Technical Specification: Drive Module

This document details the technical architecture, technology stack, and integration patterns for the Drive module.

v1.0 — ApprovedPlatform: VENI-AI ShellStack: Bun/Ignis/Hono

---

1. High-Level Architecture

The Drive module is built as a SCS (Self-Contained System) with a dedicated storage abstraction layer.

Component Diagram

---

2. Technology Stack

Backend (API)

• Runtime: Bun
• Framework: Ignis Framework
• Router: Hono
• ORM: Drizzle ORM
• Storage: PostgreSQL + S3-compatible backend (MinIO / AWS S3)

Frontend (UI)

• Library: React 18
• Build Tool: Vite
• Components: ARDOR UI Kit
• Features: Drag-and-drop file uploaders with chunked streaming (planned).

---

3. Storage Patterns

3.1 Upload Flow

1. Client sends file to POST /api/files.
2. API streams the file directly to S3 while generating a unique storagePath.
3. API records metadata (name, size, MIME) in the files table.
4. Returns the file ID to the client.

3.2 Download Flow

1. Client requests GET /api/files/:id/download.
2. API verifies access permissions (RBAC + Ownership).
3. API generates a Presigned URL from S3 (expiring in 5 minutes).
4. Redirects the client to the presigned URL for secure, direct-from-S3 download.

3.3 Multi-tenant Isolation

Isolation is enforced by:

• Database: Every row in files and folders has an org_id.
• Storage: S3 paths are prefixed by organization ID: s3://bucket/{orgId}/{fileId}.

---

4. Integration Details

4.1 Shell Auth

• Drive extracts organizationId and userId from the Platform JWT.
• Authorization is checked against the Shell's RBAC: drive:read, drive:write, drive:delete.

4.2 Cross-Module Usage

• HRM: Uses the Drive S3 driver to store profile photos in an internal avatars/ bucket.
• Documents: Exports finished PDF reports directly to the organization's root Drive folder.

---

Related Links

• Unified SRS Hub
• Database Schema
• API Reference