Skip to main content

Overview

List restriction rules across the system with multi-dimensional filtering. Supports filtering by scope, entity, lottery, number, and active status.

Endpoint

GET /api/v1/restrictions
Authorization: Authenticated users (ADMIN, VENTANA, VENDEDOR)
RBAC filtering is automatic:
  • ADMIN with active banca context: filtered by bancaId
  • Other roles: see all rules they have permission to view

Query Parameters

bancaId
string
Filter by banca UUID
ventanaId
string
Filter by ventana UUID
userId
string
Filter by user/vendedor UUID
number
string
Filter by specific number (e.g., “25”)
isActive
boolean
default:"true"
Filter by active status:
  • true: Only active rules
  • false: Only inactive/deleted rules
  • Omit to see all
hasCutoff
boolean
Filter for sales cutoff rules:
  • true: Only rules with salesCutoffMinutes
  • false: Rules without cutoff
hasAmount
boolean
Filter for amount-based rules:
  • true: Only rules with maxAmount or maxTotal
  • false: Rules without amount limits
hasAutoDate
boolean
Filter for auto-date rules:
  • true: Only rules with isAutoDate = true
  • false: Static date rules
page
number
default:"1"
Page number for pagination (min: 1)
pageSize
number
default:"20"
Items per page (min: 1, max: 100)

Response

success
boolean
Indicates if the request was successful
data
array
Array of restriction rules
meta
object
Pagination metadata

Examples

curl -X GET "https://api.example.com/api/v1/restrictions" \
  -H "Authorization: Bearer YOUR_TOKEN"

Response Example

{
  "success": true,
  "data": [
    {
      "id": "rule-uuid-1",
      "bancaId": "banca-uuid",
      "ventanaId": null,
      "userId": null,
      "restrictionType": "LIMIT",
      "number": "25",
      "isAutoDate": false,
      "maxAmount": 5000,
      "maxTotal": null,
      "baseAmount": null,
      "salesPercentage": null,
      "appliesToVendedor": false,
      "salesCutoffMinutes": null,
      "appliesToDate": null,
      "appliesToHour": null,
      "loteriaId": "loteria-uuid",
      "multiplierId": null,
      "message": "Número popular limitado",
      "isActive": true,
      "createdAt": "2025-03-01T10:00:00.000Z",
      "updatedAt": "2025-03-01T10:00:00.000Z",
      "deletedAt": null,
      "deletedReason": null,
      "createdBy": {
        "id": "admin-uuid",
        "name": "Admin User",
        "username": "admin"
      }
    },
    {
      "id": "rule-uuid-2",
      "bancaId": "banca-uuid",
      "ventanaId": null,
      "userId": null,
      "restrictionType": "CUTOFF",
      "number": null,
      "isAutoDate": false,
      "maxAmount": null,
      "maxTotal": null,
      "baseAmount": null,
      "salesPercentage": null,
      "appliesToVendedor": false,
      "salesCutoffMinutes": 10,
      "appliesToDate": null,
      "appliesToHour": null,
      "loteriaId": "loteria-uuid",
      "multiplierId": null,
      "message": null,
      "isActive": true,
      "createdAt": "2025-03-01T11:00:00.000Z",
      "updatedAt": "2025-03-01T11:00:00.000Z",
      "deletedAt": null,
      "deletedReason": null,
      "createdBy": {
        "id": "admin-uuid",
        "name": "Admin User",
        "username": "admin"
      }
    }
  ],
  "meta": {
    "page": 1,
    "pageSize": 20,
    "total": 2,
    "pages": 1
  }
}

RBAC Context

From src/api/v1/controllers/restrictionRule.controller.ts:46-72: 
async list(req: AuthenticatedRequest, res: Response) {
  const query = req.query as any;

  // If ADMIN with active banca context, filter by bancaId
  if (req.user!.role === 'ADMIN' && req.bancaContext?.bancaId && req.bancaContext.hasAccess) {
    query.bancaId = req.bancaContext.bancaId;
  }

  const result = await RestrictionRuleService.list(query);
  res.json({ success: true, data: result.data, meta: result.meta });
}

Create Restriction

Create new restriction rule

Get Restriction

Get single rule by ID

My Restrictions

Get effective rules for vendedor

Build docs developers (and LLMs) love

Get started for freeTalk to us