DetallePermisos API
The DetallePermisos (Permission Details) endpoint manages action-level permissions within the permission system. It defines which specific actions (Opciones) are allowed or denied for each PermisosXRol assignment.
Permission System Overview
RolUsuario (User Role)
↓
PermisosXRol (Links Role to Menu + Vista)
↓
DetallePermisos (Defines allowed actions per Opcion) ← Current Level
↓
Opciones (Available actions: Crear, Editar, Eliminar, etc.)
Model Structure
The DetallePermisos model provides granular control over which actions a role can perform within a vista.
Fields
Auto-incremented primary key identifying the permission detail record
Foreign key to PermisosXRol - the parent permission record
Foreign key to Opciones - the specific action being controlled
Whether the action is allowed
true: Action is permittedfalse: Action is denied
Status of the permission detail Foreign key relationship to PermisosXRol model
Foreign key relationship to Opciones model
Endpoints
List All Permission Details
GET /api/detallepermisos/
Query Parameters
Filter by parent permission ID
Filter by action/opcion ID
Filter by whether action is allowed (true/false)
Filter by status (0: Inactive, 1: Active)
Response
Unique identifier for the permission detail record
Whether action is allowed
Example Response
{
"results": [
{
"id": 1,
"id_permisos": 5,
"id_opcion": 1,
"accion_permitida": true,
"estado": 1
},
{
"id": 2,
"id_permisos": 5,
"id_opcion": 2,
"accion_permitida": true,
"estado": 1
},
{
"id": 3,
"id_permisos": 5,
"id_opcion": 3,
"accion_permitida": false,
"estado": 1
}
]
}
Get Permission Detail by ID
GET /api/detallepermisos/{id}/
Path Parameters
The unique identifier of the permission detail record
Response
Unique identifier for the permission detail record
Whether action is allowed
Example Response
{
"id": 1,
"id_permisos": 5,
"id_opcion": 1,
"accion_permitida": true,
"estado": 1
}
Get Permission Details by PermisosXRol
GET /api/detallepermisos/?id_permisos={id_permisos}
Example Response
{
"results": [
{
"id": 1,
"id_permisos": 5,
"id_opcion": 1,
"accion_permitida": true,
"estado": 1
},
{
"id": 2,
"id_permisos": 5,
"id_opcion": 2,
"accion_permitida": true,
"estado": 1
},
{
"id": 3,
"id_permisos": 5,
"id_opcion": 3,
"accion_permitida": false,
"estado": 1
},
{
"id": 4,
"id_permisos": 5,
"id_opcion": 4,
"accion_permitida": true,
"estado": 1
}
]
}
Create Permission Detail
POST /api/detallepermisos/
Request Body
The ID of the parent PermisosXRol record
The ID of the action/opcion being controlled
Whether the action is allowed (true) or denied (false)
Status of the permission detail (0: Inactive, 1: Active)
Example Request
{
"id_permisos": 5,
"id_opcion": 1,
"accion_permitida": true,
"estado": 1
}
Response
The ID of the newly created permission detail record
Whether action is allowed
Update Permission Detail
PUT /api/detallepermisos/{id}/
PATCH /api/detallepermisos/{id}/
Path Parameters
The unique identifier of the permission detail record to update
Request Body
Updated parent permission ID
Updated permission status
Example Request (Toggle Permission)
{
"accion_permitida": false
}
Delete Permission Detail
DELETE /api/detallepermisos/{id}/
Path Parameters
The unique identifier of the permission detail record to delete
Complete Permission System Example
Here’s a complete example showing the entire permission hierarchy:
{
"role": {
"id_rol": 2,
"nombre": "Publicista",
"estado": 1
},
"permission": {
"id_permisos": 5,
"id_rol": 2,
"menu": {
"id_menu": 2,
"nombre_menu": "Campañas",
"descripcion": "Campaign management"
},
"vista": {
"id_vista": 2,
"nombre_vista": "Gestión de Campañas",
"descripcion": "Manage campaigns"
},
"estado": 1
},
"action_permissions": [
{
"id": 1,
"id_permisos": 5,
"opcion": {
"id_opcion": 1,
"nombre_vista": "Crear",
"descripcion": "Create new campaign"
},
"accion_permitida": true,
"estado": 1
},
{
"id": 2,
"id_permisos": 5,
"opcion": {
"id_opcion": 2,
"nombre_vista": "Editar",
"descripcion": "Edit campaign"
},
"accion_permitida": true,
"estado": 1
},
{
"id": 3,
"id_permisos": 5,
"opcion": {
"id_opcion": 3,
"nombre_vista": "Eliminar",
"descripcion": "Delete campaign"
},
"accion_permitida": false,
"estado": 1
},
{
"id": 4,
"id_permisos": 5,
"opcion": {
"id_opcion": 4,
"nombre_vista": "Ver",
"descripcion": "View campaign"
},
"accion_permitida": true,
"estado": 1
}
]
}
Setting Up Role Permissions
Step-by-Step Process
First, grant the role access to a menu and vista:
POST /api/permisosxrol/
{
"id_rol": 2,
"id_menu": 2,
"id_vista": 2,
"estado": 1
}
{
"id_permisos": 5,
"id_rol": 2,
"id_menu": 2,
"id_vista": 2,
"estado": 1
}
2. Define Action Permissions
Then, specify which actions are allowed:
POST /api/detallepermisos/
[
{
"id_permisos": 5,
"id_opcion": 1,
"accion_permitida": true,
"estado": 1
},
{
"id_permisos": 5,
"id_opcion": 2,
"accion_permitida": true,
"estado": 1
},
{
"id_permisos": 5,
"id_opcion": 3,
"accion_permitida": false,
"estado": 1
},
{
"id_permisos": 5,
"id_opcion": 4,
"accion_permitida": true,
"estado": 1
}
]
Common Permission Patterns
Read-Only Access
Allow only viewing, no modifications:
[
{"id_opcion": 1, "accion_permitida": false}, // Crear - Denied
{"id_opcion": 2, "accion_permitida": false}, // Editar - Denied
{"id_opcion": 3, "accion_permitida": false}, // Eliminar - Denied
{"id_opcion": 4, "accion_permitida": true} // Ver - Allowed
]
Full Access
Allow all actions:
[
{"id_opcion": 1, "accion_permitida": true}, // Crear - Allowed
{"id_opcion": 2, "accion_permitida": true}, // Editar - Allowed
{"id_opcion": 3, "accion_permitida": true}, // Eliminar - Allowed
{"id_opcion": 4, "accion_permitida": true} // Ver - Allowed
]
Create and Edit Only
Allow creating and editing, but not deleting:
[
{"id_opcion": 1, "accion_permitida": true}, // Crear - Allowed
{"id_opcion": 2, "accion_permitida": true}, // Editar - Allowed
{"id_opcion": 3, "accion_permitida": false}, // Eliminar - Denied
{"id_opcion": 4, "accion_permitida": true} // Ver - Allowed
]
Usage Notes
- DetallePermisos must reference a valid PermisosXRol record (id_permisos)
- DetallePermisos must reference a valid Opciones record (id_opcion)
- The opcion should belong to the vista specified in the parent PermisosXRol
- Set accion_permitida to false to explicitly deny an action
- Set estado to 0 to temporarily disable a permission without deleting it
- Missing DetallePermisos records typically mean the action is denied by default
- Use batch creation when setting up multiple action permissions for efficiency