diff --git a/src/app/api/admin/CustomersController.ts b/src/app/api/admin/CustomersController.ts
index 3b7ea244..90e429cf 100644
--- a/src/app/api/admin/CustomersController.ts
+++ b/src/app/api/admin/CustomersController.ts
@@ -7,6 +7,7 @@ import { Customer } from "le-coffre-resources/dist/Admin";
 import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -18,7 +19,7 @@ export default class CustomersController extends ApiController {
 	/**
 	 * @description Get all customers
 	 */
-	@Get("/api/v1/admin/customers", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/customers", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -70,7 +71,7 @@ export default class CustomersController extends ApiController {
 	/**
 	 * @description Modify a specific customer by uid
 	 */
-	@Put("/api/v1/admin/customers/:uid", [authHandler, ruleHandler])
+	@Put("/api/v1/admin/customers/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -111,7 +112,7 @@ export default class CustomersController extends ApiController {
 	/**
 	 * @description Get a specific customer by uid
 	 */
-	@Get("/api/v1/admin/customers/:uid", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/customers/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/admin/DeedTypesController.ts b/src/app/api/admin/DeedTypesController.ts
index 852b11cf..d1273879 100644
--- a/src/app/api/admin/DeedTypesController.ts
+++ b/src/app/api/admin/DeedTypesController.ts
@@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import deedTypeHandler from "@App/middlewares/OfficeMembershipHandlers/DeedTypeHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -21,7 +22,7 @@ export default class DeedTypesController extends ApiController {
 	 * @description Get all deedtypes
 	 * @returns Deedtype[] list of deedtypes
 	 */
-	@Get("/api/v1/admin/deed-types", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/deed-types", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -65,7 +66,7 @@ export default class DeedTypesController extends ApiController {
 	 * @description Create a new deedtype
 	 * @returns Deedtype created
 	 */
-	@Post("/api/v1/admin/deed-types", [authHandler, ruleHandler, deedTypeHandler])
+	@Post("/api/v1/admin/deed-types", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init DeedType resource with request body values
@@ -99,7 +100,7 @@ export default class DeedTypesController extends ApiController {
 	 * @description Modify a specific deedtype by uid
 	 * @returns Deedtype modified
 	 */
-	@Put("/api/v1/admin/deed-types/:uid", [authHandler, ruleHandler, deedTypeHandler])
+	@Put("/api/v1/admin/deed-types/:uid", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -141,7 +142,7 @@ export default class DeedTypesController extends ApiController {
 	 * @description Get a specific deedtype by uid
 	 * @returns IDeedtype
 	 */
-	@Get("/api/v1/admin/deed-types/:uid", [authHandler, ruleHandler, deedTypeHandler])
+	@Get("/api/v1/admin/deed-types/:uid", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/admin/DeedsController.ts b/src/app/api/admin/DeedsController.ts
index ae35aa4b..00a2fa20 100644
--- a/src/app/api/admin/DeedsController.ts
+++ b/src/app/api/admin/DeedsController.ts
@@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import deedHandler from "@App/middlewares/OfficeMembershipHandlers/DeedHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -21,7 +22,7 @@ export default class DeedsController extends ApiController {
 	 * @description Get all deeds
 	 * @returns Deed[] list of deeds
 	 */
-	@Get("/api/v1/admin/deeds", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/deeds", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -52,7 +53,7 @@ export default class DeedsController extends ApiController {
 	 * @description Get a specific deed by uid
 	 * @returns Deed
 	 */
-	@Get("/api/v1/admin/deeds/:uid", [authHandler, ruleHandler, deedHandler])
+	@Get("/api/v1/admin/deeds/:uid", [authHandler, roleHandler, ruleHandler, deedHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -87,7 +88,7 @@ export default class DeedsController extends ApiController {
 	/**
 	 * @description Modify a specific deed by uid
 	 */
-	@Put("/api/v1/admin/deeds/:uid", [authHandler, ruleHandler, deedHandler])
+	@Put("/api/v1/admin/deeds/:uid", [authHandler, roleHandler, ruleHandler, deedHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/admin/DocumentTypesController.ts b/src/app/api/admin/DocumentTypesController.ts
index 9089bd6a..582cd2f2 100644
--- a/src/app/api/admin/DocumentTypesController.ts
+++ b/src/app/api/admin/DocumentTypesController.ts
@@ -10,6 +10,7 @@ import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import documentTypeHandler from "@App/middlewares/OfficeMembershipHandlers/DocumentTypeHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -21,7 +22,7 @@ export default class DocumentTypesController extends ApiController {
 	/**
 	 * @description Get all document-types
 	 */
-	@Get("/api/v1/admin/document-types", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/document-types", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -53,7 +54,7 @@ export default class DocumentTypesController extends ApiController {
 	/**
 	 * @description Create a new documentType
 	 */
-	@Post("/api/v1/admin/document-types", [authHandler, ruleHandler, documentTypeHandler])
+	@Post("/api/v1/admin/document-types", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init DocumentType resource with request body values
@@ -77,7 +78,7 @@ export default class DocumentTypesController extends ApiController {
 	/**
 	 * @description Modify a specific documentType by uid
 	 */
-	@Put("/api/v1/admin/document-types/:uid", [authHandler, ruleHandler, documentTypeHandler])
+	@Put("/api/v1/admin/document-types/:uid", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/admin/DocumentsController.ts b/src/app/api/admin/DocumentsController.ts
index 5696450c..05a21c1e 100644
--- a/src/app/api/admin/DocumentsController.ts
+++ b/src/app/api/admin/DocumentsController.ts
@@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import documentHandler from "@App/middlewares/OfficeMembershipHandlers/DocumentHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -21,7 +22,7 @@ export default class DocumentsController extends ApiController {
 	 * @description Get all documents
 	 * @returns IDocument[] list of documents
 	 */
-	@Get("/api/v1/admin/documents", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/documents", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -52,7 +53,7 @@ export default class DocumentsController extends ApiController {
 	 * @description Create a new document
 	 * @returns IDocument created
 	 */
-	@Post("/api/v1/admin/documents", [authHandler, ruleHandler, documentHandler])
+	@Post("/api/v1/admin/documents", [authHandler, roleHandler, ruleHandler, documentHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init Document resource with request body values
@@ -80,7 +81,7 @@ export default class DocumentsController extends ApiController {
 	/**
 	 * @description Update a specific document
 	 */
-	@Put("/api/v1/admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
+	@Put("/api/v1/admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
 	protected async update(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -119,7 +120,7 @@ export default class DocumentsController extends ApiController {
 	/**
 	 * @description Delete a specific document
 	 */
-	@Delete("/api/v1/admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
+	@Delete("/api/v1/admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
 	protected async delete(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -152,7 +153,7 @@ export default class DocumentsController extends ApiController {
 	/**
 	 * @description Get a specific document by uid
 	 */
-	@Get("/api/v1/admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
+	@Get("/api/v1/admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/admin/FilesController.ts b/src/app/api/admin/FilesController.ts
index 0317d12f..583d3ddc 100644
--- a/src/app/api/admin/FilesController.ts
+++ b/src/app/api/admin/FilesController.ts
@@ -8,6 +8,7 @@ import { File } from "le-coffre-resources/dist/Admin";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import fileHandler from "@App/middlewares/OfficeMembershipHandlers/FileHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -20,7 +21,7 @@ export default class FilesController extends ApiController {
 	 * @description Get all Files
 	 * @returns File[] list of Files
 	 */
-	@Get("/api/v1/admin/files", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/files", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -49,7 +50,7 @@ export default class FilesController extends ApiController {
 	/**
 	 * @description Get a specific File by uid
 	 */
-	@Get("/api/v1/admin/files/download/:uid", [authHandler, ruleHandler, fileHandler])
+	@Get("/api/v1/admin/files/download/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
 	protected async download(req: Request, response: Response) {
 		const uid = req.params["uid"];
 		if (!uid) {
@@ -77,7 +78,7 @@ export default class FilesController extends ApiController {
 	/**
 	 * @description Delete a specific File
 	 */
-	@Delete("/api/v1/admin/files/:uid", [authHandler, ruleHandler, fileHandler])
+	@Delete("/api/v1/admin/files/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
 	protected async delete(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -115,7 +116,7 @@ export default class FilesController extends ApiController {
 	/**
 	 * @description Get a specific File by uid
 	 */
-	@Get("/api/v1/admin/files/:uid", [authHandler, ruleHandler, fileHandler])
+	@Get("/api/v1/admin/files/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/admin/OfficeFoldersController.ts b/src/app/api/admin/OfficeFoldersController.ts
index b5906906..42fbdc58 100644
--- a/src/app/api/admin/OfficeFoldersController.ts
+++ b/src/app/api/admin/OfficeFoldersController.ts
@@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import folderHandler from "@App/middlewares/OfficeMembershipHandlers/FolderHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -20,7 +21,7 @@ export default class OfficeFoldersController extends ApiController {
 	/**
 	 * @description Get all folders
 	 */
-	@Get("/api/v1/admin/folders", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/folders", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -80,7 +81,7 @@ export default class OfficeFoldersController extends ApiController {
 	/**
 	 * @description Create a new folder
 	 */
-	@Post("/api/v1/admin/folders", [authHandler, ruleHandler, folderHandler])
+	@Post("/api/v1/admin/folders", [authHandler, roleHandler, ruleHandler, folderHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init OfficeFolder resource with request body values
@@ -104,7 +105,7 @@ export default class OfficeFoldersController extends ApiController {
 	/**
 	 * @description Modify a specific folder by uid
 	 */
-	@Put("/api/v1/admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
+	@Put("/api/v1/admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -146,7 +147,7 @@ export default class OfficeFoldersController extends ApiController {
 	 * @description Get a specific folder by uid
 	 * @returns IFolder
 	 */
-	@Get("/api/v1/admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
+	@Get("/api/v1/admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -182,7 +183,7 @@ export default class OfficeFoldersController extends ApiController {
 	/**
 	 * @description Delete a specific folder
 	 */
-	@Delete("/api/v1/admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
+	@Delete("/api/v1/admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
 	protected async delete(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/admin/OfficeRolesController.ts b/src/app/api/admin/OfficeRolesController.ts
index 9dfb2022..5c06e471 100644
--- a/src/app/api/admin/OfficeRolesController.ts
+++ b/src/app/api/admin/OfficeRolesController.ts
@@ -9,6 +9,7 @@ import { Prisma } from "@prisma/client";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import officeRoleHandler from "@App/middlewares/OfficeMembershipHandlers/OfficeRoleHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -20,7 +21,7 @@ export default class OfficeRolesController extends ApiController {
 	/**
 	 * @description Get all officeRoles
 	 */
-	@Get("/api/v1/admin/office-roles", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/office-roles", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -63,7 +64,7 @@ export default class OfficeRolesController extends ApiController {
 	/**
 	 * @description Create a new officeRole
 	 */
-	@Post("/api/v1/admin/office-roles", [authHandler, ruleHandler, officeRoleHandler])
+	@Post("/api/v1/admin/office-roles", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
 	protected async getAddresses(req: Request, response: Response) {
 		try {
 			//init IOfficeRole resource with request body values
@@ -91,7 +92,7 @@ export default class OfficeRolesController extends ApiController {
 	/**
 	 * @description Modify a specific officeRole by uid
 	 */
-	@Put("/api/v1/admin/office-roles/:uid", [authHandler, ruleHandler, officeRoleHandler])
+	@Put("/api/v1/admin/office-roles/:uid", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -132,7 +133,7 @@ export default class OfficeRolesController extends ApiController {
 	/**
 	 * @description Get a specific officeRole by uid
 	 */
-	@Get("/api/v1/admin/office-roles/:uid", [authHandler, ruleHandler, officeRoleHandler])
+	@Get("/api/v1/admin/office-roles/:uid", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/admin/OfficesController.ts b/src/app/api/admin/OfficesController.ts
index 99433c13..546d240f 100644
--- a/src/app/api/admin/OfficesController.ts
+++ b/src/app/api/admin/OfficesController.ts
@@ -7,6 +7,7 @@ import { Offices } from "@prisma/client";
 import { Office as OfficeResource } from "le-coffre-resources/dist/Admin";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import authHandler from "@App/middlewares/AuthHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -17,7 +18,7 @@ export default class OfficesController extends ApiController {
 	/**
 	 * @description Get all offices
 	 */
-	@Get("/api/v1/admin/offices", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/offices", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -40,7 +41,7 @@ export default class OfficesController extends ApiController {
 	/**
 	 * @description Get a specific office by uid
 	 */
-	@Get("/api/v1/admin/offices/:uid", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/offices/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/admin/RolesController.ts b/src/app/api/admin/RolesController.ts
index 32ab6440..634bd92e 100644
--- a/src/app/api/admin/RolesController.ts
+++ b/src/app/api/admin/RolesController.ts
@@ -6,6 +6,7 @@ import { Service } from "typedi";
 import { Role } from "le-coffre-resources/dist/Admin";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -17,7 +18,7 @@ export default class RolesController extends ApiController {
 	/**
 	 * @description Get all roles
 	 */
-	@Get("/api/v1/admin/roles", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/roles", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -43,7 +44,7 @@ export default class RolesController extends ApiController {
 	/**
 	 * @description Get a specific role by uid
 	 */
-	@Get("/api/v1/admin/roles/:uid", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/roles/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/admin/RulesController.ts b/src/app/api/admin/RulesController.ts
index de343769..55526601 100644
--- a/src/app/api/admin/RulesController.ts
+++ b/src/app/api/admin/RulesController.ts
@@ -6,6 +6,7 @@ import { Service } from "typedi";
 import { Rule } from "le-coffre-resources/dist/Admin";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -17,7 +18,7 @@ export default class RulesController extends ApiController {
 	/**
 	 * @description Get all rules
 	 */
-	@Get("/api/v1/admin/rules", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/rules", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -43,7 +44,7 @@ export default class RulesController extends ApiController {
 	/**
 	 * @description Get a specific rule by uid
 	 */
-	@Get("/api/v1/admin/rules/:uid", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/rules/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/admin/UsersController.ts b/src/app/api/admin/UsersController.ts
index 2d6d3465..ee208504 100644
--- a/src/app/api/admin/UsersController.ts
+++ b/src/app/api/admin/UsersController.ts
@@ -9,6 +9,7 @@ import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import userHandler from "@App/middlewares/OfficeMembershipHandlers/UserHandler";
 import { validateOrReject } from "class-validator";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -20,7 +21,7 @@ export default class UsersController extends ApiController {
 	/**
 	 * @description Get all users
 	 */
-	@Get("/api/v1/admin/users", [authHandler, ruleHandler])
+	@Get("/api/v1/admin/users", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -65,7 +66,7 @@ export default class UsersController extends ApiController {
 	/**
 	 * @description Modify a specific user by uid
 	 */
-		@Put("/api/v1/admin/users/:uid", [authHandler, ruleHandler])
+		@Put("/api/v1/admin/users/:uid", [authHandler, roleHandler, ruleHandler])
 		protected async put(req: Request, response: Response) {
 			try {
 				const uid = req.params["uid"];
@@ -106,7 +107,7 @@ export default class UsersController extends ApiController {
 	/**
 	 * @description Get a specific user by uid
 	 */
-	@Get("/api/v1/admin/users/:uid", [authHandler, ruleHandler, userHandler])
+	@Get("/api/v1/admin/users/:uid", [authHandler, roleHandler, ruleHandler, userHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/super-admin/AppointmentsController.ts b/src/app/api/super-admin/AppointmentsController.ts
index f2790755..1c3f7346 100644
--- a/src/app/api/super-admin/AppointmentsController.ts
+++ b/src/app/api/super-admin/AppointmentsController.ts
@@ -5,6 +5,7 @@ import AppointmentsService from "@Services/super-admin/AppointmentsService/Appoi
 import { Service } from "typedi";
 import { Appointment } from "le-coffre-resources/dist/SuperAdmin";
 import authHandler from "@App/middlewares/AuthHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -16,7 +17,7 @@ export default class AppointmentsController extends ApiController {
 	/**
 	 * @description Get all appointments
 	 */
-	@Get("/api/v1/super-admin/appointments", [authHandler])
+	@Get("/api/v1/super-admin/appointments", [authHandler, roleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -42,7 +43,7 @@ export default class AppointmentsController extends ApiController {
 	/**
 	 * @description Get a specific appointment by uid
 	 */
-	@Get("/api/v1/super-admin/appointments/:uid", [authHandler])
+	@Get("/api/v1/super-admin/appointments/:uid", [authHandler, roleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/super-admin/CustomersController.ts b/src/app/api/super-admin/CustomersController.ts
index 56c718b0..d1a15fd2 100644
--- a/src/app/api/super-admin/CustomersController.ts
+++ b/src/app/api/super-admin/CustomersController.ts
@@ -7,6 +7,7 @@ import { Customer } from "le-coffre-resources/dist/SuperAdmin";
 import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -18,7 +19,7 @@ export default class CustomersController extends ApiController {
 	/**
 	 * @description Get all customers
 	 */
-	@Get("/api/v1/super-admin/customers", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/customers", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -44,7 +45,7 @@ export default class CustomersController extends ApiController {
 	/**
 	 * @description Create a new customer
 	 */
-	@Post("/api/v1/super-admin/customers", [authHandler, ruleHandler])
+	@Post("/api/v1/super-admin/customers", [authHandler, roleHandler, ruleHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init IUser resource with request body values
@@ -70,7 +71,7 @@ export default class CustomersController extends ApiController {
 	/**
 	 * @description Modify a specific customer by uid
 	 */
-	@Put("/api/v1/super-admin/customers/:uid", [authHandler, ruleHandler])
+	@Put("/api/v1/super-admin/customers/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -111,7 +112,7 @@ export default class CustomersController extends ApiController {
 	/**
 	 * @description Get a specific customer by uid
 	 */
-	@Get("/api/v1/super-admin/customers/:uid", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/customers/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/super-admin/DeedTypesController.ts b/src/app/api/super-admin/DeedTypesController.ts
index 0a499a8f..5ab62ce1 100644
--- a/src/app/api/super-admin/DeedTypesController.ts
+++ b/src/app/api/super-admin/DeedTypesController.ts
@@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import deedTypeHandler from "@App/middlewares/OfficeMembershipHandlers/DeedTypeHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -21,7 +22,7 @@ export default class DeedTypesController extends ApiController {
 	 * @description Get all deedtypes
 	 * @returns Deedtype[] list of deedtypes
 	 */
-	@Get("/api/v1/super-admin/deed-types", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/deed-types", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -65,7 +66,7 @@ export default class DeedTypesController extends ApiController {
 	 * @description Create a new deedtype
 	 * @returns Deedtype created
 	 */
-	@Post("/api/v1/super-admin/deed-types", [authHandler, ruleHandler, deedTypeHandler])
+	@Post("/api/v1/super-admin/deed-types", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init DeedType resource with request body values
@@ -94,7 +95,7 @@ export default class DeedTypesController extends ApiController {
 	 * @description Modify a specific deedtype by uid
 	 * @returns Deedtype modified
 	 */
-	@Put("/api/v1/super-admin/deed-types/:uid", [authHandler, ruleHandler, deedTypeHandler])
+	@Put("/api/v1/super-admin/deed-types/:uid", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -136,7 +137,7 @@ export default class DeedTypesController extends ApiController {
 	 * @description Get a specific deedtype by uid
 	 * @returns IDeedtype
 	 */
-	@Get("/api/v1/super-admin/deed-types/:uid", [authHandler, ruleHandler, deedTypeHandler])
+	@Get("/api/v1/super-admin/deed-types/:uid", [authHandler, roleHandler, ruleHandler, deedTypeHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/super-admin/DeedsController.ts b/src/app/api/super-admin/DeedsController.ts
index 06e20d9d..a06de5ad 100644
--- a/src/app/api/super-admin/DeedsController.ts
+++ b/src/app/api/super-admin/DeedsController.ts
@@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import deedHandler from "@App/middlewares/OfficeMembershipHandlers/DeedHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -21,7 +22,7 @@ export default class DeedsController extends ApiController {
 	 * @description Get all deeds
 	 * @returns Deed[] list of deeds
 	 */
-	@Get("/api/v1/super-admin/deeds", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/deeds", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -52,7 +53,7 @@ export default class DeedsController extends ApiController {
 	 * @description Get a specific deed by uid
 	 * @returns Deed
 	 */
-	@Get("/api/v1/super-admin/deeds/:uid", [authHandler, ruleHandler, deedHandler])
+	@Get("/api/v1/super-admin/deeds/:uid", [authHandler, roleHandler, ruleHandler, deedHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -87,7 +88,7 @@ export default class DeedsController extends ApiController {
 	/**
 	 * @description Modify a specific deed by uid
 	 */
-	@Put("/api/v1/super-admin/deeds/:uid", [authHandler, ruleHandler, deedHandler])
+	@Put("/api/v1/super-admin/deeds/:uid", [authHandler, roleHandler, ruleHandler, deedHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/super-admin/DocumentTypesController.ts b/src/app/api/super-admin/DocumentTypesController.ts
index 577086d5..85dc6896 100644
--- a/src/app/api/super-admin/DocumentTypesController.ts
+++ b/src/app/api/super-admin/DocumentTypesController.ts
@@ -10,6 +10,7 @@ import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import documentTypeHandler from "@App/middlewares/OfficeMembershipHandlers/DocumentTypeHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -21,7 +22,7 @@ export default class DocumentTypesController extends ApiController {
 	/**
 	 * @description Get all document-types
 	 */
-	@Get("/api/v1/super-admin/document-types", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/document-types", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -53,7 +54,7 @@ export default class DocumentTypesController extends ApiController {
 	/**
 	 * @description Create a new documentType
 	 */
-	@Post("/api/v1/super-admin/document-types", [authHandler, ruleHandler, documentTypeHandler])
+	@Post("/api/v1/super-admin/document-types", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init DocumentType resource with request body values
@@ -82,7 +83,7 @@ export default class DocumentTypesController extends ApiController {
 	/**
 	 * @description Modify a specific documentType by uid
 	 */
-	@Put("/api/v1/super-admin/document-types/:uid", [authHandler, ruleHandler, documentTypeHandler])
+	@Put("/api/v1/super-admin/document-types/:uid", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -122,7 +123,7 @@ export default class DocumentTypesController extends ApiController {
 	/**
 	 * @description Get a specific documentType by uid
 	 */
-	@Get("/api/v1/super-admin/document-types/:uid", [authHandler, ruleHandler, documentTypeHandler])
+	@Get("/api/v1/super-admin/document-types/:uid", [authHandler, roleHandler, ruleHandler, documentTypeHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/super-admin/DocumentsController.ts b/src/app/api/super-admin/DocumentsController.ts
index 6d2e7400..f589ce4c 100644
--- a/src/app/api/super-admin/DocumentsController.ts
+++ b/src/app/api/super-admin/DocumentsController.ts
@@ -1,5 +1,6 @@
 import authHandler from "@App/middlewares/AuthHandler";
 import documentHandler from "@App/middlewares/OfficeMembershipHandlers/DocumentHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import ApiController from "@Common/system/controller-pattern/ApiController";
 import { Controller, Delete, Get, Post, Put } from "@ControllerPattern/index";
@@ -21,7 +22,7 @@ export default class DocumentsController extends ApiController {
 	 * @description Get all documents
 	 * @returns IDocument[] list of documents
 	 */
-	@Get("/api/v1/super-admin/documents", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/documents", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -56,7 +57,7 @@ export default class DocumentsController extends ApiController {
 	 * @description Create a new document
 	 * @returns IDocument created
 	 */
-	@Post("/api/v1/super-admin/documents", [authHandler, ruleHandler, documentHandler])
+	@Post("/api/v1/super-admin/documents", [authHandler, roleHandler, ruleHandler, documentHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init Document resource with request body values
@@ -84,7 +85,7 @@ export default class DocumentsController extends ApiController {
 	/**
 	 * @description Update a specific document
 	 */
-	@Put("/api/v1/super-admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
+	@Put("/api/v1/super-admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
 	protected async update(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -123,7 +124,7 @@ export default class DocumentsController extends ApiController {
 	/**
 	 * @description Delete a specific document
 	 */
-	@Delete("/api/v1/super-admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
+	@Delete("/api/v1/super-admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
 	protected async delete(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -156,7 +157,7 @@ export default class DocumentsController extends ApiController {
 	/**
 	 * @description Get a specific document by uid
 	 */
-	@Get("/api/v1/super-admin/documents/:uid", [authHandler, ruleHandler, documentHandler])
+	@Get("/api/v1/super-admin/documents/:uid", [authHandler, roleHandler, ruleHandler, documentHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/super-admin/FilesController.ts b/src/app/api/super-admin/FilesController.ts
index cf085d5f..cb1b7f8d 100644
--- a/src/app/api/super-admin/FilesController.ts
+++ b/src/app/api/super-admin/FilesController.ts
@@ -8,6 +8,7 @@ import { File } from "le-coffre-resources/dist/SuperAdmin";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import fileHandler from "@App/middlewares/OfficeMembershipHandlers/FileHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -20,7 +21,7 @@ export default class FilesController extends ApiController {
 	 * @description Get all Files
 	 * @returns File[] list of Files
 	 */
-	@Get("/api/v1/super-admin/files", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/files", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -50,7 +51,7 @@ export default class FilesController extends ApiController {
 	/**
 	 * @description Get a specific File by uid
 	 */
-	@Get("/api/v1/super-admin/files/download/:uid", [authHandler, ruleHandler, fileHandler])
+	@Get("/api/v1/super-admin/files/download/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
 	protected async download(req: Request, response: Response) {
 		const uid = req.params["uid"];
 		if (!uid) {
@@ -78,7 +79,7 @@ export default class FilesController extends ApiController {
 	/**
 	 * @description Delete a specific File
 	 */
-	@Delete("/api/v1/super-admin/files/:uid", [authHandler, ruleHandler, fileHandler])
+	@Delete("/api/v1/super-admin/files/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
 	protected async delete(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -116,7 +117,7 @@ export default class FilesController extends ApiController {
 	/**
 	 * @description Get a specific File by uid
 	 */
-	@Get("/api/v1/super-admin/files/:uid", [authHandler, ruleHandler, fileHandler])
+	@Get("/api/v1/super-admin/files/:uid", [authHandler, roleHandler, ruleHandler, fileHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/super-admin/LiveVoteController.ts b/src/app/api/super-admin/LiveVoteController.ts
index 0e3307f4..4a9104ca 100644
--- a/src/app/api/super-admin/LiveVoteController.ts
+++ b/src/app/api/super-admin/LiveVoteController.ts
@@ -1,4 +1,5 @@
 import authHandler from "@App/middlewares/AuthHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 import ApiController from "@Common/system/controller-pattern/ApiController";
 import { Controller, Post } from "@ControllerPattern/index";
 import { EAppointmentStatus } from "@prisma/client";
@@ -26,7 +27,7 @@ export default class LiveVoteController extends ApiController {
 	/**
 	 * @description Create a new vote
 	 */
-	@Post("/api/v1/super-admin/live-votes", [authHandler])
+	@Post("/api/v1/super-admin/live-votes", [authHandler, roleHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			const userId = req.body.user.userId;
diff --git a/src/app/api/super-admin/OfficeFoldersController.ts b/src/app/api/super-admin/OfficeFoldersController.ts
index de9d6586..e0b01345 100644
--- a/src/app/api/super-admin/OfficeFoldersController.ts
+++ b/src/app/api/super-admin/OfficeFoldersController.ts
@@ -9,6 +9,7 @@ import { validateOrReject } from "class-validator";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import folderHandler from "@App/middlewares/OfficeMembershipHandlers/FolderHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -20,7 +21,7 @@ export default class OfficeFoldersController extends ApiController {
 	/**
 	 * @description Get all folders
 	 */
-	@Get("/api/v1/super-admin/folders", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/folders", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -79,7 +80,7 @@ export default class OfficeFoldersController extends ApiController {
 	/**
 	 * @description Create a new folder
 	 */
-	@Post("/api/v1/super-admin/folders", [authHandler, ruleHandler, folderHandler])
+	@Post("/api/v1/super-admin/folders", [authHandler, roleHandler, ruleHandler, folderHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init OfficeFolder resource with request body values
@@ -103,7 +104,7 @@ export default class OfficeFoldersController extends ApiController {
 	/**
 	 * @description Modify a specific folder by uid
 	 */
-	@Put("/api/v1/super-admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
+	@Put("/api/v1/super-admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -145,7 +146,7 @@ export default class OfficeFoldersController extends ApiController {
 	 * @description Get a specific folder by uid
 	 * @returns IFolder
 	 */
-	@Get("/api/v1/super-admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
+	@Get("/api/v1/super-admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -180,7 +181,7 @@ export default class OfficeFoldersController extends ApiController {
 	/**
 	 * @description Delete a specific folder
 	 */
-	@Delete("/api/v1/super-admin/folders/:uid", [authHandler, ruleHandler, folderHandler])
+	@Delete("/api/v1/super-admin/folders/:uid", [authHandler, roleHandler, ruleHandler, folderHandler])
 	protected async delete(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/super-admin/OfficeRolesController.ts b/src/app/api/super-admin/OfficeRolesController.ts
index 80d54d7e..802c223e 100644
--- a/src/app/api/super-admin/OfficeRolesController.ts
+++ b/src/app/api/super-admin/OfficeRolesController.ts
@@ -9,6 +9,7 @@ import { Prisma } from "@prisma/client";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import officeRoleHandler from "@App/middlewares/OfficeMembershipHandlers/OfficeRoleHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -20,7 +21,7 @@ export default class OfficeRolesController extends ApiController {
 	/**
 	 * @description Get all officeRoles
 	 */
-	@Get("/api/v1/super-admin/office-roles", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/office-roles", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -62,7 +63,7 @@ export default class OfficeRolesController extends ApiController {
 	/**
 	 * @description Create a new officeRole
 	 */
-	@Post("/api/v1/super-admin/office-roles", [authHandler, ruleHandler, officeRoleHandler])
+	@Post("/api/v1/super-admin/office-roles", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
 	protected async getAddresses(req: Request, response: Response) {
 		try {
 			//init IOfficeRole resource with request body values
@@ -90,7 +91,7 @@ export default class OfficeRolesController extends ApiController {
 	/**
 	 * @description Modify a specific officeRole by uid
 	 */
-	@Put("/api/v1/super-admin/office-roles/:uid", [authHandler, ruleHandler, officeRoleHandler])
+	@Put("/api/v1/super-admin/office-roles/:uid", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -131,7 +132,7 @@ export default class OfficeRolesController extends ApiController {
 	/**
 	 * @description Get a specific officeRole by uid
 	 */
-	@Get("/api/v1/super-admin/office-roles/:uid", [authHandler, ruleHandler, officeRoleHandler])
+	@Get("/api/v1/super-admin/office-roles/:uid", [authHandler, roleHandler, ruleHandler, officeRoleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/super-admin/OfficesController.ts b/src/app/api/super-admin/OfficesController.ts
index e6702675..3fb1bd00 100644
--- a/src/app/api/super-admin/OfficesController.ts
+++ b/src/app/api/super-admin/OfficesController.ts
@@ -8,6 +8,7 @@ import { Office as OfficeResource } from "le-coffre-resources/dist/SuperAdmin";
 import { validateOrReject } from "class-validator";
 import ruleHandler from "@App/middlewares/RulesHandler";
 import authHandler from "@App/middlewares/AuthHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -18,7 +19,7 @@ export default class OfficesController extends ApiController {
 	/**
 	 * @description Get all offices
 	 */
-	@Get("/api/v1/super-admin/offices", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/offices", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -53,7 +54,7 @@ export default class OfficesController extends ApiController {
 	/**
 	 * @description Create a new office
 	 */
-	@Post("/api/v1/super-admin/offices", [authHandler, ruleHandler])
+	@Post("/api/v1/super-admin/offices", [authHandler, roleHandler, ruleHandler])
 	protected async post(req: Request, response: Response) {
 		try {
 			//init IUser resource with request body values
@@ -76,7 +77,7 @@ export default class OfficesController extends ApiController {
 	/**
 	 * @description Modify a specific office by uid
 	 */
-	@Put("/api/v1/super-admin/offices/:uid", [authHandler, ruleHandler])
+	@Put("/api/v1/super-admin/offices/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -111,7 +112,7 @@ export default class OfficesController extends ApiController {
 	/**
 	 * @description Get a specific office by uid
 	 */
-	@Get("/api/v1/super-admin/offices/:uid", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/offices/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/super-admin/RolesController.ts b/src/app/api/super-admin/RolesController.ts
index ba0683ab..372c02c5 100644
--- a/src/app/api/super-admin/RolesController.ts
+++ b/src/app/api/super-admin/RolesController.ts
@@ -7,6 +7,7 @@ import { validateOrReject } from "class-validator";
 import { Role } from "le-coffre-resources/dist/SuperAdmin";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -18,7 +19,7 @@ export default class RolesController extends ApiController {
 	/**
 	 * @description Get all roles
 	 */
-	@Get("/api/v1/super-admin/roles", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/roles", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -44,7 +45,7 @@ export default class RolesController extends ApiController {
 	/**
 	 * @description Create a new role
 	 */
-	@Post("/api/v1/super-admin/roles", [authHandler, ruleHandler])
+	@Post("/api/v1/super-admin/roles", [authHandler, roleHandler, ruleHandler])
 	protected async getAddresses(req: Request, response: Response) {
 		try {
 			//init IRole resource with request body values
@@ -72,7 +73,7 @@ export default class RolesController extends ApiController {
 	/**
 	 * @description Modify a specific role by uid
 	 */
-	@Put("/api/v1/super-admin/roles/:uid", [authHandler, ruleHandler])
+	@Put("/api/v1/super-admin/roles/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -113,7 +114,7 @@ export default class RolesController extends ApiController {
 	/**
 	 * @description Get a specific role by uid
 	 */
-	@Get("/api/v1/super-admin/roles/:uid", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/roles/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/super-admin/RulesController.ts b/src/app/api/super-admin/RulesController.ts
index c0bc87c1..025ec5c0 100644
--- a/src/app/api/super-admin/RulesController.ts
+++ b/src/app/api/super-admin/RulesController.ts
@@ -7,6 +7,7 @@ import { validateOrReject } from "class-validator";
 import { Rule } from "le-coffre-resources/dist/SuperAdmin";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -18,7 +19,7 @@ export default class RulesController extends ApiController {
 	/**
 	 * @description Get all rules
 	 */
-	@Get("/api/v1/super-admin/rules", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/rules", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -44,7 +45,7 @@ export default class RulesController extends ApiController {
 	/**
 	 * @description Create a new rule
 	 */
-	@Post("/api/v1/super-admin/rules", [authHandler, ruleHandler])
+	@Post("/api/v1/super-admin/rules", [authHandler, roleHandler, ruleHandler])
 	protected async getAddresses(req: Request, response: Response) {
 		try {
 			//init IRule resource with request body values
@@ -72,7 +73,7 @@ export default class RulesController extends ApiController {
 	/**
 	 * @description Modify a specific rule by uid
 	 */
-	@Put("/api/v1/super-admin/rules/:uid", [authHandler, ruleHandler])
+	@Put("/api/v1/super-admin/rules/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -113,7 +114,7 @@ export default class RulesController extends ApiController {
 	/**
 	 * @description Get a specific rule by uid
 	 */
-	@Get("/api/v1/super-admin/rules/:uid", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/rules/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/super-admin/UsersController.ts b/src/app/api/super-admin/UsersController.ts
index a9815f14..f6e28794 100644
--- a/src/app/api/super-admin/UsersController.ts
+++ b/src/app/api/super-admin/UsersController.ts
@@ -7,6 +7,7 @@ import { validateOrReject } from "class-validator";
 import User from "le-coffre-resources/dist/SuperAdmin";
 import authHandler from "@App/middlewares/AuthHandler";
 import ruleHandler from "@App/middlewares/RulesHandler";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -18,7 +19,7 @@ export default class UsersController extends ApiController {
 	/**
 	 * @description Get all users
 	 */
-	@Get("/api/v1/super-admin/users", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/users", [authHandler, roleHandler, ruleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -58,7 +59,7 @@ export default class UsersController extends ApiController {
 	/**
 	 * @description Create a new user
 	 */
-	@Post("/api/v1/super-admin/users", [authHandler, ruleHandler])
+	@Post("/api/v1/super-admin/users", [authHandler, roleHandler, ruleHandler])
 	protected async create(req: Request, response: Response) {
 		try {
 			//init IUser resource with request body values
@@ -86,7 +87,7 @@ export default class UsersController extends ApiController {
 	/**
 	 * @description Modify a specific user by uid
 	 */
-	@Put("/api/v1/super-admin/users/:uid", [authHandler, ruleHandler])
+	@Put("/api/v1/super-admin/users/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async put(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -128,7 +129,7 @@ export default class UsersController extends ApiController {
 	/**
 	 * @description Get a specific user by uid
 	 */
-	@Get("/api/v1/super-admin/users/:uid", [authHandler, ruleHandler])
+	@Get("/api/v1/super-admin/users/:uid", [authHandler, roleHandler, ruleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/api/super-admin/VotesController.ts b/src/app/api/super-admin/VotesController.ts
index 4d25ef6d..308e46e3 100644
--- a/src/app/api/super-admin/VotesController.ts
+++ b/src/app/api/super-admin/VotesController.ts
@@ -6,6 +6,7 @@ import { Service } from "typedi";
 import { Vote } from "le-coffre-resources/dist/SuperAdmin";
 import authHandler from "@App/middlewares/AuthHandler";
 import { Votes } from "@prisma/client";
+import roleHandler from "@App/middlewares/RolesHandler";
 
 @Controller()
 @Service()
@@ -17,7 +18,7 @@ export default class VotesController extends ApiController {
 	/**
 	 * @description Get all votes
 	 */
-	@Get("/api/v1/super-admin/votes", [authHandler])
+	@Get("/api/v1/super-admin/votes", [authHandler, roleHandler])
 	protected async get(req: Request, response: Response) {
 		try {
 			//get query
@@ -43,7 +44,7 @@ export default class VotesController extends ApiController {
 	/**
 	 * @description Get a specific vote by uid
 	 */
-	@Get("/api/v1/super-admin/votes/:uid", [authHandler])
+	@Get("/api/v1/super-admin/votes/:uid", [authHandler, roleHandler])
 	protected async getOneByUid(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
@@ -78,7 +79,7 @@ export default class VotesController extends ApiController {
 	/**
 	 * @description Delete a specific vote
 	 */
-	@Delete("/api/v1/super-admin/votes/:uid", [authHandler])
+	@Delete("/api/v1/super-admin/votes/:uid", [authHandler, roleHandler])
 	protected async delete(req: Request, response: Response) {
 		try {
 			const uid = req.params["uid"];
diff --git a/src/app/middlewares/RolesHandler.ts b/src/app/middlewares/RolesHandler.ts
new file mode 100644
index 00000000..3a4a9c77
--- /dev/null
+++ b/src/app/middlewares/RolesHandler.ts
@@ -0,0 +1,22 @@
+import HttpCodes from "@Common/system/controller-pattern/HttpCodes";
+import { NextFunction, Request, Response } from "express";
+
+export default async function roleHandler(req: Request, response: Response, next: NextFunction) {
+	try {
+
+		const namespace = req.path && req.path.split("/")[3];
+		const role = req.body.user.role;
+
+		if (namespace != "notary" && role != namespace && role != "super-admin") {
+			response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this role");
+			return;
+		}
+
+		next();
+		
+	} catch (error) {
+		console.log(error);
+		response.status(HttpCodes.INTERNAL_ERROR).send("Internal server error");
+		return;
+	}
+}
diff --git a/src/app/middlewares/RulesHandler.ts b/src/app/middlewares/RulesHandler.ts
index 16040875..cd35dcfe 100644
--- a/src/app/middlewares/RulesHandler.ts
+++ b/src/app/middlewares/RulesHandler.ts
@@ -6,19 +6,7 @@ export default async function ruleHandler(req: Request, response: Response, next
 		const rules = req.body.user.rules;
 		const service = req.path && req.path.split("/")[4];
 
-		// if (!rules) {
-		// 	response.status(HttpCodes.UNAUTHORIZED).send("Missing rules in JWT");
-		// 	return;
-		// }
-		const namespace = req.path && req.path.split("/")[3];
-		const role = req.body.user.role;
-
-		if (namespace != "notary" && role != namespace && role != "super-admin") {
-			response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with this role");
-			return;
-		}
-
-		if (!rules.includes(req.method + " " + service) && role != "super-admin") {
+		if (!rules.includes(req.method + " " + service)) {
 			response.status(HttpCodes.UNAUTHORIZED).send("Unauthorized with those rules");
 			return;
 		}