Modules API — Query User Role and Feature Module Access

The modules system controls which features each role can access within QualityDocD. Three modules map to distinct API endpoint groups — document lifecycle management, document consultation, and advanced search. Rather than hard-coding role checks in your frontend, call GET /modules after login to receive the exact permission set for the authenticated user and render the UI accordingly.

Module definitions

Module ID	Name	Description
`MODULE_1`	Gestión de Documentos	Document approval, rejection, and lifecycle management
`MODULE_2`	Consulta de Documentos	Viewing and searching approved documents
`MODULE_3`	Búsqueda Avanzada	Advanced search, metadata filtering, and autocomplete suggestions

Role access matrix

The table below shows which roles have read (canRead) and write (canWrite) access to each module. Only modules where canRead is true are returned in the API response.

Role	MODULE_1	MODULE_2	MODULE_3
`VIEWER`	—	read	—
`COMMENTER`	—	read	—
`CONTRIBUTOR`	—	read	—
`OPERATOR`	read + write	read	read
`COMPANY_ADMIN`	read + write	read + write	read
`SUPER_ADMIN`	read + write	read + write	read + write

VIEWER, COMMENTER, and CONTRIBUTOR are the three standard user roles. They can only read MODULE_2 — they cannot access document management (MODULE_1) or advanced search (MODULE_3).

GET /modules

Returns the list of feature modules visible to the authenticated user, with per-module read/write flags computed from their role. Authentication: Bearer token required (requireAuth middleware).

Request headers

Authorization

string

required

Bearer <token> — JWT issued by POST /auth/login.

Response — 200 OK

role

string

The authenticated user’s role string (e.g. "OPERATOR", "COMPANY_ADMIN").

modules

array

Array of module objects. Only modules where canRead is true for the caller’s role are included.

Show Module object fields

string

Module identifier: "MODULE_1", "MODULE_2", or "MODULE_3".

name

string

Human-readable module name (e.g. "Gestión de Documentos").

description

string

Short description of what the module covers.

canRead

boolean

Whether the authenticated user’s role can read this module. Always true for returned entries (modules where canRead is false are filtered out).

canWrite

boolean

Whether the authenticated user’s role can perform write operations in this module. Use this flag to conditionally render buttons such as “Approve” or “Reject”.

allowedRoles

array of strings

Full list of roles that have read access to this module.

writeRoles

array of strings

Full list of roles that have write access to this module.

Example

curl -X GET http://localhost:5000/modules \
  -H "Authorization: Bearer <token>"

Using modules for UI feature flags

GET /modules is designed to be called once after login and stored in your frontend application state. Use the flags to drive conditional rendering:

If canWrite is false for MODULE_1, hide or disable approval and rejection buttons.
If a module is absent from the response entirely (canRead was false), hide the corresponding navigation section.
If canWrite is true for MODULE_2, the user is a COMPANY_ADMIN or SUPER_ADMIN — show document management controls within the consultation view.

Cache the modules response for the duration of the user session. Permissions only change when the user’s role changes — re-fetch after any role-update operation if your app supports in-session role changes.

Authentication

Documents

Platform

Modules API — Query User Role and Feature Module Access

Module definitions

Role access matrix

GET /modules

Request headers

Response — 200 OK

Example

Using modules for UI feature flags

Build docs developers (and LLMs) love

Authentication

Documents

Platform

Documentation Index

​Module definitions

​Role access matrix

​GET /modules

​Request headers

​Response — 200 OK

​Example

​Using modules for UI feature flags

Build docs developers (and LLMs) love

Module definitions

Role access matrix

GET /modules

Request headers

Response — 200 OK

Example

Using modules for UI feature flags