Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/TheSerchCp/SEAM-API/llms.txt

Use this file to discover all available pages before exploring further.

The PUT /api/v1/users/:id endpoint updates an existing user account. All request body fields are optional — only the fields included in the request body are modified; omitted fields remain unchanged. If a new password is provided it is re-hashed with bcrypt (12 salt rounds) before being stored. The response returns the full updated user record fetched after the update. This endpoint requires a valid JWT token and that the caller’s role has the PUT /api/v1/users/:id permission registered in the database.

Endpoint

PUT /api/v1/users/:id
Base URL: http://localhost:{PORT}/api/v1 Authentication: JWT Bearer token + role permission PUT /api/v1/users/:id

Path Parameters

id
string
required
The numeric ID of the user to update. Must match the pattern ^\d+$. Validated by validate.middleware against getByIdSchema before the controller runs.

Request Body

All fields are optional. At least one field should be provided to make a meaningful update.
full_name
string
New full display name for the user. Must be between 2 and 100 characters if provided.
email
string
New email address. Must match the pattern user@domain.tld. If the address is already used by another user account the API returns 409.
roleId
number
ID of the new role to assign to the user. Must reference a valid row in the roles table.
password
string
New plain-text password for the user. Must be between 6 and 100 characters if provided. The value is re-hashed with bcrypt (12 salt rounds) before being written to the database; the plain-text value is never stored or returned.

Example Request

curl -X PUT http://localhost:3000/api/v1/users/7 \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." \
  -H "Content-Type: application/json" \
  -d '{
    "full_name": "Jane Smith",
    "email": "jane.smith@example.com"
  }'

Responses

200 OK

Returned when the user exists and the update is applied successfully. The response contains the full refreshed user record retrieved after the update. 
{
  "success": true,
  "message": "Usuario actualizado exitosamente",
  "data": {
    "idUser": 7,
    "full_name": "Jane Smith",
    "email": "jane.smith@example.com",
    "roleId": 2,
    "roleName": "editor",
    "roleDescription": "Can read and edit content"
  }
}
success
boolean
Always true for successful responses.
message
string
Human-readable confirmation: "Usuario actualizado exitosamente".
data
object
The full user record as it exists after the update. Fields mirror those returned by GET /api/v1/users/:id.

400 Bad Request — Validation Error

Returned when the :id path parameter is not numeric, or when a provided body field fails its type, length, or pattern constraint from editUserSchema. 
{
  "success": false,
  "message": "El campo 'email' debe tener un formato de correo válido",
  "data": null
}

401 Unauthorized

Returned when the Authorization header is missing, the token is malformed, or the token has expired. 
{
  "success": false,
  "message": "Token inválido o expirado",
  "data": null
}

403 Forbidden

Returned when the JWT is valid but the caller’s role does not have PUT /api/v1/users/:id in the permissionXRole table. 
{
  "success": false,
  "message": "No tienes permisos para acceder a este recurso",
  "data": null
}

404 Not Found

Returned when no user with the given ID is found. The service fetches the user before updating and throws NotFoundError if the record does not exist. 
{
  "success": false,
  "message": "Usuario con id 7 no encontrado",
  "data": null
}

409 Conflict — Email Already In Use

Returned when the supplied email is already registered to a different user account. 
{
  "success": false,
  "message": "El correo ya está en uso por otro usuario",
  "data": null
}

Permission Setup

For a role to access this endpoint, a record must exist in the permissions table with nameUri = "PUT /api/v1/users/:id" and be linked to the role in permissionXRole. The roles.middleware derives this URI automatically from the Express route pattern: 
PUT /api/v1/users/:id

Build docs developers (and LLMs) love

Get started for freeTalk to us