In PermisosQR, a QR code is the physical token that authorizes an employee to leave the premises. Each code is a database record with a numeric ID, a lifecycle status, and a complete audit trail of every permission it has ever carried. QR codes are not tied to a specific person — they are reusable physical labels that can be handed to any employee and recovered when they return. The code printed on the label encodes nothing more than the QR’s numeric ID, which the system resolves at scan time to determine the current status and take the appropriate action.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/edgar2420/QrPermision/llms.txt
Use this file to discover all available pages before exploring further.
QR Status States
Every QR code moves through a well-defined set of states. Understanding these states is essential for operating the system correctly.| Status | Meaning | Can Be Used? |
|---|---|---|
available | Ready to be assigned to an employee | ✅ Yes — enables a new permission |
active | Currently held by an employee who has not yet returned | ⏳ Scannable for return only |
expired | Permission time elapsed without a return being recorded | ❌ No — must be reactivated first |
disabled | Manually taken out of rotation by an operator | ❌ No — must be reactivated first |
The
expired status is reserved for future automation. Currently, the system sets QR codes to available when a return is recorded and to disabled when manually decommissioned. Reactivating either state restores the code to available.Generating QR Codes
Only users with the Super Admin role (super_admin) can generate new QR codes. A single generation request creates between 1 and 500 codes atomically inside a database transaction — if any row insertion fails, the entire batch is rolled back.
Open the Generate dialog
In the QR Management screen, click Generar QR. Enter the number of codes you want (1–500).
Send the API request
The frontend calls
POST /api/qr/generate with a JSON body containing the requested quantity.201 Created
quantity field is validated on the server: values outside the range 1–500 return a 400 error with the message "Cantidad debe ser entre 1 y 500".
Printing QR Codes
Every QR code can be printed directly from the browser without any external software. Clicking the Print button (🖨) on any QR card in the management list opens a dedicated browser print window. The QR image is rendered on a<canvas> element with:
- A branded color band at the top reading “Laboratorios ABD”
- The QR matrix encoding the string
QR-<id>aterrorCorrectionLevel: H - A centered circular logo overlay
- A bottom strip showing the human-readable code
QR-<id>
QR-<id>. The app extracts the numeric ID with the regex /QR-?(\d+)/i and fetches the QR’s current status from the server. The public scan URL format is:
Disabling a QR
Disabling removes a QR from active circulation without deleting its history. Any status exceptactive can be disabled.
active QR returns a 400 error:
available) before it can be disabled.
Reactivating a QR
Reactivation resets any non-active QR back to available, making it immediately usable again.
200 OK
active QR returns a 400 error: "El QR ya está activo".
Deleting a QR
Permanent deletion is restricted to Super Admins and is blocked while the QR isactive. The service first deletes all associated permission records explicitly, then removes the QR code row itself — both steps run in sequence so no orphaned data remains.
200 OK
Listing QR Codes
GET /api/qr returns a paginated list of all QR codes, optionally filtered by status or ID. Each row includes the creator’s name, the current active permission details (if active), and the name of the operator who enabled the current permission.
Query parameters
| Parameter | Type | Description |
|---|---|---|
status | string | Filter by available, active, expired, or disabled |
search | string | Partial match against the QR numeric ID |
page | integer | Page number (default: 1) |
limit | integer | Results per page (default: 20) |
active_permission_id, received_by, allowed_minutes, exit_time, enabled_by, and enabled_by_name fields are only populated when the QR’s status is active; they are null otherwise.