Internal Operations ConsoleTOPDMS Internal
系统
AI 建议必须人工复核对象级权限已启用系统初始化SOP

Internal SOP

System Help Center and Product Manual

Operational reference for platform initialization, knowledge governance, product structure documents, data stewardship, and release synchronization.

System Architecture Overview

flowchart
flowchart LR
  Browser[Browser] --> Web[Internal Web]
  Web --> API[NestJS API]
  API --> MySQL[(MySQL)]
  API --> BOS[(BOS)]
  API --> KnowledgeRepo[knowledge_repo]
  API --> Audit[Audit Log]
  API --> AIGateway[AI Gateway]
  AIGateway --> ModelRouter[NVIDIA Model Router]

Module Architecture and SOP

4 modules
SOPSystem Initialization and Permissions

Initialize the system, repair the admin account, maintain users, roles, sessions, and default permission policies.

  1. Configure DATABASE_URL, JWT_SECRET, storage, AI provider, and setup controls on the server.
  2. Use the admin bootstrap workflow only for controlled initialization or repair.
  3. Force the temporary admin password to be changed before business access.
  4. Review role permissions and object access policies before opening internal trial access.
SOPEnterprise Knowledge Center

Capture source materials, file indexes, parse jobs, AI extraction outputs, review tasks, lifecycle anchors, and promotion evidence.

  1. Upload files through the Knowledge Center or approved module intake paths.
  2. Keep AI extraction results in the reviewable knowledge layer until approved.
  3. Use controlled promotion only for approved records with audit and rollback evidence.
  4. Keep customer-visible, supplier-visible, and AI-output flags disabled unless explicitly approved.
SOPProduct Structure Document / BOM

Maintain product structure documents, BOM headers, BOM items, versions, scope, and controlled change requests.

  1. Review BOM scope, version, parent-child integrity, quantity, and unit before promotion.
  2. Do not promote customer-specific BOM objects into generic product structures.
  3. Route critical BOM field changes through Data Stewardship change control.
  4. Use retire or supersede instead of physical deletion.
SOPRelease and Server Sync

Keep local audit, version metadata, release notes, server deployment, legal notice, rollback plan, and server verification aligned.

  1. Run local audit before publishing.
  2. Update version metadata, release notes, server sync report, and rollback plan.
  3. Verify API health, Web, MySQL, BOS, knowledge_repo, and permission defaults after deployment.
  4. Do not run raw bootstrap or promotion as part of platform release sync.

Operational Manuals and Guided Workflow

9 manuals
ManualSystem Overview and Roles

Explains Enterprise Knowledge Center, Product Lifecycle Spine, Knowledge Source, Change Request, Rollback, Audit Log, and internal roles.

system-overview-user-guide.md
ManualLogin, Password, and Permission Denial

Covers first login, forced password change, password reset, session expiry, permission denial reasons, and next actions.

login-and-password-guide.md / permission-denied-guide.md
ManualEnterprise Knowledge Center

Shows how to search sources, open source detail, review lifecycle anchors, files, source evidence, review tasks, and knowledge outputs.

knowledge-center-user-guide.md
ManualPLM Core and Product Lifecycle Documents

Defines categories, base models, derived models, internal items, customer SKUs, and BOM as Product Structure Document.

plm-core-user-guide.md
ManualCommunication Inbox

Explains customer communication intake, attachments, AI summaries, knowledge outputs, and customer/project/SKU anchors.

communication-inbox-user-guide.md
ManualAI Email Assistant

Explains draft-only generation, output language, filtered context, editable drafts, and why AI may miss filtered information.

ai-email-assistant-user-guide.md
ManualQMS

Covers dossiers, artifacts, complaints, 8D, defect photos, quality plans, and product/customer SKU/batch anchors.

qms-user-guide.md
ManualChange Request, Rollback, and Audit Log

Shows how to request changes, approve, reject, apply, retire, rollback, and inspect before/after audit evidence.

change-request-user-guide.md / rollback-user-guide.md / audit-log-user-guide.md
ManualFAQ and Common Errors

Answers common questions about missing AI information, blocked edits, visibility flags, draft-only behavior, and blocked BOM promotion.

faq-and-common-errors.md

Security Notes

server-side only
  • NVIDIA_API_KEY must remain in server-side environment variables and must not be entered into browser forms.
  • MySQL, BOS, NVIDIA, JWT, and setup secrets must never be printed in reports or public logs.
  • Raw bootstrap, promotion, customer-visible output, supplier-visible output, and AI output remain disabled for platform governance releases.
  • Engineering rule traceability uses engineeringRuleTrace and activation gates before production use.
  • CAD previews must mark CAD_CONVERSION_REQUIRED until CAD_CONVERTER_COMMAND is configured and verified.
  • Generated product manual reference: TOPDMS-Product-Manual-2026-05-14.pdf.