AM
ashish malviya
AM
🆔 User ID -
👤 Role Global Admin
🔐 Access Level -
🏢 Company -
🌍 Country -
📍 State -
🏭 Plant -
🏢 Department -
💼 Function -
🕐 Login Since 11/12/2025, 02:05:33
📅 Created -
🔄 Updated -
Support info@starengts.com
🌐 Website https://starengts.com/

Batch Expiry Management

Status Batch Number Product Name Expiry Date Days Remaining Storage Location Action
v1.4.0 · Quality Works

Application
Training Manual

Everything you need to know about using Quality Works — section by section, role by role. Learn what each screen does, who can access it, and how to get the most out of every feature.

0
Screens
0
Modules
0
Access Levels
v0
Releases
0
API Endpoints
Getting Started

Welcome to Quality Works

Quality Works is a unified quality management platform covering sample lifecycle, equipment calibration, walk-about observations, and pest control operations — all in one place with role-based access control.

🔑
Log In

Open the app URL in your browser. Enter your email — the system auto-detects your company and authentication method (password or SSO).

1
Enter company email → system routes you to the correct login method
🧭
Navigate Modules

Use the left sidebar to switch between modules. Module groups (Sampling, Calibration, Walkabout, Pest Control) are shown based on your assigned permissions.

2
Sidebar shows only modules your admin has granted you access to
📋
Understand Your Role

Your access level determines what you can see and do. Regular users (Level 7) manage day-to-day operations. Admins (Level 1–5) have additional configuration and reporting access.

3
Your role appears in the top-right dropdown under your name
📤
Export Data

Every module supports PDF and Excel/CSV exports. Look for the Download or PDF button at the top of list/history screens to export filtered results.

4
PDF exports use the QCPdfEngine — clean A4 layout, no browser print dialog
🔔
Alerts & Notifications

The system sends email notifications for walkabout submissions, reopens, and calibration due dates. Make sure your email is correctly set in your user profile.

5
Email config is handled by your admin in Administration → Email Configuration
🏭
Plant Scope

All data is scoped to your assigned plant and department. You will only see records for your plant unless you have Country, State, or Company admin access.

6
Hierarchy: Company → Country → State → Plant → Department
📌
Sidebar Navigation Reference
All modules · All screens
ALL USERS

The sidebar is organized into 5 collapsible groups. Each group is only visible if your user account has been granted access to that module.

📦 Sample Management
Overview · Enter New Sample · Search Samples · Log Transactions · Transaction History · Batch Expiry · Expiry History · Data Visualization
⚙️ Equipment Calibration
Equipment Calibration · Equipment History · Calibration Update History · Data Visualization
🚶 Quality Walkabout
Walkabout Register · Walkabout History · My Actions · Activity Log · Data Visualization
🐛 Pest Control
Team · Annual Plan · Layout · Device Master · Readings Entry · Spray Tracking · Documents · Meetings · Reports · Data Viz · Activity Log · Pest Master
🔧 Administration (Level 1–2 only)
Storage Config · Master Data · User Management · SSO Config · Printer Config · Email Config · System Docs · Data Viz · Know More · Workflow Diagram
Module 1

Sample Management

Track the complete lifecycle of QC samples from receipt to expiry. Log check-outs and returns, monitor batch expiry dates with colour-coded alerts, and export reports for audits.

📊
Overview Dashboard
Sidebar → Overview
ALL USERS

The dashboard gives a live snapshot of your plant's QC health — total active samples, expiry alerts, recent transactions, and calibration due counts — via KPI cards and interactive charts.

1
KPI cards at the top show total active samples, expiring soon, overdue calibrations, and open walkabout observations.
2
Charts below show sample distribution by rack/bin, calibration status breakdown, and recent transaction activity.
3
Clicking a KPI card navigates directly to the relevant section for quick drilldown.
Tip: The dashboard refreshes on every page load. Use it as your daily starting point before beginning lab work.
Enter New Sample
Sidebar → Enter New Sample
ALL USERS

Register a new QC sample into the system by filling in batch details, storage location, and expiry information. Generates a printable label with QR code.

1
Select your Plant → Rack → Bin using the cascading dropdowns. Only locations assigned to your plant appear.
2
Fill in Batch ID, Sample Name, Manufacturing Date, and Expiry Date. Batch ID must be unique.
3
Add Quantity, Unit, and Supplier details as required by your lab's SOP.
4
Click Save Sample. The system assigns a unique Sample ID and creates the storage record.
5
Optionally print a QR label immediately using the Print Label button — supports A4 and POS thermal printers.
Tip: Labels include batch ID, expiry date, and a QR code that links directly to the sample record when scanned.
🔍
Search Samples
Sidebar → Search Samples
ALL USERS

Find any sample in your plant's inventory using free-text search, batch ID lookup, or filter by storage location, status, or expiry range.

1
Type a Batch ID or Sample Name in the search box. Results update as you type.
2
Use the Plant / Rack / Bin filters to narrow results to a specific storage location.
3
Click a row to open the sample detail card showing full history, current location, and expiry status.
4
From the detail card you can Edit sample info, Transfer it to a new bin, or Print Label.
Tip: Expiry status is colour-coded: Red = Expired, Orange = Expiring Soon, Green = Safe.
🔄
Log Sample Transactions
Sidebar → Log Sample Transactions
ALL USERS

Record when samples are taken out from storage for testing and when they are returned. Every transaction is timestamped and linked to the user who performed it.

1
Search for the sample by Batch ID using the lookup field — the current bin and quantity auto-populate.
2
Select transaction type: Take Out (removing for use) or Return (putting back after use).
3
Enter the Quantity and add a Purpose / Remarks note for traceability.
4
Submit — the bin inventory updates in real time and the transaction is saved to history.
📜
Log Samples History
Sidebar → Log Samples History
ALL USERS

Full audit trail of all sample take-outs and returns. Filter by date range, batch ID, user, or transaction type. Export as Excel for compliance reporting.

1
Use the date range picker to scope the history to a specific period.
2
Filter by User to see all transactions by a specific person — useful for user activity audits.
3
Click Download Excel to export the filtered results for external reporting.
Batch Expiry Monitor
Sidebar → Batch Expiry
ALL USERS

A live dashboard of all samples sorted by expiry date. Colour-coded rows immediately highlight which batches need attention — from Expired to Safe.

1
Rows are colour-coded: Red = Expired, Orange = Expiring within 30 days, Yellow = Expiring within 90 days, Green = Safe.
2
Sort by any column — clicking the expiry column sorts from most urgent to latest.
3
Use the Filter by Status dropdown to focus on just expired or about-to-expire batches.
Tip: Check this screen at the start of every shift to ensure no expired samples remain in active storage.
🗃️
Batch Expiry History
Sidebar → Batch Expiry History
ALL USERS

Archive of all batches that have been expired or removed from active inventory, with full audit trail including who removed them and when.

1
Search by batch ID or date range to find specific historical records.
2
Click Download Excel to export history for compliance documentation.
📈
Data Visualization
Sidebar → Data Visualization (Sampling)
ALL USERS

Interactive charts showing sample trends, storage utilization by rack/bin, transaction volume over time, and expiry distribution across your plant.

Module 2

Equipment Calibration

Manage the full calibration schedule for all lab instruments. Track due dates, upload calibration certificates, log updates, and receive proactive alerts before equipment becomes overdue.

⚙️
Equipment Calibration
Sidebar → Equipment Calibration
ALL USERS

The main equipment register showing every instrument in your plant with its current calibration status. Status is automatically calculated from the due date.

1
Each equipment row shows Equipment ID, Name, Last Calibration Date, Next Due Date, and a colour-coded Status badge.
2
Status colours: 🔴 Overdue (past due), 🟠 Critical (≤7 days), 🟡 Warning (≤30 days), 🔵 Caution (≤60 days), 🟢 Safe, ⚫ Not In Use, 🔷 Gone For Calibration.
3
Click Update Due Date on any row to record a new calibration and advance the next due date.
4
Upload a Calibration Certificate PDF (up to 10 MB) directly from the update modal.
5
Click Download PDF for a clean A4 report of the full equipment register filtered by status.
Tip: Sort by "Next Due Date" to see which instruments need attention soonest. Filter by "Overdue" to get a quick audit list.
📋
Equipment History
Sidebar → Equipment History
ALL USERS

Full history of all calibration events per instrument — shows who performed each calibration, when, certificate reference, and any notes added.

1
Select an equipment from the dropdown to load its full calibration history.
2
Each row shows Calibration Date, Due Date Set, Calibrated By, Certificate No., and a link to the uploaded PDF.
3
Click the PDF icon to open or download the calibration certificate.
4
Edit historical records inline if a correction is needed — changes are logged with timestamp.
🔁
Calibration Update History
Sidebar → Calibration Update History
ALL USERS

A chronological log of all updates made to any equipment record — tracks both calibration updates and due date changes, with user attribution for every entry.

1
Filter by date range or specific equipment to focus on what you need.
2
Use the Export Excel button to download for external audit packages.
📈
Data Visualization
Sidebar → Data Visualization (Calibration)
ALL USERS

Charts showing calibration status distribution (pie/bar), upcoming due dates by month, and historical calibration completion rates across equipment categories.

Module 3

Quality Walkabout

Capture, track and close quality observations found during plant walkabouts. Follows a Draft → Open → Closed workflow with CAPA tracking, email notifications, attachments, and PDF reporting.

🚶
Walkabout Register
Sidebar → Walkabout Register
ALL USERSLEVEL 5+ ADMIN FEATURES

The main register lists all active (Draft + Open) walkabout observations for your plant. Raise new observations, assign action persons, and track progress through the lifecycle.

1
Click Raise New Observation to open the submission form. Fill in area, observation description, and select an Action Person.
2
Set a Target Close Date — the system will colour-code the observation red/orange when the date approaches.
3
Optionally check Repeat Observation and link to a previous closed walkabout for trend tracking.
4
Attach images or PDF evidence using the file upload field. Multiple attachments supported.
5
Submitting sends an automatic email to the Action Person (CC: Reporter + Plant Coordinators).
6
The Action Person updates the CAPA Details field inline once corrective action is taken.
Admin Only (Level 1–5): Can Open draft observations (sets the official start date), Close completed observations, and Reopen closed ones. Each reopen adds to the Reopen Counter badge on that observation.
Plant Coordinator (Level 9): Can also close observations for their assigned plant — without needing full admin access.
📚
Walkabout History
Sidebar → Walkabout History
ALL USERS

All closed walkabout observations with full audit trail — close date, CAPA notes, reopen count, and all comments/attachments. Paginated 20 per page.

1
Filter by date range, area, action person, or repeat observation flag.
2
Observation IDs follow the format PPPP-NNN (plant prefix + sequential number) — unique and permanent.
3
Export the filtered view as CSV or PDF for compliance packages.
4
Admins (Level 1–5) can Reopen any closed observation directly from this screen.
Tip: The due date column is colour-coded even for closed observations — useful for seeing how many were closed overdue vs. on time.
My Actions
Sidebar → My Actions
ALL USERS

Personal view showing every open walkabout observation where you are the assigned Action Person. Paginated 20 per page. Your personal to-do list for CAPA completion.

1
Observations due soon appear in orange/red — address these first.
2
Click any row to open the detail view — update the CAPA Details field and add comments once action is taken.
3
Once CAPA is complete, notify your supervisor so they can close the observation.
🔖
Activity Log
Sidebar → Activity Log (Walkabout)
LEVEL 5+ ADMIN

Complete audit log of every state change, comment, attachment upload, and edit across all walkabout observations — with user name and timestamp for each action.

📈
Data Visualization
Sidebar → Data Visualization (Walkabout)
ALL USERS

Charts showing observation trends over time, status distribution, top areas with repeat observations, average close times, and department-wise breakdown.

Module 4

Pest Control

Comprehensive pest management covering insect traps, rodent bait stations, spider pads, chemical spray tracking, meetings with MOM, and annual planning — all with heatmap dashboards and PDF reporting.

👥
Team
Sidebar → Pest Control → Team
LEVEL 5+ ADMIN

Manage the pest control team for your plant — list team members with their roles (Internal/External contractor), contact details, and assignment status.

📅
Annual Plan
Sidebar → Pest Control → Annual Plan
ALL USERSEDIT: LEVEL 5+

12-month schedule of planned pest control activities — fogging, spraying, baiting — for every area of your plant. Shows planned vs. completed activities with status tracking.

1
View the year grid: rows = activities, columns = months. Each cell shows Planned / Done / Missed status.
2
Admins can add/edit planned activities and mark them as completed when done.
3
Export the annual plan as PDF for regulatory submission or internal records.
🗺️
Layout (Heatmap Dashboard)
Sidebar → Pest Control → Layout
ALL USERS

Visual heatmap of your plant layout showing device placement and current pest pressure level by location. Four heatmap views available, each colour-coded by activity intensity.

1
Select the heatmap type: Insect Internal, Insect External, Rodent, or Spider Pad.
2
Each device marker is colour-coded by last reading — green = low, yellow = medium, red = high activity.
3
Click a device on the layout to see its recent readings and navigate to its detail record.
4
The plant image background is customized per plant — uploaded by the admin in Device Master.
📍
Device Master
Sidebar → Pest Control → Device Master
LEVEL 5+ ADMIN

Master register of all pest control devices in your plant — fly catchers (previously "insect killers"), rodent bait stations, glue traps, and spider pads. Each device has a unique code, type, and location coordinates for the heatmap.

1
Add devices with Device Code, Type (Fly Catcher / Rodent Bait / Glue Trap / Spider Pad), Location, and Zone (Internal/External).
2
Upload the Plant Layout Image — this becomes the heatmap background in the Layout screen.
3
Pin each device on the layout by clicking its desired position on the uploaded image.
4
Deactivate devices that have been removed without deleting historical data.
🔢
Readings Entry
Sidebar → Pest Control → Readings Entry
ALL USERS

Enter fortnightly or monthly readings for every pest device in the plant. Five device types have their own input format: Insect Internal, Insect External, Rodent Bait (Outer), Rodent Glue (Inner), and Spider Pad.

1
Select the Device Type tab and the Period (1st or 2nd fortnight, or month).
2
Insect devices: enter counts for each species — HF (House Fly), YW (Yellow Wasp), Mo (Moth), M (Mosquito), FF (Fruit Fly), RC (Red Cockroach), CB (Crawling Bug), MR (Mouse/Rodent).
3
Rodent stations: enter status for each bait point — B (Bait consumed), R (Refilled), O (Open/undisturbed), D (Disturbed), NA (Not accessible), EB (Empty bait), M (Missing), S (Secured), G (Gone).
4
Spider pads: monthly B (Baited) / O (Open/clear) / NA status per pad.
5
All entries are saved per period — re-entering the same device/period updates (not duplicates) the record.
Tip: The system highlights devices with no reading entered for the current period so you know which ones are pending.
💧
Spray Tracking
Sidebar → Pest Control → Spray Tracking
ALL USERS

Log every chemical spray application — chemical name, quantity used, target area, applicator, and date. Linked to the Pest Chemical Master for chemical details.

1
Select the Chemical from the Pest Master dropdown — pre-populated with name, dilution ratio, and safety notes.
2
Enter Area treated, Quantity used, Method (fogging/spraying/baiting), and Applicator name.
3
View all spray history with filters by chemical, date range, and area.
📝
Meetings & MOM
Sidebar → Pest Control → Meetings
ALL USERSMOM EDIT: ATTENDEES + ADMIN

Schedule pest control review meetings, record attendance, and manage Minutes of Meeting (MOM) with action items, owners, and due dates.

1
Create a meeting with Type (Monthly / Quarterly / Annual / Special), Date, and Agenda.
2
Add attendees from the user list — they will receive a meeting invitation email.
3
After the meeting, open the MOM editor to record discussion points and add action items.
4
Each Action Item has an owner, due date, and status (Open / Closed). Owners can update their action item status.
5
Export the MOM as a PDF with a clean formatted layout for distribution or filing.
📁
Documents
Sidebar → Pest Control → Documents
ALL USERS

Pest control document repository — upload and manage SDS sheets, contracts, compliance certificates, inspection reports, and any other regulatory documents.

📊
Reports
Sidebar → Pest Control → Reports
ALL USERS

Generate comprehensive pest control reports — monthly readings summaries, trend analysis, infestation level reports, and compliance documentation — all exported as clean A4 PDFs.

🧪
Pest Master (Chemical Master)
Sidebar → Pest Control → Pest Master
LEVEL 5+ ADMIN

Master list of all pesticides and chemicals approved for use at your plant. Each entry stores name, active ingredient, dilution ratio, target pest, regulatory registration number, and safety notes.

Administration

System Administration

Full system configuration and user management. The Administration section is only visible to Master Admin (Level 1) and Company Admin (Level 2). Some sub-sections are Level 1 only.

Access Restriction: The entire Administration sidebar group is hidden for users at Level 3 and below. If you need access to any of these settings, contact your Company Admin or Master Admin.
🗄️
Storage Configuration
Administration → Storage Configuration
LEVEL 1 ONLY

Define the physical storage infrastructure for samples — add Plants, Racks per plant, and Bins per rack. This structure is what all sample location dropdowns use throughout the system.

1
Add a Plant first — give it a code (used as the prefix for Walkabout IDs), name, and link it to a State in Master Data.
2
Under each Plant, add Racks (e.g. Rack A, Rack B). Racks represent physical storage units.
3
Under each Rack, add Bins with capacity. Bins are the individual storage slots a sample can occupy.
🌍
Master Data
Administration → Master Data
LEVEL 1 ONLY

Manage the 5-level geographical hierarchy used for data scoping: Companies → Countries → States → Plants → Departments. Every piece of data in the system belongs to a plant and department.

1
Start with Companies — each company gets an ID, name, and a primary domain (used for SSO tenant detection).
2
Add Countries under each company, then States under countries, then Plants under states.
3
Add Departments under each plant — users are assigned to a specific department for their day-to-day access scope.
👤
User Management
Administration → User Management
LEVEL 1–2

Add, edit, deactivate users and assign their access level, module permissions, and plant/department. User Roles are also managed here (moved from Master Data in v1.3.0).

1
Add a new user: enter First Name, Last Name, Email, Department, Access Level, and Role.
2
Set Module Access per user — individually enable/disable Samples, Calibration, Walkabout, Pest Control.
3
A Company Admin (Level 2) can manage users within their company but cannot assign Level 1 users.
4
For Plant Coordinators (Level 9): use the Coordinator modal to assign them to specific plants for walkabout close authority.
5
Deactivated users cannot log in but their historical records are preserved.
🔐
SSO Configuration
Administration → SSO Configuration
LEVEL 1 ONLY

Configure enterprise Single Sign-On (OIDC) per company. Once configured, users with a matching email domain are automatically redirected to your identity provider (Okta, Azure AD, Google).

1
Select the Company and enter the Email Domain (e.g. yourcompany.com) that triggers SSO.
2
Enter the OIDC Issuer URL, Client ID, and Client Secret from your identity provider.
3
Set the Redirect URI in your IdP to https://your-server/auth/callback.
🖨️
Printer Configuration
Administration → Printer Configuration
LEVEL 1 ONLY

Configure label printer settings — POS thermal printer connection details, label dimensions (width, height in mm), and QR code size. Supports both A4 and ESC/POS thermal formats.

✉️
Email Configuration
Administration → Email Configuration
LEVEL 1 ONLY

SMTP settings for system email notifications — walkabout alerts, calibration reminders, and meeting invites. Configure sender address, SMTP host, port, and authentication credentials.

Reference

Access Level Reference

Quality Works uses 9 access levels. Each level determines which sections are visible, what actions can be taken, and which data scope (company / country / state / plant / department) is applied.

LevelRole NameData ScopeKey CapabilitiesRestrictions
1 Master Admin All Companies
Full system access All modules All admin screens SSO Config Printer Config Email Config Master Data
None
2 Company Admin Single Company
User Management System Docs All modules
No SSO ConfigNo Printer/Email ConfigNo Data Vis (Admin)
3 Country Admin Country-wide
All module screens Reports & exports
No Administration section
4 State Admin State-wide
All module screens Reports & exports
No Administration section
5 Plant Admin Single Plant
All module screens WQA Open/Close Walkabout Activity Log Pest Team manage Device Master edit
No Administration section
6 Department Manager Department
All module screens Departmental data
No Administration section
7 Regular User Plant
Enter/search samples Log transactions Raise walkabouts Enter pest readings My Actions
No AdministrationNo WQA Open/Close
8 Viewer Plant
Read-only all screens Export/download
No create/editNo Administration
9 Plant Coordinator NEW v1.3.0 Plant-scoped
Close walkabout observations Auto CC'd on submissions Plant-scoped data
Cannot Open observationsNo Administration
🔑
Module Access Control
Per-user module gating
CONFIGURED BY ADMIN

In addition to the access level, each user's visibility of the four main modules (Sample Management, Equipment Calibration, Quality Walkabout, Pest Control) is individually controlled via Module Access settings in User Management.

Master Admin (Level 1) always sees all modules regardless of Module Access settings.
All other users only see the sidebar groups for modules where Module Access is set to View or Edit.
If Module Access is None, the entire sidebar group is hidden and attempting direct navigation shows an "Access Denied" screen.
Tip: If a module is missing from your sidebar, ask your Company Admin to check your Module Access settings in User Management.
Version History

Release Notes

Complete changelog for Quality Works — every feature added, bug fixed, and improvement shipped since v1.0.0.

v1.4.0
MAJOR RELEASE
2026-03-28
PEST CONTROL — ANALYTICS & SLIDESHOW
  • Slideshow carousel on all 4 analytics sections — auto-advances through KPI and chart cards
  • Timer selector — choose 5s / 10s / 15s / 30s auto-refresh interval on main Pest Control page
  • Monthly Pest Count chart — stacked bar by species (HF, YW, Mo, M, FF, RC, CB, MR) for current year
  • MOM % Reduction chart with fullscreen zoom button
  • Data Visualization tab in Reports — Monthly Count and MOM charts in one view
  • Corner triangle info tooltips on all 4 KPI cards with data source and update instructions
  • Year and Target % Drop filters in Pest Control Reports
  • Sub-stats on KPI cards — breakdowns by zone and species
  • Annual Pest Count bulk targets — import/export via Excel, month and owner dropdowns
PEST CONTROL — DOCUMENTS, TEAM & ACTIVITY
  • Pest Control Documents — versioned PDF upload per device with full upload history and download links
  • Pest Control Team — own sidebar section; user picker auto-fills name, email, department, and function from registered plant users
  • Activate / Deactivate button for pest control devices; inactive devices shown faded
  • RBC / RBG filter in Device Master to separate Rodent Bait and Rodent Glue devices
  • Pest Master (renamed from Chemical Master) — chemical/treatment master list with auto-fill dosage
  • Pest Control Activity Log — full audit trail of all pest control actions per plant
  • MOM spreadsheet view — inline editable Minutes of Meeting with row-level add/delete
  • Edit and Delete on Meeting History table; Special meeting type added
  • Pest Meetings redesigned as single-page layout — no tab switching required
QUALITY WALKABOUT ENHANCEMENTS
  • WQA Category feature — plant-scoped category management with WQA Admin section
  • Subject field on QWA observations
  • Severity dropdown with auto due date calculation (Critical → 7 days, Major → 15 days, Minor → 30 days)
  • Admin edit modal with audit trail — records who changed what and when
  • Closed By shown in walkabout closure email
  • Action Person dropdown filtered to walkabout-module-enabled users only
  • Walkabout Analytics expanded — Severity, Category, Workload, and Trend charts added
QC DATA ASSISTANT (CHATBOT)
  • QC Data Assistant — AI chatbot in sidebar; answers questions about samples, calibration, walkabouts, and pest control
  • Returns live charts and data tables from the database
  • Respects module access permissions — users only see data from their permitted modules
ADMIN & USER MANAGEMENT
  • Tenant Group Admin (TGA) role — multi-company scoped access; manage a defined group of companies
  • Company Admin (Level 2) now has full admin section access with company-level data isolation
  • Workflow Diagram page in admin section — interactive system architecture visualization
  • Know More presentation page in admin section — feature overview and demo content
  • Training Manual (Overview section) rebuilt — 8 tabs covering all 40 screens, access levels, and step-by-step usage
PDF, SYSTEM & PERFORMANCE
  • QCPdfEngine — all PDF exports redesigned with clean A4 layout, consistent headers/footers
  • Gzip compression — faster load times across all API responses and static files
  • Section restore on page refresh — browser remembers last visited section
  • Deployment overlay — app shows "Deploying…" when it detects a server restart mid-session
  • Security hardening — auth checks, company isolation, and SSRF prevention across all endpoints
FIXED
  • handleFileSelect name conflict — calibration and bulk-upload shared the same global function; renamed to handleBulkFileSelect
  • MOM edit-mode SyntaxError — idArg computed before display-mode branch
  • checkModuleAccess — parseInt() required for access_level string comparison
  • Overview flash on page refresh — removed duplicate DOMContentLoaded handlers
  • Pest Control Team delete — confirm dialog now appears before delete, not after
v1.3.0
MAJOR RELEASE
2026-02-19
Quality Walkabout Register
  • Full Quality Walkabout module: Draft → Open → Closed lifecycle workflow
  • UID auto-generation with plant prefix (e.g. 0150-001)
  • CAPA details field with inline editing by action person
  • Repeat observation flag linking to previous closed walkabout for trend analysis
  • Attachment upload (image/PDF) on walkabout detail screen
  • Comments thread on each walkabout observation
  • Reopen closed observations with reopen counter badge tracking
  • Walkabout history view with colour-coded due date alerts (Overdue / Critical / Warning / Safe)
  • My Walkabout Actions section for personal to-do list per user
  • Export walkabout history to CSV and PDF (QCPdfEngine A4 layout)
  • Email notifications: submitted (To: action person, CC: reporter + coordinators), reopened, closed
  • 20-per-page pagination on all three walkabout tables (Register, History, My Actions)
Plant Coordinator (New Access Level 9)
  • New access level 9 "Plant Coordinator" — plant-scoped data access
  • Level 9 users can close Quality Walkabout observations for their plant
  • Plant Coordinators auto-CC'd on walkabout submitted and reopened emails
  • Warning shown in walkabout form when a Level 9 user is selected as Action Person
  • Level 9 added to all Access Level dropdowns (Add User, Edit User, User Roles)
  • Plant Coordinator role auto-seeded in roles table on server startup
Pest Control Module
  • Five device sections: Insect Internal, Insect External, Rodent Bait (Outer), Rodent Glue (Inner), Spider Pad
  • Dual-period insect killer readings (1st / 2nd fortnight)
  • Species count tracking: HF, YW, Mo, M, FF, RC, CB, MR
  • Rodent status ENUM: B, R, O, D, NA, EB, M, S, G
  • Spider pad monthly B/O/NA status per pad
  • Pest control access filter scoped by plant
Changed & Fixed
  • Application renamed from "QC Sample & Equipment's Calibration Management System" to Quality Works
  • User Roles section moved from Master Data to User Management (shown before Add New User)
  • Action-persons API now returns access_level to support frontend warning logic
  • Access level 9 was filtered out by ≤8 guard in dynamic dropdown loops — fixed to ≤9
  • Plant dropdown in coordinator modal showed "undefined" — corrected field names
  • Walkabout action-persons dropdown used innerHTML for reset — replaced with safe DOM methods
v1.2.0
MAJOR RELEASE
2025-01-23
Multi-Tenant SSO Authentication
  • OIDC SSO Support: Enterprise Single Sign-On with Okta (extensible to Azure AD, Google)
  • Tenant Detection: Automatic tenant identification via email domain
  • Redis Session Storage: Persistent sessions that survive server restarts
  • Tenant Isolation Middleware: Enforces data access boundaries between companies
  • Development SSO Mock: Test SSO flows without IdP connection (/auth/dev-login)
  • New table: tenant_auth_config — stores OIDC settings per company
  • New table: external_identities — maps SSO identities to local users
  • auth_type column added to users table (local/oidc/saml); password nullable for SSO users
  • Session middleware now supports Redis with in-memory fallback
  • Login page detects SSO domains and redirects automatically
v1.1.2
PATCH
2025-11-13
  • Fixed QRCode.toDataURL error in label printing
  • Fixed modal event listeners for equipment calibration updates
  • Fixed Update button not responding to clicks on equipment records
  • Made global functions globally accessible (loadEquipmentHistory, updateEquipmentDueDate)
  • Fixed Edit button click detection on equipment history table
  • Database connection pool timeout issues resolved
  • Comprehensive debugging system with console logging
  • Success notifications for equipment updates
  • Optimized QR code generation using constructor pattern
  • Refactored modal event listeners for reliability
v1.1.1
PATCH
2025-11-10
  • Input focus issues on mobile devices
  • Form field placeholder text visibility
  • Cascading dropdown population on page load
  • Sample search functionality with pagination
  • Mobile-responsive sidebar navigation
  • User dropdown menu in header
  • Equipment calibration alert notifications
  • Batch expiry colour-coded status indicators
  • Improved CSS media queries for mobile support
  • Enhanced table responsiveness on smaller screens
v1.1.0
MINOR RELEASE
2025-11-05
  • Equipment Calibration History feature
  • QR code label printing (Normal A4 + POS thermal printer)
  • Equipment due date update functionality
  • Calibration status alerts (Overdue / Critical / Warning / Caution / Safe)
  • Equipment notification system for approaching due dates
  • Customizable label dimensions (width, height, QR size)
  • Batch expiry tracking with alerts
  • Sample transfer between bins
  • User management role assignment
  • Master data cascading dropdowns
  • Improved dashboard layout and KPI cards
  • Enhanced data visualization charts
v1.0.0 – v1.0.5
INITIAL RELEASES
Sep–Oct 2025
  • v1.0.0: Initial release — sample management core, storage configuration, user auth, dashboard with KPI cards, data visualization, batch expiry monitoring, responsive design
  • v1.0.1: Login page validation, session management, Remember Me, password reset link
  • v1.0.2: Sample transaction logging (take-out/return), transaction history with filters, batch numbering system
  • v1.0.3: Master data management (Companies, Countries, States, Plants), department management, role management
  • v1.0.4: User change password, role-based access control, admin user management panel
  • v1.0.5: Batch expiry history tracking, sample storage location hierarchy
  • v1.0.1–v1.0.5: Cascading dropdown fixes, bin occupancy calculation, database connection pooling, improved error messages

Master Data Management

Companies

Company NameActions

Countries

CompanyCountryActions

States/Regions

CompanyCountryState/RegionActions

Plants/Sites

CompanyCountryStatePlant CodePlant NameActions

Departments

CompanyCountryStatePlant CodePlant NameDepartmentActions

User Management

Add New User

Password must be at least 8 characters long and include:
  • ✗ 8 characters
  • ✗ 1 uppercase letter
  • ✗ 1 lowercase letter
  • ✗ 1 number
  • ✗ 1 special character

Module Access Permissions

Control which application modules this user can access. Changes take effect on the user's next login.

Module No Access View Only Full Edit

Existing Users

Email Full Name Company Plant/Location Department Access Level Role Actions

User Roles

Role NameAccess LevelDescriptionActions

SSO Configuration

Manage Single Sign-On settings for each tenant. Company Admin can manage their own company's SSO settings.

Loading tenant configurations...

Printer Configuration

Configure network printer settings for label printing. Only Master Admin can modify settings.

Printer Settings

Label Settings

Light Dark
0 = lightest, 30 = darkest (default: 15)
Slow Fast
Slower = better quality, faster = lower quality (default: 4)

Connection Status

No test performed yet.

Email Configuration

View SMTP settings and send a test email to verify the email system is working correctly.

SMTP Settings

Host
Port
Secure (SSL)
Username
From Address

Send Test Email

Send a real test email to confirm delivery is working end-to-end.

📋 System Documentation

IT Governance & Technical Reference Guide

Product: Quality Works v1.3.0 | Company: STARENGTS | Generated:

📑 Table of Contents

1. Data Access & Integration

1.1 Database Schema

Database Type: MariaDB 10.x (MySQL-compatible)

Database Name: qcsample

Table Name Purpose Key Fields
usersUser accounts and authenticationid, email, password, access_level, company_id, plant_id
companiesOrganization hierarchy (top level)company_id, company_name, created_at
countriesGeographic organization levelcountry_id, country_name, company_id
statesRegional organization levelstate_id, state_name, country_id
plantsPhysical site locationsplantID, plantName, state_id
departmentsOrganizational units within plantsdepartment_id, department_name, plant_id
rolesUser role definitionsrole_id, role_name, access_level, permissions
samplesQC sample tracking recordsbatchID, productName, dateManufactured, dateExpiry, binID
equipment_calibrationsEquipment calibration recordsequipmentID, equipmentName, lastCalibrationDate, nextCalibrationDate
calibration_documentsPDF calibration certificatesdoc_id, equipmentID, file_path, upload_date
calibration_updatesCalibration history/audit trailupdateID, equipmentID, oldDate, newDate, updatedBy, timestamp
racksStorage rack configurationrackID, plantID, rackName, description
binsStorage bin configurationbinID, rackID, binNumber, maxCapacity, currentOccupancy
transactionsSample movement audit logtransactionID, batchID, action, performedBy, timestamp
expiry_updatesSample expiry modification historyupdateID, batchID, oldExpiry, newExpiry, updatedBy, timestamp
licensesSystem licensing informationlicense_id, license_key, valid_from, valid_until

1.2 Access Control Matrix

The system implements an 8-level hierarchical access control system:

Level Role Scope Key Permissions
1Platform OwnerAll CompaniesFull system access, user management, system configuration — info@starengts.com
2Company AdminCompany-wideManage all data within company, create users
3Country AdminCountry-wideManage all data within country
4State AdminState/Region-wideManage all data within state/region
5Plant AdminSingle PlantManage samples and equipment at assigned plant
6Department ManagerDepartmentManage department-specific samples and equipment
7Regular UserLimitedAdd/edit samples, view equipment, generate reports
8ViewerRead-onlyView-only access, no modifications

1.3 External Services & APIs

Email Service: Hostinger SMTP (via Nodemailer)

Purpose: Password reset OTP delivery, system notifications

Protocol: SMTP with TLS encryption

Configuration: Defined in environment variables (EMAIL_HOST, EMAIL_PORT, EMAIL_USER)

1.4 System Dependencies

Backend Dependencies

  • express ^4.18.2
  • mariadb ^3.4.5
  • express-session ^1.18.1
  • bcryptjs ^2.4.3
  • nodemailer ^7.0.10
  • multer ^1.4.5-lts.2
  • exceljs ^4.3.0
  • cors ^2.8.5
  • dotenv ^17.2.3
  • axios ^1.13.2

Frontend Dependencies

  • Vanilla JavaScript (ES6+)
  • Chart.js (via CDN)
  • QRCode.js (via CDN)
  • JsBarcode (local library)
  • HTML5 & CSS3

1.5 Integration Capabilities

✅ Supported Integrations:

  • REST API: JSON-based endpoints for CRUD operations
  • Excel Export: Sample and equipment data export to .xlsx format
  • PDF Generation: QR code labels and calibration certificates
  • Thermal Printers: ESC/POS compatible printers for label printing
  • Email Notifications: SMTP-based automated alerts
  • File Uploads: PDF document storage for calibration certificates

2. Security & Compliance

2.1 Storage Architecture

Server Specifications:

  • Hosting: VPS (Virtual Private Server)
  • RAM: 8GB DDR4
  • CPU: 2 vCPU Cores
  • Storage: 100GB SSD
  • OS: Linux-based

File Storage Structure:

  • /app/data/ - Application data directory
  • /app/data/backups/ - Database backup files
  • /app/data/logs/ - System log files
  • /app/uploads/ - User-uploaded files
  • /app/uploads/calibration-docs/ - Calibration PDF certificates

2.2 Enterprise Authentication

Multi-Tenant Authentication Architecture

Our platform supports multiple authentication methods per tenant, allowing each company to use their preferred identity provider while maintaining a unified user experience.

🔑
Local Login

Email & Password
bcrypt hashing

🔐
SSO / OIDC

Okta, Azure AD
Google Workspace

🏢
Tenant Isolation

Per-company config
Domain-based detection

🛡️
Session Security

Redis-backed sessions
Instant revocation

Platform Security Stack

Authentication:

  • Session-based with Redis persistence
  • OIDC (OpenID Connect) for SSO
  • bcrypt password hashing (10 salt rounds)
  • Per-tenant auth configuration

Transport & Network:

  • TLS 1.2+ (HTTPS enforced)
  • Secure, httpOnly session cookies
  • CORS policy configured
  • Firewall + VPN access control

Supported Identity Providers

Provider Protocol Features Status
Okta OIDC SSO, MFA, auto user provisioning ✅ Supported
Microsoft Azure AD OIDC SSO, MFA, directory sync ✅ Supported
Google Workspace OIDC SSO, Google account login ✅ Supported
Local Authentication Email/Password bcrypt hashing, password reset via OTP ✅ Default
Custom OIDC Provider OIDC Any OIDC-compliant identity provider ✅ Supported

How Multi-Tenant Authentication Works

Step 1: Tenant Detection

When a user enters their email, the system automatically detects their company (tenant) by the email domain (e.g., @henkel.com, @starengts.com).

Step 2: Auth Method Selection

Based on the tenant configuration, the system either shows the password field (local auth) or redirects to the company's identity provider (SSO).

Step 3: Authentication

For SSO: User authenticates with their corporate IdP (Okta/Azure/Google). For local: Password is verified against bcrypt hash in database.

Step 4: Session Created

A secure server-side session is created (stored in Redis) with user's access level, company scope, and permissions. Session cookie is httpOnly and secure.

Per-Tenant Configuration

Each company can be independently configured with their preferred authentication method:

Company Domain Auth Method Fallback
Henkel henkel.com Local (SSO-ready for Okta) Local password
Starengts starengts.com Local authentication -
[New Company] company.com OIDC / Local / SAML Configurable

🔒 Why Session-Based + Redis?

Enterprise-Grade Session Management:

  • Immediate Revocation: Sessions can be terminated instantly if unauthorized access is detected - critical for laboratory environments
  • Server-Side Control: Session data stays on server (Redis), reducing client-side attack surface
  • Persistence: Redis-backed sessions survive server restarts - users stay logged in during deployments
  • Scalability: Shared Redis store enables horizontal scaling with multiple app instances
  • Audit Trail: Complete visibility into active sessions and concurrent users for compliance
  • SSO Compatible: Works seamlessly with both OIDC SSO and local authentication

Authentication Flows

🔑 Local Authentication Flow
1. User enters email + password
   ↓
2. System detects tenant by email domain
   ↓
3. Tenant auth_type = 'local'
   → Show password field
   ↓
4. POST /api/login
   → bcrypt.compare(password, hash)
   ↓
5. Session created in Redis
   → Secure cookie set
   ↓
6. User redirected to dashboard
   (access filtered by level)
🔐 SSO (OIDC) Authentication Flow
1. User enters email
   ↓
2. System detects tenant by email domain
   ↓
3. Tenant auth_type = 'oidc'
   → Redirect to IdP (Okta/Azure/Google)
   ↓
4. User authenticates at IdP
   → MFA if configured by company
   ↓
5. IdP redirects back with auth code
   → Server exchanges code for tokens
   ↓
6. User matched/created in database
   → Session created in Redis
   ↓
7. User redirected to dashboard
   (access filtered by level)

8-Level Hierarchical Access Control

Level Role Scope Data Access
1 Platform Owner All companies Full system access, SSO configuration, user management across tenants
2 Company Admin Own company All data within their company, user management
3 Country Admin Country-wide All plants and departments in their country
4 State Admin State-wide All plants and departments in their state
5 Plant Admin Plant-level All departments within their plant
6 Department Manager Department only Own department data, team management
7 Regular User Limited Create/edit own records within assigned scope
8 Viewer Read-only View data only, no modifications allowed

IT Governance Q&A

❓ How are passwords stored?

Passwords are hashed using bcrypt with 10 salt rounds before storage. Plain text passwords are never stored. SSO users have no local password at all - authentication is delegated to their corporate identity provider.

❓ Does the system support Single Sign-On (SSO)?

Yes. The platform supports OIDC (OpenID Connect) SSO with any compliant identity provider including Okta, Microsoft Azure AD, and Google Workspace. Each tenant can be independently configured with their preferred IdP. SSO can be enabled/disabled per company at any time without affecting other tenants.

❓ Can sessions be forcibly terminated?

Yes. Server-side sessions (stored in Redis) can be destroyed instantly by administrators. This is critical for security incidents or when employee access needs immediate revocation - regardless of whether they logged in via SSO or local credentials.

❓ What happens if the server restarts?

Sessions are stored in Redis (persistent key-value store), so users remain logged in during server restarts and deployments. Redis data is persisted to disk with append-only file (AOF) mode.

❓ How is tenant data isolated?

Every database query is filtered by the user's company_id and access_level. A user from Company A cannot access or modify data belonging to Company B. This is enforced at the server-side query level, not just the UI. The access control middleware validates tenant ownership on every API request.

❓ How is brute-force attack prevented?

Password reset OTPs have rate limiting (3 requests/hour, 5 verification attempts). Additional rate limiting is implemented at the reverse proxy level (nginx). SSO users are protected by their IdP's own security policies (MFA, lockout, etc.).

❓ Can our company use MFA (Multi-Factor Authentication)?

Yes. When using SSO with Okta, Azure AD, or Google, MFA is enforced by your corporate identity provider. This means your existing MFA policies (SMS, authenticator app, hardware keys) are automatically applied to Quality Works logins.

❓ How are user permissions enforced?

Hierarchical access control is enforced at the database query level. Each user has an access_level (1-8) and associated organizational scope (company, country, state, plant, department). Queries automatically filter results based on user context. SSO users are assigned appropriate access levels during provisioning.

❓ Can we enable SSO without disrupting existing users?

Yes. SSO can be enabled with a "local fallback" option, meaning users who haven't been migrated to SSO can still log in with their email/password. When ready, local fallback can be disabled to enforce SSO-only access for your company.

Production Security Checklist

Security Control Status
SSL/TLS Certificate (HTTPS)✅ ACTIVE
Password Hashing (bcrypt, 10 rounds)✅ ACTIVE
Secure Session Cookies (httpOnly, secure, sameSite)✅ ACTIVE
Redis Session Persistence✅ ACTIVE
Multi-Tenant SSO (OIDC)✅ ACTIVE
Tenant Data Isolation✅ ACTIVE
SQL Injection Protection (Parameterized Queries)✅ ACTIVE
CORS Policy Configured✅ ACTIVE
Firewall + VPN Access Control✅ ACTIVE
Environment Variables (secrets in .env)✅ ACTIVE
8-Level Hierarchical Access Control✅ ACTIVE
MFA Support (via IdP)✅ ACTIVE
Rate Limiting (login/OTP)✅ ACTIVE
Automated Vulnerability Scanning⚠️ RECOMMEND

2.3 Data Encryption & Protection

✅ In Transit

  • TLS 1.2+ for all HTTPS traffic
  • Secure WebSocket connections
  • SMTP TLS for email

⚠️ At Rest

  • Database: MariaDB default (upgradeable to encrypted tablespaces)
  • Files: Server filesystem (upgradeable to encrypted volumes)
  • Backups: Cloud VPS storage

2.4 Backup & Disaster Recovery

Backup Strategy

Frequency: Weekly (upgradeable to daily)

Method: MariaDB mysqldump

Storage: Cloud VPS

Retention: 4 weeks (recommended)

Recovery Plan

RTO (Recovery Time Objective): < 4 hours

RPO (Recovery Point Objective): 7 days (weekly backup)

Procedure: Automated restore script available

Testing: Quarterly restore drills recommended

2.5 Compliance & Audit Trails

Audit Logging

The system maintains comprehensive audit trails for:

  • Sample Transactions: All movements logged in transactions table with timestamp, user, and action
  • Expiry Updates: Complete history in expiry_updates table (who, when, old value, new value)
  • Calibration Changes: Full audit trail in calibration_updates table
  • User Actions: Login/logout events, access attempts
  • Data Modifications: Timestamp and user tracking on all critical tables

Compliance Readiness

  • ✅ Data integrity controls (foreign keys, constraints)
  • ✅ User authentication and authorization
  • ✅ Audit trail for all modifications
  • ✅ Role-based access control (8 levels)
  • ⚠️ GDPR: Data retention policies recommended
  • ⚠️ ISO 27001: Additional controls may be required

3. System Lifecycle & Maintenance

3.1 Development Workflow

Development → Testing → Staging → Production

1. LOCAL DEVELOPMENT
   - Developer workstation with Node.js
   - Local MariaDB instance for testing
   - npm run dev (nodemon for hot reload)

2. VERSION CONTROL
   - Git repository for source control
   - Branch strategy: main (production), dev (development)
   - Commit messages follow conventional commits

3. TESTING
   - Manual QA testing
   - Database migration scripts tested in isolation
   - User acceptance testing (UAT)

4. DEPLOYMENT
   - VPS deployment via Git pull
   - Environment variables configured via .env
   - npm start for production mode
   - Process manager (PM2/systemd) for auto-restart

3.2 Maintenance Schedule

Task Frequency Responsible Notes
Database BackupWeeklyIT AdminAutomated via cron job
Backup VerificationMonthlyIT AdminTest restore procedure
Security UpdatesMonthlyIT Adminnpm audit, OS patches
Log ReviewWeeklyIT AdminCheck for errors/anomalies
Database OptimizationQuarterlyDatabase AdminOPTIMIZE TABLE, index review
Disk Space MonitoringWeeklyIT AdminAlert at 80% capacity
SSL Certificate RenewalAnnuallyIT Admin90-day reminder
User Account AuditQuarterlyMaster AdminRemove inactive users
Performance ReviewSemi-AnnuallyIT AdminQuery optimization, caching

3.3 Documentation Locations

README.mdProject overview and quick start guide
API-DOCUMENTATION.mdAPI endpoints and usage examples
CHANGELOG.mdVersion history and release notes
.env.exampleEnvironment configuration template
qcsample.sqlComplete database schema
This PageSystem Documentation (IT governance reference)

3.4 Support Model

📧 Contact Information

Support Email: info@starengts.com

Company: STARENGTS

Product: Quality Works

Version: 1.3.0

⏰ Support Hours

Response Time: Business hours

Critical Issues: 24-hour SLA

Non-Critical: 48-hour SLA

Escalation: Email support team

3.5 Incident Response Procedure

🚨 Emergency Response

  1. Identify: Determine severity (Critical, High, Medium, Low)
  2. Isolate: If security breach suspected, isolate affected systems
  3. Notify: Alert Master Admin and IT team via info@starengts.com
  4. Document: Log all details, actions taken, timeline
  5. Resolve: Apply fix, restore from backup if necessary
  6. Verify: Test resolution, confirm system stability
  7. Review: Post-incident analysis and preventive measures

4. Technical Architecture

4.1 Complete Technology Stack

⚙️ Backend Stack

  • Runtime: Node.js v14+
  • Framework: Express.js v4.18.2
  • Language: JavaScript (ES6+)
  • Database: MariaDB v3.4.5
  • ORM/Driver: mariadb (native driver)

🎨 Frontend Stack

  • Framework: None (Vanilla JS)
  • Language: JavaScript ES6+
  • Markup: HTML5
  • Styling: CSS3 (custom)
  • Charts: Chart.js (CDN)
  • QR Codes: QRCode.js (CDN)
  • Barcodes: JsBarcode (local)

🔒 Security & Auth

  • Sessions: express-session v1.18.1
  • Hashing: bcryptjs v2.4.3
  • CORS: cors v2.8.5
  • Environment: dotenv v17.2.3
  • SSL/TLS: HTTPS enabled

📊 Data & Files

  • Excel: exceljs v4.3.0
  • Email: nodemailer v7.0.10
  • Uploads: multer v1.4.5-lts.2
  • HTTP Client: axios v1.13.2

4.2 Infrastructure Details

🖥️ Production Server

URL:https://qcapplication.starengts.com
Hosting:VPS
RAM:8GB
CPU:2 vCPU cores
Storage:100GB SSD
OS:Linux

🗄️ Database Server

Engine:MariaDB 10.x
Location:Same VPS
Port:3306
SSL:Enabled
Connections:10 pool limit
Charset:utf8mb4_unicode_ci

System Architecture Diagram

┌─────────────────────────────────────────────────────────────────┐
│                        CLIENT LAYER                              │
│  ┌───────────────┐  ┌───────────────┐  ┌───────────────┐       │
│  │   Desktop     │  │    Tablet     │  │    Mobile     │       │
│  │   Browser     │  │   Browser     │  │   Browser     │       │
│  └───────┬───────┘  └───────┬───────┘  └───────┬───────┘       │
└──────────┼──────────────────┼──────────────────┼───────────────┘
           │                  │                  │
           └──────────────────┴──────────────────┘
                              │
                         HTTPS/TLS
                              │
┌─────────────────────────────┼───────────────────────────────────┐
│                    VPS SERVER (8GB RAM, 2 CPU)                   │
│                              │                                   │
│  ┌───────────────────────────┴────────────────────────┐         │
│  │          NGINX REVERSE PROXY                       │         │
│  │     (SSL Termination, Load Balancing)              │         │
│  └───────────────────────┬────────────────────────────┘         │
│                          │                                       │
│  ┌───────────────────────┴────────────────────────────┐         │
│  │        NODE.JS APPLICATION SERVER                  │         │
│  │                                                     │         │
│  │  ┌─────────────────────────────────────────────┐  │         │
│  │  │         EXPRESS.JS FRAMEWORK                │  │         │
│  │  │                                             │  │         │
│  │  │  • Session Management (express-session)    │  │         │
│  │  │  • Authentication (bcrypt)                 │  │         │
│  │  │  • API Routes (/api/*)                     │  │         │
│  │  │  • Static File Serving                     │  │         │
│  │  │  • Multer (File Uploads)                   │  │         │
│  │  └─────────────────────────────────────────────┘  │         │
│  └────────────┬────────────────────┬──────────────────┘         │
│               │                    │                            │
│  ┌────────────┴─────────┐  ┌───────┴──────────┐               │
│  │   MARIADB DATABASE   │  │  FILE SYSTEM     │               │
│  │                      │  │                  │               │
│  │  • qcsample DB       │  │  • /uploads/     │               │
│  │  • 16 Tables         │  │  • /data/        │               │
│  │  • Connection Pool   │  │  • /backups/     │               │
│  └──────────────────────┘  └──────────────────┘               │
│                                                                 │
│  ┌──────────────────────────────────────────────────────────┐  │
│  │              EXTERNAL SERVICES                           │  │
│  │                                                           │  │
│  │  • Hostinger SMTP (Email/OTP)                           │  │
│  │  • Cloud VPS Storage (Backups)                          │  │
│  └──────────────────────────────────────────────────────────┘  │
└─────────────────────────────────────────────────────────────────┘

4.3 Enterprise Alignment

✅ Enterprise-Ready Features

  • Multi-Tenancy: Company/Country/State/Plant/Department hierarchy supports multiple organizations
  • Role-Based Access: 8-level granular permission system
  • Scalability: Database connection pooling, stateless architecture ready
  • Security: Industry-standard authentication, encryption, audit trails
  • Reliability: Transaction support, referential integrity, automated backups
  • Compliance: Complete audit logging, data retention controls
  • Integration: REST API, Excel export, email notifications

4.4 Scalability & Performance

Component Current Capacity Upgrade Path
Concurrent Users~50-100 usersAdd Redis session store, horizontal scaling
Database Size~10-50GBIncrease VPS storage, database partitioning
File Storage100GB SSDS3-compatible object storage (MinIO, AWS S3)
API Performance~100 req/secLoad balancer, CDN for static assets, caching
Backup SizeWeekly backupsIncremental backups, cloud backup service

4.5 Future Roadmap

📅 Planned Enhancements

🔜 Short Term (3-6 months)

  • Redis session store for better scalability
  • Database encryption at rest
  • Automated daily backups
  • Advanced search and filtering
  • Mobile app (React Native/Flutter)

🎯 Medium Term (6-12 months)

  • SSO integration (SAML, OAuth2, LDAP)
  • Real-time notifications (WebSockets)
  • Advanced analytics dashboard
  • API rate limiting and throttling
  • Multi-language support (i18n)

🚀 Long Term (12+ months)

  • Microservices architecture migration
  • Machine learning for predictive analytics
  • Blockchain audit trail (optional)
  • IoT sensor integration
  • Cloud-native deployment (Kubernetes)

4.6 Known Technical Debt

⚠️ Items for Consideration

  • Session Store: Using MemoryStore (not suitable for production clusters) - upgrade to Redis recommended
  • Frontend Framework: Vanilla JS - consider React/Vue for better maintainability as app grows
  • API Versioning: No formal API versioning strategy - implement /api/v1/ structure
  • Testing: Limited automated tests - add unit and integration test suite
  • Monitoring: No APM (Application Performance Monitoring) - add New Relic, DataDog, or Prometheus
  • Error Tracking: Basic logging - consider Sentry or similar for production error tracking

Quality Works v1.3.0
© STARENGTS - All Rights Reserved
For support: info@starengts.com

Document generated:
This document contains confidential and proprietary information.

Enter New Sample

Please fill in all required fields!

Label Size Configuration

Label Preview (100mm × 40mm)

Transfer Samples Between Bins

Equipment Calibration

Equipment Calibration History

Status Equipment ID Equipment Name Equipment used for Location Verification Method Certification Last Calibration Date Calibration Interval (Days) Next Calibration Date Alert Status Action

Calibration Update History

Status Equipment ID Equipment Name Old Next Calibration Date New Next Calibration Date Updated On Updated By

Search Samples

Status Batch Number Product Name Mfg Date Expiry Entered By Storage Created On Action

Log Sample Transactions

Log Take Out

Log Return

Retrieval History (One Row per Cycle)

Batch Number Product Name Take Out Date Take Out By Return Date Return By

Expiry Date Modification History

Status Batch Number Product Name Original Expiry New Expiry Modified By Modified On Reason

Retrieval History

Batch Number Product Name Take Out Date Take Out By Return Date Return By

📊 Sampling Management Analytics

Sample tracking, expiry analysis, and storage utilization insights

📦
0
Total Active Samples
⚠️
0
Critical (<15 days)
0
Expired Samples
0
Pending Transactions

Expiry Status Distribution

Top 10 Products by Sample Count

Storage Location Utilization

Sample Transaction Status

Sample Age Distribution

🔧 Equipment Calibration Analytics

Calibration status, overdue tracking, and equipment compliance insights

⚙️
0
Total Equipment
🚨
0
Overdue Calibration
0
Due in 7 Days
0
Due in 15 Days

Calibration Status Overview

Equipment Status

Calibration Frequency Distribution

Monthly Calibration Trends

📋 Quality Walkabout Analytics

Walkabout status, action tracking, and quality observation insights

🔵
0
Open
🚨
0
Overdue
0
Due in 7 Days
0
Closed
🔴
0
Critical Open
Avg Close (days)
🔁
0
Repeat Issues
📝
0
Draft Pending

Status Distribution

Due Date Status

By Observation Location

Monthly Trends

Severity Breakdown

By Category (Open)

Action Person Workload

Severity Trend (6 months)

🦟 Pest Control Analytics

Pest activity trends, device monitoring, and treatment effectiveness insights

📅 Year
📍
0
Active Devices
🪰
0
Fly Catcher Alerts
🔴 Critical 0
🟡 Non-Critical 0
🐀
0
Rodent Alerts
Devices with EB / M / S / G status
💨
0
Treatments (2026)
✅ Done 0
📋 Planned 0
⚠️ Delayed 0
🦎
0
Lizard Plan (2026)
✅ Done 0
📋 Planned 0
⚠️ Delayed 0
📝
0
Readings (2026)
🪰 FC - Internal 0
🪰 FC - External 0
🐀 Rodent (Cake) 0
🐀 Rodent (Pad) 0
🕷 Spider Pad 0

Device Status Distribution

Pest Activity by Location

Treatment Effectiveness

📊 Deep Dive Analytics

Device Type Distribution

Pest Types Detected

Weekly Activity Pattern

Inspection Compliance Rate

📈 Performance Metrics

Activity Severity Index

Top Risk Areas

Device Monitoring Activity

📊 Monthly Pest Count Comparison

Monthly Pest Count 2025-26

MOM % Reduction vs Previous Year

--- Target 2% reduction

🕐 Pest Control Activity Log

Complete audit trail of all pest control actions — devices, readings, spray, meetings, and MOM action items.

Time Category Action By Details
Loading...

💾 Master Data Analytics

System-wide overview of plants, storage capacity, and user management

🏭
0
Total Plants
📚
0
Total Racks
🗄️
0
Total Bins
📋
0
Total Products

Storage Capacity by Plant

Bin Occupancy Rate

Products by Category

User Role Distribution

🎛️ Admin Dashboard - Master Data Analytics

System-wide overview of plants, storage capacity, and user management

📊 Sampling Management Analytics

📦
0
Total Active Samples
⚠️
0
Critical (<15 days)
0
Expired Samples
0
Pending Transactions

Expiry Status Distribution

Top 10 Products by Sample Count

Storage Location Utilization

Sample Transaction Status

Sample Age Distribution

🔧 Equipment Calibration Analytics

⚙️
0
Total Equipment
🚨
0
Overdue Calibration
0
Due in 7 Days
0
Due in 15 Days

Calibration Status Overview

Equipment Status

Calibration Frequency Distribution

Monthly Calibration Trends

📋 Quality Walkabout Analytics

0
Open
0
Overdue
0
Due in 7 Days
0
Closed

Status Distribution

Due Date Status

By Observation Location

💾 Master Data Analytics

🏭
0
Total Plants
📚
0
Total Racks
🗄️
0
Total Bins
📋
0
Total Products

Storage Capacity by Plant

Bin Occupancy Rate

Products by Category

User Role Distribution

Storage Configuration

Storage Configuration

Note: Plant selection is based on your access permissions

Add Rack

Add Bin

View & Edit Configuration

Quality Walkabout Register

📝 Create New Quality Walkabout

📋 Open Walkabouts

UID Date Raised Reporter Location Category Subject Action Person Due Date Status Actions

Quality Walkabout History

UID Date Raised Reporter Location Category Subject Action Person Due Date Status Closed By Closed At Actions

My Walkabout Actions

Walkabouts where you are the assigned Action Person - please review and take action before the due date.

UID Date Raised Reporter Location Category Subject Description Due Date Status Actions

Walkabout Activity Log

Complete audit trail of all walkabout actions — created, submitted, updated, closed, reopened, comments and attachments.

Time Walkabout UID Action By Prev Status Current Status Details

👥 Pest Control Team

Name Email Department Function Actions
Loading...

Pest Control Master Plan

Plan Done Delayed
S.No Activities Owner JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC Actions
Loading annual plan...
Doc Ref: - Version: - Review Date: - Effective Date: - SOP No: -

Pest Control Layout

🗺️ Pest Control Device Layout

No layout image uploaded. Click "Upload Layout" to add one.

📋 Layout Revision Control

Track changes and updates to the pest control layout map

Rev No Date Reason of Review Actions
Loading revision history...

Pest Control Device Master

0 Active  |  0 Inactive
Device ID Type Location Area Placement Status Actions
Loading...

🧪 Pest Master

➕ Add New Chemical

Pest Chemical List

# Chemical Name Default Dosage Category Status Added By Actions
Loading...

Pest Control Readings Entry

Flycatcher - Internal

Click count cell to enter species-wise breakdown

0-5 Low 6-10 Medium >10 High
Device ID Location Area 1st Fortnight (1-15) 2nd Fortnight (16-31)
Count Remarks Count Remarks
Select month, then click Load Data

Spray Tracking Plan

📅 Year
Plan Done Delayed
S.No Activity Owner JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC Actions
Loading spray plan...

Pest Control Spray Tracking

💨 Log Spray Activity

Spray History

Date Type Spray Type Chemical Done By Verified By Areas Actions
Loading...

🦎 Lizard Management Plan

📅 Year
Plan Done Delayed
S.No Activity Owner JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC Actions
Loading lizard plan...

🦎 Lizard Management Service

Service History

Date Type Chemical Service By Verified By Next Service
Loading...

Pest Control Documents

📄 Upload New Document
Document Name Category Current Ver. File Uploaded By Uploaded At Expiry Date Actions
Loading...

Pest Control Meetings

👥 Schedule New Meeting

📋 Meeting History

DateTypeTitleCreated ByActions
Loading...

📊 MOM Action Items

Total YTD
Closed On Time
Delayed
Repeated
On-Time Closure %
# B. Date C. Observation / Recommendation D. Root Cause E. Device / Area F. Action Decided G. Responsibility H. Target Date I. Completion Date J. Revised Target K. Repeated L. Status M. Verified On N. Verified By O. Remark Actions
Loading action items...

Pest Control Reports

0-5 Low 6-10 Med >10 High

Flycatcher Tracking - Internal

Monthly insect count data by device (internal). Green = Low (0-5), Yellow = Medium (6-10), Red = High (>10)

Loading heatmap data...

📋 Custom Report Generator

Report Preview

Select report type and parameters, then click Generate Report