Skip to main content
GET
/
api
/
permisosxrol
PermisosXRol
curl --request GET \
  --url https://api.example.com/api/permisosxrol \
  --header 'Content-Type: application/json' \
  --data '
{
  "id_rol": 123,
  "id_menu": 123,
  "id_vista": 123,
  "estado": 123
}
'
{
  "results": [
    {
      "id_permisos": 123,
      "id_rol": 123,
      "id_menu": 123,
      "id_vista": 123,
      "estado": 123
    }
  ],
  "id_permisos": 123,
  "id_rol": 123,
  "id_menu": 123,
  "id_vista": 123,
  "estado": 123
}

PermisosXRol API

The PermisosXRol (Permissions by Role) endpoint manages the assignment of menu and vista access to user roles. This is the primary mechanism for controlling which parts of the application each role can access.

Permission System Overview

RolUsuario (User Role)

PermisosXRol (Links Role to Menu + Vista)

DetallePermisos (Defines allowed actions per Opcion)

Model Structure

The PermisosXRol model links user roles to specific menu-vista combinations, with detailed action permissions managed separately in DetallePermisos.

Fields

id_permisos
integer
required
Auto-incremented primary key identifying the permission record
id_rol
integer
required
Foreign key to RolUsuario - the role receiving permissions
id_menu
integer
required
Foreign key to Menu - the menu being accessed
id_vista
integer
required
Foreign key to Vista - the specific vista within the menu
estado
integer
required
Status of the permission
  • 0: Inactive/Revoked
  • 1: Active/Granted
rol
object
required
Foreign key relationship to RolUsuario model
menu
object
required
Foreign key relationship to Menu model
vista
object
required
Foreign key relationship to Vista model

Endpoints

List All Permissions

GET /api/permisosxrol/
Retrieve all permission assignments in the system.

Query Parameters

id_rol
integer
Filter permissions by role ID
id_menu
integer
Filter permissions by menu ID
id_vista
integer
Filter permissions by vista ID
estado
integer
Filter by status (0: Inactive, 1: Active)

Response

results
array
id_permisos
integer
Unique identifier for the permission record
id_rol
integer
Role ID
id_menu
integer
Menu ID
id_vista
integer
Vista ID
estado
integer
Permission status

Example Response

{
  "results": [
    {
      "id_permisos": 1,
      "id_rol": 1,
      "id_menu": 1,
      "id_vista": 1,
      "estado": 1
    },
    {
      "id_permisos": 2,
      "id_rol": 1,
      "id_menu": 2,
      "id_vista": 2,
      "estado": 1
    },
    {
      "id_permisos": 3,
      "id_rol": 2,
      "id_menu": 2,
      "id_vista": 2,
      "estado": 1
    }
  ]
}

Get Permission by ID

GET /api/permisosxrol/{id_permisos}/
Retrieve details of a specific permission assignment.

Path Parameters

id_permisos
integer
required
The unique identifier of the permission record

Response

id_permisos
integer
Unique identifier for the permission record
id_rol
integer
Role ID
id_menu
integer
Menu ID
id_vista
integer
Vista ID
estado
integer
Permission status

Example Response

{
  "id_permisos": 1,
  "id_rol": 1,
  "id_menu": 1,
  "id_vista": 1,
  "estado": 1
}

Get Permissions by Role

GET /api/permisosxrol/?id_rol={id_rol}
Retrieve all permissions assigned to a specific role.

Example Response

{
  "results": [
    {
      "id_permisos": 1,
      "id_rol": 1,
      "id_menu": 1,
      "id_vista": 1,
      "estado": 1
    },
    {
      "id_permisos": 2,
      "id_rol": 1,
      "id_menu": 2,
      "id_vista": 2,
      "estado": 1
    }
  ]
}

Create Permission

POST /api/permisosxrol/
Grant a role access to a specific menu and vista.

Request Body

id_rol
integer
required
The ID of the role to grant permissions to
id_menu
integer
required
The ID of the menu to grant access to
id_vista
integer
required
The ID of the vista to grant access to
estado
integer
required
Status of the permission (0: Inactive, 1: Active)

Example Request

{
  "id_rol": 2,
  "id_menu": 3,
  "id_vista": 5,
  "estado": 1
}

Response

id_permisos
integer
The ID of the newly created permission record
id_rol
integer
Role ID
id_menu
integer
Menu ID
id_vista
integer
Vista ID
estado
integer
Permission status

Update Permission

PUT /api/permisosxrol/{id_permisos}/
PATCH /api/permisosxrol/{id_permisos}/
Update an existing permission assignment. Use PUT for full updates or PATCH for partial updates.

Path Parameters

id_permisos
integer
required
The unique identifier of the permission record to update

Request Body

id_rol
integer
Updated role ID
id_menu
integer
Updated menu ID
id_vista
integer
Updated vista ID
estado
integer
Updated status (commonly used to revoke permissions by setting to 0)

Example Request (Revoke Permission)

{
  "estado": 0
}

Delete Permission

DELETE /api/permisosxrol/{id_permisos}/
Permanently delete a permission assignment. Note: Consider using estado=0 instead to revoke permissions without deletion.

Path Parameters

id_permisos
integer
required
The unique identifier of the permission record to delete

Complete Permission Example

Here’s a complete example showing how permissions work across the hierarchy: 
{
  "role": {
    "id_rol": 2,
    "nombre": "Publicista"
  },
  "permissions": [
    {
      "id_permisos": 5,
      "menu": {
        "id_menu": 2,
        "nombre_menu": "Campañas"
      },
      "vista": {
        "id_vista": 2,
        "nombre_vista": "Gestión de Campañas"
      },
      "estado": 1,
      "detalle_permisos": [
        {
          "id_opcion": 1,
          "nombre_opcion": "Crear",
          "accion_permitida": true
        },
        {
          "id_opcion": 2,
          "nombre_opcion": "Editar",
          "accion_permitida": true
        },
        {
          "id_opcion": 3,
          "nombre_opcion": "Eliminar",
          "accion_permitida": false
        },
        {
          "id_opcion": 4,
          "nombre_opcion": "Ver",
          "accion_permitida": true
        }
      ]
    }
  ]
}

Permission Workflow

1. Grant Menu and Vista Access

First, create a PermisosXRol record to grant a role access to a menu and vista: 
POST /api/permisosxrol/
{
  "id_rol": 2,
  "id_menu": 2,
  "id_vista": 2,
  "estado": 1
}

2. Define Action-Level Permissions

Then, create DetallePermisos records to specify which actions are allowed: 
POST /api/detallepermisos/
{
  "id_permisos": 5,
  "id_opcion": 1,
  "accion_permitida": true,
  "estado": 1
}

Usage Notes

  • PermisosXRol grants access to a menu-vista combination for a role
  • Detailed action permissions are controlled via DetallePermisos
  • Set estado to 0 to revoke permissions without deleting the record
  • Each role can have multiple PermisosXRol records for different menu-vista combinations
  • The vista must belong to the specified menu (referential integrity)
  • Deleting a role, menu, or vista will cascade delete associated PermisosXRol records

Build docs developers (and LLMs) love

Get started for freeTalk to us