Roles & Permissions

Stores the information of the users via the Omnitron application. There are two types of users on Omnitron:

• Super User

• Staff

User Types

• Super User

  These users can view all the menus and take all kinds of actions in the Omnitron application. They are controlled with the is_superuser field in the User model.

• Staff

  Users can view Omnitron menus depending on the authorization groups. They are controlled with the is_staff field in the User model.

User Property Fields

There are mandatory and optional user property fields:

Mandatory Fields

• Username

  • The user’s username on the Omnitron application. Must be unique.

  • Must be 150 characters or less. Only accepts letters, numbers and “@.+-_” characters.

• Name

• Surname

• Email

• Password

Optional Fields

• General Authorization Groups

  • Determines the menus, buttons, etc., on the Omnitron interface visible to users who have been defined as staff.

• Catalog Authorization Group

  • Determines the categories visible to the user.

• Channel Authorization Group

  • Determines the sales channels visible to the user in the “Sales Channels” menu.

• Phone

• Avatar

• Super User

  • The variable that grants the user full authority on the Omnitron interface.

  • Grants access to all menus regardless of authorization groups.

• Staff

  • Normal users. The menus visible to these users in the Omnitron software depends on the authorization groups.

• Active/Inactive

  • If the user is inactive, they are prevented from logging into the Omnitron software.

Serializer

This serializer is used for data validation and representation for the request/response life cycle. Contains particular fields in addition to the Django auth user model.

• username: Unique identifier of the user.

• first_name: Name.

• last_name: Surname.

• email: Email address.

• is_staff: The boolean value for staff indication.

• is_superuser: The boolean value for super user indication.

• is_active: Activation status.

• groups: User authorization groups. Their PK value reflects the Django auth group model. It can take multiple values.

• date_joined: Registration date.

• last_login: Date value of the last successful login.

ViewSet

Allowed HTTP Requests:

• GET

• POST

• PUT

• PATCH

• DELETE

Potential Responses:

• 200 OK

• 201 Created

• 204 No Content

• 400 Bad Request

• 401 Unauthorized

• 404 Not Found

• 406 Not Acceptable

GET Users

This endpoint can be used to retrieve all users as a list.

Path: /api/v1/users/

Response

GET User Search

This endpoint can be used to retrieve all users that match the given search parameters as a list.

Path: /api/v1/users/?pk__in={user_pk},{user_pk},{user_pk}&is_admin={true|false}&is_staff={true|false}&username={username}&email={user_email}&first_name={first_name}&last_name={last_name}

Response

GET User Detail​

This endpoint can be used to retrieve a user that is paired with the given {PK} value.

Path: /api/v1/users/{PK}/

Response

POST Create User

This endpoint can create a new user according to the input. According to the serializer section the following input model must be used.

Note: Password is required to have at least eight characters, including a capital letter, a number, and a special character.

Path: /api/v1/users/

Response

PATCH Update User

This endpoint can partially update a user according to the input. According to the serializer section the following input model must be used.

Note: Password is required to have at least eight characters, including a capital letter, a number, and a special character.

Path: /api/v1/users/{pk}/

Response

PUT Update User

This endpoint can update a user according to the input. According to the serializer section this input model must be used.

Path: /api/v1/users/{pk}/

Response

DELETE User

Path: /api/v1/users/{pk}/

It does not permanently delete the user. It changes is_active value to False.

Response

204: No Content.