SIS Backend Documentation¶
Multi-tenant Student Information System for K-12 schools. NestJS 11 monolith with Entity-Scope-Action permissions model.
Reading Order¶
Start at chapter 00 and read linearly, or jump to a specific chapter.
| Chapter | Topic | Read when... |
|---|---|---|
| 00 - Getting Started | Setup, commands, project structure | First day |
| 01 - Architecture | System design, data access | Understanding the big picture |
| 02 - Multitenancy | Tenant isolation | Working with tenant-scoped data |
| 03 - Authentication | Login, JWT, refresh tokens | Touching auth code |
| 04 - Permissions | RBAC model, guards, field filtering | Adding/modifying permissions |
| 05 - CRUD Patterns | Modules, controllers, services, DTOs | Building any feature |
| 06 - Error Handling | AppException, error codes, Swagger | Adding errors or debugging |
| 07 - Import Pipeline | File import, validation, duplicates | Building import features |
| 08 - Setup Wizard | State machine, handlers | Adding setup steps |
| 09 - Testing | Mocks, specs, helpers | Writing tests |
| 10 - Infrastructure | Environments, CI, Railway | Deployment or infra changes |
| 11 - Workflows | Step-by-step checklists | Quick reference during implementation |
| 12 - Migrations | Safety rules, raw-SQL constraints | Before npx prisma migrate dev |
| 13 - Typing Conventions | Type discipline, DTO contracts | Wrangling Prisma types |
| 14 - Homerooms & Subject Groups | US-33 + US-33.1 | Working on classes/groupings |
| 15 - Seeding | Seed modes, fixtures, drift guards | Touching prisma/seed/ or test credentials |
| 16 - Maintainability | Maintainability / extensibility / stack-change cost audit | Sizing a refactor, answering "how hard would it be to move off X?" |
| 17 - Backoffice | Internal backoffice catalog-editor SPA (presets) | Editing platform presets |
| 18 - Timetables | Manual timetables + diagnostics + CP-SAT generation | Building/scheduling timetables |
| 19 - Attendance Register | Daily/period attendance register | Working on attendance |
| 20 - Audit Log | Append-only who-did-what trail | Emitting/reading audit events |
Other Documentation¶
- Domain designs — domain feature specifications (currently GDPR / data-protection design)
- Analysis — historical technology decisions
- Specs & plans — implementation specs and plans