Feature Introduction
The Console module orchestrates shared governance across the platform's multifaceted core business domains by providing a unified convergence point. Its primary capabilities organize into three pillars: portal entry gateway, global message delivery infrastructure, and personal configuration baseline.
1. Portal Home
The primary interaction surface upon system entry, handling resource aggregation, navigation routing, and task dispatch.
- Permission-Filtered Dynamic App Cards: Before rendering, the backend validates the employee's role assignments across all affiliated organizations and projects, surfacing only authorized applications ("what you see is what you can access"). This eliminates the common new-hire frustration of accidentally navigating to restricted systems. Built-in app descriptions and tags automatically localize to the user's language preference at display time without manual switching.
- Private Card Stream Editor with Drag Support: A canvas-based card organizer (replacing the inefficiency of fixed system-default layouts) lets users independently add, remove, and reorder portal entries matching their workflow. Customization persists per "user + domain" tuple—users with identical names in different domains maintain independent card layouts; accounts without explicit domain assignment default to
domain.com. The editor supports full drag-and-drop reordering, system detects save state, and changes persist durably to the backend. - First-Visit Mandatory Onboarding: Users accessing the system for the first time and assigned only to the default visitor group (OpsPilotGuest) encounter a non-dismissible onboarding dialog. After completion, the backend migrates the user to their target organization and suppresses future onboarding prompts. Validation is entirely server-side—frontend bypasses are impossible.
2. Notification Center
An internal subscription inbox aggregating all service event statuses and system directives for platform-wide broadcast.
- Granular Paginated Query with Filtering: Messages sort in reverse chronological order with 10-item pagination and infinite scroll. Users filter by tab ("Unread" / "All") and by source module (
app_module), helping ensure no critical system messages are missed. The top bell icon polls unread counts every 30 seconds and refreshes the badge automatically. - Zero-Friction Batch Consumption: Beyond single-message read tracking, "Mark All Read" and selective deletion enable rapid bulk processing. "Mark All Read" affects only the current user's unread, non-deleted notifications—previously deleted messages remain deleted in your view.
- Per-User Read and Deletion Isolation: The "read timestamp" and "deleted" flag for each notification are stored independently per user in the
NotificationReadtable. Marking a message read or deleted changes only your inbox view; colleagues see the same message in their original state. Unread badge counts and "Mark All Read" behavior track per user.
3. User Profile & Security
Management surface for core identity credentials and business communication preferences.
- Locale & Timezone Synchronization: Full language support (Chinese/English internationalization) with timezone correction. Log audit timestamps and alert times align to the user's configured local zone for absolute consistency.
- Email Verification-Protected Rebinding: Secure email address updates via 6-digit verification code (CSPRNG-generated, 10-minute server-side expiry, single-use). The system sends the code to the target mailbox—it never transmits hash or plaintext to the frontend. Immediate destruction upon successful verification prevents reuse. Rate-limit: 1 code per target mailbox per 60-second window per authenticated user. Rebinding takes effect only after code entry and backend validation.
- Password Rotation with Enforced Complexity: Password changes must meet platform baseline security policy (special characters, mixed-case, digits). Changes propagate to all active sessions. Password reset requires an active logged-in session with valid credentials; unauthenticated reset requests are rejected.
⚠ Note / Security Best Practice: "Password and security operations only affect the user's current session." If you step away from your workstation, actively logout and lock the screen. Password updates here trigger automatic revocation of all other cached tokens (mobile app, browser incognito, etc.), so plan a fresh cross-device login cycle afterward.