create-nodemin-app 1.0.16

package/templates/HRMS_Mongodb/backend/src/models/Employee.js

@@ -0,0 +1,81 @@
+import mongoose from 'mongoose';
+
+const employeeSchema = new mongoose.Schema(
+  {
+    empFirstName: {
+      type: String,
+      required: [true, 'First name is required'],
+      trim: true,
+      maxlength: [50, 'First name cannot exceed 50 characters'],
+    },
+    empLastName: {
+      type: String,
+      required: [true, 'Last name is required'],
+      trim: true,
+      maxlength: [50, 'Last name cannot exceed 50 characters'],
+    },
+    empEmail: {
+      type: String,
+      required: [true, 'Email is required'],
+      unique: true,
+      lowercase: true,
+      trim: true,
+      match: [/^\S+@\S+\.\S+$/, 'Please provide a valid email'],
+    },
+    empTelephone: {
+      type: String,
+      required: [true, 'Telephone is required'],
+      trim: true,
+      maxlength: [20, 'Telephone cannot exceed 20 characters'],
+    },
+    empGender: {
+      type: String,
+      required: [true, 'Gender is required'],
+      enum: ['Male', 'Female', 'Other'],
+    },
+    empAddress: {
+      type: String,
+      required: [true, 'Address is required'],
+      trim: true,
+      maxlength: [300, 'Address cannot exceed 300 characters'],
+    },
+    empDateOfBirth: {
+      type: Date,
+      required: [true, 'Date of birth is required'],
+    },
+    empHireDate: {
+      type: Date,
+      required: [true, 'Hire date is required'],
+    },
+    empStatus: {
+      type: String,
+      required: [true, 'Status is required'],
+      // FIXED: Enum updated to match new system business rules
+      enum: {
+        values: ['Active', 'On Leave', 'Left', 'Blacklisted', 'Deceased', 'On Mission'],
+        message: '{VALUE} is not a recognized employee status context structure'
+      },
+      default: 'Active',
+    },
+    department: {
+      type: mongoose.Schema.Types.ObjectId,
+      ref: 'Department',
+      required: [true, 'Department is required'],
+    },
+    position: {
+      type: mongoose.Schema.Types.ObjectId,
+      ref: 'Position',
+      required: [true, 'Position is required'],
+    },
+  },
+  { timestamps: true }
+);
+
+employeeSchema.virtual('fullName').get(function () {
+  return `${this.empFirstName} ${this.empLastName}`;
+});
+
+employeeSchema.set('toJSON', { virtuals: true });
+employeeSchema.set('toObject', { virtuals: true });
+
+export default mongoose.model('Employee', employeeSchema);

package/templates/HRMS_Mongodb/backend/src/models/Position.js

@@ -0,0 +1,19 @@
+import mongoose from 'mongoose';
+
+const positionSchema = new mongoose.Schema(
+  {
+    posName: {
+      type: String,
+      required: [true, 'Position name is required'],
+      unique: true,
+      trim: true,
+    },
+    description: {
+      type: String,
+      trim: true,
+    },
+  },
+  { timestamps: true }
+);
+
+export default mongoose.model('Position', positionSchema);

package/templates/HRMS_Mongodb/backend/src/models/User.js

@@ -0,0 +1,40 @@
+import mongoose from 'mongoose';
+import bcrypt from 'bcryptjs';
+
+const userSchema = new mongoose.Schema(
+  {
+    userName: {
+      type: String,
+      required: [true, 'Username is required'],
+      unique: true,
+      trim: true,
+      minlength: [3, 'Username must be at least 3 characters'],
+      maxlength: [30, 'Username cannot exceed 30 characters'],
+    },
+    password: {
+      type: String,
+      required: [true, 'Password is required'],
+      minlength: [6, 'Password must be at least 6 characters'],
+      select: false,
+    },
+    employee: {
+      type: mongoose.Schema.Types.ObjectId,
+      ref: 'Employee',
+      required: [true, 'Employee reference is required'],
+      unique: true,
+    },
+  },
+  { timestamps: true }
+);
+
+userSchema.pre('save', async function (next) {
+  if (!this.isModified('password')) return next();
+  this.password = await bcrypt.hash(this.password, 12);
+  next();
+});
+
+userSchema.methods.comparePassword = async function (candidatePassword) {
+  return bcrypt.compare(candidatePassword, this.password);
+};
+
+export default mongoose.model('User', userSchema);

package/templates/HRMS_Mongodb/backend/src/routes/authRoutes.js

@@ -0,0 +1,27 @@
+import express from 'express';
+import {
+  login,
+  register,
+  resetPassword,
+  getMe
+} from '../controllers/authController.js';
+import { protect } from '../middleware/auth.js';
+import { validate } from '../middleware/validate.js';
+import {
+  loginRules,
+  registerRules,
+  resetPasswordRules
+} from '../validators/authValidator.js';
+
+const router = express.Router();
+
+// Public Authenticated Entry Endpoints
+// FIXED: Removed "/auth" prefix so paths map cleanly directly to server.js base strings
+router.post('/login', loginRules, validate, login);
+router.post('/register', registerRules, validate, register);
+router.post('/reset-password', resetPasswordRules, validate, resetPassword);
+
+// Private Account Infrastructure Operations
+router.get('/me', protect, getMe);
+
+export default router;

package/templates/HRMS_Mongodb/backend/src/routes/departmentRoutes.js

@@ -0,0 +1,33 @@
+import express from 'express';
+import {
+  getDepartments,
+  getDepartment,
+  createDepartment,
+  updateDepartment,
+  deleteDepartment,
+} from '../controllers/departmentController.js';
+import { protect } from '../middleware/auth.js';
+import { validate } from '../middleware/validate.js';
+import {
+  createDepartmentRules,
+  updateDepartmentRules,
+  departmentIdRule,
+} from '../validators/departmentValidator.js';
+
+const router = express.Router();
+
+// Require login for all department operations
+router.use(protect);
+
+router
+  .route('/')
+  .get(getDepartments)
+  .post(createDepartmentRules, validate, createDepartment);
+
+router
+  .route('/:id')
+  .get(departmentIdRule, validate, getDepartment)
+  .put(updateDepartmentRules, validate, updateDepartment)
+  .delete(departmentIdRule, validate, deleteDepartment);
+
+export default router;

package/templates/HRMS_Mongodb/backend/src/routes/employeeRoutes.js

@@ -0,0 +1,39 @@
+import express from 'express';
+import {
+  getEmployees,
+  getEmployee,
+  createEmployee,
+  updateEmployee,
+  deleteEmployee,
+  getEmployeeStats,
+  getLeaveReport
+} from '../controllers/employeeController.js';
+import { protect } from '../middleware/auth.js';
+import { validate } from '../middleware/validate.js';
+import {
+  createEmployeeRules,
+  updateEmployeeRules,
+  employeeIdRule,
+} from '../validators/employeeValidator.js';
+
+const router = express.Router();
+
+// 1. Authenticate all requests down this pipeline
+router.use(protect);
+
+// 2. Metrics Endpoint
+router.get('/stats', getEmployeeStats);
+
+// 3. Explicit Base Route Directives (Separated to eliminate compilation ambiguity)
+router.get('/', getEmployees);
+router.post('/', createEmployeeRules, validate, createEmployee);
+
+// 4. Document Specific Parameter Route Directives
+router.get('/:id', employeeIdRule, validate, getEmployee);
+router.put('/:id', updateEmployeeRules, validate, updateEmployee);
+router.delete('/:id', employeeIdRule, validate, deleteEmployee);
+
+//report 
+router.get('/leave-status-report', getLeaveReport);
+
+export default router;

package/templates/HRMS_Mongodb/backend/src/routes/positionRoutes.js

@@ -0,0 +1,32 @@
+import express from 'express';
+import {
+  getPositions,
+  getPosition,
+  createPosition,
+  updatePosition,
+  deletePosition,
+} from '../controllers/positionController.js';
+import { protect } from '../middleware/auth.js';
+import { validate } from '../middleware/validate.js';
+import {
+  createPositionRules,
+  updatePositionRules,
+  positionIdRule,
+} from '../validators/positionValidator.js';
+
+const router = express.Router();
+
+router.use(protect);
+
+router
+  .route('/')
+  .get(getPositions)
+  .post(createPositionRules, validate, createPosition);
+
+router
+  .route('/:id')
+  .get(positionIdRule, validate, getPosition)
+  .put(updatePositionRules, validate, updatePosition)
+  .delete(positionIdRule, validate, deletePosition);
+
+export default router;

package/templates/HRMS_Mongodb/backend/src/server.js

@@ -0,0 +1,74 @@
+import 'dotenv/config';
+import express from 'express';
+import cors from 'cors';
+import helmet from 'helmet';
+import rateLimit from 'express-rate-limit';
+import mongoSanitize from 'express-mongo-sanitize';
+import connectDB from './config/db.js';
+import authRoutes from './routes/authRoutes.js';
+import departmentRoutes from './routes/departmentRoutes.js';
+import positionRoutes from './routes/positionRoutes.js';
+import employeeRoutes from './routes/employeeRoutes.js'; // Added missing router import
+import { notFound, errorHandler } from './middleware/errorHandler.js';
+
+await connectDB();
+
+const app = express();
+
+app.use(helmet());
+app.use(
+  cors({
+    origin: process.env.CLIENT_URL || 'http://localhost:5173',
+    credentials: true,
+  })
+);
+
+const limiter = rateLimit({
+  windowMs: 15 * 60 * 1000,
+  max: 200,
+  message: { success: false, message: 'Too many requests, please try again later.' },
+});
+app.use('/api', limiter);
+
+app.use(express.json({ limit: '10kb' }));
+app.use(express.urlencoded({ extended: true, limit: '10kb' }));
+app.use(mongoSanitize());
+
+// Input validation and HTML element sanitization engine
+app.use((req, res, next) => {
+  const sanitizeString = (value) => {
+    if (typeof value === 'string') {
+      return value.replace(/<[^>]*>/g, '').trim();
+    }
+    if (Array.isArray(value)) return value.map(sanitizeString);
+    if (value && typeof value === 'object') {
+      const out = {};
+      for (const key of Object.keys(value)) {
+        out[key] = sanitizeString(value[key]);
+      }
+      return out;
+    }
+    return value;
+  };
+
+  if (req.body) req.body = sanitizeString(req.body);
+  if (req.query) req.query = sanitizeString(req.query);
+  if (req.params) req.params = sanitizeString(req.params);
+  next();
+});
+
+app.get('/api/health', (req, res) => {
+  res.json({ success: true, message: 'Infrastructure API Hub is running smoothly' });
+});
+
+// App Pipelines
+app.use('/api/auth', authRoutes);
+app.use('/api/departments', departmentRoutes);
+app.use('/api/positions', positionRoutes);
+app.use('/api/employees', employeeRoutes); // Fixed: Mounted the employee management routes
+
+app.use(notFound);
+app.use(errorHandler);
+
+const PORT = process.env.PORT || 5000;
+app.listen(PORT, () => console.log(`Server running on port ${PORT}`));

package/templates/HRMS_Mongodb/backend/src/utils/roles.js

@@ -0,0 +1,5 @@
+export const ROLES = {
+    ADMIN: 'Admin'
+  };
+  
+  export const DEFAULT_ROLE = 'Admin';

package/templates/HRMS_Mongodb/backend/src/utils/seed.js

@@ -0,0 +1,78 @@
+import 'dotenv/config';
+import mongoose from 'mongoose';
+import connectDB from '../config/db.js';
+import Department from '../models/Department.js';
+import Position from '../models/Position.js';
+import Employee from '../models/Employee.js';
+import User from '../models/User.js';
+
+const seed = async () => {
+  await connectDB();
+
+  await Promise.all([
+    User.deleteMany(),
+    Employee.deleteMany(),
+    Department.deleteMany(),
+    Position.deleteMany(),
+  ]);
+
+  const departments = await Department.insertMany([
+    { departName: 'Sales' },
+    { departName: 'Warehouse' },
+    { departName: 'Human Resources' },
+    { departName: 'Finance' },
+  ]);
+
+  const positions = await Position.insertMany([
+    { posName: 'Sales Manager', requiredQualification: 'Bachelor in Business or equivalent' },
+    { posName: 'Store Keeper', requiredQualification: 'Diploma in Logistics' },
+    { posName: 'HR Officer', requiredQualification: 'Bachelor in Human Resource Management' },
+    { posName: 'Accountant', requiredQualification: 'Bachelor in Accounting, CPA preferred' },
+  ]);
+
+  const employees = await Employee.insertMany([
+    {
+      empFirstName: 'Jean',
+      empLastName: 'Uwimana',
+      empEmail: 'jean.uwimana@dabenterprise.rw',
+      empTelephone: '+250788123456',
+      empGender: 'Male',
+      empAddress: 'Kigali, Gasabo',
+      empDateOfBirth: new Date('1990-05-15'),
+      empHireDate: new Date('2020-01-10'),
+      empStatus: 'Active',
+      department: departments[2]._id,
+      position: positions[2]._id,
+    },
+    {
+      empFirstName: 'Marie',
+      empLastName: 'Mukamana',
+      empEmail: 'marie.mukamana@dabenterprise.rw',
+      empTelephone: '+250788654321',
+      empGender: 'Female',
+      empAddress: 'Kigali, Kicukiro',
+      empDateOfBirth: new Date('1992-08-22'),
+      empHireDate: new Date('2021-03-01'),
+      empStatus: 'Active',
+      department: departments[0]._id,
+      position: positions[0]._id,
+    },
+  ]);
+
+  await User.create({
+    userName: 'admin',
+    password: 'Admin@123',
+    employee: employees[0]._id,
+    role: 'admin',
+  });
+
+  console.log('Database seeded successfully!');
+  console.log('Login: admin / Admin@123');
+  console.log('Reset password test email: jean.uwimana@dabenterprise.rw');
+  process.exit(0);
+};
+
+seed().catch((err) => {
+  console.error(err);
+  process.exit(1);
+});

package/templates/HRMS_Mongodb/backend/src/validators/authValidator.js

@@ -0,0 +1,61 @@
+import { body } from 'express-validator';
+
+export const loginRules = [
+  body('userName')
+    .trim()
+    .notEmpty()
+    .withMessage('Username is required'),
+  body('password')
+    .notEmpty()
+    .withMessage('Password is required')
+];
+
+export const registerRules = [
+  body('userName')
+    .trim()
+    .notEmpty()
+    .withMessage('Username is required')
+    .isLength({ min: 3, max: 30 })
+    .withMessage('Username must be between 3 and 30 characters'),
+    
+  body('email')
+    .trim()
+    .notEmpty()
+    .withMessage('Email is required')
+    .isEmail()
+    .withMessage('Please provide a valid email address')
+    .normalizeEmail(),
+
+  body('password')
+    .notEmpty()
+    .withMessage('Password is required')
+    .isLength({ min: 6 })
+    .withMessage('Password must be at least 6 characters long')
+];
+
+// FIXED: Added backend validation requirements for the new fields
+export const resetPasswordRules = [
+  body('email')
+    .trim()
+    .notEmpty()
+    .withMessage('Email is required')
+    .isEmail()
+    .withMessage('Please provide a valid email address')
+    .normalizeEmail(),
+
+  body('password')
+    .notEmpty()
+    .withMessage('New password is required')
+    .isLength({ min: 6 })
+    .withMessage('Password must be at least 6 characters long'),
+
+  body('confirmPassword')
+    .notEmpty()
+    .withMessage('Please confirm your new password')
+    .custom((value, { req }) => {
+      if (value !== req.body.password) {
+        throw new Error('Passwords do not match');
+      }
+      return true;
+    })
+];

package/templates/HRMS_Mongodb/backend/src/validators/departmentValidator.js

@@ -0,0 +1,21 @@
+import { body, param } from 'express-validator';
+
+export const createDepartmentRules = [
+  body('departName')
+    .trim()
+    .notEmpty()
+    .withMessage('Department name is required')
+    .isLength({ max: 100 })
+    .withMessage('Department name cannot exceed 100 characters'),
+];
+
+export const updateDepartmentRules = [
+  param('id').isMongoId().withMessage('Invalid department ID'),
+  body('departName')
+    .trim()
+    .notEmpty()
+    .withMessage('Department name is required')
+    .isLength({ max: 100 }),
+];
+
+export const departmentIdRule = [param('id').isMongoId().withMessage('Invalid department ID')];

package/templates/HRMS_Mongodb/backend/src/validators/employeeValidator.js

@@ -0,0 +1,27 @@
+import { body, param } from 'express-validator';
+
+const employeeFields = [
+  body('empFirstName').trim().notEmpty().withMessage('First name is required').isLength({ max: 50 }),
+  body('empLastName').trim().notEmpty().withMessage('Last name is required').isLength({ max: 50 }),
+  body('empEmail').trim().notEmpty().withMessage('Email is required').isEmail().withMessage('Invalid email').normalizeEmail(),
+  body('empTelephone').trim().notEmpty().withMessage('Telephone is required').isLength({ max: 20 }),
+  body('empGender').notEmpty().withMessage('Gender is required').isIn(['Male', 'Female', 'Other']),
+  body('empAddress').trim().notEmpty().withMessage('Address is required').isLength({ max: 300 }),
+  body('empDateOfBirth').notEmpty().withMessage('Date of birth is required').isISO8601().withMessage('Invalid date of birth'),
+  body('empHireDate').notEmpty().withMessage('Hire date is required').isISO8601().withMessage('Invalid hire date'),
+  body('empStatus')
+    .notEmpty()
+    .withMessage('Status is required')
+    .isIn(['Active', 'On Leave', 'Left','Blacklisted', 'Deceased','On Mission' ]),
+  body('department').notEmpty().withMessage('Department is required').isMongoId(),
+  body('position').notEmpty().withMessage('Position is required').isMongoId(),
+];
+
+export const createEmployeeRules = employeeFields;
+
+export const updateEmployeeRules = [
+  param('id').isMongoId().withMessage('Invalid employee ID'),
+  ...employeeFields.map((rule) => rule.optional()),
+];
+
+export const employeeIdRule = [param('id').isMongoId().withMessage('Invalid employee ID')];

package/templates/HRMS_Mongodb/backend/src/validators/positionValidator.js

@@ -0,0 +1,26 @@
+import { body, param } from 'express-validator';
+
+export const createPositionRules = [
+  body('posName')
+    .trim()
+    .notEmpty()
+    .withMessage('Position name is required')
+    .isLength({ max: 100 }),
+  body('requiredQualification')
+    .trim()
+    .notEmpty()
+    .withMessage('Required qualification is required')
+    .isLength({ max: 500 }),
+];
+
+export const updatePositionRules = [
+  param('id').isMongoId().withMessage('Invalid position ID'),
+  body('posName').trim().notEmpty().withMessage('Position name is required').isLength({ max: 100 }),
+  body('requiredQualification')
+    .trim()
+    .notEmpty()
+    .withMessage('Required qualification is required')
+    .isLength({ max: 500 }),
+];
+
+export const positionIdRule = [param('id').isMongoId().withMessage('Invalid position ID')];

package/templates/HRMS_Mongodb/frontend/index.html

@@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <link rel="icon" type="image/svg+xml" href="/favicon.svg" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>DAB Enterprise HRMS</title>
+    <link rel="preconnect" href="https://fonts.googleapis.com" />
+    <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />
+    <link
+      href="https://fonts.googleapis.com/css2?family=DM+Sans:ital,opsz,wght@0,9..40,400;0,9..40,500;0,9..40,600;0,9..40,700;1,9..40,400&display=swap"
+      rel="stylesheet"
+    />
+  </head>
+  <body>
+    <div id="root"></div>
+    <script type="module" src="/src/main.jsx"></script>
+  </body>
+</html>