Implement Interviewer management system

[Raafay-Qureshi]

Summary

Implements comprehensive interviewer management functionality including CRUD operations, status tracking, capacity settings, skills/expertise tags, and search/filtering capabilities.

Features Added

1. Interviewer Model

Created Interviewer discriminator model extending User with:

• Status Tracking: Enum with pending, active, inactive states (default: pending)
• Capacity Settings: Configurable maxPerDay (1-20, default: 10) and maxPerWeek (1-100, default: 40)
• Skills/Expertise: Array of skill tags for filtering and matching
• Partial Index: Optimized querying on status field for interviewer role

2. Interviewer API Endpoints

POST /api/interviewers

• Access: Admin only
• Behavior: Creates new interviewer with pending status, assigned to admin's team
• Validation: Zod schema for name, email, password, skills, capacity
• Protection: Duplicate email detection with friendly error messages

GET /api/interviewers

• Access: Admin and Interviewer roles
• Filtering: Supports filtering by:
  • name - Partial match, case-insensitive
  • email - Exact match
  • status - Enum validation
  • groupIds - Match any group
  • skills - Match any skill, case-insensitive
• Returns: List of interviewers in user's team (password excluded)

GET /api/interviewers/:id

• Access: Team members and own profile
• Returns: Single interviewer details

PUT /api/interviewers/:id

• Access: Admin (team members) or own profile
• Behavior: Partial updates for name, email, status, skills, capacity, groupIds
• Protection: Cannot modify role or teamId

DELETE /api/interviewers/:id

• Access: Admin only
• Protection: Blocks deletion if interviewer has:
  • Associated meetings
  • Associated availability records
• Returns: Descriptive error messages with counts of blocking resources

GET /api/teams/:id/interviewers

• Access: Team members
• Returns: All interviewers for the specified team

Security & Validation

• JWT authentication required on all endpoints
• Role-based authorization (admin-only for create/delete)
• Permission checks using PermissionChecker utility
• Zod validation for all request data:
  • Email format validation
  • Password minimum length (6 characters)
  • Capacity range validation (maxPerDay: 1-20, maxPerWeek: 1-100)
  • ObjectId validation for groupIds
  • Status enum validation

Acceptance Criteria Met

• Interviewers can be created, retrieved, updated, and deleted
• Interviewer data is properly validated
• Interviewers can be assigned to groups (via groupIds)
• Interviewer status and capacity can be tracked and updated
• Search and filtering works correctly (name, email, status, groups, skills)
• API endpoints follow RESTful conventions
• Proper authorization controls are in place (team-scoped access)

Files Changed

• New: backend/src/models/interviewer.ts - Interviewer discriminator model with status, capacity, skills
• Modified: backend/src/routes/interviewerRoutes.ts - Complete CRUD implementation with filtering
• Modified: backend/src/routes/teamRoutes.ts - Added team interviewers endpoint

Closes #107

[Flapjacck]

LGTM