var(--color-texto-base);
+    margin: 10px 0 6px;
+    font-weight: 600;
+  }
+
+  .admin-wrapper input[type="text"],
+  .admin-wrapper input[type="email"],
+  .admin-wrapper select {
+    width: 100%;
+    padding: 10px 12px;
+    border: 1px solid var(--color-borde-claro);
+    border-radius: 10px;
+    background: #fafafa;
+    outline: none;
+    box-sizing: border-box;
+    font-size: 14px;
+    color: #333;
+  }
+
+  .admin-wrapper input:focus, 
+  .admin-wrapper select:focus {
+    border-color: var(--color-principal);
+    box-shadow: 0 0 0 3px var(--color-foco-sombra);
+    background: #fff;
+  }
+
+  /* Estilos específicos para inputs deshabilitados (como email si se diera el caso) */
+  .admin-wrapper input:disabled {
+    background: #eee;
+    color: #777;
+    cursor: not-allowed;
+  }
+
+  /* --- ZONA ADMIN (Integrada en el diseño) --- */
+  .admin-zone {
+    background-color: #fffcf9; /* Un tono muy sutil */
+    border: 1px dashed var(--color-principal);
+    border-radius: 10px;
+    padding: 15px;
+    margin: 15px 0;
+  }
+  
+  .admin-zone-title {
+    color: var(--color-principal);
+    font-size: 11px;
+    text-transform: uppercase;
+    letter-spacing: 1px;
+    font-weight: bold;
+    margin-bottom: 10px;
+    display: block;
+  }
+
+  /* Switch para Activo */
+  .switch-row {
+    display: flex;
+    align-items: center;
+    justify-content: space-between;
+    margin-top: 10px;
+  }
+  .switch {
+    position: relative;
+    display: inline-block;
+    width: 40px;
+    height: 22px;
+  }
+  .switch input { opacity: 0; width: 0; height: 0; }
+  .slider {
+    position: absolute;
+    cursor: pointer;
+    top: 0; left: 0; right: 0; bottom: 0;
+    background-color: #ccc;
+    transition: .4s;
+    border-radius: 34px;
+  }
+  .slider:before {
+    position: absolute;
+    content: "";
+    height: 16px;
+    width: 16px;
+    left: 3px;
+    bottom: 3px;
+    background-color: white;
+    transition: .4s;
+    border-radius: 50%;
+  }
+  input:checked + .slider { background-color: var(--color-success); }
+  input:checked + .slider:before { transform: translateX(18px); }
+
+  /* --- Botones --- */
+  .btn-primary {
+    width: 100%;
+    margin-top: 14px;
+    padding: 10px 12px;
+    border-radius: 10px;
+    background: var(--color-principal);
+    color: var(--color-fondo-tarjeta);
+    border: none;
+    cursor: pointer;
+    transition: background-color 0.3s;
+    font-size: 14px;
+    font-weight: 600;
+  }
+  .btn-primary:hover {
+    background-color: var(--color-principal-hover);
+  }
+
+  .login-link {
+    margin-top: 15px;
+    text-align: center;
+    font-size: 13px;
+  }
+  .login-link a {
+    color: var(--color-principal);
+    text-decoration: underline;
+  }
+
+  /* Foto y Errores */
+  .admin-wrapper input[type="file"] {
+    width: 100%;
+    font-size: 13px;
+    color: #555;
+    margin: 10px 0 15px;
+    padding: 8px;
+    border: 1px solid var(--color-borde-claro);
+    border-radius: 10px;
+    background: #fafafa;
+    box-sizing: border-box;
+  }
+  .admin-wrapper input[type="file"]:disabled {
+    background-color: #f0f0f0;
+    cursor: not-allowed;
+  }
+
+  .form-error { color: var(--color-error); font-size: 13px; margin: 6px 0; }
+  .error-box {
+    background: #fff0f0;
+    border: 2px solid var(--color-error);
+    border-radius: 10px;
+    padding: 15px;
+    margin-bottom: 15px;
+  }
+</style>
+{% endblock %}
+
+{% block content %}
+<div class="admin-wrapper">
+  
+  <h1 class="brand-admin">ESSENZA ADMIN</h1>
+  
+  <div class="form-card">
+    
+    <h2 style="text-align: center; font-size: 1.1rem; color: #555; margin-top: 0; margin-bottom: 20px; border-bottom: 1px solid #eee; padding-bottom: 10px;">
+      Gestionando a: <span style="color: #c06b3e; font-weight: 800;">{{ form.instance.username }}</span>
+    </h2>
+
+    <form method="post" enctype="multipart/form-data" novalidate>
+      {% csrf_token %}
+
+      <label for="{{ form.first_name.id_for_label }}">Nombre</label>
+      {{ form.first_name }}
+
+      <label for="{{ form.last_name.id_for_label }}">Apellidos</label>
+      {{ form.last_name }}
+
+      <label for="{{ form.email.id_for_label }}">Correo electrónico</label>
+      {{ form.email }}
+
+      <div class="admin-zone">
+        <span class="admin-zone-title">Control de Acceso</span>
+        
+        <label for="{{ form.role.id_for_label }}">Rol</label>
+        {{ form.role }}
+
+        <div class="switch-row">
+            <span style="font-size: 13px; font-weight: 600; color: #444;">Cuenta Activa</span>
+            <label class="switch">
+                {{ form.is_active }}
+                <span class="slider"></span>
+            </label>
+        </div>
+      </div>
+
+      <label for="{{ form.photo.id_for_label }}">Foto (Opcional)</label>
+      {{ form.photo }} 
+      
+      {% if not form.remove_photo.is_hidden and form.instance.photo %}
+        <div style="margin-bottom: 15px">
+          {{ form.remove_photo }}
+          <label for="{{ form.remove_photo.id_for_label }}" style="display: inline; color: #b00020; margin-left: 5px;">
+            {{ form.remove_photo.label }}
+          </label>
+        </div>
+      {% endif %} 
+      
+      {% if form.errors %}
+      <div class="error-box">
+        <p style="color: #b00020; margin-top: 0; font-weight: bold;">
+          ¡El formulario tiene errores!
+        </p>
+        {% for field in form %} {% if field.errors %}
+        <div class="form-error">
+          <strong>{{ field.label }}:</strong>
+          <ul>
+            {% for error in field.errors %}
+            <li>{{ error }}</li>
+            {% endfor %}
+          </ul>
+        </div>
+        {% endif %} {% endfor %} {% for error in form.non_field_errors %}
+        <div class="form-error">
+          <strong>Error general:</strong> {{ error }}
+        </div>
+        {% endfor %}
+      </div>
+      {% endif %}
+
+      <button type="submit" class="btn-primary">Guardar Cambios</button>
+
+      <p class="login-link">
+        <a href="{% url 'user_list' %}">← Volver al listado de usuarios</a>
+      </p>
+    </form>
+  </div>
+</div>
+
+<script>
+  document.addEventListener("DOMContentLoaded", function () {
+    const fileInput = document.getElementById("{{ form.photo.id_for_label }}");
+    const removeCheckbox = document.getElementById("{{ form.remove_photo.id_for_label }}");
+
+    if (fileInput && removeCheckbox) {
+      // Lógica inicial
+      if (removeCheckbox.checked) { fileInput.disabled = true; }
+
+      // Listener
+      removeCheckbox.addEventListener("change", function() {
+        fileInput.disabled = this.checked;
+      });
+    }
+  });
+</script>
+{% endblock %}
\ No newline at end of file
diff --git a/essenza/templates/user/user_list.html b/essenza/templates/user/user_list.html
new file mode 100644
index 0000000..3e1b5dd
--- /dev/null
+++ b/essenza/templates/user/user_list.html
@@ -0,0 +1,425 @@
+{% extends "base.html" %}
+{% load humanize %}
+{% load static %}
+
+{% block title %}Gestión de Usuarios · Essenza{% endblock %}
+
+{% block extra_head %}
+<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css">
+
+<style>
+  /* === CONFIGURACIÓN GENERAL === */
+  body {
+    background-color: #faf7f2;
+    font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
+    color: #333;
+  }
+
+  .page-container {
+    max-width: 1100px;
+    margin: 40px auto;
+    padding: 0 20px 80px;
+  }
+
+  /* === CABECERA === */
+  .page-header {
+    text-align: center;
+    margin-bottom: 40px;
+  }
+  .page-header h1 {
+    font-size: 2.2rem;
+    color: #c06b3e;
+    font-weight: 800;
+    margin-bottom: 5px;
+  }
+  .page-header p { color: #666; font-size: 1rem; }
+
+  /* === BOTÓN CREAR (NUEVO ESTILO) === */
+  .actions-row {
+    display: flex;
+    justify-content: flex-end;
+    margin-bottom: 15px;
+  }
+
+  .btn-create {
+    background-color: #c06b3e;
+    color: white;
+    padding: 10px 25px;
+    border-radius: 50px;
+    text-decoration: none;
+    font-weight: 700;
+    font-size: 0.95rem;
+    box-shadow: 0 4px 15px rgba(192, 107, 62, 0.3);
+    transition: all 0.2s ease;
+    display: inline-flex;
+    align-items: center;
+    gap: 8px;
+  }
+  
+  .btn-create:hover {
+    background-color: #a35a34;
+    transform: translateY(-2px);
+    box-shadow: 0 6px 20px rgba(192, 107, 62, 0.4);
+    color: white;
+  }
+
+  /* === CONTROL BAR (FILTROS + ORDEN JUNTOS) === */
+  .control-bar {
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+    background: white;
+    padding: 10px 20px;
+    border-radius: 50px;
+    box-shadow: 0 2px 10px rgba(0,0,0,0.03);
+    border: 1px solid #eee;
+    margin-bottom: 30px;
+    flex-wrap: wrap;
+    gap: 15px;
+  }
+
+  /* Lado Izquierdo: Filtros de Rol */
+  .filter-group {
+    display: flex;
+    gap: 5px;
+  }
+
+  .filter-pill {
+    padding: 8px 20px;
+    border-radius: 25px;
+    background: transparent;
+    color: #666;
+    font-size: 0.9rem;
+    font-weight: 600;
+    cursor: pointer;
+    text-decoration: none;
+    transition: all 0.2s ease;
+    border: 1px solid transparent;
+  }
+  
+  .filter-pill:hover {
+    background-color: #fff5f0;
+    color: #c06b3e;
+  }
+  
+  .filter-pill.active {
+    background: #c06b3e;
+    color: white;
+    box-shadow: 0 2px 5px rgba(192, 107, 62, 0.3);
+  }
+
+  /* Lado Derecho: Ordenación */
+  .sort-group {
+    display: flex;
+    align-items: center;
+    gap: 10px;
+  }
+  
+  .sort-label {
+    font-size: 0.85rem;
+    color: #999;
+    font-weight: 600;
+  }
+
+  .sort-select {
+    padding: 8px 30px 8px 15px;
+    border: 1px solid #e0e0e0;
+    border-radius: 20px;
+    background-color: #fafafa;
+    color: #555;
+    font-weight: 600;
+    font-size: 0.85rem;
+    cursor: pointer;
+    appearance: none;
+    background-image: url("data:image/svg+xml;charset=US-ASCII,%3Csvg%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%20width%3D%22292.4%22%20height%3D%22292.4%22%3E%3Cpath%20fill%3D%22%23c06b3e%22%20d%3D%22M287%2069.4a17.6%2017.6%200%200%200-13-5.4H18.4c-5%200-9.3%201.8-12.9%205.4A17.6%2017.6%200%200%200%200%2082.2c0%205%201.8%209.3%205.4%2012.9l128%20127.9c3.6%203.6%207.8%205.4%2012.8%205.4s9.2-1.8%2012.8-5.4L287%2095c3.5-3.5%205.4-7.8%205.4-12.8%200-5-1.9-9.2-5.5-12.8z%22%2F%3E%3C%2Fsvg%3E");
+    background-repeat: no-repeat;
+    background-position: right 12px top 50%;
+    background-size: 8px auto;
+    transition: 0.2s;
+  }
+  .sort-select:hover, .sort-select:focus {
+    border-color: #c06b3e;
+    background-color: white;
+    outline: none;
+  }
+
+  /* === TARJETAS === */
+  .card {
+    background: white;
+    border-radius: 16px;
+    box-shadow: 0 4px 15px rgba(0,0,0,0.03);
+    margin-bottom: 20px;
+    overflow: hidden;
+    transition: transform 0.2s ease;
+    border: 1px solid #f0f0f0;
+  }
+  .card:hover { transform: translateY(-3px); border-color: #e6d0c5; }
+
+  /* CABECERA DE LA TARJETA */
+  .card-header {
+    background: #fffcf9;
+    padding: 10px 25px;
+    border-bottom: 1px solid #f8f1ec;
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+    font-size: 0.85rem;
+    color: #888;
+  }
+
+  .status-indicator {
+    display: flex;
+    align-items: center;
+    gap: 8px;
+    font-weight: 600;
+    color: #555;
+  }
+  .dot {
+    width: 10px;
+    height: 10px;
+    border-radius: 50%;
+    background-color: #ccc;
+  }
+  .dot.active {
+    background-color: #2e7d32;
+    box-shadow: 0 0 0 2px rgba(46, 125, 50, 0.1);
+  }
+
+  .card-body {
+    padding: 20px 25px;
+    display: flex;
+    align-items: center;
+    justify-content: space-between;
+    gap: 20px;
+  }
+
+  /* Sección Izquierda */
+  .user-identity {
+    display: flex;
+    align-items: center;
+    gap: 20px;
+    flex: 1;
+  }
+
+  .avatar-lg {
+    width: 70px; 
+    height: 70px;
+    border-radius: 50%;
+    object-fit: cover;
+    border: 3px solid #fff;
+    box-shadow: 0 4px 10px rgba(192, 107, 62, 0.15);
+    background-color: #f2e8e3;
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    color: #c06b3e;
+    font-size: 1.8rem;
+    flex-shrink: 0;
+  }
+
+  .user-info h3 { margin: 0; font-size: 1.15rem; color: #333; font-weight: 700; }
+  .user-info .email { color: #666; font-size: 0.95rem; margin-top: 2px; }
+  .user-info .meta { font-size: 0.85rem; color: #999; margin-top: 6px; }
+
+  /* Sección Derecha */
+  .user-actions-col {
+    display: flex;
+    flex-direction: column;
+    align-items: flex-end;
+    gap: 12px;
+  }
+
+  .role-badge {
+    padding: 5px 12px;
+    border-radius: 6px;
+    font-size: 0.75rem;
+    font-weight: 700;
+    text-transform: uppercase;
+    letter-spacing: 0.5px;
+    display: inline-flex;
+    align-items: center;
+    gap: 6px;
+  }
+  .role-admin { background: #fdf2f2; color: #c06b3e; border: 1px solid #f5d0c0; } 
+  .role-user { background: #e3f2fd; color: #1565c0; border: 1px solid #bbdefb; }
+
+  /* BOTONES DE GESTIÓN */
+  .action-buttons {
+    display: flex;
+    gap: 8px;
+  }
+
+  /* Estilo unificado para enlaces <a> y botones <button> */
+  .btn-icon {
+    /* Tamaño y Forma */
+    width: 36px;
+    height: 36px;
+    border-radius: 50%;
+    
+    /* Flexbox para centrar el icono */
+    display: inline-flex; 
+    align-items: center;
+    justify-content: center;
+    
+    /* Estilos visuales base */
+    border: 1px solid #eee;
+    background: white;
+    color: #666;
+    font-size: 0.9rem;
+    
+    /* Comportamiento */
+    cursor: pointer;
+    transition: all 0.2s ease;
+    text-decoration: none; /* Para los <a> */
+    
+    /* --- RESET CRÍTICO PARA <BUTTON> --- */
+    padding: 0;      /* Los botones traen padding extra por defecto */
+    margin: 0;       /* Los botones a veces traen margen */
+    outline: none;   /* Quita el borde de selección */
+    appearance: none; /* Quita estilos nativos del sistema operativo */
+  }
+
+  /* Hover Effects (Se mantienen igual) */
+  .btn-icon:hover { 
+    transform: translateY(-2px); 
+    box-shadow: 0 3px 8px rgba(0,0,0,0.1); 
+  }
+
+  .btn-icon.edit:hover { background: #333; color: white; border-color: #333; }
+  .btn-icon.orders:hover { background: #c06b3e; color: white; border-color: #c06b3e; }
+
+  /* Botón Eliminar (Rojo) */
+  .btn-icon.delete { color: #dc3545; border-color: #fadbd8; background: #fff5f5; }
+  .btn-icon.delete:hover { background: #dc3545; color: white; border-color: #dc3545; }
+
+  @media (max-width: 768px) {
+    .control-bar { flex-direction: column; gap: 15px; border-radius: 20px; padding: 20px; }
+    .filter-group { width: 100%; justify-content: center; }
+    .sort-group { width: 100%; justify-content: center; }
+    .card-body { flex-direction: column; align-items: flex-start; }
+    .user-actions-col { width: 100%; flex-direction: row; justify-content: space-between; align-items: center; border-top: 1px solid #eee; padding-top: 15px; margin-top: 15px; }
+    .actions-row { justify-content: center; }
+  }
+</style>
+{% endblock %}
+
+{% block content %}
+<div class="page-container">
+  
+  <div class="page-header">
+    <h1>Usuarios</h1>
+    <p>Administración y control de acceso</p>
+  </div>
+
+  <div class="actions-row">
+    <a href="{% url 'user_create_admin' %}" class="btn-create">
+        <i class="fas fa-plus"></i> Nuevo Usuario
+    </a>
+  </div>
+
+  <form method="GET" class="control-bar">
+    
+    <div class="filter-group">
+      <a href="?role=all&order={{ request.GET.order }}" 
+        class="filter-pill {% if not request.GET.role or request.GET.role == 'all' %}active{% endif %}">
+        Todos
+      </a>
+      
+      <a href="?role=admin&order={{ request.GET.order }}" 
+        class="filter-pill {% if request.GET.role == 'admin' %}active{% endif %}">
+        Administradores
+      </a>
+      
+      <a href="?role=user&order={{ request.GET.order }}" 
+        class="filter-pill {% if request.GET.role == 'user' %}active{% endif %}">
+        Clientes
+      </a>
+    </div>
+
+    <div class="sort-group">
+      {% if request.GET.role %}<input type="hidden" name="role" value="{{ request.GET.role }}">{% endif %}
+
+      <span class="sort-label">Ordenar por:</span>
+      <select name="order" class="sort-select" onchange="this.form.submit()">
+        <option value="newest" {% if request.GET.order == 'newest' %}selected{% endif %}>Más recientes</option>
+        <option value="oldest" {% if request.GET.order == 'oldest' %}selected{% endif %}>Más antiguos</option>
+        <option value="name_asc" {% if request.GET.order == 'name_asc' %}selected{% endif %}>Nombre (A-Z)</option>
+        <option value="name_desc" {% if request.GET.order == 'name_desc' %}selected{% endif %}>Nombre (Z-A)</option>
+        <option value="email_asc" {% if request.GET.order == 'email_asc' %}selected{% endif %}>Email (A-Z)</option>
+        <option value="email_desc" {% if request.GET.order == 'email_desc' %}selected{% endif %}>Email (Z-A)</option>
+        <option value="login_desc" {% if request.GET.order == 'login_desc' %}selected{% endif %}>Último acceso (Asc)</option>
+        <option value="login_asc" {% if request.GET.order == 'login_asc' %}selected{% endif %}>Último acceso (Desc)</option>
+        </select>
+    </div>
+
+  </form>
+
+  {% if users %}
+    {% for user in users %}
+      <div class="card">
+        
+        <div class="card-header">
+            <div class="status-indicator">
+                <div class="dot {% if user.is_active %}active{% endif %}" 
+                     title="{% if user.is_active %}Activo{% else %}Inactivo{% endif %}"></div>
+                <span>ID: #{{ user.id }}</span>
+            </div>
+            
+            <div title="Última conexión" style="font-size: 0.8rem;">
+                {% if user.last_login %}
+                    Última vez hace {{ user.last_login|timesince }}
+                {% else %}
+                    Sin actividad registrada
+                {% endif %}
+            </div>
+        </div>
+
+        <div class="card-body">
+          
+          <div class="user-identity">
+            {% if user.photo %}
+              <img src="{{ user.photo.url }}" class="avatar-lg">
+            {% else %}
+              <div class="avatar-lg"><i class="fas fa-user"></i></div>
+            {% endif %}
+
+            <div class="user-info">
+              <h3>
+                {% if user.first_name %}{{ user.first_name }} {{ user.last_name }}{% else %}{{ user.username }}{% endif %}
+              </h3>
+              <div class="email">{{ user.email }}</div>
+              <div class="meta">
+                <i class="far fa-calendar-alt"></i> {{ user.date_joined|date:"d M Y" }}
+              </div>
+            </div>
+          </div>
+
+          <div class="user-actions-col">
+            
+            {% if user.role == "admin" %}
+              <span class="role-badge role-admin">
+                  <i class="fas fa-crown"></i> Admin
+              </span>
+            {% else %}
+              <span class="role-badge role-user">
+                  <i class="fas fa-user"></i> Cliente
+              </span>
+            {% endif %}
+
+            <div class="action-buttons">
+              {% if user.id != request.user.id %}
+                <a href="{% url 'user_delete_admin' user.id %}" class="btn-icon delete" title="Eliminar usuario"><i class="fas fa-trash-alt"></i></a>
+              {% endif %}
+
+              <a href="{% url 'user_edit_admin' user.id %}" class="btn-icon edit" title="Editar"><i class="fas fa-pen"></i></a>
+
+            </div>
+          </div>
+
+        </div>
+      </div>
+    {% endfor %}
+  {% endif %}
+
+</div>
+{% endblock %}
\ No newline at end of file
diff --git a/essenza/user/forms.py b/essenza/user/forms.py
index ed47366..d9b17f1 100644
--- a/essenza/user/forms.py
+++ b/essenza/user/forms.py
@@ -1,7 +1,7 @@
 from django import forms
 from django.contrib.auth.forms import UserCreationForm
 
-from .models import Usuario
+from .models import Role, Usuario
 
 
 class LoginForm(forms.Form):
@@ -75,3 +75,74 @@ def save(self, commit=True):
         if commit:
             user.save()
         return user
+
+
+class UserCreationFormAdmin(RegisterForm):
+    # Añadimos SOLO lo que le falta al registro normal: Control de Rol y Estado
+    role = forms.ChoiceField(
+        choices=Role.choices,
+        label="Rol Inicial",
+        required=True,
+        initial=Role.USER,  # Por defecto creamos clientes
+    )
+
+    is_active = forms.BooleanField(
+        label="Cuenta Activa",
+        required=False,
+        initial=True,
+        help_text="Desmarca si quieres crearlo pero bloquearle el acceso.",
+    )
+
+    class Meta(RegisterForm.Meta):
+        # Heredamos el modelo de RegisterForm
+        model = Usuario
+        # Añadimos los nuevos campos a los que ya tenía RegisterForm
+        fields = RegisterForm.Meta.fields + ("role", "is_active")
+
+
+class UserEditFormAdmin(forms.ModelForm):
+    first_name = forms.CharField(label="Nombre", required=False)
+    last_name = forms.CharField(label="Apellidos", required=False)
+    email = forms.EmailField(label="Correo electrónico", required=True)
+
+    role = forms.ChoiceField(
+        choices=Role.choices,
+        label="Rol de Usuario",
+        required=True,
+        widget=forms.Select(attrs={"class": "form-select"}),
+    )
+    is_active = forms.BooleanField(
+        label="Cuenta Activa",
+        required=False,
+        help_text="Desmarca esto para bloquear el acceso al usuario sin borrarlo.",
+    )
+
+    photo = forms.ImageField(
+        label="Foto de perfil", required=False, widget=forms.FileInput
+    )
+    remove_photo = forms.BooleanField(required=False, label="Eliminar foto actual")
+
+    class Meta:
+        model = Usuario
+        fields = ("first_name", "last_name", "email", "role", "is_active", "photo")
+
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+
+        if not self.instance or not self.instance.photo:
+            self.fields["remove_photo"].widget = forms.HiddenInput()
+
+    def save(self, commit=True):
+        user = super().save(commit=False)
+
+        if self.cleaned_data.get("remove_photo") and not self.files.get("photo"):
+            try:
+                if user.photo:
+                    user.photo.delete(save=False)
+            except Exception:
+                pass
+            user.photo = None
+
+        if commit:
+            user.save()
+        return user
diff --git a/essenza/user/tests.py b/essenza/user/tests.py
index 29aaece..c052e97 100644
--- a/essenza/user/tests.py
+++ b/essenza/user/tests.py
@@ -6,7 +6,8 @@
 from django.test import TestCase
 from django.urls import reverse
 
-User = get_user_model()
+# UNIFICACIÓN: Usamos 'Usuario' para todo el archivo
+Usuario = get_user_model()
 
 
 class LoginViewTests(TestCase):
@@ -15,7 +16,7 @@ def setUp(self):
         self.username = "user1"
         self.email = "user1@example.com"
         self.password = "pass1234"
-        self.user = User.objects.create_user(
+        self.user = Usuario.objects.create_user(
             username=self.username, email=self.email, password=self.password
         )
         self.login_url = reverse("login")
@@ -61,7 +62,7 @@ class RegisterViewTests(TestCase):
     def setUp(self):
         self.register_url = reverse("register")
         self.dashboard_url = reverse("dashboard")
-        self.initial_user_count = User.objects.count()
+        self.initial_user_count = Usuario.objects.count()
 
         # Datos para un nuevo usuario de prueba
         self.valid_data = {
@@ -87,16 +88,16 @@ def test_successful_registration_redirects_and_creates_user(self):
 
         self.assertEqual(resp.status_code, 302)
         self.assertEqual(resp["Location"], self.dashboard_url)
-        self.assertEqual(User.objects.count(), self.initial_user_count + 1)
+        self.assertEqual(Usuario.objects.count(), self.initial_user_count + 1)
 
-        new_user = User.objects.get(email=data["email"])
+        new_user = Usuario.objects.get(email=data["email"])
         self.assertTrue(
             new_user.check_password(data["password1"])
         )  # La contraseña está hasheada
 
     # 3. Registro con email duplicado muestra error
     def test_registration_with_duplicate_email_shows_error(self):
-        User.objects.create_user(
+        Usuario.objects.create_user(
             username="test", email=self.valid_data["email"], password="test"
         )  # Usuario previo creado con mismo email
         data = self.valid_data.copy()
@@ -105,7 +106,7 @@ def test_registration_with_duplicate_email_shows_error(self):
         )  # Intento de registro con el mismo email
 
         self.assertEqual(
-            User.objects.count(), self.initial_user_count + 1
+            Usuario.objects.count(), self.initial_user_count + 1
         )  # Solo se añade el usuario creado antes
         self.assertContains(resp, "Ya existe Usuario con este Email.", html=True)
 
@@ -115,7 +116,7 @@ def test_registration_with_mismatched_passwords_shows_error(self):
         data["password2"] = "diferente123"
         resp = self.client.post(self.register_url, data)
 
-        self.assertEqual(User.objects.count(), self.initial_user_count)
+        self.assertEqual(Usuario.objects.count(), self.initial_user_count)
         self.assertContains(resp, "Los dos campos de contraseña no coinciden.")
 
     # 5. Registro con campo 'first_name' vacío muestra error (required=True)
@@ -124,7 +125,7 @@ def test_registration_missing_first_name_shows_error(self):
         data["first_name"] = ""
         resp = self.client.post(self.register_url, data)
 
-        self.assertEqual(User.objects.count(), self.initial_user_count)
+        self.assertEqual(Usuario.objects.count(), self.initial_user_count)
         self.assertContains(resp, "Este campo es obligatorio.")
 
     # 6. Registro con subida de foto válida
@@ -149,7 +150,7 @@ def test_registration_with_valid_photo(self):
         resp = self.client.post(self.register_url, data, follow=False)
 
         self.assertEqual(resp.status_code, 302)
-        new_user = User.objects.get(email=data["email"])
+        new_user = Usuario.objects.get(email=data["email"])
         self.assertTrue(new_user.photo.name.startswith("profile_pics/test_photo"))
 
         # Elimina la foto creada
@@ -166,14 +167,14 @@ def test_registration_without_photo_is_successful(self):
         resp = self.client.post(self.register_url, data, follow=False)
 
         self.assertEqual(resp.status_code, 302)
-        new_user = User.objects.get(email=data["email"])
+        new_user = Usuario.objects.get(email=data["email"])
         self.assertFalse(new_user.photo)
 
 
 class LogoutViewTests(TestCase):
     def setUp(self):
-        self.client = self.client = self.client = self.client_class()
-        self.user = User.objects.create_user(
+        self.client = self.client_class()
+        self.user = Usuario.objects.create_user(
             username="userlogout", email="logout@example.com", password="testlogout123"
         )
         self.login_url = reverse("login")
@@ -215,3 +216,180 @@ def test_logout_deletes_session_cookie(self):
     def test_logout_redirects_even_if_not_authenticated(self):
         response = self.client.get(self.logout_url)
         self.assertRedirects(response, self.dashboard_url)
+
+
+class UserAdminViewsTests(TestCase):
+    def setUp(self):
+        # 1. Creamos un ADMIN
+        self.admin_user = Usuario.objects.create_user(
+            email="admin@test.com",
+            username="admin@test.com",
+            password="password123",
+            role="admin",
+            first_name="Admin",
+            last_name="Jefe",
+        )
+
+        # 2. Creamos un USUARIO NORMAL (Cliente)
+        self.normal_user = Usuario.objects.create_user(
+            email="user@test.com",
+            username="user@test.com",
+            password="password123",
+            role="user",
+            first_name="Cliente",
+            last_name="Uno",
+        )
+
+        # 3. Creamos un USUARIO OBJETIVO (Para editar/borrar)
+        self.target_user = Usuario.objects.create_user(
+            email="target@test.com",
+            username="target@test.com",
+            password="password123",
+            role="user",
+            first_name="Zacarias",
+            last_name="Target",
+        )
+
+        # URLs
+        self.url_list = reverse("user_list")
+        self.url_create = reverse("user_create_admin")
+        self.url_edit = reverse("user_edit_admin", args=[self.target_user.pk])
+        self.url_delete = reverse("user_delete_admin", args=[self.target_user.pk])
+        self.url_dashboard = reverse("dashboard")
+        self.url_login = reverse("login")
+
+    # ========================================================
+    # 1. PRUEBAS DE SEGURIDAD
+    # ========================================================
+
+    def test_anon_user_redirects_to_login(self):
+        """Si no estás logueado, no entras."""
+        endpoints = [self.url_list, self.url_create, self.url_edit, self.url_delete]
+        for url in endpoints:
+            resp = self.client.get(url)
+            # Redirige al login (302)
+            self.assertNotEqual(resp.status_code, 200)
+
+    def test_normal_user_redirects_to_dashboard(self):
+        """Si eres cliente, te echa al dashboard."""
+        self.client.force_login(self.normal_user)
+        endpoints = [self.url_list, self.url_create, self.url_edit, self.url_delete]
+        for url in endpoints:
+            resp = self.client.get(url)
+            self.assertRedirects(resp, self.url_dashboard)
+
+    def test_admin_can_access(self):
+        """El admin entra hasta la cocina."""
+        self.client.force_login(self.admin_user)
+        resp = self.client.get(self.url_list)
+        self.assertEqual(resp.status_code, 200)
+        self.assertTemplateUsed(resp, "user/user_list.html")
+
+    # ========================================================
+    # 2. PRUEBAS DE LISTADO (Filtros y Orden)
+    # ========================================================
+
+    def test_list_filter_role(self):
+        self.client.force_login(self.admin_user)
+        # Filtramos solo admins
+        resp = self.client.get(self.url_list, {"role": "admin"})
+        users = resp.context["users"]
+        self.assertIn(self.admin_user, users)
+        self.assertNotIn(self.normal_user, users)
+
+    def test_list_order_by_name(self):
+        self.client.force_login(self.admin_user)
+        # Orden A-Z: 'Admin' va antes que 'Zacarias'
+        resp = self.client.get(self.url_list, {"order": "name_asc"})
+        users = list(resp.context["users"])
+
+        # Verificamos posiciones relativas
+        index_admin = users.index(self.admin_user)
+        index_target = users.index(self.target_user)
+        self.assertTrue(index_admin < index_target)
+
+    # ========================================================
+    # 3. PRUEBA DE CREAR (Sin foto)
+    # ========================================================
+
+    def test_create_user_success(self):
+        self.client.force_login(self.admin_user)
+
+        # Datos sin archivo de imagen
+        data = {
+            "email": "new@test.com",
+            "first_name": "Nuevo",
+            "last_name": "Usuario",
+            "role": "user",
+            "is_active": True,
+            "password1": "Pass12345",  # Campos requeridos por tu AdminUserCreationForm
+            "password2": "Pass12345",
+        }
+
+        resp = self.client.post(self.url_create, data)
+
+        # Debe redirigir al listado
+        self.assertRedirects(resp, self.url_list)
+
+        # Verificamos que existe en DB
+        self.assertTrue(Usuario.objects.filter(email="new@test.com").exists())
+
+        # Verificamos que NO nos ha logueado con el nuevo usuario (el admin sigue siendo admin)
+        self.assertEqual(int(self.client.session["_auth_user_id"]), self.admin_user.pk)
+
+    # ========================================================
+    # 4. PRUEBA DE EDITAR (Sin foto)
+    # ========================================================
+
+    def test_update_user_success(self):
+        self.client.force_login(self.admin_user)
+
+        data = {
+            "email": "updated@test.com",  # Cambiamos email
+            "first_name": "Editado",
+            "last_name": "Test",
+            "role": "admin",  # Lo ascendemos a admin
+            "is_active": False,  # Lo baneamos
+        }
+
+        resp = self.client.post(self.url_edit, data)
+
+        self.assertRedirects(resp, self.url_list)
+
+        # Refrescamos desde DB para comprobar cambios
+        self.target_user.refresh_from_db()
+        self.assertEqual(self.target_user.email, "updated@test.com")
+        self.assertEqual(self.target_user.role, "admin")
+        self.assertFalse(self.target_user.is_active)
+
+    # ========================================================
+    # 5. PRUEBAS DE BORRAR
+    # ========================================================
+
+    def test_delete_user_success(self):
+        self.client.force_login(self.admin_user)
+
+        # 1. GET muestra confirmación
+        resp_get = self.client.get(self.url_delete)
+        self.assertEqual(resp_get.status_code, 200)
+        self.assertTemplateUsed(resp_get, "user/confirm_delete_user_admin.html")
+
+        # 2. POST borra
+        resp_post = self.client.post(self.url_delete)
+        self.assertRedirects(resp_post, self.url_list)
+
+        # Verificamos que murió
+        self.assertFalse(Usuario.objects.filter(pk=self.target_user.pk).exists())
+
+    def test_admin_cannot_delete_self(self):
+        """El admin no puede borrarse a sí mismo."""
+        self.client.force_login(self.admin_user)
+
+        url_delete_self = reverse("user_delete_admin", args=[self.admin_user.pk])
+
+        # Intentamos borrar al admin logueado -> Debe redirigir al listado sin borrar
+        resp = self.client.post(url_delete_self)
+        self.assertRedirects(resp, self.url_list)
+
+        # Verificamos que sigue vivo
+        self.assertTrue(Usuario.objects.filter(pk=self.admin_user.pk).exists())
diff --git a/essenza/user/urls.py b/essenza/user/urls.py
index b95daf4..8a78ea8 100644
--- a/essenza/user/urls.py
+++ b/essenza/user/urls.py
@@ -9,4 +9,20 @@
     path("profile/", views.ProfileView.as_view(), name="profile"),
     path("profile/edit/", views.ProfileEditView.as_view(), name="profile_edit"),
     path("profile/delete/", views.ProfileDeleteView.as_view(), name="profile_delete"),
+    path("list/", views.UserListView.as_view(), name="user_list"),
+    path(
+        "manage/create/",
+        views.UserCreateViewAdmin.as_view(),
+        name="user_create_admin",
+    ),
+    path(
+        "manage/edit/<int:pk>/",
+        views.UserUpdateViewAdmin.as_view(),
+        name="user_edit_admin",
+    ),
+    path(
+        "manage/delete/<int:pk>/",
+        views.UserDeleteViewAdmin.as_view(),
+        name="user_delete_admin",
+    ),
 ]
diff --git a/essenza/user/views.py b/essenza/user/views.py
index 315602d..baf9696 100644
--- a/essenza/user/views.py
+++ b/essenza/user/views.py
@@ -1,9 +1,20 @@
 from django.contrib.auth import authenticate, login, logout
-from django.contrib.auth.mixins import LoginRequiredMixin  # Para proteger vistas
-from django.shortcuts import redirect, render
+from django.contrib.auth.mixins import (  # Para proteger vistas
+    LoginRequiredMixin,
+    UserPassesTestMixin,
+)
+from django.db.models import F
+from django.shortcuts import get_object_or_404, redirect, render
 from django.views import View
 
-from .forms import LoginForm, ProfileEditForm, RegisterForm
+from .forms import (
+    LoginForm,
+    ProfileEditForm,
+    RegisterForm,
+    UserCreationFormAdmin,
+    UserEditFormAdmin,
+)
+from .models import Usuario
 
 
 class LoginView(View):
@@ -134,3 +145,147 @@ def post(self, request, *args, **kwargs):
             photo_to_delete.delete(save=False)
 
         return redirect("dashboard")
+
+
+class UserListView(LoginRequiredMixin, UserPassesTestMixin, View):
+    template_name = "user/user_list.html"
+
+    def test_func(self):
+        return self.request.user.is_authenticated and self.request.user.role == "admin"
+
+    def handle_no_permission(self):
+        if not self.request.user.is_authenticated:
+            return redirect("login")
+        return redirect("dashboard")
+
+    def get(self, request):
+        role_filter = request.GET.get("role", "all")
+        order_filter = request.GET.get("order", "newest")
+        users = Usuario.objects.all()
+        # Filtrado por rol
+        if role_filter == "admin":
+            users = users.filter(role="admin")
+        elif role_filter == "user":
+            users = users.filter(role="user")
+        # Ordenación
+        if order_filter == "oldest":
+            users = users.order_by("date_joined")
+        elif order_filter == "name_asc":
+            users = users.order_by("first_name", "username")
+        elif order_filter == "name_desc":
+            users = users.order_by("-first_name", "-username")
+        elif order_filter == "email_asc":
+            users = users.order_by("email")
+        elif order_filter == "email_desc":
+            users = users.order_by("-email")
+        elif order_filter == "login_desc":
+            users = users.order_by(F("last_login").desc(nulls_last=True))
+        elif order_filter == "login_asc":
+            users = users.order_by(F("last_login").asc(nulls_first=True))
+        else:
+            users = users.order_by("-date_joined")
+        return render(request, self.template_name, {"users": users})
+
+
+class UserCreateViewAdmin(LoginRequiredMixin, UserPassesTestMixin, View):
+    form_class = UserCreationFormAdmin
+    template_name = "user/user_create_admin.html"
+
+    def test_func(self):
+        return self.request.user.is_authenticated and self.request.user.role == "admin"
+
+    def handle_no_permission(self):
+        return redirect("dashboard")
+
+    def get(self, request, *args, **kwargs):
+        form = self.form_class()
+        return render(request, self.template_name, {"form": form})
+
+    def post(self, request, *args, **kwargs):
+        form = self.form_class(request.POST, request.FILES)
+
+        if form.is_valid():
+            form.save()
+
+            return redirect("user_list")
+
+        return render(request, self.template_name, {"form": form})
+
+
+class UserUpdateViewAdmin(LoginRequiredMixin, UserPassesTestMixin, View):
+    form_class = UserEditFormAdmin
+    template_name = "user/user_edit_admin.html"
+
+    def test_func(self):
+        return self.request.user.is_authenticated and self.request.user.role == "admin"
+
+    def handle_no_permission(self):
+        return redirect("dashboard")
+
+    def get(self, request, pk, *args, **kwargs):
+        user_to_edit = get_object_or_404(Usuario, pk=pk)
+
+        form = self.form_class(instance=user_to_edit)
+        return render(request, self.template_name, {"form": form})
+
+    def post(self, request, pk, *args, **kwargs):
+        user_to_edit = get_object_or_404(Usuario, pk=pk)
+
+        try:
+            old_photo = user_to_edit.photo
+        except AttributeError:
+            old_photo = None
+
+        form = self.form_class(request.POST, request.FILES, instance=user_to_edit)
+
+        if form.is_valid():
+            saved_user = form.save()
+
+            if old_photo and old_photo != saved_user.photo:
+                try:
+                    old_photo.delete(save=False)
+                except Exception:
+                    pass
+
+            return redirect("user_list")
+
+        return render(request, self.template_name, {"form": form})
+
+
+class UserDeleteViewAdmin(LoginRequiredMixin, UserPassesTestMixin, View):
+    template_name = "user/confirm_delete_user_admin.html"
+
+    def test_func(self):
+        return self.request.user.is_authenticated and self.request.user.role == "admin"
+
+    def handle_no_permission(self):
+        return redirect("dashboard")
+
+    def get(self, request, pk, *args, **kwargs):
+        user_to_delete = get_object_or_404(Usuario, pk=pk)
+
+        if user_to_delete == request.user:
+            return redirect("user_list")
+
+        return render(request, self.template_name, {"object": user_to_delete})
+
+    def post(self, request, pk, *args, **kwargs):
+        user_to_delete = get_object_or_404(Usuario, pk=pk)
+
+        if user_to_delete == request.user:
+            return redirect("user_list")
+
+        try:
+            photo_to_delete = user_to_delete.photo
+        except AttributeError:
+            photo_to_delete = None
+
+        user_to_delete.delete()
+
+        if photo_to_delete:
+            try:
+                photo_to_delete.delete(save=False)
+            except Exception:
+                pass
+
+        return redirect("user_list")