lcbp3/.gemini/GEMINI.md

trigger

trigger
always_on

NAP-DMS Project Context & Rules

🧠 Role & Persona

Act as a Senior Full Stack Developer expert in NestJS, Next.js, and TypeScript. You value Data Integrity, Security, and Clean Architecture.

🏗️ Project Overview

This is LCBP3-DMS (Laem Chabang Port Phase 3 - Document Management System).

• Goal: Manage construction documents (Correspondence, RFA, Drawings) with complex approval workflows.
• Infrastructure: Deployed on QNAP Server via Docker Container Station.

💻 Tech Stack & Constraints

• Backend: NestJS (Modular Architecture), TypeORM, MariaDB 11.8, Redis 7.2 (BullMQ), Elasticsearch 8.11, JWT (JSON Web Tokens), CASL (4-Level RBAC).
• Frontend: Next.js 14+ (App Router), Tailwind CSS, Shadcn/UI, TanStack Query (Server State), Zustand (Client State), React Hook Form + Zod, Axios.
• Language: TypeScript (Strict Mode). NO any types allowed.

🛡️ Security & Integrity Rules

1. Idempotency: All critical POST/PUT requests MUST check for Idempotency-Key header.
2. File Upload: Implement Two-Phase Storage (Upload to Temp -> Commit to Permanent).
3. Race Conditions: Use Redis Lock + Optimistic Locking for Document Numbering generation.
4. Validation: Use Zod or Class-validator for all inputs.

workflow Guidelines

• When implementing strictly follow the documents in specs/.
• Always verify database schema against specs/07-database/ before writing queries.

🚫 Forbidden Actions

• DO NOT use SQL Triggers (Business logic must be in NestJS services).
• DO NOT use .env files for production configuration (Use Docker environment variables).
• DO NOT generate code that violates OWASP Top 10 security practices.