Bruno Delic
HomeWorkAboutContact
Let's Talk

Doctus ERP — Polyclinic Administration System

Full admin system for doctors, patients, front desk, and admins. Designed and built end-to-end: architecture, database, UI/UX, security, and performance. Includes real-time notifications, GDPR email confirmation, file system with metadata, and automated medical document creation with digital signing workflows.

Role: Lead Full-Stack Developer (Solo)
Year: 2025
ReactTypeScriptNestJSPostgreSQLSocket.IOShadcn UIPrisma/ORMMailgunPuppeteer
Doctus ERP — Polyclinic Administration System

Problem

Polyclinic operations needed a centralized system for patient intake, role-based workflows, medical documents, secure access control, and reliable audit-ready processes.

Constraints

  • • Strict security & RBAC across routes and data access
  • • GDPR-friendly flows (consent/confirmation, secure handling)
  • • Performance with large datasets (tables, search, filters)
  • • Document generation inside the app (no external manual steps)
  • • Reliable real-time notifications for key events

Solution

Built a modular full-stack ERP with JWT auth + RBAC authorization, secured backend routes and database access, real-time event notifications, file CRUD with DB metadata, Mailgun email flows, and in-app document creation (Puppeteer) including digital stamp/signature automation based on the current user/clinic context.

Key Features

RBAC + Secure Backend

JWT authentication with role-based authorization, protected routes, and role-driven UI capabilities.

Realtime Notifications

Socket.IO real-time notifications (e.g. patient creation/events) with reliable UI updates.

Documents + Digital Signing

Generate medical documents inside the app, save them, and apply automated doctor/clinic stamp/signature logic.

Files + Metadata

Upload/create/delete files and store metadata in PostgreSQL for traceability and search.

Performance UX

Virtualized tables, fast search/filter, and scalable UI patterns for large admin datasets.

Tech Decisions

Modular Backend Architecture

Designed a modular NestJS structure (feature modules + services) for long-term maintainability and clearer boundaries.

RBAC Enforcement End-to-End

Combined JWT claims, route guards, and server-side checks so the UI is never the only enforcement layer.

Document Generation via Puppeteer

Used Puppeteer to generate consistent, printable documents directly from the system without external tools.

Performance & Metrics

Virtualized lists for large datasets
Table Performance
Near-instant UI updates (Socket.IO)
Realtime Latency
RBAC on routes + data access
Security Posture

Lessons Learned

  • • RBAC needs enforcement at every layer (UI + API + data access)
  • • Document workflows become much simpler when generated in-app
  • • Virtualization is key for admin-heavy enterprise UIs

Contact

brunodelic00@gmail.com
Split, Croatia

Links

ProjectsAboutContact

Social

GitHubLinkedIn

Status

Available for work
© 2026 Bruno Delic. Built with Next.js + GSAP.