Batch Expiry Management
| Status | Batch Number | Product Name | Expiry Date | Days Remaining | Storage Location | Action |
|---|
Application
Training Manual
Everything you need to know about using Quality Works — section by section, role by role. Learn what each screen does, who can access it, and how to get the most out of every feature.
Welcome to Quality Works
Quality Works is a unified quality management platform covering sample lifecycle, equipment calibration, walk-about observations, and pest control operations — all in one place with role-based access control.
Open the app URL in your browser. Enter your email — the system auto-detects your company and authentication method (password or SSO).
Use the left sidebar to switch between modules. Module groups (Sampling, Calibration, Walkabout, Pest Control) are shown based on your assigned permissions.
Your access level determines what you can see and do. Regular users (Level 7) manage day-to-day operations. Admins (Level 1–5) have additional configuration and reporting access.
Every module supports PDF and Excel/CSV exports. Look for the Download or PDF button at the top of list/history screens to export filtered results.
The system sends email notifications for walkabout submissions, reopens, and calibration due dates. Make sure your email is correctly set in your user profile.
All data is scoped to your assigned plant and department. You will only see records for your plant unless you have Country, State, or Company admin access.
The sidebar is organized into 5 collapsible groups. Each group is only visible if your user account has been granted access to that module.
Sample Management
Track the complete lifecycle of QC samples from receipt to expiry. Log check-outs and returns, monitor batch expiry dates with colour-coded alerts, and export reports for audits.
The dashboard gives a live snapshot of your plant's QC health — total active samples, expiry alerts, recent transactions, and calibration due counts — via KPI cards and interactive charts.
Register a new QC sample into the system by filling in batch details, storage location, and expiry information. Generates a printable label with QR code.
Find any sample in your plant's inventory using free-text search, batch ID lookup, or filter by storage location, status, or expiry range.
Record when samples are taken out from storage for testing and when they are returned. Every transaction is timestamped and linked to the user who performed it.
Full audit trail of all sample take-outs and returns. Filter by date range, batch ID, user, or transaction type. Export as Excel for compliance reporting.
A live dashboard of all samples sorted by expiry date. Colour-coded rows immediately highlight which batches need attention — from Expired to Safe.
Archive of all batches that have been expired or removed from active inventory, with full audit trail including who removed them and when.
Interactive charts showing sample trends, storage utilization by rack/bin, transaction volume over time, and expiry distribution across your plant.
Equipment Calibration
Manage the full calibration schedule for all lab instruments. Track due dates, upload calibration certificates, log updates, and receive proactive alerts before equipment becomes overdue.
The main equipment register showing every instrument in your plant with its current calibration status. Status is automatically calculated from the due date.
Full history of all calibration events per instrument — shows who performed each calibration, when, certificate reference, and any notes added.
A chronological log of all updates made to any equipment record — tracks both calibration updates and due date changes, with user attribution for every entry.
Charts showing calibration status distribution (pie/bar), upcoming due dates by month, and historical calibration completion rates across equipment categories.
Quality Walkabout
Capture, track and close quality observations found during plant walkabouts. Follows a Draft → Open → Closed workflow with CAPA tracking, email notifications, attachments, and PDF reporting.
The main register lists all active (Draft + Open) walkabout observations for your plant. Raise new observations, assign action persons, and track progress through the lifecycle.
All closed walkabout observations with full audit trail — close date, CAPA notes, reopen count, and all comments/attachments. Paginated 20 per page.
Personal view showing every open walkabout observation where you are the assigned Action Person. Paginated 20 per page. Your personal to-do list for CAPA completion.
Complete audit log of every state change, comment, attachment upload, and edit across all walkabout observations — with user name and timestamp for each action.
Charts showing observation trends over time, status distribution, top areas with repeat observations, average close times, and department-wise breakdown.
Pest Control
Comprehensive pest management covering insect traps, rodent bait stations, spider pads, chemical spray tracking, meetings with MOM, and annual planning — all with heatmap dashboards and PDF reporting.
Manage the pest control team for your plant — list team members with their roles (Internal/External contractor), contact details, and assignment status.
12-month schedule of planned pest control activities — fogging, spraying, baiting — for every area of your plant. Shows planned vs. completed activities with status tracking.
Visual heatmap of your plant layout showing device placement and current pest pressure level by location. Four heatmap views available, each colour-coded by activity intensity.
Master register of all pest control devices in your plant — fly catchers (previously "insect killers"), rodent bait stations, glue traps, and spider pads. Each device has a unique code, type, and location coordinates for the heatmap.
Enter fortnightly or monthly readings for every pest device in the plant. Five device types have their own input format: Insect Internal, Insect External, Rodent Bait (Outer), Rodent Glue (Inner), and Spider Pad.
Log every chemical spray application — chemical name, quantity used, target area, applicator, and date. Linked to the Pest Chemical Master for chemical details.
Schedule pest control review meetings, record attendance, and manage Minutes of Meeting (MOM) with action items, owners, and due dates.
Pest control document repository — upload and manage SDS sheets, contracts, compliance certificates, inspection reports, and any other regulatory documents.
Generate comprehensive pest control reports — monthly readings summaries, trend analysis, infestation level reports, and compliance documentation — all exported as clean A4 PDFs.
Master list of all pesticides and chemicals approved for use at your plant. Each entry stores name, active ingredient, dilution ratio, target pest, regulatory registration number, and safety notes.
Blue Cards (HPS)
A shop-floor improvement-suggestion system. Anyone can raise a Blue Card describing a problem and a suggested solution, tagged to a Zone and Working Place. Each card moves through a five-stage lifecycle — Open → Acknowledged → In Progress → Implemented (or Rejected) — with optional savings tracking. All data is plant-isolated.
The kiosk-style entry screen where any employee submits an improvement idea. Each submission gets a unique, permanent card number and starts in the Open state.
The management board for all cards raised at your plant. Move each card through its lifecycle and record who did what at every stage.
Dashboards summarising card activity for the plant — totals by status, cards by zone and working place, implementation rate, and cumulative savings from implemented ideas.
Per-plant configuration for the module: manage the Zones and Working Places that appear in the dropdowns, and customise the printed card's title, subtitle, notice line, and dimensions.
Checklists
A universal, configurable checklist and inspection engine — build any checklist without code, run it on mobile with photo evidence, and get an automatic pass/fail with a full audit trail. Templates are organised into sections and questions with per-question rules, and every published template is versioned so past runs never change retroactively. All data is plant-isolated, with optional company-standard templates shared across plants.
The template designer where process owners build a checklist from scratch — no code required. A template is organised into sections, each holding a list of questions.
The execution screen operators use to carry out an inspection, designed as a single scrollable form that works well on mobile devices.
A dashboard of every completed (and in-progress) run at your plant, with its overall pass/fail result, the template and version used, and who ran it and when.
System Administration
Full system configuration and user management. The Administration section is only visible to Master Admin (Level 1) and Company Admin (Level 2). Some sub-sections are Level 1 only.
Define the physical storage infrastructure for samples — add Plants, Racks per plant, and Bins per rack. This structure is what all sample location dropdowns use throughout the system.
Manage the 5-level geographical hierarchy used for data scoping: Companies → Countries → States → Plants → Departments. Every piece of data in the system belongs to a plant and department.
Add, edit, deactivate users and assign their access level, module permissions, and plant/department. User Roles are also managed here (moved from Master Data in v1.3.0).
Configure enterprise Single Sign-On (OIDC) per company. Once configured, users with a matching email domain are automatically redirected to your identity provider (Okta, Azure AD, Google).
yourcompany.com) that triggers SSO.https://your-server/auth/callback.Configure label printer settings — POS thermal printer connection details, label dimensions (width, height in mm), and QR code size. Supports both A4 and ESC/POS thermal formats.
SMTP settings for system email notifications — walkabout alerts, calibration reminders, and meeting invites. Configure sender address, SMTP host, port, and authentication credentials.
Access Level Reference
Quality Works uses 9 access levels. Each level determines which sections are visible, what actions can be taken, and which data scope (company / country / state / plant / department) is applied.
| Level | Role Name | Data Scope | Key Capabilities | Restrictions |
|---|---|---|---|---|
| 1 | Master Admin | All Companies |
Full system access
All modules
All admin screens
SSO Config
Printer Config
Email Config
Master Data
|
None |
| 2 | Company Admin | Single Company |
User Management
System Docs
All modules
|
No SSO ConfigNo Printer/Email ConfigNo Data Vis (Admin) |
| 3 | Country Admin | Country-wide |
All module screens
Reports & exports
|
No Administration section |
| 4 | State Admin | State-wide |
All module screens
Reports & exports
|
No Administration section |
| 5 | Plant Admin | Single Plant |
All module screens
WQA Open/Close
Walkabout Activity Log
Pest Team manage
Device Master edit
|
No Administration section |
| 6 | Department Manager | Department |
All module screens
Departmental data
|
No Administration section |
| 7 | Regular User | Plant |
Enter/search samples
Log transactions
Raise walkabouts
Enter pest readings
My Actions
|
No AdministrationNo WQA Open/Close |
| 8 | Viewer | Plant |
Read-only all screens
Export/download
|
No create/editNo Administration |
| 9 | Plant Coordinator NEW v1.3.0 | Plant-scoped |
Close walkabout observations
Auto CC'd on submissions
Plant-scoped data
|
Cannot Open observationsNo Administration |
In addition to the access level, each user's visibility of the four main modules (Sample Management, Equipment Calibration, Quality Walkabout, Pest Control) is individually controlled via Module Access settings in User Management.
Release Notes
Complete changelog for Quality Works — every feature added, bug fixed, and improvement shipped since v1.0.0.
- New Checklists module — a configurable template builder for any inspection or audit: organise questions into sections with 8 response types (Yes/No/NA, OK/Not OK/NA, Pass/Fail, Text, Number, Date, Dropdown, Photo)
- Per-question rules — mark any question mandatory, require a photo, require a remark, and set a criticality level that determines whether it fails the run
- Publishing a template snapshots an immutable version — later template edits never retroactively change a run that already executed against a published version
- One universal, mobile-friendly run screen — pick an available checklist, work through sections, attach photo evidence, and submit
- Automatic pass/fail — the rules engine validates every answer as it's entered; any single failed question fails the overall run
- Checklist Runs dashboard with template/status/date filters, full answer + photo review, and clean A4 PDF export via QCPdfEngine
- Plant-isolated by default, with optional company-standard templates shared across all plants; granted via the new "checklists" module permission
- Checklist photo evidence accepts image files only, is stored privately (outside the public web root), and is served exclusively through an authenticated, access-checked route
- Full multi-tenant and plant isolation applied to templates, versions, runs, responses, and attachments — no cross-plant or cross-company data exposure
- All checklist-entered text (questions, remarks, dropdown options) is rendered stored-XSS-safe throughout the module
- New Locations in Master Data — group several plants within one state into a named Location (e.g. "North Cluster"), with a plant checklist to pick which plants belong to it
- New Location Admin (Multi-plant) access level — assign one admin to a Location and they manage all of its plants together with a single login, instead of needing a separate account per plant
- A Location Admin sees the merged data of every plant in their Location (samples, calibration, pest control, blue cards, walkabouts) and nothing outside it; adding or removing a plant from the Location updates their access on next login
- Company/State are set automatically from the chosen Location during user creation — no need to fill the hierarchy fields for a Location Admin
- Closed a cross-scope data leak: State Admin and Country Admin now correctly see only the plants in their state/country. Previously some screens (Samples, Walkabouts, Racks, Departments) fell back to showing the whole company's data
- HTML-escaped all admin-entered names in the Locations screen to prevent stored script injection
- Shop-floor improvement-suggestion system — anyone can raise a Blue Card describing a problem and suggested solution, tagged to a Zone and Working Place
- Five-stage lifecycle — Open → Acknowledged → In Progress → Implemented, with Reject available at any stage; each transition records the acting user
- Kiosk-style entry screen that resets after each submission for shared shop-floor use; every card gets a unique permanent card number
- Admin View board to acknowledge, add action plans, close with a note, log savings, or reject cards
- Analytics dashboards — totals by status, cards by zone and working place, implementation rate, and cumulative savings
- Per-plant Settings — manage Zones and Working Places, and customise the printed card's title, subtitle, notice line, and size
- Fully plant-isolated — cards, zones, working places, and settings are scoped per plant; granted via the new "blue_cards" module permission
- New users are automatically emailed a branded welcome message with a login link — credentials no longer need to be shared by hand
- Password is now optional on create; if left blank the system generates a strong temporary password (ambiguous characters removed for easy typing)
- GDPR-oriented audit trail — records logins, failed logins, logouts, and user create/edit/delete with IP address and device
- Admin-only Audit Log screen (Administration → Audit Log) with event/date/email filters and CSV export; Company Admins see only their own company
- Configurable retention — entries auto-purge after AUDIT_LOG_RETENTION_DAYS (default 365) to satisfy storage-limitation requirements
- Model Number field — new optional free-text field on the add form, edit modal, history table, Excel export, bulk upload, and PDF export
- Equipment ID label — renamed from "Equipment Serial Number (Unique)*" to "Equipment ID*" across the form and all related UI
- "Under Calibration" equipment status (🔵) — third status option alongside "Not in Use" and "Gone for Calibration"; includes count tracking, blue row highlight, and legend modal entries in both Equipment History and Calibration Logs sections
- Automated daily caution alerts — server sends an email to the last person who updated each equipment's calibration when the next calibration date falls within 16–30 days
- One email per calibration cycle — dedup table with unique constraint on (equipmentID, nextCalibrationDate) guarantees no duplicate emails; resets automatically when equipment is recalibrated
- Batched per recipient — if a user is responsible for multiple caution-stage devices, all are listed in a single email
- Email includes Equipment ID, Model Number, Name, Used For, Plant, Last Calibration Date, Due Date, and Days Remaining
- Skips equipment with "Not in Use", "Gone for Calibration", or "Under Calibration" status
- HTML-escaped all DB-sourced field values in email templates — prevents stored HTML injection across recipient inboxes
- Slideshow carousel on all 4 analytics sections — auto-advances through KPI and chart cards
- Timer selector — choose 5s / 10s / 15s / 30s auto-refresh interval on main Pest Control page
- Monthly Pest Count chart — stacked bar by species (HF, YW, Mo, M, FF, RC, CB, MR) for current year
- MOM % Reduction chart with fullscreen zoom button
- Data Visualization tab in Reports — Monthly Count and MOM charts in one view
- Corner triangle info tooltips on all 4 KPI cards with data source and update instructions
- Year and Target % Drop filters in Pest Control Reports
- Sub-stats on KPI cards — breakdowns by zone and species
- Annual Pest Count bulk targets — import/export via Excel, month and owner dropdowns
- Pest Control Documents — versioned PDF upload per device with full upload history and download links
- Pest Control Team — own sidebar section; user picker auto-fills name, email, department, and function from registered plant users
- Activate / Deactivate button for pest control devices; inactive devices shown faded
- RBC / RBG filter in Device Master to separate Rodent Bait and Rodent Glue devices
- Pest Master (renamed from Chemical Master) — chemical/treatment master list with auto-fill dosage
- Pest Control Activity Log — full audit trail of all pest control actions per plant
- MOM spreadsheet view — inline editable Minutes of Meeting with row-level add/delete
- Edit and Delete on Meeting History table; Special meeting type added
- Pest Meetings redesigned as single-page layout — no tab switching required
- WQA Category feature — plant-scoped category management with WQA Admin section
- Subject field on QWA observations
- Severity dropdown with auto due date calculation (Critical → 7 days, Major → 15 days, Minor → 30 days)
- Admin edit modal with audit trail — records who changed what and when
- Closed By shown in walkabout closure email
- Action Person dropdown filtered to walkabout-module-enabled users only
- Walkabout Analytics expanded — Severity, Category, Workload, and Trend charts added
- QC Data Assistant — AI chatbot in sidebar; answers questions about samples, calibration, walkabouts, and pest control
- Returns live charts and data tables from the database
- Respects module access permissions — users only see data from their permitted modules
- Tenant Group Admin (TGA) role — multi-company scoped access; manage a defined group of companies
- Company Admin (Level 2) now has full admin section access with company-level data isolation
- Workflow Diagram page in admin section — interactive system architecture visualization
- Know More presentation page in admin section — feature overview and demo content
- Training Manual (Overview section) rebuilt — 8 tabs covering all 40 screens, access levels, and step-by-step usage
- QCPdfEngine — all PDF exports redesigned with clean A4 layout, consistent headers/footers
- Gzip compression — faster load times across all API responses and static files
- Section restore on page refresh — browser remembers last visited section
- Deployment overlay — app shows "Deploying…" when it detects a server restart mid-session
- Security hardening — auth checks, company isolation, and SSRF prevention across all endpoints
- handleFileSelect name conflict — calibration and bulk-upload shared the same global function; renamed to handleBulkFileSelect
- MOM edit-mode SyntaxError — idArg computed before display-mode branch
- checkModuleAccess — parseInt() required for access_level string comparison
- Overview flash on page refresh — removed duplicate DOMContentLoaded handlers
- Pest Control Team delete — confirm dialog now appears before delete, not after
- Full Quality Walkabout module: Draft → Open → Closed lifecycle workflow
- UID auto-generation with plant prefix (e.g.
0150-001) - CAPA details field with inline editing by action person
- Repeat observation flag linking to previous closed walkabout for trend analysis
- Attachment upload (image/PDF) on walkabout detail screen
- Comments thread on each walkabout observation
- Reopen closed observations with reopen counter badge tracking
- Walkabout history view with colour-coded due date alerts (Overdue / Critical / Warning / Safe)
- My Walkabout Actions section for personal to-do list per user
- Export walkabout history to CSV and PDF (QCPdfEngine A4 layout)
- Email notifications: submitted (To: action person, CC: reporter + coordinators), reopened, closed
- 20-per-page pagination on all three walkabout tables (Register, History, My Actions)
- New access level 9 "Plant Coordinator" — plant-scoped data access
- Level 9 users can close Quality Walkabout observations for their plant
- Plant Coordinators auto-CC'd on walkabout submitted and reopened emails
- Warning shown in walkabout form when a Level 9 user is selected as Action Person
- Level 9 added to all Access Level dropdowns (Add User, Edit User, User Roles)
- Plant Coordinator role auto-seeded in
rolestable on server startup
- Five device sections: Insect Internal, Insect External, Rodent Bait (Outer), Rodent Glue (Inner), Spider Pad
- Dual-period insect killer readings (1st / 2nd fortnight)
- Species count tracking: HF, YW, Mo, M, FF, RC, CB, MR
- Rodent status ENUM: B, R, O, D, NA, EB, M, S, G
- Spider pad monthly B/O/NA status per pad
- Pest control access filter scoped by plant
- Application renamed from "QC Sample & Equipment's Calibration Management System" to Quality Works
- User Roles section moved from Master Data to User Management (shown before Add New User)
- Action-persons API now returns access_level to support frontend warning logic
- Access level 9 was filtered out by ≤8 guard in dynamic dropdown loops — fixed to ≤9
- Plant dropdown in coordinator modal showed "undefined" — corrected field names
- Walkabout action-persons dropdown used innerHTML for reset — replaced with safe DOM methods
- OIDC SSO Support: Enterprise Single Sign-On with Okta (extensible to Azure AD, Google)
- Tenant Detection: Automatic tenant identification via email domain
- Redis Session Storage: Persistent sessions that survive server restarts
- Tenant Isolation Middleware: Enforces data access boundaries between companies
- Development SSO Mock: Test SSO flows without IdP connection (
/auth/dev-login) - New table:
tenant_auth_config— stores OIDC settings per company - New table:
external_identities— maps SSO identities to local users auth_typecolumn added to users table (local/oidc/saml); password nullable for SSO users- Session middleware now supports Redis with in-memory fallback
- Login page detects SSO domains and redirects automatically
- Fixed QRCode.toDataURL error in label printing
- Fixed modal event listeners for equipment calibration updates
- Fixed Update button not responding to clicks on equipment records
- Made global functions globally accessible (loadEquipmentHistory, updateEquipmentDueDate)
- Fixed Edit button click detection on equipment history table
- Database connection pool timeout issues resolved
- Comprehensive debugging system with console logging
- Success notifications for equipment updates
- Optimized QR code generation using constructor pattern
- Refactored modal event listeners for reliability
- Input focus issues on mobile devices
- Form field placeholder text visibility
- Cascading dropdown population on page load
- Sample search functionality with pagination
- Mobile-responsive sidebar navigation
- User dropdown menu in header
- Equipment calibration alert notifications
- Batch expiry colour-coded status indicators
- Improved CSS media queries for mobile support
- Enhanced table responsiveness on smaller screens
- Equipment Calibration History feature
- QR code label printing (Normal A4 + POS thermal printer)
- Equipment due date update functionality
- Calibration status alerts (Overdue / Critical / Warning / Caution / Safe)
- Equipment notification system for approaching due dates
- Customizable label dimensions (width, height, QR size)
- Batch expiry tracking with alerts
- Sample transfer between bins
- User management role assignment
- Master data cascading dropdowns
- Improved dashboard layout and KPI cards
- Enhanced data visualization charts
- v1.0.0: Initial release — sample management core, storage configuration, user auth, dashboard with KPI cards, data visualization, batch expiry monitoring, responsive design
- v1.0.1: Login page validation, session management, Remember Me, password reset link
- v1.0.2: Sample transaction logging (take-out/return), transaction history with filters, batch numbering system
- v1.0.3: Master data management (Companies, Countries, States, Plants), department management, role management
- v1.0.4: User change password, role-based access control, admin user management panel
- v1.0.5: Batch expiry history tracking, sample storage location hierarchy
- v1.0.1–v1.0.5: Cascading dropdown fixes, bin occupancy calculation, database connection pooling, improved error messages
Master Data Management
Companies
| Company Name | Actions |
|---|
Countries
| Company | Country | Actions |
|---|
States
| Company | Country | State | Actions |
|---|
Plants
| Company | Country | State | Plant Code | Plant Name | Actions |
|---|
Locations
Group several plants within one state into a Location, then assign a Location Admin (in User Management) to manage all of them together.
| Location | State | Plants | Actions |
|---|
Zones
| Plant | Zone Name | Code | Description | Actions |
|---|
Working Places
| Plant | Zone | Working Place | Code | Actions |
|---|
Departments
| Company | Country | State | Plant Code | Plant Name | Department | Actions |
|---|
User Management
Add New User
- ✗ 8 characters
- ✗ 1 uppercase letter
- ✗ 1 lowercase letter
- ✗ 1 number
- ✗ 1 special character
Module Access Permissions
Control which application modules this user can access. Changes take effect on the user's next login.
| Module | No Access | View Only | Full Edit |
|---|
Existing Users
| Full Name | Company | Plant/Location | Department | Access Level | Role | Reporting Manager | Actions |
|---|
User Roles
| Role Name | Access Level | Description | Actions |
|---|
SSO Configuration
Manage Single Sign-On settings for each tenant. Company Admin can manage their own company's SSO settings.
Loading tenant configurations...
Printer Configuration
Configure network printer settings for label printing. Only Master Admin can modify settings.
Printer Settings
Label Settings
Connection Status
No test performed yet.
Email Configuration
View SMTP settings and send a test email to verify the email system is working correctly.
SMTP Settings
Send Test Email
Send a real test email to confirm delivery is working end-to-end.
📋 System Documentation
IT Governance & Technical Reference Guide
📌 About Quality Works
Quality Works is a web-based Quality Control Management System developed by STARENGTS for manufacturing and laboratory environments. It centralises all quality-related operations across multiple plants, departments, and teams into one secure platform.
The system covers five core areas: QC Sample tracking (batch management, storage, expiry alerts), Equipment Calibration (schedules, certificates, audit trail), Pest Control (fly catchers, rodents, spray plans, lizard service, chemicals, meetings), Quality Walkabouts (inspections, photos, action tracking), and Reports & PDF Exports across all modules.
Supports Company → Country → State → Plant → Department hierarchy
8-level access control with SSO (Okta, Azure AD, Google)
Every change is logged — samples, calibration, pest activity
Export any module data as PDF or Excel with one click
📑 Table of Contents
1. Application Modules & Features
Quality Works is a multi-module web application for laboratory quality control. Each module below is accessible from the sidebar navigation.
🧪 QC Sample Management
Track laboratory samples from entry to disposal. Each sample is assigned to a physical storage location (Plant → Rack → Bin).
- Add, edit, and check in/out samples
- Batch ID, product name, manufacture & expiry dates
- QR code label printing (ESC/POS thermal printers)
- Barcode generation for samples
- Expiry date tracking with alerts
- Full movement audit log (transactions)
- Excel export of sample data
⚙️ Equipment Calibration
Manage laboratory equipment calibration schedules and certificates.
- Equipment registry with calibration due dates
- Upload calibration certificates (PDF, max 10MB)
- Calibration history and update audit trail
- Overdue and upcoming calibration alerts
- PDF certificate download and viewing
- Excel export of calibration data
🦟 Pest Control
Full pest management system covering device monitoring, inspections, chemical usage, and reporting.
- Fly Catcher Alerts: Log daily/weekly readings per device
- Rodent Checks: Track rodent bait stations and findings
- Spider Checks: Record spider activity by location
- Spray Plans: Monthly spraying schedule with delay reasons
- Lizard Plans: Monthly lizard control service tracking
- Chemical Master: Manage approved pest control chemicals
- Heatmap & Species Analysis: Visual activity dashboards
- KPI Dashboard: Frequency-based counts with targets
- Layout Images: Annotated plant floor plan overlays
- PDF report export for all pest modules
📅 Pest Control Meetings
Schedule and track pest control review meetings including Minutes of Meeting (MOM).
- Schedule regular, special, and review meetings
- Create and track action items with owners
- Record MOM (Minutes of Meeting) per meeting
- Mark actions as open, in-progress, or closed
- PDF export of meeting records
🚶 Quality Walkabouts
Conduct and document quality inspection walkthroughs across plant areas.
- Create walkabout inspection records with categories
- Attach photos and supporting documents
- Add comments and observations
- Track resolution history and closure authority
- Filter by plant, department, and date
📊 Reports & PDF Exports
The built-in QC PDF Engine generates clean A4 PDF reports across all modules (introduced v1.1.3).
- PDF export for pest control, meetings, calibration
- Excel export for sample and equipment data
- Print-to-PDF from any module
- QR code and barcode label printing
1.1 Storage Location Hierarchy
Samples are stored in a physical hierarchy. Each level is configured by administrators:
Example: STARENGTS → India → Uttarakhand → Rudrapur Plant → Rack-A → Bin-001
1.2 Who Can Use Which Module?
Module visibility is controlled by the user's access level and module-level permissions (configurable by Master Admin).
| Module | View | Add/Edit | Delete | Admin Config |
|---|---|---|---|---|
| 🧪 QC Samples | All users | Level 7+ | Level 5+ | Level 2+ |
| ⚙️ Equipment Calibration | All users | Level 7+ | Level 5+ | Level 2+ |
| 🦟 Pest Control | All users | Level 7+ | Level 5+ | Level 2+ |
| 📅 Pest Meetings | All users | Level 6+ | Level 5+ | Level 2+ |
| 🚶 Quality Walkabouts | All users | Level 7+ | Level 5+ | Level 2+ |
* Module-level access can be fine-tuned per user by Master Admin using the User Module Access settings.
2. Data Access & Integration
2.1 Database Schema
Database Type: MariaDB 10.x (MySQL-compatible)
Database Name: qcsample
| Table Name | Purpose | Key Fields |
|---|---|---|
| 🔷 Core — Users & Storage | ||
| users | User accounts and login credentials | id, email, password_hash, access_level, company_id, plant_id |
| user_company_access | Maps users to the companies they can access | id, user_id, company_id |
| user_module_access | Per-user module visibility overrides | id, user_id, module_name, is_enabled |
| plants | Physical plant/site locations | plantID, plantName, company_id, state_id |
| racks | Storage racks inside a plant | rackID, plantID, rackName, description |
| bins | Individual storage bins within a rack | binID, rackID, binNumber, maxCapacity, currentOccupancy |
| licenses | System license keys and validity | license_id, license_key, valid_from, valid_until |
| printer_config | Thermal label printer settings per plant | id, plant_id, printer_ip, printer_port, label_format |
| 🧪 QC Samples | ||
| samples | QC sample records | batchID, productName, dateManufactured, dateExpiry, binID, plantID |
| transactions | Sample check-in / check-out history | transactionID, batchID, action, performedBy, timestamp |
| expiry_updates | Audit log for expiry date changes | updateID, batchID, oldExpiry, newExpiry, updatedBy, timestamp |
| ⚙️ Equipment Calibration | ||
| equipment_calibrations | Equipment register with calibration dates | equipmentID, equipmentName, lastCalibrationDate, nextCalibrationDate |
| calibration_documents | Uploaded PDF calibration certificates | doc_id, equipmentID, file_path, upload_date |
| calibration_updates | History of calibration date changes | updateID, equipmentID, oldDate, newDate, updatedBy, timestamp |
| 🦟 Pest Control (17 tables) | ||
| pest_devices | Fly catchers, rodent stations, and other devices | id, plant_id, device_type, location, device_code |
| pest_insect_readings | Fly catcher count readings per device | id, device_id, reading_date, count, recorded_by |
| pest_insect_species_counts | Species breakdown per fly catcher reading | id, reading_id, species_name, count |
| pest_rodent_checks | Rodent bait station inspection records | id, plant_id, check_date, station_id, findings |
| pest_spider_checks | Spider activity inspection records | id, plant_id, check_date, location, findings |
| pest_spray_tracking | Monthly spray plan schedule and completion | id, plant_id, month, year, status, delay_reason |
| pest_lizard_service | Monthly lizard control service tracking | id, plant_id, month, year, status, delay_reason |
| pest_chemical_master | Approved pest control chemicals registry | id, chemical_name, active_ingredient, approved_for |
| pest_meetings | Pest control review meetings | id, plant_id, meeting_date, meeting_type, status |
| pest_action_items | Action items from pest meetings | id, meeting_id, action_description, owner, due_date, status |
| pest_control_plan | Annual pest control service plan | id, plant_id, year, service_type, schedule |
| pest_species_analysis | Species trend analysis data | id, plant_id, period, species, total_count |
| pest_heatmap_config | Heatmap display configuration | id, plant_id, grid_rows, grid_cols, config_json |
| pest_layout_images | Plant floor plan images for pest overlay | id, plant_id, image_path, uploaded_at |
| pest_activity_log | Pest activity audit log | id, plant_id, event_type, description, created_at |
| pest_control_documents | Uploaded pest control service documents | id, plant_id, doc_type, file_path, upload_date |
| 🚶 Quality Walkabouts (5 tables) | ||
| quality_walkabouts | Walkabout inspection records | id, plant_id, walkabout_date, category_id, status, created_by |
| quality_walkabout_attachments | Photos and documents attached to walkabouts | id, walkabout_id, file_path, file_type, uploaded_at |
| quality_walkabout_comments | Comments on walkabout records | id, walkabout_id, comment, commented_by, created_at |
| quality_walkabout_history | Status change history for walkabouts | id, walkabout_id, old_status, new_status, changed_by, timestamp |
| walkabout_categories | Category types for walkabout inspections | id, category_name, description, is_active |
2.2 Access Control Matrix
The system implements an 8-level hierarchical access control system:
| Level | Role | Scope | Key Permissions |
|---|---|---|---|
| 1 | Platform Owner | All Companies | Full system access, user management, system configuration — info@starengts.com |
| 2 | Company Admin | Company-wide | Manage all data within company, create users |
| 3 | Country Admin | Country-wide | Manage all data within country |
| 4 | State Admin | State/Region-wide | Manage all data within state/region |
| 5 | Plant Admin | Single Plant | Manage samples and equipment at assigned plant |
| 6 | Department Manager | Department | Manage department-specific samples and equipment |
| 7 | Regular User | Limited | Add/edit samples, view equipment, generate reports |
| 8 | Viewer | Read-only | View-only access, no modifications |
2.3 External Services & APIs
Email Service: Hostinger SMTP (via Nodemailer)
Purpose: Password reset OTP delivery, system notifications
Protocol: SMTP with TLS encryption
Configuration: Defined in environment variables (EMAIL_HOST, EMAIL_PORT, EMAIL_USER)
2.4 System Dependencies
Backend Dependencies
- express ^4.18.2
- mariadb ^2.5.6
- express-session ^1.18.1
- connect-redis ^8.0.1
- redis ^4.7.0
- bcryptjs ^2.4.3
- nodemailer ^7.0.10
- multer ^1.4.5-lts.2
- exceljs ^4.3.0
- xlsx ^0.18.5
- compression ^1.8.1
- cors ^2.8.5
- dotenv ^17.2.3
- axios ^1.13.2
Frontend Dependencies
- Vanilla JavaScript (ES6+)
- Chart.js (via CDN)
- QRCode.js (via CDN)
- JsBarcode (local library)
- HTML5 & CSS3
2.5 Integration Capabilities
✅ Supported Integrations:
- REST API: JSON-based endpoints for all CRUD operations
- Excel Export: Sample and equipment data export to .xlsx format (exceljs + xlsx)
- PDF Reports: QC PDF Engine generates clean A4 reports for pest control, meetings, and calibration (introduced v1.1.3)
- QR Code Labels: QR codes generated on-screen for sample identification
- Thermal Label Printing: ESC/POS compatible printers for label printing (print-processor.js)
- Email / OTP: Hostinger SMTP via Nodemailer for password reset OTPs and notifications
- File Uploads: PDF calibration certificates stored server-side (Multer, 10MB limit)
- SSO / OIDC: OpenID Connect integration with Okta, Azure AD, Google Workspace
3. Security & Compliance
3.1 Storage Architecture
Server Specifications:
- Hosting: VPS (Virtual Private Server)
- RAM: 8GB DDR4
- CPU: 2 vCPU Cores
- Storage: 100GB SSD
- OS: Linux-based
File Storage Structure:
- /app/data/ - Application data directory
- /app/data/backups/ - Database backup files
- /app/data/logs/ - System log files
- /app/uploads/ - User-uploaded files
- /app/uploads/calibration-docs/ - Calibration PDF certificates
3.2 Enterprise Authentication
Multi-Tenant Authentication Architecture
Our platform supports multiple authentication methods per tenant, allowing each company to use their preferred identity provider while maintaining a unified user experience.
Email & Password
bcrypt hashing
Okta, Azure AD
Google Workspace
Per-company config
Domain-based detection
Redis-backed sessions
Instant revocation
Platform Security Stack
Authentication:
- Session-based with Redis persistence
- OIDC (OpenID Connect) for SSO
- bcrypt password hashing (10 salt rounds)
- Per-tenant auth configuration
Transport & Network:
- TLS 1.2+ (HTTPS enforced)
- Secure, httpOnly session cookies
- CORS policy configured
- Firewall + VPN access control
Supported Identity Providers
| Provider | Protocol | Features | Status |
|---|---|---|---|
| Okta | OIDC | SSO, MFA, auto user provisioning | ✅ Supported |
| Microsoft Azure AD | OIDC | SSO, MFA, directory sync | ✅ Supported |
| Google Workspace | OIDC | SSO, Google account login | ✅ Supported |
| Local Authentication | Email/Password | bcrypt hashing, password reset via OTP | ✅ Default |
| Custom OIDC Provider | OIDC | Any OIDC-compliant identity provider | ✅ Supported |
How Multi-Tenant Authentication Works
Step 1: Tenant Detection
When a user enters their email, the system automatically detects their company (tenant) by the email domain (e.g., @example.com, @yourcompany.com).
Step 2: Auth Method Selection
Based on the tenant configuration, the system either shows the password field (local auth) or redirects to the company's identity provider (SSO).
Step 3: Authentication
For SSO: User authenticates with their corporate IdP (Okta/Azure/Google). For local: Password is verified against bcrypt hash in database.
Step 4: Session Created
A secure server-side session is created (stored in Redis) with user's access level, company scope, and permissions. Session cookie is httpOnly and secure.
Per-Tenant Configuration
Each company can be independently configured with their preferred authentication method:
| Company | Domain | Auth Method | Fallback |
|---|---|---|---|
| Example Corp | example.com | Local (SSO-ready for Okta) | Local password |
| Your Company | yourcompany.com | Local authentication | - |
| [New Company] | company.com | OIDC / Local / SAML | Configurable |
🔒 Why Session-Based + Redis?
Enterprise-Grade Session Management:
- Immediate Revocation: Sessions can be terminated instantly if unauthorized access is detected - critical for laboratory environments
- Server-Side Control: Session data stays on server (Redis), reducing client-side attack surface
- Persistence: Redis-backed sessions survive server restarts - users stay logged in during deployments
- Scalability: Shared Redis store enables horizontal scaling with multiple app instances
- Audit Trail: Complete visibility into active sessions and concurrent users for compliance
- SSO Compatible: Works seamlessly with both OIDC SSO and local authentication
Authentication Flows
🔑 Local Authentication Flow
1. User enters email + password ↓ 2. System detects tenant by email domain ↓ 3. Tenant auth_type = 'local' → Show password field ↓ 4. POST /api/login → bcrypt.compare(password, hash) ↓ 5. Session created in Redis → Secure cookie set ↓ 6. User redirected to dashboard (access filtered by level)
🔐 SSO (OIDC) Authentication Flow
1. User enters email ↓ 2. System detects tenant by email domain ↓ 3. Tenant auth_type = 'oidc' → Redirect to IdP (Okta/Azure/Google) ↓ 4. User authenticates at IdP → MFA if configured by company ↓ 5. IdP redirects back with auth code → Server exchanges code for tokens ↓ 6. User matched/created in database → Session created in Redis ↓ 7. User redirected to dashboard (access filtered by level)
8-Level Hierarchical Access Control
| Level | Role | Scope | Data Access |
|---|---|---|---|
| 1 | Platform Owner | All companies | Full system access, SSO configuration, user management across tenants |
| 2 | Company Admin | Own company | All data within their company, user management |
| 3 | Country Admin | Country-wide | All plants and departments in their country |
| 4 | State Admin | State-wide | All plants and departments in their state |
| 5 | Plant Admin | Plant-level | All departments within their plant |
| 6 | Department Manager | Department only | Own department data, team management |
| 7 | Regular User | Limited | Create/edit own records within assigned scope |
| 8 | Viewer | Read-only | View data only, no modifications allowed |
IT Governance Q&A
❓ How are passwords stored?
Passwords are hashed using bcrypt with 10 salt rounds before storage. Plain text passwords are never stored. SSO users have no local password at all - authentication is delegated to their corporate identity provider.
❓ Does the system support Single Sign-On (SSO)?
Yes. The platform supports OIDC (OpenID Connect) SSO with any compliant identity provider including Okta, Microsoft Azure AD, and Google Workspace. Each tenant can be independently configured with their preferred IdP. SSO can be enabled/disabled per company at any time without affecting other tenants.
❓ Can sessions be forcibly terminated?
Yes. Server-side sessions (stored in Redis) can be destroyed instantly by administrators. This is critical for security incidents or when employee access needs immediate revocation - regardless of whether they logged in via SSO or local credentials.
❓ What happens if the server restarts?
Sessions are stored in Redis (persistent key-value store), so users remain logged in during server restarts and deployments. Redis data is persisted to disk with append-only file (AOF) mode.
❓ How is tenant data isolated?
Every database query is filtered by the user's company_id and access_level. A user from Company A cannot access or modify data belonging to Company B. This is enforced at the server-side query level, not just the UI. The access control middleware validates tenant ownership on every API request.
❓ How is brute-force attack prevented?
Password reset OTPs have rate limiting (3 requests/hour, 5 verification attempts). Additional rate limiting is implemented at the reverse proxy level (nginx). SSO users are protected by their IdP's own security policies (MFA, lockout, etc.).
❓ Can our company use MFA (Multi-Factor Authentication)?
Yes. When using SSO with Okta, Azure AD, or Google, MFA is enforced by your corporate identity provider. This means your existing MFA policies (SMS, authenticator app, hardware keys) are automatically applied to Quality Works logins.
❓ How are user permissions enforced?
Hierarchical access control is enforced at the database query level. Each user has an access_level (1-8) and associated organizational scope (company, country, state, plant, department). Queries automatically filter results based on user context. SSO users are assigned appropriate access levels during provisioning.
❓ Can we enable SSO without disrupting existing users?
Yes. SSO can be enabled with a "local fallback" option, meaning users who haven't been migrated to SSO can still log in with their email/password. When ready, local fallback can be disabled to enforce SSO-only access for your company.
Production Security Checklist
| Security Control | Status |
|---|---|
| SSL/TLS Certificate (HTTPS) | ✅ ACTIVE |
| Password Hashing (bcrypt, 10 rounds) | ✅ ACTIVE |
| Secure Session Cookies (httpOnly, secure, sameSite) | ✅ ACTIVE |
| Redis Session Persistence | ✅ ACTIVE |
| Multi-Tenant SSO (OIDC) | ✅ ACTIVE |
| Tenant Data Isolation | ✅ ACTIVE |
| SQL Injection Protection (Parameterized Queries) | ✅ ACTIVE |
| CORS Policy Configured | ✅ ACTIVE |
| Firewall + VPN Access Control | ✅ ACTIVE |
| Environment Variables (secrets in .env) | ✅ ACTIVE |
| 8-Level Hierarchical Access Control | ✅ ACTIVE |
| MFA Support (via IdP) | ✅ ACTIVE |
| Rate Limiting (login/OTP) | ✅ ACTIVE |
| Automated Vulnerability Scanning | ⚠️ RECOMMEND |
3.3 Data Encryption & Protection
✅ In Transit
- TLS 1.2+ for all HTTPS traffic
- Secure WebSocket connections
- SMTP TLS for email
⚠️ At Rest
- Database: MariaDB default (upgradeable to encrypted tablespaces)
- Files: Server filesystem (upgradeable to encrypted volumes)
- Backups: Cloud VPS storage
3.4 Backup & Disaster Recovery
Backup Strategy
Frequency: Weekly (upgradeable to daily)
Method: MariaDB mysqldump
Storage: Cloud VPS
Retention: 4 weeks (recommended)
Recovery Plan
RTO (Recovery Time Objective): < 4 hours
RPO (Recovery Point Objective): 7 days (weekly backup)
Procedure: Automated restore script available
Testing: Quarterly restore drills recommended
3.5 Compliance & Audit Trails
Audit Logging
The system maintains comprehensive audit trails for:
- Sample Transactions: All movements logged in transactions table with timestamp, user, and action
- Expiry Updates: Complete history in expiry_updates table (who, when, old value, new value)
- Calibration Changes: Full audit trail in calibration_updates table
- User Actions: Login/logout events, access attempts
- Data Modifications: Timestamp and user tracking on all critical tables
Compliance Readiness
- ✅ Data integrity controls (foreign keys, constraints)
- ✅ User authentication and authorization
- ✅ Audit trail for all modifications
- ✅ Role-based access control (8 levels)
- ⚠️ GDPR: Data retention policies recommended
- ⚠️ ISO 27001: Additional controls may be required
4. System Lifecycle & Maintenance
4.1 Development Workflow
Development → Testing → Staging → Production 1. LOCAL DEVELOPMENT - Developer workstation with Node.js - Local MariaDB instance for testing - npm run dev (nodemon for hot reload) 2. VERSION CONTROL - Git repository for source control - Branch strategy: main (production), dev (development) - Commit messages follow conventional commits 3. TESTING - Manual QA testing - Database migration scripts tested in isolation - User acceptance testing (UAT) 4. DEPLOYMENT - VPS deployment via Git pull - Environment variables configured via .env - npm start for production mode - Process manager (PM2/systemd) for auto-restart
4.2 Maintenance Schedule
| Task | Frequency | Responsible | Notes |
|---|---|---|---|
| Database Backup | Weekly | IT Admin | Automated via cron job |
| Backup Verification | Monthly | IT Admin | Test restore procedure |
| Security Updates | Monthly | IT Admin | npm audit, OS patches |
| Log Review | Weekly | IT Admin | Check for errors/anomalies |
| Database Optimization | Quarterly | Database Admin | OPTIMIZE TABLE, index review |
| Disk Space Monitoring | Weekly | IT Admin | Alert at 80% capacity |
| SSL Certificate Renewal | Annually | IT Admin | 90-day reminder |
| User Account Audit | Quarterly | Master Admin | Remove inactive users |
| Performance Review | Semi-Annually | IT Admin | Query optimization, caching |
4.3 Documentation Locations
| README.md | Project overview and quick start guide |
| API-DOCUMENTATION.md | API endpoints and usage examples |
| CHANGELOG.md | Version history and release notes |
| .env.example | Environment configuration template |
| qcsample.sql | Complete database schema |
| This Page | System Documentation (IT governance reference) |
4.4 Support Model
📧 Contact Information
Support Email: info@starengts.com
Company: STARENGTS
Product: Quality Works
Version: 1.4.0
⏰ Support Hours
Response Time: Business hours
Critical Issues: 24-hour SLA
Non-Critical: 48-hour SLA
Escalation: Email support team
4.5 Incident Response Procedure
🚨 Emergency Response
- Identify: Determine severity (Critical, High, Medium, Low)
- Isolate: If security breach suspected, isolate affected systems
- Notify: Alert Master Admin and IT team via info@starengts.com
- Document: Log all details, actions taken, timeline
- Resolve: Apply fix, restore from backup if necessary
- Verify: Test resolution, confirm system stability
- Review: Post-incident analysis and preventive measures
5. Technical Architecture
5.1 Complete Technology Stack
⚙️ Backend Stack
- Runtime: Node.js v14+
- Framework: Express.js v4.18.2
- Language: JavaScript (ES6+)
- Database: MariaDB v3.4.5
- ORM/Driver: mariadb (native driver)
🎨 Frontend Stack
- Framework: None (Vanilla JS)
- Language: JavaScript ES6+
- Markup: HTML5
- Styling: CSS3 (custom)
- Charts: Chart.js (CDN)
- QR Codes: QRCode.js (CDN)
- Barcodes: JsBarcode (local)
🔒 Security & Auth
- Sessions: express-session v1.18.1
- Hashing: bcryptjs v2.4.3
- CORS: cors v2.8.5
- Environment: dotenv v17.2.3
- SSL/TLS: HTTPS enabled
📊 Data & Files
- Excel: exceljs v4.3.0
- Email: nodemailer v7.0.10
- Uploads: multer v1.4.5-lts.2
- HTTP Client: axios v1.13.2
5.2 Infrastructure Details
🖥️ Production Server
| URL: | https://qcapplication.starengts.com |
| Hosting: | VPS |
| RAM: | 8GB |
| CPU: | 2 vCPU cores |
| Storage: | 100GB SSD |
| OS: | Linux |
🗄️ Database Server
| Engine: | MariaDB 10.x |
| Location: | Same VPS |
| Port: | 3306 |
| SSL: | Enabled |
| Connections: | 10 pool limit |
| Charset: | utf8mb4_unicode_ci |
System Architecture Diagram
┌─────────────────────────────────────────────────────────────────┐
│ CLIENT LAYER │
│ ┌───────────────┐ ┌───────────────┐ ┌───────────────┐ │
│ │ Desktop │ │ Tablet │ │ Mobile │ │
│ │ Browser │ │ Browser │ │ Browser │ │
│ └───────┬───────┘ └───────┬───────┘ └───────┬───────┘ │
└──────────┼──────────────────┼──────────────────┼───────────────┘
│ │ │
└──────────────────┴──────────────────┘
│
HTTPS/TLS
│
┌─────────────────────────────┼───────────────────────────────────┐
│ VPS SERVER (8GB RAM, 2 CPU) │
│ │ │
│ ┌───────────────────────────┴────────────────────────┐ │
│ │ NGINX REVERSE PROXY │ │
│ │ (SSL Termination, Load Balancing) │ │
│ └───────────────────────┬────────────────────────────┘ │
│ │ │
│ ┌───────────────────────┴────────────────────────────┐ │
│ │ NODE.JS APPLICATION SERVER │ │
│ │ │ │
│ │ ┌─────────────────────────────────────────────┐ │ │
│ │ │ EXPRESS.JS FRAMEWORK │ │ │
│ │ │ │ │ │
│ │ │ • Session Management (express-session) │ │ │
│ │ │ • Authentication (bcrypt) │ │ │
│ │ │ • API Routes (/api/*) │ │ │
│ │ │ • Static File Serving │ │ │
│ │ │ • Multer (File Uploads) │ │ │
│ │ └─────────────────────────────────────────────┘ │ │
│ └────────────┬────────────────────┬──────────────────┘ │
│ │ │ │
│ ┌────────────┴─────────┐ ┌───────┴──────────┐ │
│ │ MARIADB DATABASE │ │ FILE SYSTEM │ │
│ │ │ │ │ │
│ │ • qcsample DB │ │ • /uploads/ │ │
│ │ • 42+ Tables │ │ • /data/ │ │
│ │ • Connection Pool │ │ • /backups/ │ │
│ └──────────────────────┘ └──────────────────┘ │
│ │
│ ┌──────────────────────────────────────────────────────────┐ │
│ │ EXTERNAL SERVICES │ │
│ │ │ │
│ │ • Hostinger SMTP (Email/OTP Delivery) │ │
│ │ • Okta / Azure AD / Google (OIDC SSO) │ │
│ │ • ESC/POS Thermal Printer (Label Printing) │ │
│ │ • Cloud VPS Storage (Backups) │ │
│ └──────────────────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────────────┘
5.3 Enterprise Alignment
✅ Enterprise-Ready Features
- Multi-Tenancy: Company/Country/State/Plant/Department hierarchy supports multiple organizations
- Role-Based Access: 8-level granular permission system
- Scalability: Database connection pooling, stateless architecture ready
- Security: Industry-standard authentication, encryption, audit trails
- Reliability: Transaction support, referential integrity, automated backups
- Compliance: Complete audit logging, data retention controls
- Integration: REST API, Excel export, email notifications
5.4 Scalability & Performance
| Component | Current Capacity | Upgrade Path |
|---|---|---|
| Concurrent Users | ~50-100 users | Add Redis session store, horizontal scaling |
| Database Size | ~10-50GB | Increase VPS storage, database partitioning |
| File Storage | 100GB SSD | S3-compatible object storage (MinIO, AWS S3) |
| API Performance | ~100 req/sec | Load balancer, CDN for static assets, caching |
| Backup Size | Weekly backups | Incremental backups, cloud backup service |
5.5 Future Roadmap
📅 Planned Enhancements
✅ Already Completed: Redis session store, OIDC/SSO (Okta, Azure AD, Google), PDF report engine (QCPdfEngine), Pest Control module, Quality Walkabouts module, Thermal label printing.
🔜 Short Term (3-6 months)
- Database encryption at rest
- Automated daily backups (currently weekly)
- Advanced search and filtering across modules
- Mobile-responsive UI improvements
🎯 Medium Term (6-12 months)
- SAML 2.0 SSO support (in addition to OIDC)
- Real-time notifications (WebSockets / push)
- Advanced analytics dashboard with trends
- API rate limiting and throttling
- Multi-language support (i18n)
🚀 Long Term (12+ months)
- Native mobile app (iOS / Android)
- Microservices architecture migration
- Machine learning for predictive calibration and pest trends
- IoT sensor integration for real-time readings
- Cloud-native deployment (Kubernetes / Docker Swarm)
5.6 Known Technical Debt
⚠️ Items for Consideration
- Monolithic Code: server.js is ~12,400 lines — a single file for all routes. Future refactor into separate route files is recommended as the app grows.
- Large Frontend File: index.html is ~1.5MB with embedded JavaScript. Consider splitting into modular JS files or using a frontend framework (Vue/React) for easier maintenance.
- API Versioning: No formal API versioning — implementing /api/v1/ structure would help future compatibility.
- Automated Testing: No automated test suite — unit and integration tests are recommended as features grow.
- Monitoring: No APM (Application Performance Monitoring) — consider New Relic, DataDog, or open-source Prometheus/Grafana for production visibility.
- Error Tracking: Basic console logging — consider Sentry or similar for production error alerting.
Quality Works v1.4.1
© STARENGTS - All Rights Reserved
For support: info@starengts.com
Document generated:
This document contains confidential and proprietary information.
Enter New Sample
Label Size Configuration
Label Preview (100mm × 40mm)
Transfer Samples Between Bins
Equipment Calibration
Equipment Calibration History
| Status | Equipment ID | Model Number | Equipment Name | Equipment used for | Location | Verification Method | Certification | Last Calibration Date | Calibration Interval (Days) | Next Calibration Date | Alert Status | Action |
|---|
Calibration Update History
| Status | Equipment ID | Equipment Name | Old Next Calibration Date | New Next Calibration Date | Updated On | Updated By |
|---|
Search Samples
| Status | Batch Number | Product Name | Mfg Date | Expiry | Entered By | Storage | Created On | Action |
|---|
Log Sample Transactions
Log Take Out
Log Return
Retrieval History (One Row per Cycle)
| Batch Number | Product Name | Take Out Date | Take Out By | Return Date | Return By |
|---|
Expiry Date Modification History
| Status | Batch Number | Product Name | Original Expiry | New Expiry | Modified By | Modified On | Reason |
|---|
Retrieval History
| Batch Number | Product Name | Take Out Date | Take Out By | Return Date | Return By |
|---|
📊 Sampling Management Analytics
Sample tracking, expiry analysis, and storage utilization insights
Expiry Status Distribution
Top 10 Products by Sample Count
Storage Location Utilization
Sample Transaction Status
Sample Age Distribution
🔧 Equipment Calibration Analytics
Calibration status, overdue tracking, and equipment compliance insights
Calibration Status Overview
Equipment Status
Calibration Frequency Distribution
Monthly Calibration Trends
📋 Quality Walkabout Analytics
Walkabout status, action tracking, and quality observation insights
Status Distribution
Due Date Status
By Observation Location
Monthly Trends
Severity Breakdown
By Category (Open)
Action Person Workload
Severity Trend (6 months)
🦟 Pest Control Analytics
Pest activity trends, device monitoring, and treatment effectiveness insights
Device Status Distribution
Pest Activity by Location
Treatment Effectiveness
📊 Deep Dive Analytics
Device Type Distribution
Pest Types Detected
Weekly Activity Pattern
Inspection Compliance Rate
📈 Performance Metrics
Activity Severity Index
Top Risk Areas
Device Monitoring Activity
📊 Monthly Pest Count Comparison
Monthly Pest Count 2025-26
MOM % Reduction vs Previous Year
--- Target 2% reduction
🕐 Pest Control Activity Log
Complete audit trail of all pest control actions — devices, readings, spray, meetings, and MOM action items.
| Time | Category | Action | By | Details |
|---|---|---|---|---|
| Loading... | ||||
💾 Master Data Analytics
System-wide overview of plants, storage capacity, and user management
Storage Capacity by Plant
Bin Occupancy Rate
Products by Category
User Role Distribution
🎛️ Admin Dashboard - Master Data Analytics
System-wide overview of plants, storage capacity, and user management
📊 Sampling Management Analytics
Expiry Status Distribution
Top 10 Products by Sample Count
Storage Location Utilization
Sample Transaction Status
Sample Age Distribution
🔧 Equipment Calibration Analytics
Calibration Status Overview
Equipment Status
Calibration Frequency Distribution
Monthly Calibration Trends
📋 Quality Walkabout Analytics
Status Distribution
Due Date Status
By Observation Location
💾 Master Data Analytics
Storage Capacity by Plant
Bin Occupancy Rate
Products by Category
User Role Distribution
Storage Configuration
Storage Configuration
Note: Plant selection is based on your access permissions
Add Rack
Add Bin
View & Edit Configuration
Quality Walkabout Register
📝 Create New Quality Walkabout
📋 Open Walkabouts
| UID | Date Raised | Reporter | Location | Category | Subject | Action Person | Due Date | Status | Actions |
|---|
Quality Walkabout History
| UID | Date Raised | Reporter | Location | Category | Subject | Action Person | Due Date | Status | Closed By | Closed At | Actions |
|---|
My Walkabout Actions
Walkabouts where you are the assigned Action Person - please review and take action before the due date.
| UID | Date Raised | Reporter | Location | Category | Subject | Description | Due Date | Status | Actions |
|---|
Walkabout Activity Log
Complete audit trail of all walkabout actions — created, submitted, updated, closed, reopened, comments and attachments.
| Time | Walkabout UID | Action | By | Prev Status | Current Status | Details |
|---|
👥 Pest Control Team
| Name | Department | Function | Actions | |
|---|---|---|---|---|
| Loading... | ||||
Pest Control Master Plan
| S.No | Activities | Owner | JAN | FEB | MAR | APR | MAY | JUN | JUL | AUG | SEP | OCT | NOV | DEC | Actions |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Loading annual plan... | |||||||||||||||
Pest Control Layout
🗺️ Pest Control Device Layout
No layout image uploaded. Click "Upload Layout" to add one.
📋 Layout Revision Control
Track changes and updates to the pest control layout map
| Rev No | Date | Reason of Review | Actions |
|---|---|---|---|
| Loading revision history... | |||
Pest Control Device Master
0 Active | 0 Inactive | 0 Maintenance| Device ID | Type | Location | Area | Placement | Status | Actions |
|---|---|---|---|---|---|---|
| Loading... | ||||||
🧪 Pest Master
➕ Add New Chemical
Pest Chemical List
| # | Chemical Name | Default Dosage | Category | Status | Added By | Actions |
|---|---|---|---|---|---|---|
| Loading... | ||||||
Pest Control Readings Entry
Flycatcher - Internal
Click count cell to enter species-wise breakdown
| Device ID | Location | Area | 1st Fortnight (1-15) | 2nd Fortnight (16-31) | ||
|---|---|---|---|---|---|---|
| Count | Remarks | Count | Remarks | |||
| Select month, then click Load Data | ||||||
Spray Tracking Plan
| S.No | Activity | Owner | JAN | FEB | MAR | APR | MAY | JUN | JUL | AUG | SEP | OCT | NOV | DEC | Actions |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Loading spray plan... | |||||||||||||||
Pest Control Spray Tracking
💨 Log Spray Activity
Spray History
| Date | Type | Spray Type | Chemical | Done By | Verified By | Areas | Actions |
|---|---|---|---|---|---|---|---|
| Loading... | |||||||
🦎 Lizard Management Plan
| S.No | Activity | Owner | JAN | FEB | MAR | APR | MAY | JUN | JUL | AUG | SEP | OCT | NOV | DEC | Actions |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Loading lizard plan... | |||||||||||||||
🦎 Lizard Management Service
Service History
| Date | Type | Chemical | Service By | Verified By | Next Service |
|---|---|---|---|---|---|
| Loading... | |||||
Pest Control Documents
| Document Name | Category | Current Ver. | File | Uploaded By | Uploaded At | Expiry Date | Actions | |
|---|---|---|---|---|---|---|---|---|
| Loading... | ||||||||
Pest Control Meetings
📋 Meeting History
| Date | Type | Title | Created By | Actions |
|---|---|---|---|---|
| Loading... | ||||
📊 MOM Action Items
| # | B. Date | C. Observation / Recommendation | D. Root Cause | E. Device / Area | F. Action Decided | G. Responsibility | H. Target Date | I. Completion Date | J. Revised Target | K. Repeated | L. Status | M. Verified On | N. Verified By | O. Remark | Actions |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Loading action items... | |||||||||||||||
Pest Control Reports
Flycatcher Tracking - Internal
Monthly insect count data by device (internal). Green = Low (0-5), Yellow = Medium (6-10), Red = High (>10)
Loading heatmap data...
📋 Custom Report Generator
Report Preview
Select report type and parameters, then click Generate Report
Blue Cards
0Admin View
0Blue Cards Analytics
Blue Cards Settings
Zones and Working Places are now managed in Administration → Master Data.
Checklist Templates
0| Name | Category | Scope | Status | Version | Modified | Actions |
|---|
Run a Checklist
Pick a checklist to start a new run.
Checklist Runs
| Checklist | Plant | Subject | By | Date | Result | Status |
|---|
Comments