System Modules

Nodesify Admin includes several backend modules to handle system resources and operations.

IAM Modules

Role Management (`/system/roles`)

Manages the security roles that define user permissions.

Endpoints: Standard CRUD (GET, POST, PUT, DELETE).
Logic:
- Listing: Paginated list, filterable by Name and Status.
- Permissions: Roles are linked to ApiPermission (backend access) and Menu (frontend visibility).
- Constraint: The super and admin codes are protected system roles.

Department Management (`/system/departments`)

Manages the organizational hierarchy.

Structure: Tree-based hierarchy (Adjacency List pattern with pid).
Endpoints:
- GET /system/departments: Returns the full list (or filtered tree).
- POST, PUT, DELETE: Manage the tree nodes.
Usage: Users are assigned to departments to reflect real-world reporting lines.

Menu Management (`/menus`)

Manages the dynamic frontend menu structure.

Dynamic Routing: The frontend fetches these menus at runtime to build the sidebar.
Role Association: Menus are linked to Roles. A user only sees menus their roles are authorized for.
Properties: Includes path, component (Vue file path), title, icon, and order.
Tree Structure: Supports infinite nesting via parentId.

API Permission Management (`/system/apis`)

Controls granular access to backend API endpoints.

Registry: Acts as a registry of all protected backend routes.
RBAC Enforcement: The AuthGuard middleware checks if the user's role has the specific ApiPermission code required for the requested endpoint.
Auto-Discovery: (Future) Can be populated automatically by scanning controller decorators.

Resource Management

File Uploads (`/files`)

Endpoint: POST /files/upload
Format: Expects multipart/form-data.
Logic: Currently accepts a single file per request. The file is stored (locally or cloud, depending on config) and a metadata record is created in the database.
Response: Returns the FileRecord containing the ID and Path.

Data Dictionaries (`/system/dicts`)

Dictionaries provide a centralized way to manage standard options (e.g., "Gender", "Order Status") used across the application.

Structure: Two-level hierarchy.
- Types: The category (e.g., sys_user_status).
- Data: The actual options (e.g., Active, Locked) linked to a Type.
Frontend Usage: The UI fetches these to populate Select/Dropdown components dynamically.

System Configurations (`/system/configs`)

Manages global system settings stored in the database, allowing for dynamic behavior changes without code deployment.

Endpoints

GET /system/configs: List all configuration items.
POST /system/configs: Create a new config item (Dev/Admin usage).
PUT /system/configs/:key: Update the value of a specific config.
DELETE /system/configs/:id: Remove a config item.

Key Configuration Items

The system is seeded with several critical configuration keys. Do not delete these keys, as the backend relies on them.

Key	Type	Default	Description
`site_title`	string	"Nodesify Admin"	The main title displayed on the browser tab and login screen.
`site_footer`	string	"...Nodesify Enterprise..."	Copyright text shown in the footer.
`maintenance_mode`	boolean	`false`	If set to `true`, only Super Admins can log in.
`allow_registration`	boolean	`false`	Controls whether the public sign-up form is visible/active.
`mfa_required_for_admin`	boolean	`false`	Enforces 2FA for users with administrative roles.
`token_expiry_access`	string	"7d"	Duration of the access token (e.g., "15m", "7d").
`token_expiry_refresh`	string	"30d"	Duration of the refresh token.
`password_min_length`	number	6	Minimum character requirement for new passwords.
`upload_max_size`	number	5242880	Maximum file upload size in bytes (Default: 5MB).
`upload_allowed_extensions`	string	"jpg,png..."	Comma-separated list of allowed file extensions.

Usage in Code

The backend provides a utility helper to fetch these values with a fallback default:

typescript

import { getSystemConfig } from '~/utils/config';

// Example: Check if maintenance mode is on
const isMaintenance = await getSystemConfig('maintenance_mode', 'false');
if (isMaintenance === 'true') {
  // block access
}

Operational Management

Login Logs (`/system/login-logs`)

Dedicated tracking of all authentication attempts.

Purpose: Security monitoring to detect brute-force attacks or unauthorized access.
Data Points: Username, IP Address, Status (Success/Fail), Message (e.g., "Wrong Password").
Search: Filter by Username, Status, or Date Range.

Audit Logs (`/system/operation-logs`)

Every critical action in the system is recorded.

Scope: Covers HTTP method, API Path, User, IP Address, and Execution Duration.
Search: Admins can filter logs by:
- Username (Who did it?)
- Date Range (When?)
- Method/Path (What was accessed?)
- Status (Did it fail?)

System Notices (`/system/notices`)

A module for broadcasting information to users.

Types: Info, Warning, Error.
Visibility: Can be targeted (logic to be extended) or global.
Management: Admins can Create, Edit, Publish, and Retract notices.

System Modules ​

IAM Modules ​

Role Management (/system/roles) ​

Department Management (/system/departments) ​

Menu Management (/menus) ​

API Permission Management (/system/apis) ​

Resource Management ​

File Uploads (/files) ​

Data Dictionaries (/system/dicts) ​

System Configurations (/system/configs) ​

Endpoints ​

Key Configuration Items ​

Usage in Code ​

Operational Management ​

Login Logs (/system/login-logs) ​

Audit Logs (/system/operation-logs) ​

System Notices (/system/notices) ​