add TODO.md

TODO.md

@@ -1,129 +1,74 @@
-# CMOD Project TODO
+📋 Project Backlog: Lab & Clinic Management System
+Priority 0: Critical (Workflow Blockers)
 
-## In Progress
+Must be completed first to ensure the basic process flow is correct.
+1. Role-Based Dashboard Filtering
 
-### V2 Namespace Removal
-- [ ] Complete migration of Doctor role to new architecture
-- [ ] Complete migration of Analyst role to new architecture
-- [ ] Complete migration of CS (Customer Service) role to new architecture
+    User Story: As a Lab Staff, I want the dashboard to only show "Klinik+Lab" or "Lab Only" patients so that I can focus only on relevant tasks.
 
-## Pending
+    User Story: As a CS Staff, I want to see all patients to monitor the entire facility flow.
 
-### Print Functionality
-- [ ] Refactor print functionality from external URL (`http://glenlis/spooler_db/main_dev.php`) to internal solution
-- [ ] Add print preview capability to Admin views
-- [ ] Add print preview capability to Lab views
-- [ ] Implement server-side PDF generation for print jobs
+    Technical Note: Implement a filter logic based on the patient_status or service_type field.
 
-### API Improvements
-- [ ] Add pagination to Users API endpoint
-- [ ] Add pagination to Requests API endpoint
-- [ ] Add search/filter capability to list endpoints
-- [ ] Add audit logging for critical operations (create/update/delete user, validate/unvalidate request)
+2. Validation State Management
 
-### Frontend Improvements
-- [ ] Add loading states to all API calls
-- [ ] Add toast notifications for success/error feedback
-- [ ] Implement form validation with clear error messages
-- [ ] Add confirmation dialogs for destructive actions (delete, unvalidate)
+    User Story: As a Lab Validator, I want the "Validate" button to disappear or disable once 2-level validation is complete to prevent redundant actions.
 
-### Role-Based Access Control
-- [ ] Document current permission matrix for each role
-- [ ] Add permission checks to API endpoints
-- [ ] Create shared permission constants in a central location
+    User Story: As an Admin, I want an "Unvalidate" menu to revert finalized records in case of data entry errors.
 
-### Testing
-- [ ] Set up automated tests for API endpoints
-- [ ] Add unit tests for controller logic
-- [ ] Add integration tests for critical workflows
+3. Role-Based Print Permissions
 
-### Documentation
-- [ ] Update README with current architecture overview
-- [ ] Document API endpoints with examples
-- [ ] Document database schema changes
+    User Story: As a Manager, I want to restrict the "Print Result" permission to the CS Role only, so that the Lab team cannot bypass the official release process.
 
-## Completed
+Priority 1: High (Efficiency & Accuracy)
 
-### V2 Namespace Removal
-- [x] Created AGENTS.md with project conventions
-- [x] Moved v2/admin views to views/admin
-- [x] Moved v2/lab views to views/lab
-- [x] Renamed V2.php controller to Auth.php
-- [x] Renamed V2/Admin.php controller to Admin.php
-- [x] Renamed V2/Lab.php controller to Lab.php
-- [x] Renamed V2/Users.php controller to Users.php
-- [x] Renamed V2/Samples.php controller to Samples.php
-- [x] Renamed V2/Requests.php controller to Requests.php
-- [x] Updated routes to remove v2 prefix
-- [x] Updated view paths in all controllers
-- [x] Fixed hardcoded date bug in views (changed to dynamic date)
-- [x] Fixed status color mappings (added PartColl, PartRecv, partial statuses)
-- [x] Fixed missing variables in Samples controller
-- [x] Fixed duplicate db_connect() calls in Requests controller
-- [x] Fixed id parameter in Users::update()
-- [x] Cleaned up V2 namespace directory
-- [x] Cleaned up old controller files (Admin.php, Doctor.php, Analyst.php, CustomerService.php)
-- [x] Backed up old views to views/backup/
-- [x] Updated AGENTS.md with new code examples
+Features that improve the speed and correctness of the lab operations.
 
-## Backlog
+4. Multilingual Result Preview
 
-### Features
-- [ ] Add user profile page with activity history
-- [ ] Add bulk import for users
-- [ ] Add bulk operations for sample management
-- [ ] Add export to CSV/Excel functionality
-- [ ] Add dashboard analytics and statistics
+    User Story: As a Lab Staff, I want to toggle the lab result preview between Indonesian and English so that I can provide reports for international requirements.
 
-### Technical Debt
-- [ ] Remove unused dependencies from composer.json
-- [ ] Clean up unused view files in views/backup/
-- [ ] Add type hints to all controller methods
-- [ ] Add return type declarations to all controller methods
-- [ ] Consolidate duplicate code in dialog components
+5. Table Sorting & Search
 
-### Security
-- [ ] Add rate limiting to login endpoint
-- [ ] Add CSRF protection to forms
-- [ ] Implement password strength requirements
-- [ ] Add session timeout configuration
-- [ ] Audit all SQL queries for potential injection vulnerabilities
+    User Story: As a User, I want to sort the dashboard tables by "No Register" and "Patient Name" to find specific records quickly.
 
-## Notes
+6. Enhanced Patient Detail Logging
 
-### Print Functionality Current State
-The current print implementation uses an external URL that opens a separate window:
-```javascript
-BASEURL + 'http://glenlis/spooler_db/main_dev.php?req_id=' + req_id
-```
-This should be replaced with:
-1. Server-side PDF generation using a library like TCPDF or Dompdf
-2. Display PDF in an iframe for preview before print
-3. Send directly to printer using browser print API or WebSocket to print server
+    User Story: As a Staff member, I want to see a detailed history in the patient profile, including:
 
-### Role Permissions
-- **Admin (1)**: Full access to all features including user management
-- **Doctor/Lab (2)**: Sample collection, validation
-- **Analyst (3)**: Sample validation, report generation
-- **CS (4)**: Read-only access to requests and samples
+        Sample Collection Time (categorized by type: EDTA, Serum, etc.).
 
-### Database Tables
-- `GDC_CMOD.dbo.USERS` - User accounts
-- `GDC_CMOD.dbo.REQUESTS` - Test requests
-- `GDC_CMOD.dbo.SAMPLES` - Sample records
-- `glendb.dbo.*` - Reference data (tests, panels, etc.)
+        Sample Received Time.
 
-### API Endpoints
-All API endpoints return JSON responses and should follow consistent format:
-```json
-{
-  "data": [...]  // or single object for GET by ID
-}
-```
+        Print History (Who printed the result and at what time).
 
-Error responses:
-```json
-{
-  "message": "Error description"
-}
-```
+7. Unvalidation Transparency
+
+    User Story: As a User, I want the "Reason for Unvalidation" to be visible in the Patient Detail view so I know why a record was reopened.
+
+Priority 2: Medium (UX & Technical Debt)
+
+UI improvements and backend optimizations.
+8. Visual Status Indicators (Color Coding)
+
+    User Story: As a User, I want the "No Register" column to be color-coded (Yellow/Blue/Green) based on the legacy system logic for quick status recognition.
+
+9. Print UI Standardization
+
+    User Story: As a User, I want a clear "Print" button that triggers the browser/system print dialog, as standard shortcuts (Ctrl+P) are currently unreliable in the app.
+
+10. Backend: Performance & Connectivity
+
+    Task: Investigate the intermittent connection issues with Server 253.
+
+    Task: Plan and execute an SSD Upgrade for the database server to resolve reported system slowness.
+
+    Task: Verify API integration between GDC_cmod, GDC_CS2, and Report2 for the sample reception module.
+
+Summary of Acceptance Criteria for the Junior:
+
+    Code Consistency: All new UI elements (buttons/toggles) must match the existing design system.
+
+    Audit Trail: Every status change (Validate/Unvalidate) must be logged with a timestamp and user ID.
+
+    Cross-Browser: The "Print" functionality must work across Chrome and Edge browsers.