Data Flow

How data and requests move through the platform: user requests, event-driven flows, and key paths.

1. Request Flow (User → Portal → API → Data)

User (Browser / App)
        │
        ▼
Portal (Admin / Driver / Employee / Customer / Vendor)
        │  HTTPS
        ▼
API Gateway / Backend Server
        │  Auth + RBAC check
        ▼
Business Logic & Workflow Engine
        │
        ▼
Database (read/write)  ──►  Audit log (where applicable)

All portal actions that create, update, or delete data go through the backend API. Access is enforced by role and permission checks at route and API level.

2. Event-Driven Flow

Database / Business Event
        │
        ▼
Event Bus (e.g. AWS EventBridge)
        │
        ├──► Notification service (in-app, SMS, email)
        ├──► Document lifecycle (expiry, reminders, escalations)
        └──► Workflow / approval triggers

Events drive notifications, document expiry reminders, and workflow steps without blocking the main request path.

3. Key Data Paths (Summary)

Booking & work orders: Created/updated via Admin or Driver portal → API → DB; status and approvals drive workflow and notifications.
Attendance & payroll: Punch/leave data from Employee portal and integrations → attendance engine; payroll reads attendance and policies → calculation → approval workflow → disbursement.
Fleet & driver: Vehicle and driver data maintained in Admin; Driver app submits logsheets, expenses, location; real-time tracking flows through the same API layer.
Documents & compliance: Document uploads and expiry dates stored in DB; event-based jobs trigger reminders and escalations to configured users/roles.

4. Security & Audit

Sensitive operations are gated by authentication and RBAC. Critical actions can be written to an audit log for traceability. Data in transit uses HTTPS; credentials and secrets are managed outside the application code.