Saltar al contenido principal

Roles

Gestión de Roles

Los endpoints de roles permiten gestionar los diferentes roles de usuario en el sistema.

  • GET /roles: Obtiene todos los roles del sistema.

    • Authorization: Requiere access token válido (admin)
    • cURL Example:
    curl -X GET http://127.0.0.1:9154/roles \
      -H "Cookie: accessToken=$ACCESS_TOKEN" \
      -H "Cookie: refreshToken=$REFRESH_TOKEN"
    • Response Body (Éxito - 200 OK):
    [
      {
        "id": "e7349203-1bdf-4d8a-8a83-0f5dccb23e1b",
        "role": "coolrolename",
        "password": "******",
        "isAdmin": true
      }
    ]
    • Response Body (Sin contenido - 204 No Content):
    "No roles found"

  • GET /roles/{id}: Obtiene un rol específico por su ID.

    • Authorization: Requiere access token válido (enviado automáticamente via cookies)
    • Path Parameters:
      • id (string): ID del rol a obtener
    • cURL Example:
    curl -X GET http://127.0.0.1:9154/roles/76ee1086-b945-4170-b2e6-9fbeb95ae0be \
      -H "Cookie: accessToken=$ACCESS_TOKEN" \
      -H "Cookie: refreshToken=$REFRESH_TOKEN"
    • Response Body (Éxito - 200 OK):
    {
      "id": "e7349203-1bdf-4d8a-8a83-0f5dccb23e1b",
      "role": "coolrolename",
      "password": "******",
      "isAdmin": true
    }

  • POST /roles: Crea un nuevo rol en el sistema.

    • Authorization: Requiere access token válido (admin)
    • Request Body:
      {
          "role" : "String",
          "password": "String",
          "isAdmin": true || false
      }
    • cURL Example:
    curl -X POST http://127.0.0.1:9154/roles \
      -H 'Content-Type: application/json' \
      -H "Cookie: accessToken=$ACCESS_TOKEN" \
      -H "Cookie: refreshToken=$REFRESH_TOKEN" \
      -d '{
          "role" : "admin",
          "password": "S3cur3P4ssw0rd!!",
          "isAdmin": true
      }'
    • Response Body (Éxito - 201 Created):
    {
      "id": "5f80cf01-9448-4332-a981-0140cba12279",
      "message": "Role added successfully"
    }

  • PUT /roles/{id}: Actualiza un rol existente.

    • Authorization: Requiere access token válido (admin)
    • Path Parameters:
      • id (string): ID del rol a actualizar
    • Request Body:
      {
          "role" : "admin",
          "password": "S3cur3P4ssw0rd!!",
          "isAdmin": true
      }
    • cURL Example:
    curl -X PUT http://127.0.0.1:9154/roles/76ee1086-b945-4170-b2e6-9fbeb95ae0be \
      -H 'Content-Type: application/json' \
      -H "Cookie: accessToken=$ACCESS_TOKEN" \
      -H "Cookie: refreshToken=$REFRESH_TOKEN" \
      -d '{
          "role" : "admin",
          "password": "S3cur3P4ssw0rd123!!",
          "isAdmin": true
      }'
    • Response Body (Éxito - 200 OK):
    "Role updated successfully"

  • DELETE /roles/{id}: Elimina un rol del sistema.

    • Authorization: Requiere access token válido (admin)
    • Path Parameters:
      • id (string): ID del rol a eliminar
    • cURL Example:
    curl -X DELETE http://127.0.0.1:9154/roles/76ee1086-b945-4170-b2e6-9fbeb95ae0be \
      -H "Cookie: accessToken=$ACCESS_TOKEN" \
      -H "Cookie: refreshToken=$REFRESH_TOKEN"
    • Response Body (Éxito - 204 No Content):
    "Role deleted successfully"

Permisos por Rol

  • GET /roles/{id}/permissions: Lista los permisos asignados a un rol.

    • Authorization: Requiere access token válido (admin)
    • Path Parameters:
      • id (string): ID del rol
    • cURL Example:
    curl -X GET http://127.0.0.1:9154/roles/76ee1086-b945-4170-b2e6-9fbeb95ae0be/permissions \
      -H "Cookie: accessToken=$ACCESS_TOKEN" \
      -H "Cookie: refreshToken=$REFRESH_TOKEN"
    • Response Body (Éxito - 200 OK):
    [
      { "id": "0f3c...", "name": "products_read", "description": "List and view products", "enabled": true },
      { "id": "1a2b...", "name": "orders_create", "description": "Create new orders", "enabled": true }
    ]
    • Response Body (Sin contenido - 204 No Content): sin cuerpo

  • PUT /roles/{id}/permissions: Reemplaza completamente los permisos asignados a un rol.

    • Authorization: Requiere access token válido (admin)
    • Path Parameters:
      • id (string): ID del rol
    • Request Body:
    {
      "permissions": ["products_read", "orders_create", "orders_read"]
    }
    • Las claves en permissions corresponden al campo name de cada permiso (por ejemplo: products_read, products_update, orders_export).
    • cURL Example:
    curl -X PUT http://127.0.0.1:9154/roles/76ee1086-b945-4170-b2e6-9fbeb95ae0be/permissions \
      -H 'Content-Type: application/json' \
      -H "Cookie: accessToken=$ACCESS_TOKEN" \
      -H "Cookie: refreshToken=$REFRESH_TOKEN" \
      -d '{
        "permissions": ["products_read", "orders_create", "orders_read"]
      }'
    • Response Body (Éxito - 200 OK):
    {
      "roleId": "76ee1086-b945-4170-b2e6-9fbeb95ae0be",
      "assigned": 3
    }

Notas importantes:

  • Todos los endpoints de roles requieren autenticación via access token
  • Los IDs de roles deben ser únicos en el sistema
  • La eliminación de un rol puede afectar a usuarios que tengan asignado ese rol
  • Los campos id y name son requeridos para crear/actualizar roles