Skip to main content

User Management Overview

Manage users, assign reports, configure filters, and manage technical user relationships.

List Users

Retrieve all users with their reports and roles. 
GET /users

Authentication & Permissions

Authorization
string
required
Valid session or Sanctum token
Requires one of:
  • super-admin role
  • user.index permission
  • user.create permission
  • user.update permission
  • user.destroy permission

Response

Returns Inertia view with:
users
array
Array of users with reports and roles relationships
roles
array
All available roles
reports
array
All available reports
technicalUsers
array
Users with ‘tecnico’ or ‘técnico’ role

User Object Structure

id
integer
User ID
name
string
Full name
username
string
Username for authentication
email
string
Email address
type
string
User type (admin, designer, customer, etc.)
cedula
string
National ID number
codigo_vendedor
string
Sales representative code
is_ldap_user
boolean
LDAP authentication status
reports
array
Assigned reports
roles
array
Assigned roles

Get User Details

Retrieve detailed information about a specific user. 
GET /users/{id}/show

Path Parameters

id
integer
required
User ID

Response

Returns Inertia view with:
user
object
User with roles, permissions, reports, and technical users
roles
array
All available roles
reports
array
All available reports
filters
array
All available report filters
technicalUsers
array
Available technical users

Example Request

curl -X GET https://your-domain.com/users/5/show \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Accept: application/json"

Create User

Create a new user with roles and report assignments. 
POST /users

Request Body

name
string
required
User’s full name
username
string
required
Unique username
email
string
required
Valid email address
password
string
required
User password (will be hashed)
type
string
required
User type
cedula
string
National ID number
codigo_vendedor
string
Sales representative code
roles
array
required
Array of role names to assign
reports
array
Array of report IDs to assign
technical_users
array
Array of technical user IDs (for ‘asesor’ role)

Example Request

curl -X POST https://your-domain.com/users \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Jane Smith",
    "username": "jsmith",
    "email": "[email protected]",
    "password": "SecurePassword123!",
    "type": "admin",
    "cedula": "9876543210",
    "codigo_vendedor": "V002",
    "roles": ["asesor"],
    "reports": [1, 2, 3],
    "technical_users": [10, 11]
  }'

Response

Returns array of all users with relationships (200 status).

Technical Users (Asesor Role)

When a user is assigned the “asesor” role:
  • The technical_users array is synchronized in the advisor_technical_user pivot table
  • Only users with ‘tecnico’ or ‘técnico’ roles can be assigned
  • Invalid technical user IDs are filtered out

Update User

Update an existing user. 
PUT /users/{id}

Path Parameters

id
integer
required
User ID to update

Request Body

Same fields as create (all optional except roles):
name
string
Updated name
username
string
Updated username
email
string
Updated email
type
string
Updated type
cedula
string
Updated cedula
codigo_vendedor
string
Updated sales code
roles
array
required
Updated roles array
change_password
boolean
Set to true to update password
password
string
New password (required if change_password=true)
technical_users
array
Updated technical users (for asesor role)

Example Request

curl -X PUT https://your-domain.com/users/5 \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Jane Smith Updated",
    "roles": ["asesor", "supervisor"],
    "change_password": true,
    "password": "NewSecurePassword456!"
  }'

Response

Returns array of all users with updates applied (200 status).

Delete User

Delete a user from the system. 
DELETE /users/{id}

Path Parameters

id
integer
required
User ID to delete

Example Request

curl -X DELETE https://your-domain.com/users/5 \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Accept: application/json"

Response

Returns array of remaining users (200 status).

Update User Reports

Update report assignments for a user. 
POST /users/update-reports

Request Body

user_id
integer
required
User ID
reports
array
required
Array of report IDs to assign

Example Request

curl -X POST https://your-domain.com/users/update-reports \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "user_id": 5,
    "reports": [1, 2, 3, 4]
  }'

Response

"success"

Update User Report Filters

Update filter assignments for a user’s report. 
POST /users/report/update-filters

Request Body

user_id
integer
required
User ID
report_id
integer
required
Report ID
filters
array
required
Array of filter IDs to assign to this user-report combination

Example Request

curl -X POST https://your-domain.com/users/report/update-filters \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "user_id": 5,
    "report_id": 2,
    "filters": [1, 3, 5]
  }'

Response

"success"

Set Default Report View

Set whether a report should be shown by default for a user. 
POST /users/report/set-default

Request Body

user_id
integer
required
User ID
report_id
integer
required
Report ID
state
boolean
required
Show state (true/false)

Example Request

curl -X POST https://your-domain.com/users/report/set-default \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "user_id": 5,
    "report_id": 2,
    "state": true
  }'

Response

"success"

Error Responses

500 Internal Server Error

{
  "message": "Error details from exception"
}

403 Forbidden

{
  "message": "This action is unauthorized."
}

Implementation Notes

Source: app/Http/Controllers/UserController.php All user operations use database transactions for data integrity.

Build docs developers (and LLMs) love

Get started for freeTalk to us