OrgNet is a world-class, enterprise-grade collaboration suite for modern organizations. It unites a robust, RBAC-enforced backend (NestJS, PostgreSQL, Prisma) with a production-ready, real-time React frontend (Vite, Zustand, React Query, Tailwind CSS). OrgNet empowers teams with secure communication, dynamic team management, file sharing, and compliance—delivering a seamless, delightful experience for both users and developers.

• 🔐 Zero-Trust RBAC: Tree-based, hierarchical role-based access control (ADMIN, MANAGER, EMPLOYEE, INTERN) enforced everywhere—API, WebSocket, UI, and files.
• 💬 Real-Time Messaging: Socket.IO-powered chat with typing indicators, read receipts, presence, and seamless REST fallback.
• 🧩 Modular Architecture: Clean separation of concerns—auth, users, teams, messaging, files, admin, audit—all as independent, composable modules.
• 🕵️‍♂️ Audit & Compliance: Every admin/override action is logged with metadata, IP, and user agent for full traceability and compliance.
• ✨ Modern UI/UX: shadcn-inspired primitives, dark mode, command palette, and responsive layouts for a delightful user experience.
• 🛠️ Production Discipline: Strict TypeScript, ESLint, CI-friendly scripts, and Docker/Kubernetes-ready deployment.
• 🛡️ Scalable & Secure: JWT authentication, S3-compatible file storage, input validation, SQL injection protection, soft delete, and more.

OrgNet/
├─ backend/    # NestJS API, RBAC, WebSocket, Prisma, PostgreSQL
│  ├─ src/
│  │  ├─ auth/        # Authentication & RBAC
│  │  ├─ users/       # User management & hierarchy
│  │  ├─ teams/       # Team management
│  │  ├─ messaging/   # Real-time & REST messaging
│  │  ├─ files/       # Secure file storage
│  │  ├─ admin/       # Admin override, audit, stats
│  │  ├─ common/      # Guards, decorators, enums
│  │  └─ ...
│  ├─ prisma/         # Database schema
│  └─ ...
├─ frontend/   # React 19 SPA, Vite, Zustand, shadcn, Socket.IO
│  ├─ src/
│  │  ├─ api/         # Axios + REST abstractions
│  │  ├─ components/  # UI primitives, layout
│  │  ├─ hooks/       # React Query, auth, realtime
│  │  ├─ pages/       # Feature modules
│  │  ├─ store/       # Zustand stores
│  │  └─ ...
│  └─ ...
└─ README.md   # (You are here)

• Tree-Based RBAC: Hierarchical access enforced at every layer (API, WebSocket, UI)
• Custom Guards & Decorators: Fine-grained, reusable access control for every scenario
• Soft Delete: Users/files are deactivated, not hard deleted (except by admin)
• Comprehensive Audit Logging: All admin/override actions are logged for compliance and traceability
• Input Validation: DTOs with class-validator (backend), Zod (frontend)
• SQL Injection Protection: Prisma ORM

ADMIN (Full Access)
├── MANAGER (Team + Subordinate Access)
│   ├── EMPLOYEE (Peer + Superior Access)
│   │   └── INTERN (Self Access Only)
│   └── INTERN (Self Access Only)
└── EMPLOYEE (Peer + Superior Access)
    └── INTERN (Self Access Only)

• Backend: NestJS (TypeScript), Prisma, PostgreSQL, Socket.IO, S3-compatible storage
• Frontend: React 19, Vite, Zustand, React Query, Tailwind CSS, shadcn/ui, Radix UI, Socket.IO client
• DevOps: Docker, Kubernetes-ready, CI-friendly scripts

# Clone the repo
$ git clone https://github.com/varunaditya27/OrgNet.git
$ cd OrgNet

# Install backend dependencies
$ cd backend
$ npm install

# Install frontend dependencies
$ cd ../frontend
$ npm install

• Copy .env.example to .env in both backend/ and frontend/.
• Set required variables (see module READMEs for details).

# In backend/
$ npx prisma generate
$ npx prisma migrate dev

# Start backend (http://localhost:3000)
$ cd backend
$ npm run start:dev

# Start frontend (http://localhost:5173)
$ cd ../frontend
$ npm run dev

• 🔑 Authentication: JWT login, registration, profile, RBAC guards (auth README)
• 👤 Users: CRUD, hierarchy, team integration, soft delete (users README)
• 🏢 Teams: Team creation, membership, manager assignment, RBAC (teams README)
• 💬 Messaging: One-to-one, group, real-time chat, REST + WebSocket (messaging README)
• 📁 Files: Secure upload/download, S3-compatible, RBAC (files README)
• 🛡️ Admin: Admin override, audit logs, stats, hierarchy management (admin README)

• Socket.IO endpoint: ws://localhost:3000/messaging
• JWT authentication required for all connections
• Typing indicators, read receipts, presence, and room management
• All events RBAC-protected (see WebSocket README)

• Every admin/override action is logged with full metadata
• Filterable audit logs by action, user, entity, and date
• IP address and user agent tracking for all sensitive actions

• Backend README
• Frontend README
• RBAC System
• Auth Module
• Users Module
• Teams Module
• Messaging Module
• Files Module
• Admin Module
• WebSocket Real-Time

Contributions are welcome! Please open issues or pull requests for improvements, bug fixes, or new features.

MIT License. See LICENSE for details.