debesocial/biiproject-kit-v1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: debesocial/biiproject-kit-v1:cb7a70a289172b3262cd98bd9ee4c8df7e37bc20
Branches Tags
debesocial/biiproject-kit-v1:main
...
compare: debesocial/biiproject-kit-v1:main
Branches Tags
debesocial/biiproject-kit-v1:main

4 Commits
cb7a70a289 ... main

Author SHA1 Message Date
debesocial 577e385764 docs: fully translate and align v1 README.md structure with v2, implementing premium layout and corporate English style 2026-05-21 17:01:08 +07:00
debesocial 03c10f91e2 docs: align README structure and section ordering with v2, adding Tech Stack and API Endpoints tables 2026-05-21 16:59:57 +07:00
debesocial a4a620d90a docs: restyle README to match v2 styling standard while retaining all v1 details 2026-05-21 16:57:36 +07:00
debesocial 10785f3559 docs: update title to biiproject-kit v1 in README 2026-05-21 16:52:41 +07:00
1 changed files with 184 additions and 174 deletions
Expand all files Collapse all files
README.md
+184 -174
View File
@@ -1,223 +1,233 @@
# biiproject # biiproject-kit v1
Aplikasi web manajemen bisnis berbasis **Laravel 13** dengan PostgreSQL, Redis, dan WebSocket real-time. [![Laravel](https://img.shields.io/badge/Laravel-13.x-FF2D20?style=for-the-badge&logo=laravel)](https://laravel.com)
[![PostgreSQL](https://img.shields.io/badge/PostgreSQL-15-4169E1?style=for-the-badge&logo=postgresql)](https://www.postgresql.org)
[![Redis](https://img.shields.io/badge/Redis-Alpine-DC382D?style=for-the-badge&logo=redis)](https://redis.io)
[![Tests](https://img.shields.io/badge/Tests-371%20Passed-31C653?style=for-the-badge)]()
[![Pint](https://img.shields.io/badge/Pint-Clean-007ACC?style=for-the-badge)]()
[![Larastan](https://img.shields.io/badge/Larastan-Level%205-blue?style=for-the-badge)]()
[![Tests](https://img.shields.io/badge/tests-371%20passed-brightgreen)]() [![Larastan](https://img.shields.io/badge/Larastan-level%205-blue)]() [![Pint](https://img.shields.io/badge/Pint-clean-blue)]() [![License](https://img.shields.io/badge/license-Proprietary-red)]() A high-performance, secure, and enterprise-ready **Laravel 13** starter kit featuring a comprehensive real-time admin monitoring dashboard, a granular Spatie permission matrix with Blade templates, custom backup services, and ready-to-use Expo React Native mobile application API integration. **Version 1** is designed to provide a highly optimized and rock-solid foundation for business management and SaaS systems.
--- ---
## Fitur Utama ## 🚀 Key Architectural Features in v1
- **Dashboard Admin Real-time** — ringkasan CPU/RAM/Disk/Live Users/Queue dengan update via WebSocket (Reverb). Widget bisa disembunyikan, diurutkan ulang (drag), dan disimpan per-user. Fallback ke polling 30 detik jika Reverb tidak terhubung. * 📊 **Real-time Admin Monitoring**Dynamic telemetry panel tracking CPU, RAM, Disk usage, and live active users powered by Laravel Reverb WebSockets. Configurable drag-and-drop widget layout is saved per user.
- **Custom Dashboard Widgets** — 7 widget bawaan (cpu, ram, disk, live users, queues, activity feed, AI insight). Per-user layout tersimpan di `dashboard_widget_preferences`. Toggle show/hide + drag-to-reorder via SortableJS. * 🛡️ **Granular Tab-Level Access**Highly custom authorization gates mapping 85 permission levels for Global Settings and Mobile Remote variables using Blade directives (`@cantab` and `@managetab`).
- **Manajemen Pengguna** — role & permission granular (Spatie), soft delete + restore + force delete, bulk action * ⚙️ **Integrated Control Console**Unified administration backend governing application branding details, live SMTP servers, OAuth login triggers, automated backups, and maintenance gates.
- **Global Settings** — branding, keamanan, email, AI, SAP, backup, dan lainnya dalam satu panel * 💾 **Secure Backup Automation** — Integrated scheduling mechanisms routing encrypted backups to Cloud storage (Amazon S3 or Google Drive) with custom integrity verification.
- **Mobile Settings** — kontrol remote konfigurasi aplikasi Android/iOS * 🤖 **AI Intelligence Engine**Direct adapters for OpenAI, Gemini, and Mistral, providing automatic Swagger annotations, system diagnostic logs auditing, and real-time security score assessments.
- **Maintenance Mode** — offline page dengan countdown, bypass key, dan IP whitelist * 📱 **Expo Mobile Application integration**Native Sanctum API token exchange, dynamic configuration sync, and device token registration endpoints ready for Push Notifications.
- **Backup & Restore** — Local, Amazon S3, atau Google Drive dengan enkripsi opsional
- **System Monitoring** — log Laravel, log SAP, log mobile, background job, AI usage, health check
- **Notifikasi Real-time** — WebSocket via Laravel Reverb + Notification Center. Dashboard stats di-push tiap menit via `dashboard:broadcast-stats`.
- **Granular Tab Permissions** — 85 permission level tab untuk Global/Mobile Settings. `CheckTabPermission` middleware + `@cantab`/`@managetab` Blade directives. Picker role dengan UI two-panel drag-drop dan category headers.
- **Session Manager** — lihat & paksa logout sesi aktif, single-session enforcement opsional
- **Legal & Content** — Privacy Policy, ToS, About (WYSIWYG), kepatuhan UU PDP No. 27/2022
- **Mobile App** — React Native + Expo dengan API Sanctum, OTP, device token (push notification)
- **Audit Trail** — semua perubahan tercatat via Spatie ActivityLog + Action Log
- **Error Monitoring** — Sentry integration untuk production error tracking
- **Passkeys (WebAuthn)** — login biometrik/FIDO2
- **Social OAuth** — Google, Facebook, GitHub (callback aman terhadap identity-overwrite)
- **AI Intelligence Engine** — Integrasi OpenAI, Gemini, Claude, DeepSeek, Mistral, dll.
- **Smart Search (CMD+K)** — Navigasi cerdas & AI Assistant terintegrasi
- **AI Security Audit** — Skor keamanan otomatis & rekomendasi perkuatan (hardening)
- **AI Error Diagnostics** — Analisis otomatis & saran perbaikan saat terjadi error sistem
- **API Documentation** — Swagger/OpenAPI otomatis (l5-swagger) dengan bantuan AI
--- ---
## Keamanan Bawaan ## 🛠️ Tech Stack & Dependencies
- **Security headers**: `X-Content-Type-Options`, `X-Frame-Options`, `Referrer-Policy`, `Permissions-Policy`, `X-XSS-Protection`, dan `Strict-Transport-Security` (HTTPS) di-set otomatis oleh middleware global. | Layer | Technology | Version | Description |
- **Rate limiting**: throttle pada `/login`, `/2fa`, `/forgot-password`, `/api/v1/otp/*`, dan endpoint mobile lain. Per-IP bucket terisolasi. |---|---|---|---|
- **Password policy**: panjang min/max, charset wajib, expiry, dan **history reuse blocker** (Bcrypt 12 rounds). | **Core Framework** | Laravel | `13.x` | Modern backend routing, scheduler, and service container |
- **IP access control**: whitelist admin, blacklist global, auto-block on burst (24 jam) dengan alert Telegram. | **Database Engine** | PostgreSQL | `15.x` | Relational database storage |
- **Data integrity**: FK constraint penuh di semua tabel audit; soft-delete cascade tested. | **Caching & Queue** | Redis | `Alpine` | High-speed cache memory and asynchronous queues |
- **Data retention otomatis**: 10 tabel/model memiliki kebijakan retensi — OTP & trusted device dipangkas saat expired, log AI & healing 90 hari, password history 365 hari, Telescope 48 jam. Dijalankan via `model:prune` + `telescope:prune` setiap dini hari. | **Real-time Server**| Laravel Reverb | `1.x` | Native high-performance WebSockets broadcaster |
| **Frontend UI** | Blade + SortableJS | `v1.x` | Server-side templating with interactive drag-drop widgets |
| **Authentication** | Breeze + WebAuthn | `v2.x` | Classic web sessions + FIDO2 Biometric Passkeys |
| **Roles & Privileges** | Spatie Permissions | `v6.x` | Granular permission layers mapped to Blade templates |
| **Audit Trail** | Spatie Activity Logs| `v4.x` | Transparent logging for models and user actions |
| **Docs Generator** | Swagger (L5-Swagger) | `v8.x` | OpenAPI spec files with integrated AI assistant |
--- ---
## Quality Gate ## 📂 Directory Structure Overview
| Check | Status | Tool | This project follows strict clean code practices and Laravel standard modular architectures:
|-------|--------|------|
| Unit & feature tests | **371 / 371 ✓** | Pest 4 |
| Static analysis | **clean** | Larastan level 5 (baseline) |
| Code style | **clean** | Laravel Pint (PSR-12) |
| Dependency audit | **0 vulns** | `composer audit` |
| N+1 regression locks | **3 datatables** | Pest + Query Log |
CI menjalankan keempatnya di setiap push/PR — lihat [`.github/workflows/ci.yml`](.github/workflows/ci.yml). ```text
├── app/
```bash │ ├── Exceptions/ # SystemConfig/Backup/Monitoring exception classes
./vendor/bin/sail artisan test │ ├── Helpers/ # SettingsHelper, SessionHelper, ImpersonateHelper, PasswordRuleHelper
./vendor/bin/sail bin phpstan analyse │ ├── Http/
./vendor/bin/sail bin pint --test │ │ ├── Controllers/ # AccessControl, Auth, SystemSettings, WebAuthn, Dashboard modules
./vendor/bin/sail composer audit │ │ ├── Helpers/ # Standardized JSON API responses formats
│ │ └── Middleware/ # SecurityHeaders, IpAccessControl, CheckActivePermission, Gzip
│ ├── Models/ # Primary Eloquent schemas (User, OtpCode, PasswordHistory, DeviceToken)
│ └── Services/ # AI Service adapters, Backup management, SystemConfig caches
├── config/ # Consolidated application parameters
├── database/
│ ├── migrations/ # Database schemas (40+ migrations)
│ └── seeders/ # Dynamic settings, mobile variables, and primary RBAC matrix
├── docker/ # Standardized Sail multi-service docker compose environments
├── public/ # Standard assets (vendor scripts, custom CSS)
├── resources/
│ └── views/ # Server-side Blade layouts, templates, and view components
├── routes/ # Divided routing protocols (web, api, auth, ai, channels, console)
└── tests/ # 371 feature-rich Pest integration tests
``` ```
--- ---
## Perintah Artisan Khusus ## ⚡ Quick Start & Development
Sistem ini dilengkapi dengan perintah CLI tambahan untuk memudahkan administrasi: Get your development environment up and running quickly:
| Perintah | Deskripsi | ### Manual Setup (Without Docker)
|----------|-----------|
| `php artisan system:check` | Audit kesehatan infrastruktur (DB, Redis, Storage, AI). | 1. **Clone & Install Dependencies:**
| `php artisan system:optimize` | Optimasi cache & pembersihan log produksi. | ```bash
| `php artisan ai:swagger {path}` | Menghasilkan anotasi Swagger otomatis menggunakan AI. | git clone <repo-url> Project && cd Project
| `php artisan system:send-digest` | Mengirim ringkasan kesehatan sistem mingguan ke Admin. | composer install
| `php artisan backups:verify` | Verifikasi integritas file cadangan di cloud/lokal. | npm install
| `php artisan l5-swagger:generate` | Regenerasi dokumentasi API OpenAPI. | ```
| `php artisan model:prune` | Pangkas data kedaluwarsa (OTP, trusted device, AI log, password history, dll). | 2. **Setup Environment Configuration:**
| `php artisan telescope:prune --hours=48` | Hapus Telescope entries lebih dari 48 jam. | ```bash
| `php artisan dashboard:broadcast-stats` | Broadcast statistik sistem terbaru ke channel WebSocket `admin.monitoring`. Dijadwalkan tiap menit. | cp .env.example .env
# Configure your DB_HOST=127.0.0.1 and REDIS_HOST=127.0.0.1 in .env
php artisan key:generate
```
3. **Run Migrations & Seeds:**
```bash
php artisan migrate --seed
```
4. **Launch Development Servers:**
```bash
composer run dev
```
--- ---
## Mulai Cepat (Development) ### 🔧 Containerized Setup (Laravel Sail) — Recommended
### Tanpa Docker If you prefer using Docker:
```bash 1. **Spin Up Containers:**
# 1. Clone & install ```bash
git clone <repo-url> Project && cd Project ./vendor/bin/sail up -d
composer install ```
npm install 2. **Initialize Database:**
```bash
./vendor/bin/sail artisan migrate --seed
```
# 2. Environment The application will be accessible immediately at `http://localhost:8000`.
cp .env.example .env
# Edit .env: DB_HOST=127.0.0.1, REDIS_HOST=127.0.0.1
php artisan key:generate
# 3. Database & seed > [!TIP]
php artisan migrate --seed > Always clear application cache after seeding is completed to reflect settings instantly:
# 4. Jalankan (server + vite + reverb + queue + scheduler)
composer run dev
```
### Via Docker (Laravel Sail) — Direkomendasikan
```bash
./vendor/bin/sail up -d
./vendor/bin/sail artisan migrate --seed
```
Aplikasi dapat diakses di `http://localhost:8000`.
> **Penting:** Jika seeder dijalankan, selalu clear cache setelahnya agar perubahan muncul di aplikasi:
> ```bash > ```bash
> ./vendor/bin/sail artisan cache:clear > ./vendor/bin/sail artisan cache:clear
> ``` > ```
### Menjalankan Test Suite ---
```bash ## 🔐 Default Credentials
./vendor/bin/sail artisan test # 371 tests (full)
./vendor/bin/sail artisan test --filter Auth # filter Use the default credentials below to test the RBAC capabilities of the starter kit:
./vendor/bin/sail bin phpstan analyse # static analysis
./vendor/bin/sail bin pint --test # code style check | Role | Email | Password | Role Description |
./vendor/bin/sail bin pint # code style auto-fix |---|---|---|---|
``` | **Super Admin** | `superadmin@biiproject.com` | `password` | Unrestricted access. Bypasses all system gates. |
| **Admin** | `admin@biiproject.com` | `password` | Manager privileges for access control, logs, and settings. |
| **User** | `user@biiproject.com` | `password` | Standard user role with read-only dashboard layout. |
> [!IMPORTANT]
> Please change default passwords immediately after deployment. Bcrypt 12 rounds + history blockers are active by default.
--- ---
## Akun Default (setelah seed) ## 🛡️ Built-in Security Policies
| Role | Email | Password | * **Security Headers** — Automatically injected custom headers (`X-Content-Type-Options`, `X-Frame-Options`, `Referrer-Policy`, `Permissions-Policy`, `X-XSS-Protection`, `Strict-Transport-Security`) protecting all routing responses.
|------|-------|----------| * **Smart Rate Limiting** — Intelligent throttle thresholds applied on `/login`, `/2fa`, `/forgot-password`, `/api/v1/otp/*`, and Expo client login gates.
| Super Admin | superadmin@biiproject.com | password | * **Robust Password Policy** — Dynamic complexity regulations (minimum length, mixed-case, numbers, special characters) with Bcrypt 12 rounds encryption and **365-day history reuse blocker**.
| Admin | admin@biiproject.com | password | * **IP Access Control** — Customizable administrator Whitelists, global blacklists, and automated burst-block (24 hours) trigger alerting via Telegram.
| User | user@biiproject.com | password | * **Auto Data Retention** — Dynamic automated pruning pipelines running daily via `model:prune` (expired OTPs/trusted devices, 90-day AI history logs, 48-hour Telescope database entries).
> Ganti password segera setelah deploy. Bcrypt 12 rounds + history block aktif by default.
--- ---
## Dokumentasi ## ⚡ Quality Gate Standards
| Dokumen | Untuk Siapa | Isi | All components are rigorously audited under continuous quality benchmarks:
|---------|-------------|-----|
| [README.md](README.md) | Semua | Ringkasan & quick start (file ini) | | Benchmark | Standard | Auditing Tool |
| [USER_GUIDE.md](USER_GUIDE.md) | Admin / Operator | Cara pakai panel admin | |---|---|---|
| [TECH_STACK.md](TECH_STACK.md) | Developer | Framework, library, plugin, tooling, CI | | **Unit & Feature Tests** | `371 / 371 Passed` | Pest 4 / PHPUnit |
| [DEPLOYMENT_GUIDE.md](DEPLOYMENT_GUIDE.md) | DevOps | Instalasi server produksi | | **Static Code Analysis** | `Clean` | Larastan (Level 5 Baseline) |
| [SECURITY.md](SECURITY.md) | All | Reporting & supply-chain advisory | | **Code Style Conformity**| `Clean` | Laravel Pint (PSR-12 ruleset) |
| [CHANGELOG.md](CHANGELOG.md) | All | Log perubahan | | **Dependency Security** | `0 Vulnerabilities` | `composer audit` |
| [mobile/README.md](mobile/README.md) | Mobile Dev | Build & pengembangan aplikasi Android/iOS | | **Query Performance** | `0 N+1 Regressions` | Pest + Custom Query Logger |
--- ---
## Struktur Direktori ## 🔌 API Endpoints Reference (v1)
``` All endpoints are versioned and situated under `/api/v1/*`. Requests requesting authorization require an HTTP header formatted as `Authorization: Bearer <your_token>`.
Project/
├── app/ ### Authentication & Config
│ ├── Exceptions/ SystemConfig/Backup/Monitoring exception classes | Method | Endpoint | Auth | Description |
│ ├── Helpers/ SettingsHelper, SessionHelper, ImpersonateHelper, PasswordRuleHelper |---|---|---|---|
│ ├── Http/ | `POST` | `/api/v1/login` | — | Exchange credentials for Bearer Token (Rate limited) |
│ │ ├── Controllers/ | `POST` | `/api/v1/register` | — | Register a new user account (Rate limited) |
│ │ │ ├── AccessControl/ User, Role, Permission, ActionLog management | `POST` | `/api/v1/forgot-password`| — | Request reset password link |
│ │ │ ├── Admin/ Mobile settings | `GET` | `/api/v1/app-config` | — | Retrieve mobile app remote configuration parameters |
│ │ │ ├── Api/ Sanctum-protected mobile API (v1) + Health | `GET` | `/api/v1/mobile/sync` | — | Sync latest configurations and updates |
│ │ │ ├── Auth/ Login, 2FA, Passkey (WebAuthn), Social OAuth | `POST` | `/api/v1/mobile/log` | — | Send mobile application logs to server (Rate limited) |
│ │ │ ├── SystemSettings/ Global settings, monitoring, backup, maintenance
│ │ │ ├── WebAuthn/ Laragear WebAuthn login/register controllers ### OTP Gateway
│ │ │ ├── DashboardController.php | Method | Endpoint | Auth | Description |
│ │ │ ├── ImpersonateController.php |---|---|---|---|
│ │ │ ├── LegalController.php | `POST` | `/api/v1/otp/send` | — | Request verification OTP code via Email/WhatsApp (Rate limited) |
│ │ │ └── ProfileController.php | `POST` | `/api/v1/otp/verify` | — | Validate the OTP code |
│ │ ├── Helpers/ ApiResponse
│ │ └── Middleware/ SecurityHeaders, IpAccessControl, CheckActivePermission, ### Profile & Dashboard (Authenticated)
│ │ CheckLegalAgreement, PasswordExpiry, GzipCompression | Method | Endpoint | Auth | Description |
│ ├── Services/ |---|---|---|---|
│ │ ├── Auth/ PasswordPolicyService | `GET` | `/api/v1/user` | Bearer | Fetch authenticated user data, roles, and permissions |
│ │ ├── AI/ Multi-provider AI service abstraction | `POST` | `/api/v1/logout` | Bearer | Revoke current authenticated session token |
│ │ ├── MobileConfig/ MobileConfigService (admin → mobile sync) | `POST` | `/api/v1/profile/update` | Bearer | Update user profile personal details |
│ │ ├── Monitoring/ SystemMonitoringService + MonitoringFormatter | `POST` | `/api/v1/profile/avatar` | Bearer | Upload and update profile photo |
│ │ ├── Notification/ FCM, Telegram adapters | `POST` | `/api/v1/profile/password` | Bearer | Change account login password |
│ │ ├── System/ BackupManagementService, MaintenanceManagementService, | `DELETE` | `/api/v1/profile/delete` | Bearer | Self account termination/deletion |
│ │ │ ActivityFormatter, GlobalSearchService | `GET` | `/api/v1/dashboard` | Bearer | Retrieve secure mobile dashboard analytics |
│ │ └── SystemConfig/ SystemConfigService + SettingDefinitions +
│ │ SettingValueCaster + SettingFileUploader ### Push Notification Registry
│ └── Models/ User, Role, Permission, SystemSetting (+ Revision), | Method | Endpoint | Auth | Description |
│ MobileSetting, OtpCode, PasswordHistory, DeviceToken, |---|---|---|---|
│ DashboardWidgetPreference, ... | `POST` | `/api/v1/devices/register` | Bearer | Register target FCM device token |
├── config/ Konfigurasi Laravel | `DELETE`| `/api/v1/devices/unregister`| Bearer | Revoke and unregister FCM device token |
├── database/
│ ├── migrations/ Skema database (40+ tabel)
│ └── seeders/ RoleAndPermission, SystemSetting, MobileSetting, AdminUser
├── docker/ Konfigurasi Sail (PHP, Postgres, Redis)
├── mobile/ Aplikasi React Native (Expo SDK 54+)
├── resources/views/ Template Blade
├── routes/
│ ├── web.php Rute web (admin panel)
│ ├── api.php Rute API mobile (prefix /api/v1)
│ ├── auth.php Rute autentikasi Breeze + 2FA + WebAuthn
│ ├── ai.php Endpoint AI assistant
│ ├── channels.php Broadcast channel auth
│ └── console.php Schedule kernel
├── storage/api-docs/ Generated OpenAPI/Swagger spec
├── storage/logs/ File log aplikasi
├── tests/
│ ├── Feature/ HTTP + integration tests
│ └── Unit/ Pure logic (Formatter, Caster, Helpers, Exceptions)
├── phpstan.neon Larastan config (level 5)
├── phpstan-baseline.neon Pre-existing errors silenced
└── .github/workflows/ci.yml Test + Lint + Static Analysis pipeline
```
--- ---
## Lisensi ## 🛠️ Specialized Artisan Commands
Proprietary © 2026 Andika Debi Putra. Lihat header tiap file. Dirancang dengan kepatuhan terhadap **UU PDP No. 27/2022**. The administration console provides customized CLI commands for operational workflows:
| Command | Description |
|---|---|
| `php artisan system:check` | Audit core infrastructure health (Database, Redis, Cloud Storage, AI engines). |
| `php artisan system:optimize` | Consolidate caches and wipe out production application logs. |
| `php artisan ai:swagger {path}` | Generate automated Swagger controller annotations utilizing OpenAI. |
| `php artisan system:send-digest` | Dispatch weekly operational system health digest to Administrators. |
| `php artisan backups:verify` | Audit and verify the integrity of local/cloud backup files. |
| `php artisan l5-swagger:generate` | Compile and regenerate OpenAPI/Swagger specifications. |
| `php artisan model:prune` | Safely clear out expired OTP keys, passwords histories, and expired device records. |
| `php artisan telescope:prune --hours=48`| Clear out Telescope registry entries older than 48 hours. |
| `php artisan dashboard:broadcast-stats`| Broadcast updated CPU/RAM/Disk stats to the admin monitoring channel. Scheduled minutely. |
---
## 📖 Related Manuals
| Document | Target Audience | Content |
|---|---|---|
| [README.md](README.md) | All Users | Quick Start & Architectural Overview (This file) |
| [USER_GUIDE.md](USER_GUIDE.md) | Administrators | Operational guidelines for the administrative panel |
| [TECH_STACK.md](TECH_STACK.md) | Developers | Architectural dependencies, CI pipelines, and plugins details |
| [DEPLOYMENT_GUIDE.md](DEPLOYMENT_GUIDE.md) | DevOps Engineers | Outlines production environment server deployments |
| [SECURITY.md](SECURITY.md) | All Users | Security policies and reporting protocols |
| [CHANGELOG.md](CHANGELOG.md) | All Users | Versioned repository changes log |
| [mobile/README.md](mobile/README.md) | Mobile Engineers | Outline and instructions for React Native/Expo builds |
---
## 📄 License & Terms
Proprietary © 2026 Andika Debi Putra (Debesocial). Designed and packaged to expedite development while aligning with modern security and architectural guidelines (Compliant with **UU PDP No. 27/2022**). All rights reserved.