Skip to main content

Overview

Bar Galileo implements a comprehensive role-based access control (RBAC) system with user profiles and emergency contact information. This system allows fine-grained permission management through Module-Action-Role relationships.

Role Management Models

Role

Main role definition model.
nombre
CharField
required
Role name (max 50 characters, unique)
descripcion
TextField
Optional role description
Example: 
from roles.models import Role

# Create a role
role = Role.objects.create(
    nombre='Mesero',
    descripcion='Personal de servicio de mesas'
)

Module

System modules that can have permissions.
nombre
CharField
required
Module name (max 50 characters, unique). Examples: “Products”, “Orders”, “Reports”
Example: 
from roles.models import Module

# Create modules
productos = Module.objects.create(nombre='Productos')
pedidos = Module.objects.create(nombre='Pedidos')
reportes = Module.objects.create(nombre='Reportes')

Action

Actions that can be performed on modules.
nombre
CharField
required
Action name (max 50 characters, unique). Examples: “View”, “Create”, “Edit”, “Delete”
Example: 
from roles.models import Action

# Create actions
ver = Action.objects.create(nombre='Ver')
crear = Action.objects.create(nombre='Crear')
editar = Action.objects.create(nombre='Editar')
eliminar = Action.objects.create(nombre='Eliminar')

RolePermission

Links roles to specific module-action combinations.
rol
ForeignKey
required
Reference to Role model (CASCADE on delete)
modulo
ForeignKey
required
Reference to Module model (CASCADE on delete)
accion
ForeignKey
required
Reference to Action model (CASCADE on delete)
Constraints:
  • unique_together: (‘rol’, ‘modulo’, ‘accion’)
Example: 
from roles.models import RolePermission, Role, Module, Action

# Get objects
mesero = Role.objects.get(nombre='Mesero')
pedidos = Module.objects.get(nombre='Pedidos')
ver = Action.objects.get(nombre='Ver')
crear = Action.objects.get(nombre='Crear')

# Grant permissions
RolePermission.objects.create(rol=mesero, modulo=pedidos, accion=ver)
RolePermission.objects.create(rol=mesero, modulo=pedidos, accion=crear)

UserProfile

Connects Django users to roles in the RBAC system.
user
OneToOneField
required
Reference to Django User model (CASCADE on delete)
rol
ForeignKey
Reference to Role model (SET_NULL on delete). Nullable for users without assigned roles.
Example: 
from django.contrib.auth.models import User
from roles.models import UserProfile, Role

# Assign role to user
user = User.objects.get(username='juan')
mesero_role = Role.objects.get(nombre='Mesero')

profile, created = UserProfile.objects.get_or_create(user=user)
profile.rol = mesero_role
profile.save()

# Check user's role
if hasattr(user, 'userprofile') and user.userprofile.rol:
    print(f"Role: {user.userprofile.rol.nombre}")

User Profile Models

PerfilUsuario

Extended user profile with personal information.
user
OneToOneField
required
Reference to Django User model (CASCADE on delete)
nombre
CharField
Full name (max 100 characters)
cedula
CharField
ID card number (max 20 characters)
telefono
CharField
Phone number (max 20 characters)
direccion
CharField
Address (max 200 characters)
avatar
ImageField
Profile picture (uploaded to ‘img/avatar/’)
Example: 
from users.models import PerfilUsuario
from django.contrib.auth.models import User

user = User.objects.get(username='maria')

perfil = PerfilUsuario.objects.create(
    user=user,
    nombre='María García',
    cedula='1234567890',
    telefono='+573001234567',
    direccion='Calle 10 #20-30, Sogamoso'
)

Emergencia

Emergency contact information linked to user profiles.
perfil
OneToOneField
required
Reference to PerfilUsuario model (CASCADE on delete)
nombre
CharField
Emergency contact name (max 100 characters)
relacion
CharField
Relationship to user (max 50 characters)
telefono
CharField
Primary phone (max 20 characters)
telefono_alt
CharField
Alternative phone (max 20 characters)
sangre
CharField
Blood type (max 10 characters)
alergias
CharField
Known allergies (max 200 characters)
Example: 
from users.models import Emergencia, PerfilUsuario

perfil = PerfilUsuario.objects.get(user__username='maria')

emergencia = Emergencia.objects.create(
    perfil=perfil,
    nombre='Carlos García',
    relacion='Esposo',
    telefono='+573009876543',
    telefono_alt='+576087654321',
    sangre='O+',
    alergias='Penicilina'
)

Permission Checking

Check if a user has permission to perform an action on a module: 
from roles.models import RolePermission

def user_has_permission(user, module_name, action_name):
    """Check if user has permission for module-action combination"""
    if not hasattr(user, 'userprofile') or not user.userprofile.rol:
        return False
    
    return RolePermission.objects.filter(
        rol=user.userprofile.rol,
        modulo__nombre=module_name,
        accion__nombre=action_name
    ).exists()

# Usage
if user_has_permission(user, 'Productos', 'Editar'):
    # Allow product editing
    pass

Common Workflows

Create Complete RBAC Setup

from roles.models import Role, Module, Action, RolePermission

# Create modules
modules = {
    'productos': Module.objects.create(nombre='Productos'),
    'pedidos': Module.objects.create(nombre='Pedidos'),
    'facturacion': Module.objects.create(nombre='Facturación'),
    'reportes': Module.objects.create(nombre='Reportes'),
}

# Create actions
actions = {
    'ver': Action.objects.create(nombre='Ver'),
    'crear': Action.objects.create(nombre='Crear'),
    'editar': Action.objects.create(nombre='Editar'),
    'eliminar': Action.objects.create(nombre='Eliminar'),
}

# Create Administrator role with all permissions
admin = Role.objects.create(
    nombre='Administrador',
    descripcion='Acceso completo al sistema'
)

for module in modules.values():
    for action in actions.values():
        RolePermission.objects.create(
            rol=admin,
            modulo=module,
            accion=action
        )

# Create Server role with limited permissions
mesero = Role.objects.create(
    nombre='Mesero',
    descripcion='Personal de servicio'
)

# Servers can view/create orders
RolePermission.objects.create(rol=mesero, modulo=modules['pedidos'], accion=actions['ver'])
RolePermission.objects.create(rol=mesero, modulo=modules['pedidos'], accion=actions['crear'])

# Servers can view products
RolePermission.objects.create(rol=mesero, modulo=modules['productos'], accion=actions['ver'])

Get All Permissions for a Role

from roles.models import RolePermission

role = Role.objects.get(nombre='Mesero')
permissions = RolePermission.objects.filter(rol=role).select_related('modulo', 'accion')

for perm in permissions:
    print(f"{perm.modulo.nombre} - {perm.accion.nombre}")

Users & Roles Feature

User-facing documentation for role management

Authentication

Authentication and login endpoints

Build docs developers (and LLMs) love

Get started for freeTalk to us