260322:1648 Correct Coresspondence / Doing RFA / Correct CI
This commit is contained in:
admin
@@ -10,6 +10,7 @@
|
||||
## 🎯 Objective
|
||||
|
||||
Refactor the DMS system (Backend & Frontend) to support **High Scalability (100k+ Documents)**, **Enhanced Security (RBAC/Audit)**, and **Enterprise-Grade UX**. This task consolidates three key initiatives:
|
||||
|
||||
1. **Advanced Storage Management:** Optimize file storage for large datasets (Data Integrity).
|
||||
2. **Admin Panel Refactor:** Secure and reorganize the administrative interface.
|
||||
3. **Document Management Interface:** Improve frontend performance and usability for large document lists.
|
||||
@@ -34,26 +35,30 @@ Refactor the DMS system (Backend & Frontend) to support **High Scalability (100k
|
||||
**Goal:** Shift from "Upload Date" to "Issue Date" storage logic and implement deep directory structures for performance.
|
||||
|
||||
#### 1.1 Database Schema (Data Integrity)
|
||||
|
||||
- [ ] **Verify Date Columns:** Ensure `rfa`, `correspondence`, `drawing_revisions` have a reliable `issue_date` or `document_date`.
|
||||
- [ ] **Update Attachments Table:** Add `reference_date` column to `attachments` to freeze the storage path date (prevents broken paths if document date changes).
|
||||
|
||||
#### 1.2 FileStorageService Refactor
|
||||
|
||||
- [ ] **Update `commit()` Logic:** Change storage path generation logic.
|
||||
- *Old:* `/permanent/YYYY/MM/uuid.pdf` (based on execution time)
|
||||
- *New:* `/permanent/{DocumentType}/{YYYY}/{MM}/{uuid}.pdf` (based on `issue_date`)
|
||||
- _Old:_ `/permanent/YYYY/MM/uuid.pdf` (based on execution time)
|
||||
- _New:_ `/permanent/{DocumentType}/{YYYY}/{MM}/{uuid}.pdf` (based on `issue_date`)
|
||||
- [ ] **Fail-safe Logic:** Implement fallback to `created_at` if `issue_date` is missing.
|
||||
|
||||
#### 1.3 Infrastructure & Security
|
||||
|
||||
- [ ] **Deep Directory Structure:** Implement logic to handle nested folders to verify Inode limits.
|
||||
- [ ] **Path Isolation:** Ensure Web Server (NestJS) has `ReadOnly` access to `permanent` storage, `Write` only for specific services.
|
||||
- [ ] **Streaming Proxy:** Enforce file access via API Stream only (Check RBAC -> Stream File), never expose direct static paths.
|
||||
|
||||
#### 1.4 Data Migration (Legacy Support)
|
||||
|
||||
- [ ] **Develop Migration Script:**
|
||||
1. Scan `attachments` where `is_temporary = false`.
|
||||
2. Retrieve `issue_date` from parent entity.
|
||||
3. Move file to new structure.
|
||||
4. Update `stored_path` in DB.
|
||||
1. Scan `attachments` where `is_temporary = false`.
|
||||
2. Retrieve `issue_date` from parent entity.
|
||||
3. Move file to new structure.
|
||||
4. Update `stored_path` in DB.
|
||||
|
||||
---
|
||||
|
||||
@@ -62,20 +67,23 @@ Refactor the DMS system (Backend & Frontend) to support **High Scalability (100k
|
||||
**Goal:** Secure the Admin Panel and reorganize the UI for better usability.
|
||||
|
||||
#### 2.1 Critical Security Fixes (Immediate)
|
||||
|
||||
- [ ] **Remove Hardcoded Bypass:** Delete `const isAdmin = true;` in `frontend/app/(admin)/layout.tsx`. Validate `session.user.role` from JWT.
|
||||
- [ ] **Middleware Enforcement:** Update `frontend/middleware.ts` to strictly require `ADMIN` or `DC` roles for `/admin/**` routes.
|
||||
- [ ] **Session Kill Switch:** Implement Backend endpoint and Frontend UI to revoke active user sessions.
|
||||
|
||||
#### 2.2 Backend Optimization
|
||||
|
||||
- [ ] **Bulk RBAC Update:** Create `PUT /roles/permissions/bulk` endpoint to handle multiple permission changes in a single transaction (Fixes Loop API issue).
|
||||
- [ ] **Audit Log Pagination:** Update `AuditLogService` to support Server-side Pagination (`page`, `limit`, `filters`).
|
||||
|
||||
#### 2.3 Frontend Reorganization (UI/UX)
|
||||
|
||||
- [ ] **Refactor Folder Structure:** Group admin pages logically:
|
||||
- `/admin/access-control/` (Users, Roles, Sessions)
|
||||
- `/admin/doc-control/` (Numbering, Workflows, Master Data)
|
||||
- `/admin/monitoring/` (Audit Logs, Health)
|
||||
- `/admin/settings/`
|
||||
- `/admin/access-control/` (Users, Roles, Sessions)
|
||||
- `/admin/doc-control/` (Numbering, Workflows, Master Data)
|
||||
- `/admin/monitoring/` (Audit Logs, Health)
|
||||
- `/admin/settings/`
|
||||
- [ ] **Shared Components:** Implement `AdminPageHeader` and `AdminDataTable` for consistency.
|
||||
|
||||
---
|
||||
@@ -85,14 +93,17 @@ Refactor the DMS system (Backend & Frontend) to support **High Scalability (100k
|
||||
**Goal:** Support browsing 100k+ documents with high performance and better UX.
|
||||
|
||||
#### 3.1 Performance (Server-Side Logic)
|
||||
|
||||
- [ ] **Update Hooks:** Refactor `useDrawings` (and others) to accept `page`, `limit`, `sort`, `filter` params.
|
||||
- [ ] **ServerDataTable Component:** Create a reusable Table component that handles Server-side pagination and sorting events efficiently.
|
||||
|
||||
#### 3.2 UI Structure & Navigation
|
||||
|
||||
- [ ] **Tabbed Interface:** Split documents by category (e.g., Contract / Shop / As-Built) using Tabs to load data lazily.
|
||||
- [ ] **Visual Cues:** Add distinct Badges for Revision Status (e.g., "Current" vs "Superseded").
|
||||
|
||||
#### 3.3 Data Integrity Features
|
||||
|
||||
- [ ] **Pre-upload Validation:** Implement `NumberPreviewCard` to check Document Number availability in real-time before submission.
|
||||
- [ ] **Revision Guard:** Validate `nextPossibleRevision` to prevent skipping revisions (e.g., A -> C).
|
||||
|
||||
@@ -101,6 +112,7 @@ Refactor the DMS system (Backend & Frontend) to support **High Scalability (100k
|
||||
## 📂 Technical Guidelines
|
||||
|
||||
### Backend: Bulk Permission DTO
|
||||
|
||||
```typescript
|
||||
export class BulkRolePermissionDto {
|
||||
@IsNumber()
|
||||
@@ -114,13 +126,16 @@ export class BulkRolePermissionDto {
|
||||
```
|
||||
|
||||
### Frontend: Sidebar Navigation Structure
|
||||
|
||||
```typescript
|
||||
const adminMenu = [
|
||||
{ title: "Overview", items: [{ title: "Dashboard", href: "/admin/dashboard" }] },
|
||||
{ title: "Access Control", items: [
|
||||
{ title: "Users", href: "/admin/access-control/users" },
|
||||
{ title: "Roles & Matrix", href: "/admin/access-control/roles" }
|
||||
]
|
||||
{ title: 'Overview', items: [{ title: 'Dashboard', href: '/admin/dashboard' }] },
|
||||
{
|
||||
title: 'Access Control',
|
||||
items: [
|
||||
{ title: 'Users', href: '/admin/access-control/users' },
|
||||
{ title: 'Roles & Matrix', href: '/admin/access-control/roles' },
|
||||
],
|
||||
},
|
||||
// ...
|
||||
];
|
||||
@@ -133,4 +148,4 @@ const adminMenu = [
|
||||
1. **Security:** Non-admin users MUST NOT access any `/admin` route.
|
||||
2. **Performance:** Document lists with 100k records must load first page in < 200ms.
|
||||
3. **Data Integrity:** Files are stored in structure `/permanent/{Type}/{Year}/{Month}/`.
|
||||
4. **Reliability:** Bulk Permission updates are atomic (all or nothing).
|
||||
4. **Reliability:** Bulk Permission updates are atomic (all or nothing).
|
||||
|
||||
Reference in New Issue
Block a user