ColivingLiguria

S.r.l. — Startup Innovativa
Apply NowCandidati
HomeHomeTechnical LibraryArchivio tecnico

2 min read

Protected Upload Channel

The protected upload channel is the only standard website route for sensitive files requested from a person in the Living workflow.

User Flow

flowchart TD
  A["Person opens /login"] --> B["Passwordless verification"]
  B --> C["Private area session"]
  C --> D["Select requested document purpose and type"]
  D --> E["Upload PDF, image, or P7M file"]
  E --> F["LivingRegister private staging"]
  F --> G["LP/operator review"]
  G --> H["Delete, quarantine, or legal hold before retention deadline"]

API Endpoints

  • GET /api/auth/private-area/documents: list the authenticated person’s staged uploads.
  • POST /api/auth/private-area/documents: upload one requested document as JSON base64.
  • DELETE /api/auth/private-area/documents/{staging_id}: delete a pending upload owned by the authenticated account.

Every endpoint requires a valid bearer session token.

Accepted Upload Shape

POST /api/auth/private-area/documents accepts:

  • purpose_code
  • document_kind
  • file_name
  • content_type
  • content_base64
  • uploader_note

Current limits:

  • maximum file size: 8 MB;
  • file extensions: .pdf, .png, .jpg, .jpeg, .webp, .p7m;
  • content types: PDF, PNG, JPEG, WebP, P7M, or octet-stream where browser detection is unavailable.

Metadata Stored In The Register

The Living Register stores:

  • staging ID;
  • authenticated account and person reference;
  • processing purpose;
  • document kind;
  • content type;
  • extension;
  • file size;
  • SHA-256 of the uploaded file;
  • hashed storage reference;
  • review status;
  • deletion status;
  • deletion due date;
  • deletion proof.

It must not store the original filename, raw storage path, passport number, health identifier, bank identifier, or raw document value.

Temporary Storage

Local backend staging uses:

New_CL/Business_Segments/ColivingLiguria_Living/ES_Software_Engineering/01_LivingRegister/backend/data/private_document_staging/

That folder is private runtime storage and must remain git-ignored. Public Quartz data exports must not include staged document rows or raw storage references.

Fallback Rule

If the private area is unavailable, the operator records an internal blocking condition in AIASKS or LP notes. The standard fallback is not WhatsApp, ordinary email, or a public form for passports, permits, health coverage, banking/deposit proof, or signed forms.

Graph View