Save permissions matrix

POST /api/permisos/guardar-matriz Replaces all permission records for a given profile atomically:

Deletes every existing permisos_perfil row where idPerfil matches.
Inserts the new set of rows supplied in the permisos array.

This is what the admin UI calls when a user clicks Guardar Permisos after editing the permissions matrix. Sending an empty permisos array effectively removes all permissions for the profile.

Request body

idPerfil

number

required

ID of the profile whose permissions matrix will be replaced. The handler deletes all existing rows for this profile before inserting the new ones.

permisos

object[]

Array of permission entries to insert. If omitted or empty, all existing permissions for the profile are deleted and nothing is inserted.

Show permission entry properties

idModulo

number

required

ID of the module this permission entry covers.

bitAgregar

boolean

Grant create access. Falsy values are stored as false.

bitEditar

boolean

Grant edit access. Falsy values are stored as false.

bitConsulta

boolean

Grant read/list access. Falsy values are stored as false.

bitEliminar

boolean

Grant delete access. Falsy values are stored as false.

bitDetalle

boolean

Grant detail-view access. Falsy values are stored as false.

Response

success

boolean

required

true when the delete-and-insert cycle completes without error.

message

string

required

Always "Matriz actualizada correctamente" on success.

Error responses

Status	Message	Cause
`400`	`ID de perfil requerido`	`idPerfil` is missing or coerces to `0`/`NaN`.
`500`	`Error al guardar en base de datos`	Any unhandled database error during the delete or insert.

Examples

curl --request POST \
  --url https://your-domain.com/api/permisos/guardar-matriz \
  --header 'Content-Type: application/json' \
  --cookie 'auth_token=<your-jwt>' \
  --data '{
    "idPerfil": 2,
    "permisos": [
      {
        "idModulo": 1,
        "bitAgregar": false,
        "bitEditar": true,
        "bitConsulta": true,
        "bitEliminar": false,
        "bitDetalle": true
      },
      {
        "idModulo": 2,
        "bitAgregar": false,
        "bitEditar": false,
        "bitConsulta": true,
        "bitEliminar": false,
        "bitDetalle": false
      },
      {
        "idModulo": 3,
        "bitAgregar": true,
        "bitEditar": true,
        "bitConsulta": true,
        "bitEliminar": true,
        "bitDetalle": true
      }
    ]
  }'

Success response

200

{
  "success": true,
  "message": "Matriz actualizada correctamente"
}

Error response (400)

400

{
  "statusCode": 400,
  "message": "ID de perfil requerido"
}

Clearing all permissions

To remove every permission for a profile without assigning new ones, send an empty array or omit the permisos field entirely:

{
  "idPerfil": 2,
  "permisos": []
}

Authentication

Users

Profiles

Modules

Permissions

Save permissions matrix

Request body

Response

Error responses

Examples

Success response

Error response (400)

Clearing all permissions

Build docs developers (and LLMs) love

Authentication

Users

Profiles

Modules

Permissions

​Request body

​Response

​Error responses

​Examples

​Success response

​Error response (400)

​Clearing all permissions

Build docs developers (and LLMs) love

Request body

Response

Error responses

Examples

Success response

Error response (400)

Clearing all permissions