My Docs Are Safer Than My Search History 😎

This is a submission for the GitHub Copilot CLI Challenge: Build with AI

Hey there! Welcome back. This is my latest project that I'm super excited to share with you!

Remember that one time your friend asked you to "just quickly check" their Google Doc, and you spent 20 minutes figuring out if you had view-only or editing access? Or when your team's important document got accidentally shared with the entire internet? Yeah, me too. 😅

That's why I built Radhika's AI DocManager, a document management system that doesn't mess around when it comes to security, roles, and AI-powered features.

Live Demo: radhika-docmanager.vercel.app

What's This All About? 🤔

Imagine you and your partner have a shared notebook. But here's the twist:

• You can write anything you want in your sections
• Your partner can only read some sections (View Only)
• Your partner can comment on other sections but not edit them (Comment)
• Some pages are locked with a password because they contain surprise party plans 🎉

That's basically what this project does, but for teams and organizations!

Question for you: Have you ever accidentally deleted someone else's important document or had your document deleted by someone? How did that go? 😬

The Cool Features That'll Make You Go "Woah!" 🚀

1️⃣ Four Roles, Four Levels of Trust

Think of roles like relationship stages:

• User (Dating Stage): You can only see and manage your own stuff. Can't touch anyone else's documents.
• Admin (Committed Relationship): You can see everything in your organization and manage your team members. You're the responsible one now!
• Super Admin (Marriage Level): Like Admin but with superpowers! You approve who joins your org, can promote people to Admin, and have elevated privileges. But you're still tied to your organization!
• God (The Parent): Full control over the ENTIRE platform across ALL organizations. Can post documents to ALL organizations at once. The ONLY role with cross-org access! Ultimate power! 💪
  • Important Note: God has read access to all documents across organizations for platform management, but the primary focus is on public documents and cross-org coordination. Organizations still maintain their privacy for internal operations.

Each role has a "weight" number. Higher weight = more authority. Just like how your mom outranks you when deciding what's for dinner! 😄

Important: Only God can see across organizations. Super Admin, Admin, and User are all scoped to their own organization!

2️⃣ Document Security That Actually Makes Sense

Your documents can have different classification levels:

• Public: Everyone can see it (like your Instagram story)
• Organization: Only your team can see it (like your company Slack)
• Internal: More restricted (like your team's strategy docs)
• Confidential: Top secret stuff (like your salary slip)
• General: The default, casual classification

Plus, you can set access levels:

• View Only: Read-only, no comments allowed (like when your partner says "just look, don't touch")
• Comment: Can read and comment but not edit (like leaving sticky notes on a physical document)
• Edit: Can make changes to the content
• Full Access: Complete control (the relationship goals)

Want to add extra protection? Lock any document with a 9-digit password! 🔐

3️⃣ AI That Works For YOU (Not For Big Tech)

Here's the thing: I hate vendor lock-in. You know what's worse than a bad breakup? Being forced to stay with a service because you can't leave!

That's why Radhika's AI DocManager lets you bring your own API keys:

• Groq (FREE tier available! Fast and perfect for getting started)
• OpenAI (Premium quality)
• Anthropic (Great for long documents)

Your keys are encrypted with AES-256-GCM encryption. That's military-grade security, folks! Even if someone breaks into the database, your keys are safer than your ex's secrets in your DMs. 🤫

The AI can:

• Summarize documents (TL;DR generator)
• Analyze sentiment (is this doc angry or happy?)
• Extract key points (bullet points anyone?)
• Improve writing (make it sound professional)
• Translate content (hola, bonjour, namaste!)
• Generate Q&A (instant study guide)
• Custom prompts (ask it anything!)

Pro tip: You also get FREE local tools that work without any API key — Word Count, Structure Analysis, and Text Preview. All running in your browser!

4️⃣ Organizations That Don't Mix Like Oil and Water

Multiple organizations, complete data isolation. Think of it like this:

You have three friend groups:

1. College friends (Acme Corp)
2. Work friends (Globex Inc)
3. Gym friends (Initech LLC)

Each group has its own private WhatsApp group. Nobody from college friends can see what's happening in your work friends group. That's exactly how organizations work here!

To join an organization, you need an Organization Code (like a secret club password). A Super Admin must approve your membership request. No random people crashing your party! 🎊

How GitHub Copilot CLI Supercharged My Development 🚀

Okay, confession time: Building this project would have taken me MUCH longer without GitHub Copilot CLI. Let me tell you how it became my coding partner!

What is GitHub Copilot CLI?

Think of it as having a really smart friend who sits in your terminal and helps you with commands, debugging, and understanding code. You just talk to it in natural language!

How I Used It in This Project

1. Generating the Complete Supabase Schema

This was HUGE. Instead of manually writing hundreds of lines of SQL:

gh copilot suggest "generate supabase schema for document management system with organizations, users, documents, comments, and audit logs with proper foreign keys and indexes"

It gave me a complete schema structure! I just had to customize it for my needs. Saved hours of work!

2. Setting Up Row Level Security (RLS)

Supabase RLS policies are tricky. I asked:

gh copilot suggest "create row level security policy for organization isolation in supabase"

It generated the exact SQL I needed to ensure users can only see data from their organization!

3. Database Schema Debugging

When my foreign key constraints weren't working:

gh copilot explain "Why is my foreign key constraint failing between documents and profiles?"

Boom! Got the answer instantly and fixed the relationship properly.

4. Creating Storage Buckets with Policies

Setting up Supabase storage:

gh copilot suggest "create supabase storage bucket for documents with 50MB limit and access policies"

Got the complete SQL for buckets AND storage policies. No more digging through docs!

5. Complex Git Operations

Had to rebase multiple commits with conflicting changes:

gh copilot suggest "rebase last 5 commits and squash them into one"

Got the exact git commands I needed. No more Stack Overflow!

6. TypeScript Type Errors

When dealing with complex Supabase types:

gh copilot explain "Cannot find name 'UserRole' in this scope"

Instantly told me I needed to import from @/lib/supabase/types. No more hunting through files!

7. Debugging Permission Logic

When my role-based access control wasn't working:

gh copilot explain "why is my outranks function returning false for admin checking user role"

Helped me understand the weight comparison logic and fix the bug in minutes!

8. File Upload Implementation

Struggled with Supabase storage upload with progress:

gh copilot suggest "upload file to supabase storage bucket with progress tracking and error handling"

Got complete working code with progress bars and proper error handling!

9. Understanding bcrypt Hashing

When implementing password security:

gh copilot explain "difference between bcrypt compare and hash and when to use each"

Clear explanation that helped me implement secure authentication correctly!

10. Deployment to Vercel

Deploying with all environment variables:

gh copilot suggest "deploy next.js app to vercel with environment variables from .env file"

Got the proper CLI commands with all the flags needed!

11. Testing Database Queries

When testing complex SQL with multiple JOINs:

gh copilot explain "how to test row level security policies in Supabase without deploying"

It explained the whole local testing process step by step!

But do you know? I've even implemented most of the frontend with it as well. 😎

Why Copilot CLI is a Game Changer

• No Context Switching: Stay in your terminal, no need to open browser
• Natural Language: Ask questions like you'd ask a friend
• Project-Aware: It understands your codebase context
• Instant Answers: Faster than googling and reading 10 different answers

Real Talk: I probably saved 10-15 hours of googling, debugging, and trial-and-error just by having Copilot CLI help me with terminal commands, git operations, and understanding error messages.

If you're not using it yet, you're missing out! It's like having a senior developer on speed dial. 🎯

The Tech Magic Behind the Curtain 🎩✨

(Don't worry, I'll keep it light!)

Built With Love Using:

• Next.js 14 (App Router)
• Supabase (PostgreSQL database + storage)
• TypeScript (because typos are for noobs)
• Tailwind CSS + shadcn/ui (for that crispy dark mode 🌙)
• Bun runtime (faster than your morning coffee hitting your system)

Security Layers:

1. Passwords: bcrypt hashing (can't crack it even if you try)
2. API Keys: AES-256-GCM encryption (Fort Knox level)
3. Document Passwords: Another layer of bcrypt (double protection!)
4. Organization Isolation: Complete data separation (no mixing allowed)

Document Support:

Upload pretty much anything:

• PDF (with embedded viewer)
• Word docs (auto text extraction!)
• Plain text, CSV, Markdown
• HTML, JSON, RTF, ODT
• Even Excel and PowerPoint (why not?)

File size limit: 50 MB per document. That's like... a LOT of cat pictures! 🐱

The Boyfriend-Girlfriend Analogy That'll Make You Understand Permissions 💑

Let's say you and your partner are working on planning a surprise party:

User Role (You):

• You can create your own to-do list
• You can only see your own tasks
• You can't see or touch your partner's secret guest list

Admin Role (Your Partner who's more organized):

• Can see both your lists (within your organization)
• Can delete tasks from User-level people
• Can manage who's invited to the planning team
• But can only see YOUR organization's party, not other orgs

Super Admin Role (The Senior Party Planner):

• Like Admin but can also approve new members joining YOUR organization
• Can promote people to Admin within your org
• Has elevated privileges for your organization
• But still can't see OTHER organizations' parties (that's God's job!)

God Role (The Person Whose Birthday It Is):

• Knows about ALL surprise parties EVERYWHERE (cross-org access!)
• Can access any planning doc in any organization for platform management
• Can post announcements to all party groups at once
• Bypasses all password locks (it's their birthday, after all!)
• The ONLY role that can see across all organizations!
• But remember: God is the platform administrator, not Big Brother watching everything. The focus is on managing public documents and cross-org coordination, while respecting organizational privacy.

See? Not so complicated! 😊

Real-World Use Cases

For Teams:

• Store company policies (Organization classification)
• Share meeting notes (Comment access)
• Collaborate on proposals (Edit access)
• Lock sensitive HR docs (Password protection)

For Content Creators:

• Draft blog posts (Draft status)
• Get feedback from editors (Assign reviewers)
• Publish final versions (Published status)
• Archive old content (Archived status)

For Students:

• Store class notes
• Collaborate on group projects
• Share study guides
• Keep research papers organized

Question for you: What would YOU use this for? I'd love to hear your use case! Drop it in the comments! 💭

The Journey (AKA The Fun Part) 🎢

Building this was like assembling IKEA furniture while blindfolded. Here's what I learned:

Challenge #1: Role-Based Access Control

Creating a system where User < Admin < Super Admin < God without breaking everything? HARD. I used a "weight" system (User = 10, Admin = 50, Super Admin = 75, God = 100). Simple math, complex implications!

Challenge #2: Organization Isolation

Making sure Acme Corp never accidentally sees Globex Inc's documents? I had to filter EVERYTHING by organization. Every. Single. Query.

Challenge #3: Encryption That Doesn't Break

Encrypting API keys is easy. Making sure you can decrypt them later? That's the trick! Used AES-256-GCM with unique IVs for each key. Sounds fancy, works perfectly!

Challenge #4: God's Multi-Org Publishing

When God creates a document for "All Orgs", the system:

1. Uploads the file ONCE to storage
2. Creates a document record for EACH organization
3. All records point to the same file
4. When God changes the status, ALL copies update together

It's like posting on all your social media at once, but harder!

The Tech Implementation (For My Developer Friends)

Permission Checking:

export function outranks(roleA: string, roleB: string): boolean {
  return getRoleWeight(roleA) > getRoleWeight(roleB);
}

export function isAtLeast(roleA: string, roleB: string): boolean {
  return getRoleWeight(roleA) >= getRoleWeight(roleB);
}

Simple, elegant, effective!

Document Deletion Logic:

• User can delete: Own docs only
• Admin can delete: Own + User docs (Admin outranks User)
• Super Admin can delete: Own + User + Admin docs
• God can delete: Own + any public document

AI Action Flow:

1. User clicks an AI action
2. System decrypts their API key in memory (never stored decrypted!)
3. Sends document content to AI provider
4. Returns result to user
5. Result NOT stored (privacy first!)

Organization Membership:

1. New user registers with Organization Code
2. Account created with "pending" status
3. Super Admin approves or rejects
4. If approved, user gets full access
5. If rejected, user can't log in

Clean workflow, no confusion!

Try It Yourself!

Live Demo: https://radhika-docmanager.vercel.app/

Documentation: https://radhika-docmanager.vercel.app/docs

Want to test it locally? Here's the speed run:

1. Clone the repo from GitHub
2. Set up Supabase project (free tier)
3. Copy .env.example to .env and fill in your credentials
4. Run bun install && bun dev
5. Visit http://localhost:3000/api/seed to get demo accounts
6. Log in and start creating documents!

Demo accounts (all use password Password123!):

• god@system.local - God role (platform-wide access!)
• superadmin@acme.com - Super Admin (approve memberships!)
• admin@acme.com - Admin role (manage your team!)
• user1@acme.com - Regular user (the everyday experience)

Or try the live app: radhika-docmanager.vercel.app

Check out the full documentation for setup details!

What's Special About This Project?

1. Security First

Most projects add security as an afterthought. I built it from day one. Encryption, hashing, isolation — the works!

2. No Vendor Lock-In

Your API keys, your choice. Switch providers anytime without losing data.

3. Real Enterprise Features

Multi-org support, approval workflows, audit logs, reviewer assignments — this isn't a toy project!

4. Actually Good UX

Dark mode that doesn't hurt your eyes. Clean interface. Logical workflows. I actually USED it while building it!

5. Named After Someone Special

Radhika's DocManager is named after Radhika Sharma. Built by Rohan Sharma (yes, it's me). Want to know more about Radhika? Find the secret page in my portfolio. ❤️

Rohan Sharma - Software Developer, Professional Blog Writer and UI/UX Designer

Explore the portfolio of Rohan Sharma, featuring cutting-edge software projects, insightful blogs, and creative UI/UX work.

rohansrma.vercel.app

6. Built with GitHub Copilot CLI

The entire development process was supercharged by GitHub Copilot CLI; from debugging complex database queries to writing deployment scripts. It's like pair programming with an AI! 🤖

Why This Project for the GitHub Copilot CLI Challenge? 🏆

This challenge is all about showcasing how GitHub Copilot CLI enhances the development process, and boy, did it ever!

The Challenge: Build an AI-powered, multi-tenant document management system with enterprise-grade security.

The Reality: That's A LOT of complexity; database schemas, encryption, role hierarchies, file uploads, organization isolation, and more.

The Solution: GitHub Copilot CLI became my development companion, helping me:

• Debug complex SQL queries and foreign key constraints
• Generate secure encryption keys and understand crypto operations
• Navigate git operations when managing multiple feature branches
• Understand error messages and fix bugs faster
• Write deployment scripts and environment configurations

The Result: A production-ready application deployed at radhika-docmanager.vercel.app with features that would normally take months to build!

Without Copilot CLI, I would have:

• Generate the entire Supabase schema from a single prompt describing my data model
• Create Row Level Security policies for organization isolation automatically
• Spent hours googling obscure error messages
• Made security mistakes in encryption implementation
• Struggled with git conflicts during feature merges
• Wasted time reading documentation for every command

I've even implemented most of the frontend with it. Ehehe.

Instead, I focused on building features and solving real problems while Copilot CLI handled the "how do I do this?" questions instantly.

That's the power of AI meeting the command line! 🚀

Final Thoughts

Building Radhika's AI DocManager was a rollercoaster. There were moments of "WHY ISN'T THIS WORKING?!" and moments of "OMG IT ACTUALLY WORKS!"

But you know what? Creating something that helps teams manage documents securely while leveraging AI (without selling their soul to Big Tech) feels pretty amazing.

If you've made it this far, thank you for reading! You're awesome! 🌟

Star the Github Repo 🌠

Try the project, break it, suggest features, report bugs, I want to hear it all!

And if you're wondering why it's called "Radhika's DocManager", it's named after Radhika Sharma, someone special whose memory inspired this project. Sometimes the best projects come from the heart. ❤️

Links & Contact

• Live App: https://radhika-docmanager.vercel.app/
• Documentation: https://radhika-docmanager.vercel.app/docs
• GitHub Repo: RS-labhub/AI-DocManager
• My Portfolio: rohansrma.vercel.app
• Email: rs4101976@gmail.com
• LinkedIn: Rohan Sharma
• X/Twitter: @rrs00179

Try the live app and let me know what you think!

Thank youuuuuuuuuuuuuuuu for reading! ❣️