Entreezuil
A personnel check-in and visitor management system. Visitors select the employee they are visiting from a kiosk; the employee gets an SMS notification.
Tech Stack
- Backend: Laravel 13, PHP 8.4
- Frontend: Vue 3, TypeScript SPA, Bootstrap 5
- Database: MySQL
- Hosting: Fly.io (Amsterdam)
- Default branch:
development
Compliance
Entreezuil operates under ISO 27001 certification (script-development organization scope). All user activities and SMS events are captured in hash-chained audit tables to satisfy A.8.15 (logging) and A.5.33 (tamper resistance).
Architecture Overview
Entreezuil follows the standard Action pattern — final readonly action classes with constructor dependency injection. The pipeline is:
Controller → FormRequest → DTO → Action → ModelAuthorization is middleware-based (no Policies): EnsureUserIsAdmin protects admin routes, AuthenticateKiosk protects the kiosk surface via bearer tokens with optional CIDR allowlisting. Roles are binary (admin / user); kiosks are a parallel authenticated actor type.
Authentication Surface
- Admin / employee SPA — Laravel Sanctum SPA-cookie authentication only. The API-token surface (
HasApiTokens,personal_access_tokens) was retired; an architecture test machine-enforces the commitment. - Kiosks — bearer-token authentication via paired devices. The
Kioskentity is 1:1 with aBranch, supports soft-deletion with restore-on-re-pair, and carries akiosk_audit_logstable for its mutation trail. Kiosk SMS events extend the audit hash payload conditionally — pre-Phase-1 rows remain byte-identical.
Key Decisions
| Decision | Status | Impact |
|---|---|---|
| Audit Logging | Accepted | Six hash-chained audit tables across user/branch/kiosk/auth/SMS/presence |
| Cascade Deletion | Accepted | Explicit deletion, no database cascading |
| Action Class Architecture | Accepted | final readonly Actions enforced by arch tests |
| FormRequest → DTO Flow | Accepted | Type-safe pipeline with toDto() |
| Explicit Model Hydration | Accepted | No $fillable/$guarded; explicit property assignment in Actions |
| Input/Result DTO Split | Accepted | Input/ and Result/ namespaces split by Action-boundary role |
| Page Integration Tests | Accepted | 12/12 pages covered, mock only @script-development/fs-http |
External Integrations
- CM.com SMS — visitor check-in notifications (Dutch-language templates)
- AWS S3 (
eu-central-1) — visitor image uploads - Mandrill SMTP — transactional email
Collaboration
The Commander has admin access; other collaborators are allies within the script-development alliance. Tactical decisions require negotiation-grade documentation.