The Problem
Operations managers struggled to handle lead assignments, track workflow automations, and manage sales representatives with clean role-based permissions.
Architecture & Topology
Full stack architecture with an Express.js REST API using MongoDB for dynamic lead schemas and Next.js/React frontend with complex dashboard states.
User -> Socket.io / REST -> RBAC Evaluator -> Lead Manager Lead Allocation Trigger -> Socket broadcast -> Representative Client
Engineering Challenges
Building a hierarchical RBAC (Role-Based Access Control) system that dynamically permits or blocks API calls based on hierarchical positions (Admin -> Manager -> Sales Rep) without bottlenecking request processing.
Applied Solutions
Implemented a memory-cached role permission matrix. Formulated middleware utilizing bitwise operations to check permissions instantly, alongside socket-driven real-time lead assignment alerts.
Results & Benchmarks
Deployed a CRM system that streamlined lead workflow automation, eliminated manual assignment delays, and handled real-time updates via WebSockets with zero downtime.
API Routing Specifications
| Method | Path | Objective |
|---|---|---|
| GET | /api/v1/leads | Fetch leads list (Filtered by permission hierarchy) |
| PUT | /api/v1/leads/:id/assign | Allocate lead to representative |
| POST | /api/v1/workflows/trigger | Initiate lead automation |
Performance Tuning
Utilized MongoDB aggregation pipelines to aggregate performance data on leads, cutting backend calculation times in half. Used lean queries `(.lean())` to skip document instantiation.
Lessons Learned
Defining absolute boundary states for WebSocket reconnections prevents memory leakage on the node process.