Smart Meeting Management System with Role-Based Access
- Published on
- Duration
- 6 Weeks
- Role
- NodeJS API Architecture & Access Logic
- Environment
- Role-based Access Control (RBAC)
- Technology
- Node.js, Sequelize ORM
+4
This project is a fully featured meeting room booking and scheduling platform designed for complex, real-world use cases where room access, recurring meetings, and approval workflows are essential.
π§ Core Idea
The platform solves the classic problem of scheduling conflicts, visibility, and approval for organizations that need room-level access control through user groups and permissions.
π‘ Features
- Role-based room visibility using RoomGroup + GroupUser relationships
- One-off and recurring meetings (daily, weekly, monthly, yearly)
- Access control down to room level β who can view, book, cancel
- Approval workflows: auto-approve for full-access, pending for limited-access
- Ghost/fake recurring meetings to preview future occurrences
- Meeting overlap prevention
- Cancel, update, or modify individual or all recurring meetings
- Special permissions override normal access rules
- Support for blocked times (e.g., maintenance)
π οΈ How It Works
Users are assigned to groups, which in turn are linked to rooms. These group-room bindings dictate visibility and booking rights.
GroupUserβ assigns users to groupsRoomGroupβ assigns groups to roomsMeetingRecurrenceβ controls repeat frequency and scopeSpecialPermissionβ gives users access to individual meetings outside normal permissions
Admins bypass all restrictions. All others require group membership or special permission to view, book, or modify meetings.
π¬ Example Use Case
Imagine a university with shared conference rooms:
- Professors can book only in rooms assigned to their department.
- Admins can view and manage all bookings.
- Facilities can block rooms during renovations.
- Recurring faculty meetings are automatically scheduled but remain editable.
- Students can see available rooms but cannot book them.
All these are supported out-of-the-box.
β Smart Booking
Every booking is checked for:
- Room-level group access
- Time conflicts (existing or future repeating events)
- Blocked periods
- Meeting status (Approved / Waiting on Approval)
- Overlap with virtual/ghost meetings
π Recurrence System
Meetings are not stored in the database indefinitely. Instead, ghost meetings are dynamically generated from recurrence rules to visualize future slots. This reduces storage load and makes UI rendering flexible.
π Permission Structure
| User Type | View | Book | Approve |
|---|---|---|---|
| Admin | β | β | β |
| Full Access Group | β | β | β |
| Read-Only Group | β | β | β |
| Special Permission | β | β | β |
| No Group | β | β | β |
π§ Tech Stack
- Node.js: Core application engine
- Sequelize ORM: Data modeling and querying
- PostgreSQL: (or MySQL) database layer
- Express: Routing and middleware
- date-fns: Recurrence and date utilities
π Result
The system is highly extensible, easy to plug into an existing frontend (e.g., React/Next.js), and ready for real-world scheduling complexity. It removes friction from managing access-sensitive bookings across teams, departments, or organizations.
π€ Future Add-ons
- Notification/Reminders
- OAuth + SSO
- iCal export
- GraphQL integration
- Public booking forms
Want to try the demo? Head to Room-Sync and try it out.
Hi there! Want to support my work?