malty/ca-grow-ops-manager
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ca-grow-ops-manager/docs/specs/008_visitor_management.md
fullsizemalt 15e1a8b199
Some checks failed
Deploy to Production / deploy (push) Failing after 0s
Details
Test / backend-test (push) Failing after 0s
Details
Test / frontend-test (push) Failing after 0s
Details
feat(visitor): Implement Digital Badge System 
- Added public /badges/:id route with BadgePage component
- Updated VisitorKiosk to display QR code upon check-in
- Backend now returns visitId in check-in response
- Added qrcode.react dependency
2025-12-11 13:51:47 -08:00

91 lines
2.9 KiB
Markdown
Raw Blame History

# Phase 8: Visitor Management & Access Control
## 1. Overview
A comprehensive system to track visitors, contractors, and inspectors. Replaces paper logs with a digital kiosk, digital badges, and an admin "Panopticon" for real-time facility oversight.
## 2. Core Features (Sprint 1)
### 2.1 Digital Kiosk
- **Self-Service Check-in:** Tablet-friendly UI for visitors to input details.
- **Data Capture:** Name, Company, Purpose, Host (Employee), Photo (Webcam), NDA Signature.
- **Badge Generation:** Instant creation of a visit record.
### 2.2 Digital Badge (No Printer Required)
- **Workflow:**
1. Visitor completes check-in.
2. Kiosk displays a unique QR code.
3. Visitor scans QR code with their own phone.
4. Phone opens `https://app.domain/badge/:visitId` (Public/Tokenized URL).
- **Badge UI:**
- Visitor Photo & Name (Large)
- "Valid" Status (Pulsing Green Animation)
- Host Name
- Zone Access Level
- Expiry Time (Countdown)
- **Dynamic State:** If admin revokes access, the phone screen updates to "INVALID" (Red) via polling/socket.
### 2.3 Host Notification
- Employee receives an alert (In-app/Email) when their visitor checks in.
## 3. "Panopticon" Admin View (Sprint 2)
### 3.1 Real-Time Dashboard
- **Active Visitors:** List of all currently checked-in guests.
- **Visual Status:** Time on site, host, assigned zone.
- **Actions:**
- **Force Checkout:** Clock them out remotely.
- **Revoke Badge:** Instantly turn their digital badge RED.
### 3.2 Badge Confirmation Suite
- **Verification Scan:** Security guards can scan the Visitor's phone screen to verify authenticity (prevents screenshots).
- **Audit Log:** Track every check-in, check-out, and access revocation.
## 4. Data Model
```prisma
model Visitor {
id String @id @default(uuid())
name String
company String?
email String?
phone String?
type VisitorType @default(VISITOR)
ndaSigned Boolean @default(false)
visits Visit[]
createdAt DateTime @default(now())
}
model Visit {
id String @id @default(uuid())
visitorId String
visitor Visitor @relation(fields: [visitorId], references: [id])
hostId String?
host User? @relation(fields: [hostId], references: [id])
photoUrl String? // Check-in photo
purpose String?
status VisitStatus @default(ACTIVE) // ACTIVE, COMPLETED, REVOKED
checkIn DateTime @default(now())
checkOut DateTime?
token String @unique // For public badge URL
zones String[] // Allowed zones
}
enum VisitStatus {
ACTIVE
COMPLETED
REVOKED
}
```
## 5. API Routes
- `POST /api/visitors/check-in`: Create visitor/visit, upload photo, return badge token.
- `GET /api/public/badge/:token`: Public endpoint to view badge status.
- `POST /api/visits/:id/check-out`: End the visit.
- `POST /api/visits/:id/revoke`: Invalidate the badge immediately.
Reference in a new issue View git blame Copy permalink