SVCI Online Document
Manual document requests became a role-based workflow for students, admins, departments, payments, clearance, and release.
How the project is put together
6 layers / 5 directed links
100%
- 01Interface
Student, admin, department, and super-admin pages for request and release workflows.
Vue 3 / Inertia / Tailwind CSS / Headless UI - 02Application
Request lifecycle, payment verification, clearance signing, release, notifications, and reports.
Laravel routes / Controllers / Services / Events - 03Services/API
Realtime notifications, generated PDFs, receipt/signature assets, and workflow actions.
Laravel 13 / Reverb / DomPDF / Intervention Image - 04Data
Requests, requirements, payments, releases, audits, files, and role-specific records.
MySQL 8 / Eloquent / Private storage / Queues - 05Auth/Permissions
Role dashboards, authorized file controllers, route protection, and private realtime events.
Breeze / Sanctum / Policies / Private channels - 06Runtime
Local app/MySQL/Reverb/MailHog runtime with PHP and browser regression coverage.
Docker Compose / Vite / MailHog / Pest / Playwright
From broken workflow to operating system
Requests, payment proof, clearances, and release tracking moved through disconnected manual handoffs.
A Laravel/Inertia system tracks request state, verifies payments, handles clearance, protects files, and notifies users.
The workflow constraint
Document requests moved through manual forms, payment checks, department clearances, and release handoffs. The workflow needed one role-aware system with traceable request states and secure file handling.
What changed
Decisions and trade-offs
Laravel/Inertia over a split SPA and API
The system needed rich Vue screens but also server-side routing, policies, forms, validation, and Laravel-first maintainability.
Decision: Used Inertia to keep Vue pages while letting Laravel own routes, authorization, validation, and workflow orchestration.
Trade-off: Less API reuse than a separate REST backend, but faster delivery and a simpler operational model for an internal school system.
Private file controllers over public storage links
Receipts, signatures, claim slips, and request documents can contain sensitive student or payment information.
Decision: Serve sensitive files through authorized Laravel controllers instead of exposing raw public storage paths.
Trade-off: More controller and policy code, but the access model is explicit and auditable.
Realtime notifications through Reverb
Admins and students need request/payment/clearance changes to appear without manual refresh.
Decision: Use Laravel Reverb with Echo and private channels for realtime notification delivery.
Trade-off: Adds another runtime process, but keeps realtime behavior inside the Laravel ecosystem.
Constraints, architecture, and proof
Vue 3 and Inertia render the application shell over Laravel routes, controllers, policies, services, events, notifications, queues, and private storage. MySQL runs through Docker Compose locally, while Reverb/Echo handles realtime notifications and DomPDF/Intervention support generated documents and uploaded assets.
Deployment, security, and maintenance
Laravel policies and middleware protect role-specific routes, private files are served through authorized controllers, security headers and throttles are applied, and the repo includes Pest/PHPUnit plus Playwright browser coverage for critical workflows.