HR module

/hr is the HR home — per-employee documents, key dates (visa, ID, anniversary, contract end), and training certifications. The dashboard surfaces what's expiring in the next 90 days; per-employee profiles let you upload, edit, and remove records.

Permissions

HR is gated by the per-employee has_hr_access flag. It is independent of role: managers and employees (including those with Finance / Legal flags) see nothing of HR (no menu, 403 on direct URL) unless an admin grants the HR flag specifically. Admin always has it.

• Admin — full access automatically. Sees all employees and all sections, including confidential docs.
• Has HR access flag — same as admin: full HR access across the company, including confidential docs.
• Anyone else — no access. Their own profile included (HR is operational, not self-service).

To grant the flag: Manage → Employees → [person] → Edit → Module access → Grant HR access.

See Roles for the full access model.

What you can record per employee

Section	Holds
Documents	Contracts, NDAs, ID/passport scans, visas, work permits, certifications, performance reviews, policies, offer letters, anything else. PDF/JPG/PNG/DOC up to ~10MB. Optional issued + expiry dates trigger alerts.
Key dates	Birthday, hire anniversary, visa expiry, ID expiry, probation end, contract end, other. The "expiry"-flavored kinds drive alerts on the dashboard.
Certifications	Training records — name, issuer, dates, credential ID, optional notes.

Confidential flag

When uploading a doc, tick Confidential to mark it sensitive (salary letters, NDAs with restricted parties, performance improvement plans). In V1 the flag is informational — anyone with HR access sees confidential docs. A future release will let you scope confidential to admin-only.

Dashboard alerts (90-day horizon)

KPI strip shows: - Active employees in your scope - Documents expiring ≤ 90 days - Certifications expiring ≤ 90 days - Visa/ID/contract key-date expiries

Detail tables below the KPIs list each expiring item with employee, dates, and direct link to their HR profile. Already-expired items get a red "EXPIRED" tag.

Where this fits

• HR docs are stored under instance/uploads/hr/ on the server with disambiguated filenames (no path-traversal risk).
• All actions audit-logged.
• This is HR-1 (foundation) — performance reviews, goals/OKRs, 1:1 tracker, onboarding/offboarding workflows, org chart, disciplinary log, salary history are coming next (HR-2, HR-3).

Tips

• Upload contracts at signing time — set expiry_date to renewal date so you get a 90-day heads-up
• Tag visa/passport scans as Confidential so HR users know they're sensitive
• Birthday + anniversary key dates are useful for managers (Slack reminders later)