feat: complete tOS project with HR, LEAN, Dashboard and Integrations modules

Full enterprise web operating system including: - Next.js 14 frontend with App Router, i18n (DE/EN), shadcn/ui - NestJS 10 backend with Prisma, JWT auth, Swagger docs - Keycloak 24 SSO with role-based access control - HR module (employees, time tracking, absences, org chart) - LEAN module (3S planning, morning meeting SQCDM, skill matrix) - Integrations module (PlentyONE, Zulip, Todoist, FreeScout, Nextcloud, ecoDMS, GembaDocs) - Dashboard with customizable drag & drop widget grid - Docker Compose infrastructure (PostgreSQL 16, Redis 7, Keycloak 24) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 19:37:55 +01:00
parent a2b6612e9e
commit fe305f6fc8
509 changed files with 81111 additions and 1 deletions
--- a/apps/api/src/app.module.ts
+++ b/apps/api/src/app.module.ts
@@ -0,0 +1,94 @@
+import { Module } from '@nestjs/common';
+import { ConfigModule } from '@nestjs/config';
+import { APP_GUARD, APP_INTERCEPTOR } from '@nestjs/core';
+import { PrismaModule } from './prisma/prisma.module';
+import { AuthModule } from './auth/auth.module';
+import { UsersModule } from './users/users.module';
+import { HealthModule } from './health/health.module';
+import { CommonModule } from './common/common.module';
+import { JwtAuthGuard } from './auth/guards/jwt-auth.guard';
+import { RolesGuard } from './auth/guards/roles.guard';
+import { PermissionsGuard } from './auth/permissions/permissions.guard';
+import { configValidationSchema } from './config/config.validation';
+
+// Feature modules
+import { AuditModule } from './modules/audit/audit.module';
+import { AuditInterceptor } from './modules/audit/audit.interceptor';
+import { DashboardModule } from './modules/dashboard/dashboard.module';
+import { DepartmentsModule } from './modules/departments/departments.module';
+import { UserPreferencesModule } from './modules/user-preferences/user-preferences.module';
+
+// Phase 4 modules - LEAN
+import { LeanModule } from './modules/lean/lean.module';
+
+// Phase 5 modules - HR
+import { HrModule } from './modules/hr/hr.module';
+
+// Phase 6 modules - Integrations
+import { IntegrationsModule } from './modules/integrations/integrations.module';
+
+@Module({
+  imports: [
+    // Configuration
+    ConfigModule.forRoot({
+      isGlobal: true,
+      envFilePath: ['.env.local', '.env'],
+      validationSchema: configValidationSchema,
+      validationOptions: {
+        allowUnknown: true,
+        abortEarly: false,
+      },
+    }),
+
+    // Database
+    PrismaModule,
+
+    // Common utilities
+    CommonModule,
+
+    // Feature modules
+    AuthModule,
+    UsersModule,
+    HealthModule,
+
+    // Phase 2 modules
+    AuditModule,
+    DashboardModule,
+    DepartmentsModule,
+    UserPreferencesModule,
+
+    // Phase 4 modules - LEAN
+    LeanModule,
+
+    // Phase 5 modules - HR
+    HrModule,
+
+    // Phase 6 modules - Integrations
+    IntegrationsModule,
+  ],
+  providers: [
+    // Global JWT Guard - routes are protected by default
+    // Use @Public() decorator to make routes accessible without authentication
+    {
+      provide: APP_GUARD,
+      useClass: JwtAuthGuard,
+    },
+    // Global Roles Guard - checks @Roles() decorator on routes
+    // Must be registered after JwtAuthGuard to ensure user is authenticated first
+    {
+      provide: APP_GUARD,
+      useClass: RolesGuard,
+    },
+    // Global Permissions Guard - checks @RequirePermissions() decorator
+    {
+      provide: APP_GUARD,
+      useClass: PermissionsGuard,
+    },
+    // Global Audit Interceptor - logs actions marked with @AuditLog()
+    {
+      provide: APP_INTERCEPTOR,
+      useClass: AuditInterceptor,
+    },
+  ],
+})
+export class AppModule {}