System Overview
Auth & Tenant Flow
Sample Management
Equipment Calibration
Quality Walkabout
Pest Control
Blue Cards
Checklists
Request Lifecycle
Frontend Layer
🌐
Web Browser
index.html / login.html
Vanilla JS
β†’
⚑
Express Server
server.js Β· port 3456
Node.js
β†’
πŸ—„οΈ
MariaDB
qcsample database
10 conn pool
β†’
πŸ”΄
Redis
Session storage
Prod only
Middleware Stack
πŸ—œοΈ
Compression
gzip responses
β†’
πŸ”
Session MW
Redis / memory
β†’
🏒
Tenant Detection
domain β†’ company_id
β†’
πŸ›‘οΈ
Auth Check
requireAuth()
β†’
πŸ”‘
Module Access
view / edit / none
β†’
πŸ”
Access Filter
getAccessControlFilter()
Feature Modules
πŸ§ͺ
Sample Management
Batch, storage, transactions
Module
βš™οΈ
Equipment Calibration
Certificates, scheduling
Module
🚢
Quality Walkabout
Observations, CAPA, closure
Module
πŸ›
Pest Control
Devices, readings, meetings
Module
🟦
Blue Cards
Improvement cards, workflow, savings
Module
βœ…
Checklists
Templates, runs, evidence, PDF
Module
System Services
πŸ“§
Email (Nodemailer)
OTP, password reset
πŸ“Ž
File Uploads (Multer)
PDF, image, Excel
πŸ“„
QCPdfEngine
A4 PDF exports
πŸ–¨οΈ
Label Printer
ESC/POS Β· Zebra ZD230
πŸ’Ύ
Auto Backup
mysqldump Β· rotate 10
Login Entry Point
πŸ‘€
User Enters Email
login.html form
β†’
πŸ”Ž
Tenant Domain Check
/api/tenant/check
β†’
❓
OIDC Configured?
tenant_auth_config lookup
Local Authentication Path
πŸ”
Password Entry
auth_type = local
β†’
πŸ”’
bcrypt Verify
POST /api/login
β†’
πŸ“‹
Load User + Modules
user_module_access
β†’
βœ…
Session Created
β†’ index.html
OIDC SSO Path (Okta / Azure AD / Google)
πŸ”—
Initiate OIDC Login
GET /auth/login
β†’
πŸ“‘
Discovery Fetch
1h TTL cache
β†’
🎲
State + Nonce
CSRF protection
β†’
πŸ›οΈ
Identity Provider
Okta / Azure / Google
β†’
↩️
OIDC Callback
GET /auth/callback
β†’
πŸ‘€
User Lookup / Create
external_identities
β†’
βœ…
Session Created
β†’ index.html
Access Control Levels
πŸ‘‘
Master Admin
Level 1 β€” all data
🏒
Company / Country Admin
Level 2–3
🏭
State / Plant Admin
Level 4–5
πŸ‘·
Regular User / Coord
Level 7–9
Password Reset Flow
πŸ“§
Forgot Password
POST /api/forgot-password
β†’
πŸ”’
Generate OTP
5-min expiry, email sent
β†’
βœ”οΈ
Verify OTP
POST /api/verify-otp
β†’
πŸ”‘
Reset Password
bcrypt hash stored
Storage Hierarchy
🏭
Plant
plants table
β†’
πŸ—ƒοΈ
Rack
racks table
β†’
πŸ“¦
Bin
bins table
β†’
πŸ§ͺ
Sample (Batch)
samples table
Sample Lifecycle
Create
βž•
New Sample Form
batchID + dates + bin
β†’
βœ”οΈ
Validate Bin + Scope
Access control check
β†’
πŸ’Ύ
Store in DB
samples table
Check-Out
πŸ“€
Take Out Sample
/api/transactions/takeout
β†’
πŸ“
Log Transaction
transactions table
β†’
πŸ”“
Sample Out
Status updated
Return
πŸ“₯
Return Sample
/api/transactions/return
β†’
πŸ“
Log Return
transactions table
β†’
πŸ”’
Sample Returned
Bin restored
Transfer
↔️
Transfer Request
/api/samples/transfer
β†’
βœ”οΈ
Validate Destination
Capacity check
β†’
πŸ’Ύ
Update Location
samples.bin_id updated
Expiry
πŸ“…
Update Expiry
/api/samples/update-expiry
β†’
πŸ“‹
Audit Trail
expiry_updates table
β†’
βœ…
Expiry Updated
Audit logged
Equipment Registration
βž•
Add Equipment
Manual or Excel bulk
β†’
πŸ“…
Calculate Next Date
calibrationDate + intervalDays
β†’
πŸ—„οΈ
equipment_calibrations
Full equipment record
Certificate Upload
πŸ“Ž
Upload PDF Certificate
PDF only Β· 10MB max
β†’
βœ”οΈ
Multer Validates
Type + size check
β†’
πŸ”„
1-per-equipment Rule
Replace old doc
β†’
πŸ’Ύ
calibration_documents
Path + metadata stored
Calibration Update Tracking
πŸ“
Log Calibration Update
Before/after values
β†’
πŸ”„
Store Update
calibration_updates table
β†’
πŸ“…
Next Date Recalculated
History preserved
Export & Reporting
πŸ“Š
Export Request
GET /api/.../export
β†’
πŸ”
Filter + Query
Access-scoped
β†’
πŸ“₯
Excel / PDF Export
XLSX or A4 PDF
Observation Lifecycle
Report
πŸ‘οΈ
Raise Observation
Draft created
β†’
πŸ“
Save as Draft
status = Draft
β†’
πŸ“Ž
Attach Evidence
PDF/Image Β· 5MB
Submit
πŸ“€
Submit Observation
Draft β†’ Open
β†’
πŸ‘·
Assign Action Person
Responsibility set
β†’
πŸ“‹
History Entry
quality_walkabout_history
Action
πŸ”§
CAPA Details
Corrective + Preventive
β†’
πŸ’¬
Add Comments
Discussion thread
β†’
πŸ“Ž
Action Evidence
Separate attachment set
Close
πŸ”
Closure Request
Authority check required
β†’
❓
Authorized?
closure_authority table
β†’
βœ…
Closed
status = Closed
Reopen
πŸ”„
Reopen Observation
reopenCount++
β†’
πŸ“
Status β†’ Open Again
repeatFlag tracked
Device Registry
πŸͺ€
Pest Devices
4 types Β· 2 placements
β†’
πŸ—ΊοΈ
Layout Maps
pest_layout_images
β†’
🧴
Chemical Master
Dosage defaults
Monitoring Readings
🦟
Insect Readings
Count + species breakdown
Fortnightly
🐭
Rodent Checks
Status codes B/R/O/D/NA
Monthly
πŸ•·οΈ
Spider Checks
Status B/R/NA
Monthly
Pest Control Activities
πŸ’¨
Spray Tracking
Chemical + dosage log
🦎
Lizard Service
Quarterly IPM
πŸ“…
Annual Control Plan
Monthly activity matrix
Meetings & Action Items
Meeting
πŸ“‹
Schedule Meeting
Monthly / Quarterly / Special
β†’
πŸ‘₯
Record Attendees + MOM
Minutes of Meeting
β†’
πŸ’Ύ
pest_meetings
Full meeting record
Actions
⚑
Raise Action Items
From meeting discussion
β†’
πŸ”„
Track Status
open β†’ progress β†’ closed
β†’
πŸ’Ύ
pest_action_items
Full action record + MOM
Documents & Audit
πŸ“„
Version-Controlled Docs
1-per-category PDFs
πŸ‘·
Control Team
pest_control_team
πŸ“‹
Activity Audit Log
pest_activity_log
πŸ“Š
Reports + Heatmaps
Trends Β· Export
Every API Request β€” Step by Step
🌐
Browser Request
fetch /api/* + cookies
β†’
πŸ—œοΈ
Compress + Parse
gzip Β· JSON body
β†’
πŸ”
Session Load
req.session attached
β†’
🏒
Tenant Detect
domain β†’ company_id
β†’
πŸ›‘οΈ
Authenticated?
requireAuth()
πŸ”‘
Module Access?
samples/calib/pest/walk
β†’
πŸ”
Build Access Filter
SQL WHERE clause
β†’
πŸ—„οΈ
Parameterized Query
MariaDB pool Β· no injection
β†’
πŸ”„
Transform Result
Format + nulls handled
β†’
πŸ“€
JSON Response
Compressed + sent
Write Operation (Create / Update / Delete)
✏️
Write Request
POST / PUT / DELETE
β†’
βœ”οΈ
Edit Permission
view β‰  edit
β†’
πŸ”’
Inject Tenant Scope
company_id from session
β†’
πŸ—„οΈ
Execute SQL
Pool connection + release
β†’
πŸ“‹
Audit Log
History table write
β†’
βœ…
Success Response
200 / 201 / 204
Session User Object (req.session.user)
πŸ‘€
Identity
id, email, role, auth_type
🏒
Hierarchy
company β†’ plant β†’ dept
πŸ”‘
Module Access
edit / view / none per module
Raise Card
🟦
Raise Blue Card
POST /api/blue-cards
β†’
πŸ†•
Status = OPEN
Plant-scoped submitter
β†’
πŸ—„οΈ
blue_cards
Full card record
Status Workflow
πŸ”΅
OPEN
Awaiting review
β†’
πŸ‘€
ACKNOWLEDGED
PATCH .../status
β†’
πŸ”§
IN_PROGRESS
Action underway
β†’
🏁
IMPLEMENTED / REJECTED
Terminal states
Savings & Analytics
πŸ’°
Log Savings
savings_amount on card
β†’
πŸ“Š
Aggregate Analytics
GET .../analytics
β†’
πŸ“₯
Dashboard + Export
Charts, Excel/PDF
Author (Template Designer)
πŸ“
Build Template
Sections, questions, rules
β†’
πŸ’Ύ
Save Draft
POST .../templates
β†’
πŸš€
Publish
Immutable version snapshot
β†’
πŸ—„οΈ
checklist_templates /
checklist_versions
Template + version history
Execute (Run)
πŸ“‹
Pick Checklist
GET .../available
β†’
▢️
Start Run
Freezes version snapshot
β†’
πŸ“·
Answer + Photo Evidence
Mobile sectioned form
β†’
βš–οΈ
Rules Engine Validates
Fail β†’ overall FAIL
β†’
βœ…
Submit
POST .../submit
β†’
πŸ—„οΈ
checklist_runs /
responses / attachments
Run + answers + photos
Analyze
πŸ“Š
Checklist Runs Dashboard
GET /api/checklists/runs
β†’
πŸ”
Apply Filters
Template, plant, status, date
β†’
πŸ“„
PDF Export
QCPdfEngine Β· A4
Trigger / Entry
Processing Step
Tool / Service
Output / Result
Data Store
Decision Point