User Management Service

Managing users, profiles, and permissions in LibreApps Desktop.

Overview

The User Management service is responsible for all user-related operations. It acts as a bridge between LibreApps Desktop application and the Keycloak identity provider, ensuring that user data is synchronized and that permissions are correctly enforced.

Key Responsibilities

User Registration: Handles the creation of new user accounts.
Profile Management: Allows users to update their personal information, avatars, and preferences.
Role Assignment: Manages the assignment of roles (e.g., Admin, User, Viewer) to users.
Organization Mapping: Links users to their respective organizations or accounts.
Keycloak Integration: Synchronizes user data with Keycloak and handles administrative tasks like password resets.

API Endpoints

`GET /api/users/me`

Retrieves the profile of the currently authenticated user.

`PUT /api/users/profile`

Updates the current user's profile information.

`GET /api/users/{id}`

Retrieves a specific user's profile (Admin only).

`POST /api/users/register`

Registers a new user in the system.

Database Schema

The service uses a PostgreSQL database to store user profiles and metadata. The core tables include:

users: Stores basic user information (name, email, etc.).
roles: Defines the available roles in the system.
user_roles: A mapping table between users and roles.

Best Practices

✅ Do this: Use the /api/users/me endpoint to fetch user data on the frontend to ensure it's always up to date.
✅ Do this: Implement strict validation for all user-provided data.
❌ Don't do this: Store sensitive information like passwords in the User Management database; let Keycloak handle that.

Overview​

Key Responsibilities​

API Endpoints​

GET /api/users/me​

PUT /api/users/profile​

GET /api/users/{id}​

POST /api/users/register​

Database Schema​

Best Practices​