malty/ca-grow-ops-manager
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ca-grow-ops-manager/specs/visitor-management.md
fullsizemalt 558e0ac1e2
Some checks failed
Deploy to Production / deploy (push) Failing after 0s
Details
Test / backend-test (push) Failing after 0s
Details
Test / frontend-test (push) Failing after 0s
Details
feat: Full Spec Kit compliance implementation 
Photo Management (per specs/photo-management.md):
- Sharp integration for 3-size compression (thumb/medium/full)
- WebP output with 80-90% quality
- Client-side compression with browser-image-compression
- PhotoUpload component with camera/drag-drop support
- Upload API with bulk support and stats endpoint

Testing:
- Backend: Jest tests for all major API endpoints
- Frontend: Vitest tests for utilities and API clients
- CI: Updated Forgejo workflow for test execution

Specs (100% coverage):
- visitor-management.md (Phase 8)
- messaging.md (Phase 9)
- audit-and-documents.md (Phase 10)
- accessibility-i18n.md (Phase 11)
- hardware-integration.md (Phase 12)
- advanced-features.md (Phase 13)

Documentation:
- OpenAPI 3.0 spec (docs/openapi.yaml)
- All endpoints documented with schemas
2025-12-11 09:53:32 -08:00

97 lines
2.1 KiB
Markdown
Raw Blame History

# Feature Spec: Visitor Management & Access Control
**Priority**: 🔴 Critical (Compliance)
**Phase**: 8
**Status**: ✅ Implemented
---
## Overview
Track all visitors, contractors, and inspectors entering/exiting the facility. Generate badges with QR codes. Maintain audit trail for California DCC compliance.
---
## Models
### Visitor
- `id`: UUID
- `name`: string (required)
- `email`: string (optional)
- `phone`: string (optional)
- `company`: string (optional)
- `type`: enum (VISITOR, CONTRACTOR, INSPECTOR, VENDOR)
- `status`: enum (PENDING, CHECKED_IN, CHECKED_OUT)
- `photo`: string (optional, URL)
- `ndaSigned`: boolean
- `badgeNumber`: string (optional)
### VisitorLog
- `id`: UUID
- `visitorId`: FK to Visitor
- `entryTime`: datetime
- `exitTime`: datetime (optional)
- `escortId`: FK to User (optional)
- `approvedById`: FK to User
- `purpose`: string
- `areasAccessed`: string[]
### AccessZone
- `id`: UUID
- `name`: string
- `requiresEscort`: boolean
- `requiresNDA`: boolean
- `maxOccupancy`: number (optional)
---
## API Endpoints
### Visitors
- `GET /api/visitors` - List all visitors
- `POST /api/visitors` - Create new visitor
- `GET /api/visitors/:id` - Get visitor details
- `PUT /api/visitors/:id` - Update visitor
- `POST /api/visitors/:id/check-in` - Check in visitor
- `POST /api/visitors/:id/check-out` - Check out visitor
- `GET /api/visitors/active` - Get currently checked-in visitors
### Access Zones
- `GET /api/zones` - List zones
- `POST /api/zones` - Create zone
- `GET /api/zones/:id/occupancy` - Get zone occupancy
- `POST /api/zones/:id/enter` - Log zone entry
---
## Frontend Pages
### Visitor Kiosk (`/kiosk`)
- Tablet-friendly check-in interface
- New visitor registration
- Returning visitor search
- NDA acknowledgement
- Badge number display
### Visitor Management (`/visitors`)
- Active visitors dashboard
- All visitors list with search/filter
- Zone management
- Compliance reports
---
## Compliance Notes
- All visitor entries logged with timestamps
- NDA acknowledgement tracked
- Escort requirements enforced
- Badge numbers unique per day
- 7-year retention for audit purposes
Reference in a new issue View git blame Copy permalink