diff --git a/server.js b/server.js
index 769b198..465f969 100644
--- a/server.js
+++ b/server.js
@@ -36,7 +36,7 @@ async function autoUpdateDB() {
   try {
     console.log("🔄 Verificando estructura DB...");
 
-    // 1. ESTRUCTURA BÁSICA
+    // 1. TABLAS PRINCIPALES
     await client.query(`
       CREATE TABLE IF NOT EXISTS users (
         id SERIAL PRIMARY KEY,
@@ -103,15 +103,29 @@ async function autoUpdateDB() {
       );
     `);
 
-    // 2. TABLAS ZONAS (Simplificadas, sin provincias ni pueblos externos)
+    // 2. TABLAS GEOGRÁFICAS (Mantenemos la estructura por si acaso, pero vacías)
     await client.query(`
+      CREATE TABLE IF NOT EXISTS provinces (
+        id SERIAL PRIMARY KEY,
+        name TEXT UNIQUE NOT NULL
+      );
+      CREATE TABLE IF NOT EXISTS towns (
+        id SERIAL PRIMARY KEY,
+        province_id INT REFERENCES provinces(id) ON DELETE CASCADE,
+        name TEXT NOT NULL
+      );
       CREATE TABLE IF NOT EXISTS zones (
         id SERIAL PRIMARY KEY,
+        province_id INT REFERENCES provinces(id) ON DELETE CASCADE,
         name TEXT NOT NULL,
         owner_id INT, 
         created_at TIMESTAMP DEFAULT NOW()
       );
-
+      CREATE TABLE IF NOT EXISTS zone_towns (
+        zone_id INT REFERENCES zones(id) ON DELETE CASCADE,
+        town_id INT REFERENCES towns(id) ON DELETE CASCADE,
+        PRIMARY KEY (zone_id, town_id)
+      );
       CREATE TABLE IF NOT EXISTS user_zones (
         user_id INT REFERENCES users(id) ON DELETE CASCADE,
         zone_id INT REFERENCES zones(id) ON DELETE CASCADE,
@@ -119,7 +133,7 @@ async function autoUpdateDB() {
       );
     `);
 
-    // 3. SERVICIOS
+    // 3. TABLA SERVICIOS
     await client.query(`
       CREATE TABLE IF NOT EXISTS services (
         id SERIAL PRIMARY KEY,
@@ -157,7 +171,7 @@ async function autoUpdateDB() {
       );
     `);
 
-    // 4. PARCHE DE REPARACIÓN
+    // 4. PARCHE DE REPARACIÓN (Asegura columnas)
     await client.query(`
       DO $$ BEGIN 
         IF NOT EXISTS (SELECT 1 FROM information_schema.columns WHERE table_name='services' AND column_name='client_id') THEN ALTER TABLE services ADD COLUMN client_id INT REFERENCES clients(id) ON DELETE SET NULL; END IF;
@@ -221,7 +235,7 @@ app.get("/clients/search", authMiddleware, async (req, res) => {
 app.get("/companies", authMiddleware, async (req, res) => { try { const q = await pool.query("SELECT * FROM companies WHERE owner_id=$1 ORDER BY name ASC", [req.user.accountId]); res.json({ ok: true, companies: q.rows }); } catch (e) { res.status(500).json({ ok: false }); } });
 app.post("/companies", authMiddleware, async (req, res) => { try { const { name } = req.body; await pool.query("INSERT INTO companies (name, owner_id) VALUES ($1, $2)", [name, req.user.accountId]); res.json({ ok: true }); } catch (e) { res.status(500).json({ ok: false }); } });
 
-// OBTENER OPERARIOS POR GREMIO (Y ZONA EN EL FUTURO)
+// OBTENER OPERARIOS POR GREMIO
 app.get("/operators", authMiddleware, async (req, res) => {
     try {
         const { guild_id } = req.query;
@@ -298,4 +312,110 @@ app.post("/services", authMiddleware, async (req, res) => {
         const cCheck = await client.query("SELECT id, addresses FROM clients WHERE phone=$1 AND owner_id=$2", [p, req.user.accountId]);
         if (cCheck.rowCount > 0) {
             clientId = cCheck.rows[0].id;
-            let addrs = c
\ No newline at end of file
+            let addrs = cCheck.rows[0].addresses || [];
+            if(!addrs.includes(address)) { addrs.push(address); await client.query("UPDATE clients SET addresses=$1 WHERE id=$2", [JSON.stringify(addrs), clientId]); }
+        } else {
+            const newC = await client.query("INSERT INTO clients (owner_id, full_name, phone, email, addresses) VALUES ($1, $2, $3, $4, $5) RETURNING id", [req.user.accountId, name, p, email, JSON.stringify([address])]);
+            clientId = newC.rows[0].id;
+        }
+
+        const insert = await client.query(`
+            INSERT INTO services (
+                owner_id, client_id, status_id, contact_phone, contact_name, address, email, 
+                description, scheduled_date, scheduled_time, duration_minutes, is_urgent, 
+                is_company, company_id, company_ref, internal_notes, client_notes, title,
+                guild_id, assigned_to
+            ) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, $17, $18, $19, $20) 
+            RETURNING id
+        `, [
+            req.user.accountId, clientId, finalStatus, p, name, address, email, 
+            description, scheduled_date || 'NOW()', scheduled_time || 'NOW()', safeDuration, is_urgent || false, 
+            is_company || false, safeCompanyId, company_ref, internal_notes, client_notes, name + " - Svc",
+            safeGuildId, safeAssignedTo
+        ]);
+
+        await client.query("INSERT INTO service_logs (service_id, user_id, new_status_id, comment) VALUES ($1, $2, $3, 'Servicio Creado')", [insert.rows[0].id, req.user.sub, finalStatus]);
+
+        await client.query('COMMIT');
+        res.json({ ok: true });
+    } catch (e) { await client.query('ROLLBACK'); console.error(e); res.status(500).json({ ok: false, error: e.message }); } finally { client.release(); }
+});
+
+// EDITAR SERVICIO (SANITIZADO)
+app.put("/services/:id", authMiddleware, async (req, res) => {
+    const client = await pool.connect();
+    try {
+        const { 
+            name, address, email, description, 
+            scheduled_date, scheduled_time, duration, is_urgent, 
+            is_company, company_id, company_ref, 
+            internal_notes, client_notes,
+            guild_id, assigned_to 
+        } = req.body;
+
+        const safeDuration = (duration === "" || duration === null) ? 30 : duration;
+        const safeCompanyId = (company_id === "" || company_id === null) ? null : company_id;
+        const safeGuildId = (guild_id === "" || guild_id === null) ? null : guild_id;
+        const safeAssignedTo = (assigned_to === "" || assigned_to === null) ? null : assigned_to;
+
+        await client.query('BEGIN');
+        await client.query(`
+            UPDATE services SET 
+            contact_name=$1, address=$2, email=$3, description=$4, 
+            scheduled_date=$5, scheduled_time=$6, duration_minutes=$7, is_urgent=$8,
+            is_company=$9, company_id=$10, company_ref=$11, 
+            internal_notes=$12, client_notes=$13,
+            guild_id=$14, assigned_to=$15
+            WHERE id=$16 AND owner_id=$17
+        `, [
+            name, address, email, description, 
+            scheduled_date, scheduled_time, safeDuration, is_urgent, 
+            is_company, safeCompanyId, company_ref, 
+            internal_notes, client_notes, 
+            safeGuildId, safeAssignedTo,
+            req.params.id, req.user.accountId
+        ]);
+        
+        await client.query("INSERT INTO service_logs (service_id, user_id, new_status_id, comment) VALUES ($1, $2, (SELECT status_id FROM services WHERE id=$1), 'Datos editados')", [req.params.id, req.user.sub]);
+        await client.query('COMMIT'); res.json({ ok: true });
+    } catch (e) { await client.query('ROLLBACK'); console.error(e); res.status(500).json({ ok: false }); } finally { client.release(); }
+});
+
+app.delete("/services/:id", authMiddleware, async (req, res) => { try { await pool.query("DELETE FROM services WHERE id=$1 AND owner_id=$2", [req.params.id, req.user.accountId]); res.json({ ok: true }); } catch (e) { res.status(500).json({ ok: false }); } });
+
+// RUTAS USERS/GREMIOS
+app.get("/guilds", authMiddleware, async (req, res) => { try { const q = await pool.query("SELECT * FROM guilds WHERE owner_id=$1 ORDER BY name ASC", [req.user.accountId]); res.json({ ok: true, guilds: q.rows }); } catch (e) { res.status(500).json({ ok: false }); } });
+app.post("/guilds", authMiddleware, async (req, res) => { try { const { name } = req.body; await pool.query("INSERT INTO guilds (name, owner_id) VALUES ($1, $2)", [name, req.user.accountId]); res.json({ ok: true }); } catch (e) { res.status(500).json({ ok: false }); } });
+app.delete("/guilds/:id", authMiddleware, async (req, res) => { try { await pool.query("DELETE FROM guilds WHERE id=$1 AND owner_id=$2", [req.params.id, req.user.accountId]); res.json({ ok: true }); } catch (e) { res.status(500).json({ ok: false }); } });
+
+app.get("/admin/users", authMiddleware, async (req, res) => { try { const q = await pool.query(`SELECT u.id, u.full_name, u.email, u.phone, u.role, COALESCE(json_agg(g.id) FILTER (WHERE g.id IS NOT NULL), '[]') as guilds FROM users u LEFT JOIN user_guilds ug ON u.id=ug.user_id LEFT JOIN guilds g ON ug.guild_id=g.id WHERE u.owner_id=$1 GROUP BY u.id ORDER BY u.id DESC`, [req.user.accountId]); res.json({ ok: true, users: q.rows }); } catch (e) { res.status(500).json({ ok: false }); } });
+app.post("/admin/users", authMiddleware, async (req, res) => {
+  const client = await pool.connect();
+  try {
+    const { fullName, email, password, role, guilds, phone } = req.body;
+    if (!email || !password || !fullName || !phone) return res.status(400).json({ ok: false });
+    const p = normalizePhone(phone); const hash = await bcrypt.hash(password, 10);
+    const check = await client.query("SELECT id FROM users WHERE (phone=$1 OR email=$2) AND owner_id=$3", [p, email, req.user.accountId]);
+    if (check.rowCount > 0) return res.status(400).json({ ok: false, error: "Duplicado" });
+    await client.query('BEGIN');
+    const insert = await client.query("INSERT INTO users (full_name, email, password_hash, role, phone, is_verified, owner_id) VALUES ($1, $2, $3, $4, $5, TRUE, $6) RETURNING id", [fullName, email, hash, role || 'operario', p, req.user.accountId]);
+    const uid = insert.rows[0].id;
+    if (guilds) for (const gid of guilds) await client.query("INSERT INTO user_guilds (user_id, guild_id) VALUES ($1, $2)", [uid, gid]);
+    await client.query('COMMIT'); res.json({ ok: true });
+  } catch (e) { await client.query('ROLLBACK'); res.status(500).json({ ok: false }); } finally { client.release(); }
+});
+app.put("/admin/users/:id", authMiddleware, async (req, res) => { 
+    const client = await pool.connect();
+    try {
+        const userId = req.params.id; const { fullName, email, phone, role, guilds, password } = req.body; const p = normalizePhone(phone);
+        await client.query('BEGIN');
+        if(password) { const hash = await bcrypt.hash(password, 10); await client.query("UPDATE users SET full_name=$1, email=$2, phone=$3, role=$4, password_hash=$5 WHERE id=$6", [fullName, email, p, role, hash, userId]); } 
+        else { await client.query("UPDATE users SET full_name=$1, email=$2, phone=$3, role=$4 WHERE id=$5", [fullName, email, p, role, userId]); }
+        if (guilds && Array.isArray(guilds)) { await client.query("DELETE FROM user_guilds WHERE user_id=$1", [userId]); for (const gid of guilds) await client.query("INSERT INTO user_guilds (user_id, guild_id) VALUES ($1, $2)", [userId, gid]); }
+        await client.query('COMMIT'); res.json({ ok: true });
+    } catch (e) { await client.query('ROLLBACK'); res.status(500).json({ ok: false }); } finally { client.release(); }
+});
+app.delete("/admin/users/:id", authMiddleware, async (req, res) => { try { await pool.query("DELETE FROM users WHERE id=$1 AND owner_id=$2", [req.params.id, req.user.accountId]); res.json({ ok: true }); } catch (e) { res.status(500).json({ ok: false }); } });
+
+const port = process.env.PORT || 3000;
+autoUpdateDB().then(() => { app.listen(port, "0.0.0.0", () => console.log(`🚀 Server OK en puerto ${port}`)); });
\ No newline at end of file