> ## Documentation Index > Fetch the complete documentation index at: https://mintlify.com/emmanueljarquin-sys/GrupoMecsaCMS/llms.txt > Use this file to discover all available pages before exploring further. # Admin Roles API > Manage user roles and permissions in the CMS ## Overview The Admin Roles API allows administrators to manage user roles, view role assignments, and configure permissions for different CMS views. This endpoint requires admin authentication. **Endpoint:** `/api/admin_roles_api.php` ## Authentication This endpoint requires **admin privileges**. Users must have: * Role: `administrador` or `admin`, OR * Email: `emmanuel.jarquin@grupomecsa.net`, OR * User metadata: `admin: true` ### Session Requirements ```php theme={null} session_start(); if (!isset($_SESSION['token'])) { // Returns 401 Unauthorized } ``` ## GET Requests ### Get Roles Retrieve all roles with user counts. **Request:** ```bash theme={null} GET /api/admin_roles_api.php?action=get_roles ``` **Response:** ```json theme={null} { "success": true, "roles": [ { "nombre": "ventas", "total": 12, "is_standard": true }, { "nombre": "proyectos", "total": 8, "is_standard": true }, { "nombre": "administrador", "total": 3, "is_standard": true }, { "nombre": "recepcion", "total": 2, "is_standard": true }, { "nombre": "mercadeo", "total": 5, "is_standard": true }, { "nombre": "contabilidad", "total": 4, "is_standard": true } ] } ``` **Response Fields:** Indicates if the request was successful Array of role objects Role name (lowercase) Number of active users assigned to this role Whether this is a standard system role **Standard Roles:** * `ventas` - Sales team * `proyectos` - Projects team * `administrador` - System administrators * `recepcion` - Reception * `mercadeo` - Marketing team * `contabilidad` - Accounting team ### Get Permissions Retrieve all role-view permission mappings. **Request:** ```bash theme={null} GET /api/admin_roles_api.php?action=get_permisos ``` **Response:** ```json theme={null} { "success": true, "permisos": [ { "id": 1, "rol_nombre": "ventas", "vista_slug": "dashboard", "puede_ver": true }, { "id": 2, "rol_nombre": "ventas", "vista_slug": "clientes", "puede_ver": true }, { "id": 3, "rol_nombre": "ventas", "vista_slug": "proyectos", "puede_ver": true } ] } ``` **Response Fields:** Indicates if the request was successful Array of permission objects ordered by role name Unique permission ID Role name this permission applies to CMS view/section identifier Whether the role has access to this view **Available Views:** * `dashboard` - Main dashboard * `usuarios` - User management * `categorias` - Category management * `clientes` - Client management * `proyectos` - Project management * `empleados` - Employee management * `departamentos` - Department management * `testimoniales` - Testimonials * `preguntas` - FAQ management * `contenido` - Content management * `templates` - Template editor * `menus` - Menu configuration * `pages` - Page management * `media` - Media library * `seo` - SEO settings * `blog` - Blog posts * `vacantes` - Job postings * `contactos` - Contact forms ## POST Requests ### Save Permissions Update permissions for a specific role. **Request:** ```bash theme={null} POST /api/admin_roles_api.php Content-Type: application/json { "action": "save_permisos", "rol_nombre": "ventas", "permisos": [ { "vista_slug": "dashboard", "puede_ver": true }, { "vista_slug": "clientes", "puede_ver": true }, { "vista_slug": "proyectos", "puede_ver": true }, { "vista_slug": "usuarios", "puede_ver": false } ] } ``` **Parameters:** Must be `save_permisos` Role name to update permissions for Array of permission objects View identifier Access permission for this view **Response:** ```json theme={null} { "success": true } ``` **Behavior:** 1. Deletes all existing permissions for the role 2. Inserts the new permission set 3. Returns success status ### Create Role Create a new role with default permissions. **Request:** ```bash theme={null} POST /api/admin_roles_api.php Content-Type: application/json { "action": "create_rol", "rol_nombre": "marketing" } ``` **Parameters:** Must be `create_rol` Name of the new role (will be stored in lowercase) **Response:** ```json theme={null} { "success": true } ``` **Behavior:** * Creates permission entries for all available views * All permissions are set to `false` by default * Admin must configure permissions after creation ### Delete Role Delete a role if it has no assigned users. **Request:** ```bash theme={null} POST /api/admin_roles_api.php Content-Type: application/json { "action": "delete_rol", "rol_nombre": "marketing" } ``` **Parameters:** Must be `delete_rol` Name of the role to delete **Success Response:** ```json theme={null} { "success": true } ``` **Error Response (has users):** ```json theme={null} { "success": false, "error": "El rol tiene usuarios asignados" } ``` A role cannot be deleted if any users are currently assigned to it. You must reassign or deactivate those users first. ## Error Responses ### 401 Unauthorized ```json theme={null} { "success": false, "error": "No autenticado" } ``` ### 403 Forbidden ```json theme={null} { "success": false, "error": "Sin permisos. Su correo: user@example.com" } ``` ### 400 Bad Request ```json theme={null} { "success": false, "error": "Falta rol_nombre" } ``` ## Usage Example ```php theme={null} '; } // Update permissions for 'ventas' role $permissions = [ 'action' => 'save_permisos', 'rol_nombre' => 'ventas', 'permisos' => [ ['vista_slug' => 'dashboard', 'puede_ver' => true], ['vista_slug' => 'clientes', 'puede_ver' => true], ['vista_slug' => 'proyectos', 'puede_ver' => true] ] ]; $ch = curl_init('https://cms.grupomecsa.net/api/admin_roles_api.php'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($permissions)); curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']); curl_setopt($ch, CURLOPT_COOKIE, session_name() . '=' . session_id()); $result = curl_exec($ch); ?> ``` ## Related * [Employee Role API](/api/endpoints/employee-role) - Update individual employee roles * [Authentication](/api/authentication) - Learn about admin authorization