ALEXPYLES
Full-StackAI IntegrationBackend

GRCloud

Procurement and project-management platform for a Thai defense-procurement company.

~16,000 lines
GRCloud dashboard showing revenue, PO spend, and quotation status
GRCloud shared calendar view
GRCloud file drive / document storage view
GRCloud project management board
GRCloud quotation document view
GRCloud user and role management screen

01 // The_Problem

A Thai government-adjacent defense-procurement client needed to replace ad-hoc document and approval workflows — quotations, purchase orders, invoices, project tracking — with a single internal platform. Built during a 5-month software engineering internship.

02 // Stack

React 19TypeScriptViteTailwindPocketBaseClaude API

03 // Key_Decisions

  • Server-enforced role-based access control (admin/normal/viewer) defined directly in database migrations, not just in frontend route guards — access control survives even if the client is bypassed.
  • Three-tier file visibility (Public/Accountant/CEO) on the shared drive — a real data-sensitivity model, not a toy permission flag.
  • AI-assisted document tagging and brochure translation via the Claude API, with a hard rate limit of 20 requests/user/hour — cost and abuse awareness when wiring an LLM into an internal tool.
  • Blocked dangerous file-extension uploads and an enforced password policy.

04 // Summary

Built the internal platform a Thai defense-procurement company now runs its quotations, purchase orders, and approvals through. The React/TypeScript system enforces role-based access at the database layer, not just the UI, and uses the Claude API to tag and translate documents automatically — under a 20-request-per-hour cap to keep AI costs predictable. Delivered solo over a 5-month internship.