Skip to main content
PATCH
/
api
/
v1
/
users
/
:id
Update User
curl --request PATCH \
  --url https://api.example.com/api/v1/users/:id \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "<string>",
  "username": "<string>",
  "password": "<string>",
  "email": "<string>",
  "phone": "<string>",
  "role": "<string>",
  "ventanaId": "<string>",
  "code": "<string>",
  "isActive": true,
  "settings": {
    "settings.print": {
      "settings.print.name": "<string>",
      "settings.print.phone": "<string>",
      "settings.print.width": 123,
      "settings.print.footer": "<string>",
      "settings.print.barcode": true,
      "settings.print.bluetoothMacAddress": "<string>"
    },
    "settings.theme": "<string>",
    "settings.system": {}
  }
}
'
{
  "success": true,
  "data": {
    "id": "770e8400-e29b-41d4-a716-446655440000",
    "name": "Juan Pérez Updated",
    "username": "jperez",
    "email": "[email protected]",
    "phone": "8091234568",
    "role": "VENDEDOR",
    "ventanaId": "660e8400-e29b-41d4-a716-446655440000",
    "code": "V001",
    "isActive": true,
    "settings": {
      "print": {
        "width": 88,
        "barcode": true
      },
      "theme": "light"
    },
    "platform": "android",
    "appVersion": "2.0.7",
    "createdAt": "2024-03-15T12:00:00Z",
    "updatedAt": "2024-03-15T16:45:00Z"
  }
}

Overview

Updates an existing user. All fields are optional - only provided fields will be updated. Users can update their own profile, ADMIN can update any user, and VENTANA users can update their vendedores.

Authorization

Required: ADMIN, self, or VENTANA (for vendedores in their ventana)
Permissions enforced by restrictToAdminSelfOrVentanaVendor middleware.

Path Parameters

id
string
required
UUID of the user to update

Request Body

name
string
User’s full name (2-100 characters)
username
string
Unique username (3-32 characters)
password
string
New password (minimum 6 characters)
email
string
Email address (must be valid email format, unique)
phone
string
Phone number (max 32 characters)
role
string
User role: “ADMIN”, “VENTANA”, or “VENDEDOR”
ventanaId
string
UUID of associated ventana (required for non-ADMIN roles)
code
string
Unique user code (2-32 characters)
isActive
boolean
Whether the user is active
settings
object
User-specific settings (merged with existing settings)

Response

success
boolean
Indicates if the request was successful
data
object
The updated user object (password excluded)
{
  "success": true,
  "data": {
    "id": "770e8400-e29b-41d4-a716-446655440000",
    "name": "Juan Pérez Updated",
    "username": "jperez",
    "email": "[email protected]",
    "phone": "8091234568",
    "role": "VENDEDOR",
    "ventanaId": "660e8400-e29b-41d4-a716-446655440000",
    "code": "V001",
    "isActive": true,
    "settings": {
      "print": {
        "width": 88,
        "barcode": true
      },
      "theme": "light"
    },
    "platform": "android",
    "appVersion": "2.0.7",
    "createdAt": "2024-03-15T12:00:00Z",
    "updatedAt": "2024-03-15T16:45:00Z"
  }
}

Notes

  • Password is hashed before storage if provided
  • Settings are merged (partial update) not replaced (see src/api/v1/validators/user.validator.ts:98)
  • Role changes are logged with USER_ROLE_CHANGE activity (see src/api/v1/controllers/user.controller.ts:113-122)
  • Role validation: non-ADMIN roles require ventanaId (see src/api/v1/validators/user.validator.ts:100-114)
  • Activity log created with USER_UPDATE event (see src/api/v1/controllers/user.controller.ts:124-132)
  • Phone numbers are normalized
  • Username is case-insensitive

Build docs developers (and LLMs) love

Get started for freeTalk to us