diff --git a/inbound/AI_EMAIL_PARSING_SETUP_ASSESSMENT.md b/inbound/AI_EMAIL_PARSING_SETUP_ASSESSMENT.md new file mode 100644 index 0000000..92b2ebd --- /dev/null +++ b/inbound/AI_EMAIL_PARSING_SETUP_ASSESSMENT.md @@ -0,0 +1,83 @@ +# AI / Email Parsing Setup Assessment + +This report assesses the Email Intake and AI parsing setup for SaaS Stage 1. + +## Current State + +Email Intake exists under `/enquiries/email-intake` with backend routes under `/api/email-intake`. It supports: + +- IMAP mailbox polling +- mailbox browser +- intake logs +- AI parsing/reparse +- trusted senders +- filters +- operational categories +- create enquiry from email +- link email to project/job/quote/enquiry +- apply project update + +Required env vars in route map: + +- `IMAP_HOST` +- `IMAP_USER` +- `IMAP_PASSWORD` +- `OPENAI_API_KEY` + +## Who Performs Parsing? + +Current evidence indicates BoundHQ's platform performs parsing using server-side AI credentials, not customer-provided API keys. That is the correct Stage 1 model. + +## Customer API Keys + +| Option | Stage 1 recommendation | +|---|---| +| BoundHQ-owned AI key | Use now | +| Customer-owned OpenAI key | Defer | +| Per-customer model/provider selection | Defer | + +Customer-owned keys add support burden and do not move first-customer onboarding. + +## Setup Steps + +1. Confirm customer consent for mailbox connection and AI parsing. +2. Create mailbox/app password or forwarding mailbox. +3. Configure IMAP host/user/password for the tenant. +4. Configure trusted sender/domain rules. +5. Poll manually once. +6. Review parsed logs. +7. Create one enquiry from an email. +8. Confirm bad/noisy messages can be ignored/filtered. + +## Privacy Considerations + +- Emails may contain personal data, job details, addresses, quotes, and attachments. +- Parsed content must stay inside the customer's tenant. +- AI prompts/responses should avoid storing unnecessary sensitive data. +- Customer must know that AI parsing can make mistakes and requires review. +- The product needs a plain consent statement before enabling auto-polling. + +## Tenant Isolation Requirements + +Before Stage 1 self-serve use, verify: + +- intake logs include tenant/business scope +- settings and filters are tenant-specific +- mailbox credentials are not shared across businesses +- linked records cannot cross tenants +- AI parsing logs do not leak another tenant's content + +## Failure Modes + +| Failure | Customer impact | Required behavior | +|---|---|---| +| IMAP login fails | No emails imported | Show clear setup error, no retry storm | +| OpenAI key missing | Emails not parsed | Queue/log with "AI unavailable" | +| AI parse wrong | Wrong enquiry details | Human review before commit | +| Duplicate email | Duplicate enquiry | Detect UID/message-id | +| Large attachment | Slow/fail processing | Keep email log, flag attachment issue | +| Tenant mismatch | Data leak | Block and alert | + +## Readiness Verdict + +Email Intake is a strong Stage 1.5 differentiator. It should not block first customer launch. For the first customer, enable it only as a BoundHQ-assisted setup after core quote/job/invoice flow is working. diff --git a/inbound/CUSTOMER_ONBOARDING_BLUEPRINT.md b/inbound/CUSTOMER_ONBOARDING_BLUEPRINT.md new file mode 100644 index 0000000..f14cebb --- /dev/null +++ b/inbound/CUSTOMER_ONBOARDING_BLUEPRINT.md @@ -0,0 +1,68 @@ +# Customer Onboarding Blueprint + +This blueprint defines the ideal first-customer onboarding flow and assesses current support. The recommendation is a "Do It For You" first customer onboarding path, with self-serve wizard deferred until the manual path is proven. + +## Onboarding Principles + +- First customer should reach first quote/invoice fast. +- Brendan should not need to explain database concepts. +- BoundHQ can manually configure risky/technical steps. +- Every step should be skippable unless it blocks quoting, invoicing, or legal compliance. +- Capture state, setup owner, and verification result for each step. + +## Wizard Flow + +| Step | Required? | Current support | Can skip? | DIFM fit | Notes | +|---|---|---|---|---|---| +| 1. Create tenant | Required | SaaS Admin staging; tenant CLI proven | No | BoundHQ only | Must run tenant smoke test | +| 2. Admin user invite/set password | Required | Auth/invite routes exist | No | BoundHQ can create | Login bounce must be fixed | +| 3. Company details | Required | `/api/business/me`, Settings Appearance | No | Either | Business name, ABN, address, state | +| 4. Compliance state | Required | Compliance service exists | No | BoundHQ recommended | Drives deposit caps and terms | +| 5. Logo/branding | Optional | Business logo upload exists | Yes | Either | Can use plain template first | +| 6. Users and roles | Required for team | Settings users/module access | Yes for solo | Either | Start with owner/admin | +| 7. Numbering | Required | Numbering settings exist | No | BoundHQ recommended | Quote/job/invoice prefixes | +| 8. Pricelist setup | Required | Pricelist import/manual exists | No | Strong DIFM | Starter pack plus CSV import | +| 9. Quote template | Required | PDF template UI exists | No | BoundHQ recommended | Must be compliance-safe | +| 10. Invoice template/profile | Required | Invoice profiles/templates exist | No | BoundHQ recommended | Deposit/final invoice path | +| 11. Xero connection | Strongly required | OAuth exists but scopes blocked | Can defer manually | Customer + BoundHQ | For Stage 1, decide manual fallback | +| 12. Tradify import | Optional but high value | Importer staging | Yes | Strong DIFM | Use after core setup | +| 13. Email parsing setup | Optional | Email Intake staging | Yes | BoundHQ recommended | Needs IMAP/OpenAI/privacy consent | +| 14. OneDrive/file storage | Optional | File paths/rclone architecture | Yes | BoundHQ only | Later unless customer relies on drawings | +| 15. Job stages/workflow | Required | Jobs board exists | No | BoundHQ recommended | Start with default cabinet workflow | +| 16. SMS setup | Optional | Twilio built | Yes | BoundHQ only | Tenant-specific sender/costs later | +| 17. AI feature opt-in | Optional | Email AI exists | Yes | BoundHQ | Privacy language needed | +| 18. First project setup | Required | CRM/quote/project/jobs exist | No | Joint | Create one real customer/job | + +## Minimum Manual Onboarding Checklist + +1. Provision tenant and owner account. +2. Confirm login works. +3. Enter business details, ABN, address, state, timezone. +4. Set module access to Stage 1 modules only. +5. Configure numbering. +6. Load starter pricelist or customer CSV. +7. Configure quote/invoice templates and state terms. +8. Create one customer and one sample quote. +9. Generate quote PDF and verify legal terms. +10. Accept quote through public portal. +11. Confirm project/job/deposit invoice are created. +12. Connect Xero or record manual accounting fallback. +13. Train owner on daily loop: customer -> quote -> job -> invoice. + +## Self-Serve Wizard Later + +The self-serve wizard should only be built after the first DIFM onboarding is completed. It should store onboarding progress in a future table such as `onboarding_steps` or `business_onboarding_status`, but no schema change is recommended during this audit. + +## What Brendan Should Do Personally + +- Identify the first customer. +- Decide if Xero setup must be live before onboarding or can be manually assisted. +- Validate the first customer can understand the quote/job/invoice loop. + +## What AI/BoundHQ Should Do + +- Provision and verify tenant. +- Configure defaults. +- Import starter data. +- Produce a one-page customer quick-start. +- Capture every manual setup step as future wizard requirements. diff --git a/inbound/DEV_CENTRE_ACCURACY_AUDIT.md b/inbound/DEV_CENTRE_ACCURACY_AUDIT.md new file mode 100644 index 0000000..439a39e --- /dev/null +++ b/inbound/DEV_CENTRE_ACCURACY_AUDIT.md @@ -0,0 +1,81 @@ +# Dev Centre Accuracy Audit + +This audit reviews the Dev Centre module completion system against Stage 1 SaaS launch readiness. It compares the seeded/manual Dev Centre percentages with the route map, frontend module registry, backend route inventory, migrations, and current project state. It is not a live authenticated staging test. + +## Evidence Used + +- `C:\Dev\cabinetHQ\cabinethq-backend\migrations\20260701_dev_centre.sql` +- `C:\Dev\cabinetHQ\docs\architecture\ROUTE_MODULE_MAP.md` +- `C:\Dev\cabinetHQ\docs\architecture\route-module-map.json` +- `C:\Dev\cabinetHQ\cabinetHQ-frontend\src\config\modules.js` +- `C:\Dev\BoundHQ-Memory\PROJECT_STATE.md` +- `C:\Dev\cabinetHQ\docs\dev\PROJECT_STATE.md` + +## System Finding + +Dev Centre completion is manually stored in `dev_module_status.status` and `dev_module_status.completion_percent`. It is not calculated from: + +- route parity +- production promotion status +- database source correctness +- tenant isolation +- automated tests +- external integration readiness +- SaaS onboarding readiness +- North Star launch priority + +That makes the current percentages useful as development memory, but unsafe as SaaS readiness scores. + +## Module Accuracy Table + +| Module | Current Dev Centre status | Actual status | Accuracy score | Data source used | Missing pieces | SaaS readiness | Recommended correction | +|---|---:|---|---:|---|---|---|---| +| Authentication / User Management | MVP 85% | Prod-partial; httpOnly-cookie direction conflicts with stale docs; login bounce unresolved | 45% | Dev Centre seed, route map, project state | Staging login verification, forgot password UI, profile/security UX, tenant login tests | Stage 1 blocker | Re-score to 55% until login bounce and auth smoke tests pass | +| Settings / Module Access | Complete 95% | Broadly usable, production mapped | 80% | modules.js, route map | Onboarding setup checklist, role test matrix, sidebar persistence proof | Stage 1 must work | Keep high but split "settings" from onboarding/admin setup | +| CRM - Customers | MVP 80% | Production mapped, usable core CRM | 85% | route map, module docs, project state | Duplicate detection and timeline are nice-to-have | Stage 1 must work | Raise to 85%; call it Stage 1 ready after tenant isolation smoke test | +| CRM - Enquiries | MVP 80% | Production mapped, email-assisted, conversion gaps noted | 70% | route map, Dev Centre seed | Confirm enquiry-to-project button/flow and email-created enquiry source | Stage 1.5 | Keep 80% for product, but readiness 70% until conversion verified | +| Email Intake | MVP 75% | Staging only; requires IMAP and OpenAI env; privacy/tenant isolation needs proof | 55% | route map, pending actions | OpenAI key on staging, failure modes, customer setup UX | Stage 1.5 | Re-score to 60%; do not call Stage 1 until customer setup is scripted | +| Quotes | Complete 95% | Production mapped and central to workflow; compliance default risk remains | 70% | route map, North Star, project state | PDF deposit defaults, state compliance verification, QuoteDetail large-file risk | Stage 1 must work | Re-score to 80% after PDF compliance defaults deployed and tested | +| PDF Templates | Complete 95% | Route map says missing/unknown; legal compliance risk | 40% | route map, project state, Dev Centre seed | Production route verification, default terms by state, preview test | Stage 1 blocker | Re-score to 50%; block launch until quote/invoice PDFs are legal | +| Invoices | MVP 85% | Production mapped; Xero push exists; partial payment/reminders missing | 80% | route map, module docs | Invoice-to-Xero E2E and payment sync test | Stage 1 must work | Keep 85% if Xero tests pass; readiness depends on Xero env | +| Xero Integration | MVP 80% | Route map blocked; scopes blocker exists | 35% | route map, North Star | Brendan must enable scopes; OAuth and invoice push E2E | Stage 1 must work or managed setup | Re-score to 50% maximum until scopes and tenant-specific setup verified | +| Projects / Jobs | Complete 90% | Production mapped; core workflow usable | 80% | route map, project state | Folder creation path mismatch, job/project linkage test | Stage 1 must work | Split Projects and Jobs into separate Dev Centre rows | +| Production Kanban | Complete 95% | Jobs board production mapped | 85% | Dev Centre seed, route map | 14-stage SaaS workflow verification | Stage 1 must work | Merge with Jobs or rename to Jobs Kanban to avoid duplicate scoring | +| Production Planner | Complete 95% | Staging only; useful but not essential for first customer | 55% | route map | Production promotion, capacity inputs, CNC estimates | Stage 2 | Reclassify as Stage 2 and re-score to 70% product-ready/staging | +| Scheduler / Dispatch | Needs-work 50% | Staging; known DnD issue; superseded by Production Planner | 85% | Dev Centre seed, route map | Decide whether to park or replace | Later / parked | Keep as needs-work but mark not Stage 1 | +| Pricelist | Complete 95% | Production mapped; import/rollback improved; essential for quotes | 85% | route map, project state | New-customer guided builder and starter pack | Stage 1 must work | Keep 90% product, readiness 80% until onboarding pack exists | +| Cabinet Builder / Mozaik | MVP 75% | Production mapped but Mozaik issues; not first-customer blocker | 75% | route map, project state | Linux folder creation, customer setup complexity | Stage 2 | Reclassify as Stage 2 unless first customer needs Mozaik | +| CNC Tooling | MVP 70% | Staging; manufacturing-specific | 80% | route map | Production integration, runtime estimates | Later / parked | Keep score but park for Stage 1 | +| Estimator | MVP 75% | Production mapped; useful but optional | 80% | route map | Integration to quotes/planner | Stage 1.5 | Keep 75%; not a launch blocker | +| Time Cards | MVP 85% | Staging; useful for team use, not first onboarding | 65% | route map | Promotion, payroll export, mobile clock-in | Stage 2 | Reclassify Stage 2 | +| Action Centre | Not-started 0% | Not built | 100% | Dev Centre seed | None for audit | Later | Keep parked | +| Team Notes | Complete 90% | Production mapped and usable | 85% | route map | Mentions/rich text optional | Stage 1.5 | Keep score | +| WHS / SOP | Complete 95% | Production mapped; strong but not first-customer onboarding critical | 80% | route map | Template library and AI key setup for SaaS | Stage 2 | Keep product score, Stage 2 priority | +| Communications Log | Complete 90% | Production mapped | 85% | route map | Body drill-down/bulk actions optional | Stage 1.5 | Keep score | +| Help Centre / Broadcasts | MVP 80% | Help exists; broadcasts staging | 65% | route map, modules.js | Customer-facing onboarding help not complete | Stage 1.5 | Split Help Centre from Broadcasts | +| Database Admin | Complete 95% | Staging only; internal/dev tool | 60% | route map | Production hardening, access audit | Later / internal | Reclassify as internal only, not SaaS module | +| Customer Portal | In-progress 60% | Staging; useful but not required for first onboarding | 70% | route map | Password reset, job progress, file access | Stage 2 | Keep 60%; not launch blocker | +| Leave & Capacity | Needs-work 85% | Route map prod, project state says styling fixed; older seed stale | 50% | Dev Centre seed, project state | Reconcile stale bug note with current code state | Stage 2 | Update notes; readiness depends on capacity integration | +| Financials | Complete 100% | Staging; Xero scopes blocked; Premium-tier feature | 30% | route map, North Star | Xero scopes, production promotion, role tests | Stage 2 | Re-score Stage 1 readiness to 40%; do not block first customer | +| Purchase Orders | Complete 100% | Production mapped, procurement foundation improved | 80% | route map, project state | Receiving-to-inventory verification | Stage 1.5 | Keep high, not first-customer blocker | +| Inventory | MVP 80% | Production mapped; linked to pricelist/PO in progress | 75% | route map, project state | Stock source audit, PO receiving test | Stage 1.5 | Keep 80%; Stage 1.5 | +| SaaS Foundations | MVP 75% | Tenant provisioning proven; SaaS Admin staging, onboarding not built | 60% | route map, North Star | Deploy SaaS Admin, smoke-test tenant provisioning, onboarding flow | Stage 1 blocker | Split into SaaS Admin, tenant provisioning, onboarding | + +## Recommended Dev Centre Scoring Model + +Replace single completion percentage with four scores: + +| Score | Meaning | +|---|---| +| Build completeness | Feature/UI/API exists | +| Data correctness | Reads/writes correct tables and links to adjacent modules | +| SaaS safety | business_id/tenant isolation, auth, role access, no secrets, external env readiness | +| Stage 1 readiness | Required for first paying customer and tested in the launch path | + +## Critical Corrections + +1. PDF Templates must not show 95% complete for SaaS readiness while route map is `missing/unknown` and PDF deposit clauses remain a legal risk. +2. Financials must not show 100% as launch-ready while Xero scopes are blocked and route status is staging. +3. Production Planner should move from Stage 1 thinking to Stage 2 unless the first customer requires detailed shop-floor planning immediately. +4. Dev Centre needs North Star-aware scoring, not generic module completion. +5. SaaS Foundations must be split because tenant provisioning, SaaS Admin, onboarding wizard, billing, and support readiness are different things. diff --git a/inbound/FOUNDER_INTENT.md b/inbound/FOUNDER_INTENT.md new file mode 100644 index 0000000..96a4bc7 --- /dev/null +++ b/inbound/FOUNDER_INTENT.md @@ -0,0 +1,74 @@ +## Founder Intent + +Brendan's decision patterns, extracted from 27 ADRs, 21 handbacks, and 8 architecture documents. + +AI reads this to make decisions that match Brendan's style. When uncertain, pick the choice matching more patterns below. + +### 1. Simple > Clever + +1. Simple -- explain in one sentence, fewer parts +2. Fast -- ship quickly, deliver value +3. Correct -- solve the real problem +4. Complete -- clear done state, no gold plating +5. Clever -- only if none of the above work + +### 2. Ship Mentality + +- Shipping beats perfect. Deployed today > perfect next week. +- Iterate in production. Ship it, watch what breaks, fix that. +- Under 20 minutes? Just do it. Planning cost exceeds fix cost. + +### 3. Smallest Safe Change + +- Never rewrite working modules. Refactor only when blocked. +- One change at a time. Test each layer. +- Prefer additive changes. Add columns not rename. + +### 4. Real Data Over Examples + +- No fake data, no lorem ipsum. Real data or empty. +- Test with production data. +- Research must produce actionable findings. + +### 5. No Bureaucracy + +- No forms, no templates. Natural language. +- No tagging. System categorises. +- No reviews for non-production changes. Ship it. +- 5-second capture threshold. + +### 6. ADHD-Friendly + +- Short bursts. AI works autonomously between them. +- Zero warm-up. AI presents full context first line. +- Instant switching. Save state, move on. +- Problems with solutions. Never problems alone. + +### 7. Role Division + +- Brendan: think, decide, validate, sell +- AI: execute, remember, inform, maintain, document + +### 8. Value Hierarchy + +1. Revenue +2. Legal/Compliance +3. Brendan's time +4. Customer value +5. Internal quality + +### 9. Patterns + +- Build for one team first, then generalise. +- If done in one place, do it everywhere. +- Cannot verify it? Do not deploy it. +- Documentation is not optional. +- Handbacks for everything paused or blocked. + +### 10. Does Not Care About + +- Fancy UI. No animations or polish. +- Code aesthetics. Inline styles are fine. +- Mobile first. Desktop first. +- Tool loyalty. All tools interchangeable. +- Process for its own sake. diff --git a/inbound/MODULE_DATABASE_SOURCE_AUDIT.md b/inbound/MODULE_DATABASE_SOURCE_AUDIT.md new file mode 100644 index 0000000..7e0341a --- /dev/null +++ b/inbound/MODULE_DATABASE_SOURCE_AUDIT.md @@ -0,0 +1,82 @@ +# Module Database Source Audit + +This audit maps module data sources and highlights table/source risks for Stage 1 SaaS. It uses migrations, the base schema, route map, and project docs. It does not directly query a live database. + +## Cross-Cutting Findings + +1. Multi-tenant strategy is in transition. Newer SaaS tables use `business_id`, older Cabinet Builder tables use `tenant_id`, and some legacy operational tables need verified business scoping. +2. RLS exists as migration `20260701_data_authorization_rls.sql`, but current project state says it is dormant until `SET LOCAL app.business_id` pre-handler wiring exists. +3. Several docs conflict on auth and response format. Older `API_OVERVIEW.md` says localStorage/plain JSON, while newer route docs and decisions say httpOnly cookies and response envelopes. Treat this as a launch audit item. +4. Dev Centre completion values are not sourced from live module health or database relationships. +5. Fresh customer onboarding depends on correct seed data for `module_settings`, `record_number_settings`, PDF templates, price lists, invoice profiles, and business settings. + +## Source Table Map + +| Module | Reads from | Writes to | Correct source? | Relationship concerns | Mock/stale/wrong source risk | +|---|---|---|---|---|---| +| Customers | `customers`, `contacts`, `customer_addresses`, `customer_notes`, `customer_activities` | same | Yes | Must link customer to enquiries, quotes, projects, invoices | Duplicate customer detection absent | +| Contacts | `contacts`, `contact_price_lists` | same | Yes | Customer/contact split can confuse onboarding | Sidebar disabled but routes exist | +| Enquiries | `enquiries`, `enquiry_files`, `enquiry_notes`, `email_intake_logs` | same; creates projects on conversion | Yes | Must preserve enquiry-to-project lineage | Conversion flow must be retested | +| Quotes | `quotes`, `quote_line_items`, `quote_payment_schedule_steps`, `quote_events`, customers/contacts/pricelist | same; creates invoices | Yes | State compliance data and template defaults must align | Legal terms/defaults risk | +| Projects | `projects`, `project_notes`, `project_files`, `project_update_log`, drawings | same | Yes | Parent to jobs/quotes/invoices must be complete | OneDrive path mismatch | +| Jobs | `jobs`, `job_tasks`, `job_notes`, `job_files`, `job_schedules`, projects | same | Yes | Stage labels must match SaaS 14-stage workflow | Legacy 12-stage references | +| Invoices | `invoices`, `invoice_line_items`, `invoice_profiles`, `invoice_profile_steps`, quotes/projects/jobs | same | Yes | Xero IDs/status sync must be tenant-scoped | Payment state depends on Xero sync | +| Pricelist | `price_lists`, `price_list_items`, pricing rules, import batches/actions | same | Yes | Quote pricing and PO links depend on codes/UOM/GST | New-customer starter data missing | +| Xero | `integration_connections`, `integration_sync_logs`, `xero_accounts_cache`, `xero_contacts_cache`, `xero_invoices_cache`, `xero_tax_rates_cache` | same | Yes in design | OAuth tokens must be per business | Scopes/env blocker | +| Email Intake | `email_intake_logs`, settings, filters, trusted senders | same; creates enquiries/project updates | Yes in design | Must link to tenant records only | Staging OpenAI key missing; failure modes | +| Production Planner | `production_*`, jobs, routing, resources, manual entries | same | Mostly | Needs routing setup before useful | Stage 2; not launch-critical | +| Scheduler/Dispatch | `schedule_blocks`, `production_schedule_entries`, jobs | same | Legacy/unclear | Overlaps Production Planner | Park or replace to avoid duplicate workflow | +| Inventory | `stock_master`, `stock_transactions`, `stock_kits`, `stock_kit_items`, `stock_remnants`, suppliers | same | Yes | PO receiving to stock must be verified | Stale module-level user bug noted historically | +| Purchase Orders | `po_master`, `po_line_items`, `suppliers`, stock/pricelist refs | same | Yes | Receiving should update inventory | Verify `stock_id` and transaction write path | +| Time Cards | `time_cards`, `time_card_entries`, `staff`, hour templates | same | Yes | Labour cost feeds financials/capacity later | Stage 2 | +| Dev Centre | `dev_log_items`, `dev_module_status`, revisions, improvements, debt, feedback | same | Yes for internal planning | No live readiness calculation | Manual percentages stale | +| SaaS Admin | `businesses`, `subscriptions`, tenant provisioning artifacts | same plus new tenant DB/schema | Yes in design | Must seed all required setup tables | Staging only; destructive drop endpoint | +| Tradify Importer | `tradify_import_*` plus customers/jobs/quotes/invoices/projects | writes many operational tables | Yes in design | Must dedupe customers and preserve import rollback links | Needs customer CSV guide and tenant write tests | +| Financials | `financial_snapshots`, `forecast_*`, `manual_cost_entries`, `regular_expenses`, `project_back_costings`, Xero cache, invoices/PO/time cards | same | Yes but broad | Xero scopes and report access required | Stage 2; route status staging | +| PDF Templates | `pdf_templates`, `legal_terms`, business logo/details, quote/invoice data | same | Yes in design | Defaults must match state compliance | Route status missing/unknown; legal blocker | +| Settings | `module_settings`, `record_number_settings`, `record_number_preferences`, `businesses`, `staff`, sidebar prefs/groups | same | Yes | Must seed per business | Onboarding wizard missing | +| Portal | `portal_users`, customer/job/quote/invoice records | portal users and auth tokens | Yes in design | Customer data scoping is high risk | Stage 2 | +| WHS/Training | `whs_*`, `training_modules`, `training_records`, staff | same | Yes | Template library needed for SaaS | Stage 2 | +| Cabinet Builder/Mozaik/CNC | `cabinet_builder_*`, `mozaik_*`, `cnc_*` | same/files | Mixed | Separate `tenant_id` conflicts with main `business_id` model | Later-stage tenant model risk | +| Team Notes | `team_note_pages`, `team_notes` | same | Yes | Links to jobs/quotes/projects | Stage 1.5 | +| Communications/SMS | `communications`, SMS-related fields | same | Yes | Twilio config must be per tenant if enabled | Stage 1.5 | + +## Tables That Need Tenant Isolation Verification + +Priority Stage 1 tables: + +- `users`, `businesses`, `module_settings` +- `customers`, `contacts`, `customer_addresses`, `customer_notes` +- `enquiries`, `enquiry_files`, `enquiry_notes` +- `quotes`, `quote_line_items`, `quote_payment_schedule_steps` +- `projects`, `project_files`, `project_notes`, `project_update_log` +- `jobs`, `job_tasks`, `job_notes`, `job_schedules` +- `invoices`, `invoice_line_items`, `invoice_profiles` +- `price_lists`, `price_list_items`, `contact_price_lists` +- `integration_connections`, `xero_*_cache` +- `pdf_templates`, `legal_terms` +- `tradify_import_*` + +## Duplicate / Orphan / Wrong-Source Risks + +| Risk | Why it matters | Recommendation | +|---|---|---| +| `business_id` vs `tenant_id` | Cabinet Builder uses a separate tenant model from SaaS business scope | Do not rely on Cabinet Builder for Stage 1 SaaS until mapped | +| Dormant RLS | Migration exists but does not enforce without session variable wiring | Add tenant isolation smoke tests before first customer | +| Scheduler vs Production Planner | Duplicate scheduling workflows can confuse users | Park Scheduler/Dispatch unless required | +| Dev Centre module status | Manual source can mislead launch decisions | Add launch readiness fields and calculated checks | +| PDF legal terms/defaults | Wrong default clauses create legal exposure | Make PDF compliance a Stage 1 blocker | +| Tradify import writes many tables | Bad import could pollute a new tenant | Use preview/confirm/rollback and test in throwaway tenant | + +## Stage 1 Database Gate + +Before first paying customer, prove these with a throwaway tenant: + +1. Create business/admin user. +2. Create customer/contact/enquiry. +3. Convert or create project. +4. Create quote from pricelist item. +5. Generate compliant PDF for customer state. +6. Accept quote and create job/deposit invoice. +7. Push invoice to Xero draft, or mark Xero setup as BoundHQ-managed manual step. +8. Confirm another tenant cannot read any of the above. diff --git a/inbound/MODULE_DEPENDENCY_MAP.md b/inbound/MODULE_DEPENDENCY_MAP.md new file mode 100644 index 0000000..2888a5e --- /dev/null +++ b/inbound/MODULE_DEPENDENCY_MAP.md @@ -0,0 +1,54 @@ +# Module Dependency Map + +This map shows the intended module connections for Stage 1 SaaS and identifies current, missing, broken, or duplicate links. + +## Core Workflow + +```mermaid +flowchart LR + Email["Email Intake"] --> Enquiry["Enquiry"] + Customer["Customer / Contact"] --> Enquiry + Enquiry --> Quote["Quote"] + Pricelist["Pricelist"] --> Quote + Quote --> Project["Project"] + Quote --> Invoice["Deposit Invoice"] + Project --> Job["Job"] + Job --> InvoiceFinal["Final Invoice"] + Invoice --> Xero["Xero"] + InvoiceFinal --> Xero + Project --> Files["Files / Drawings"] +``` + +## Dependency Table + +| Flow | Current links | Missing links | Broken/risky links | Required fixes | +|---|---|---|---|---| +| Email Intake -> Enquiries / Customers / Projects / Attachments | Routes can create enquiries, link logs, apply project updates | Customer setup wizard for mailbox and trusted senders | OpenAI key pending; tenant privacy needs proof | Stage 1.5 setup guide and isolation test | +| Enquiry -> Customer -> Quote | CRM and enquiries exist; quotes link contacts/customers | Confirm one-click enquiry-to-quote/project path | Dev Centre seed notes missing convert button | Verify and document onboarding flow | +| Quote -> Project -> Job | Projects/jobs/quotes link through `project_id`; acceptance creates downstream records | Confirm all created records carry business scope | PDF compliance defaults risk | Run E2E quote acceptance smoke test | +| Quote -> Invoice -> Xero | Invoice creation and Xero push exist | Scopes enabled; per-tenant OAuth setup | Xero route status blocked | Treat Xero setup as Stage 1 launch gate or managed manual step | +| Pricelist -> Quotes / Invoices / Purchase Orders / Inventory | Quote pricelist items and procurement fields exist | Guided starter pack for new customers | UOM/GST import mistakes possible | Build customer-facing import template after audit | +| Tradify Importer -> Customers / Jobs / Quotes / Invoices / Projects | Upload, preview, confirm, rollback exist | Plain customer instructions and sample export checklist | Bad CSV mapping could pollute tenant | Use throwaway tenant import rehearsal | +| Production Planner -> Jobs / Projects / Schedule / Capacity | Production routes and board exist | Staff leave/capacity integration, CNC estimates | Staging only | Stage 2 unless required by customer | +| Inventory -> Purchase Orders -> Stock | Stock/PO tables exist; procurement foundation links fields | Receiving-to-stock must be verified | Dev Centre historical bug says unlink existed | Test before promoting as Stage 1.5 | +| Customer Portal -> Quotes / Jobs / Invoices | Portal auth/admin routes exist | Job progress and file access incomplete | Customer scoping high-risk | Stage 2 | +| PDF Templates -> Quotes / Invoices / Compliance | Template routes/services exist | State default terms deployed and verified | Route map missing/unknown; legal blocker | Fix before first paid quote/invoice | +| Settings -> Business setup / branding / numbering / users | Settings tabs and routes exist | Onboarding wizard; DIFM checklist | No single first-run flow | Create onboarding blueprint and manual checklist | +| Dev Centre -> Launch readiness | Planning and module status exist | North Star, blockers, test status, stage classification | Manual percentages misleading | Add North Star dashboard spec | + +## Duplicate Workflows + +| Duplicate | Problem | Recommendation | +|---|---|---| +| Scheduler/Dispatch and Production Planner | Two scheduling concepts with overlapping job movement | Park Scheduler for Stage 1; use Jobs board and simple project/job dates | +| Cabinet Builder, Estimator, Mozaik Library | Multiple estimating/BOM paths | Use Pricelist + Quotes for Stage 1; keep advanced manufacturing tools Stage 2+ | +| Dev Centre completion vs route promotion map | Two sources imply readiness differently | Route map + readiness audit should drive launch status | +| Customer Portal vs public quote portal | Public quote acceptance works; full portal incomplete | Use public quote portal for Stage 1; full portal Stage 2 | + +## Stage 1 Required Dependency Path + +Shortest required path: + +Customer setup -> Settings -> Pricelist -> Customer -> Quote -> PDF -> Accept -> Project/Job -> Invoice -> Xero/manual accounting -> Support. + +Anything outside that path is Stage 1.5 or later unless the first customer explicitly needs it. diff --git a/inbound/MODULE_INVENTORY.md b/inbound/MODULE_INVENTORY.md new file mode 100644 index 0000000..184f144 --- /dev/null +++ b/inbound/MODULE_INVENTORY.md @@ -0,0 +1,54 @@ +# Module Inventory + +This inventory lists developed modules and notable hidden/experimental areas found through the frontend registry, route map, backend route files, migrations, and project docs. "Current state" is an audit judgment, not a live acceptance result. + +## Inventory + +| Module | Purpose | User role | Frontend location | Backend routes | Main database tables | External integrations | Current working state | Known bugs / risks | Links to other modules | Tenant isolation | Stage 1 need | +|---|---|---|---|---|---|---|---|---|---|---|---| +| Auth / Users | Login, signup, invites, sessions | All users/admin | `/login`, `/signup`, `/set-password/:token` | `/api/auth` | `users`, `refresh_tokens`, `businesses` | Resend for invites/reset | Prod-partial | Staging login bounce; docs disagree on localStorage vs httpOnly cookie | All modules | `users.business_id`; needs session/RLS proof | Must work | +| Dashboard | Operational overview | Admin, manager, office, workshop | `/` | `/api/dashboard` | Aggregates jobs, quotes, invoices, projects | None | Prod | Needs real tenant smoke test | Jobs, quotes, invoices | Depends on route filters | Stage 1 | +| Customers | Customer/account CRM | Admin, manager, office | `/customers`, `/customers/:id` | `/api/customers` | `customers`, `contacts`, `customer_addresses`, `customer_notes`, `customer_activities` | None | Prod | Duplicate detection missing | Enquiries, quotes, projects, invoices | Needs business-scoped verification | Stage 1 | +| Contacts | People linked to customers | Admin, manager, office | `/contacts`, `/contacts/:id` | `/api/contacts` | `contacts`, `contact_price_lists` | None | Built but sidebar disabled | Separate module disabled | Customers, quotes, invoices | Needs business-scoped verification | Stage 1 as embedded CRM | +| Enquiries | Lead capture and conversion | Admin, manager, office | `/enquiries`, `/enquiries/:id` | `/api/enquiries` | `enquiries`, `enquiry_files`, `enquiry_notes` | Email Intake | Prod | Conversion flow needs re-test | Customers, projects, email | Needs business-scoped verification | Stage 1.5 | +| Projects | Parent record connecting customer work | Admin, manager, office | `/projects`, `/projects/:id` | `/api/projects` | `projects`, `project_notes`, `project_files`, `project_update_log`, `drawing_register` | OneDrive/rclone file storage | Prod | OneDrive naming mismatch | Enquiry, quote, job, invoice | Needs business-scoped verification | Stage 1 | +| Jobs | Production/job execution | Admin, manager, office, workshop | `/jobs`, `/jobs/:id` | `/api/jobs`, `/api/bulk-delete` | `jobs`, `job_tasks`, `job_notes`, `job_files`, `job_schedules` | OneDrive/Mozaik optional | Prod | Confirm 14-stage SaaS labels vs legacy 12-stage references | Projects, quotes, invoices, production | Needs business-scoped verification | Stage 1 | +| Quotes | Quote builder, send, accept, revise | Admin, manager, office | `/quotes`, `/quotes/:id`, `/q/:token` | `/api/quotes` | `quotes`, `quote_line_items`, `quote_events`, `quote_files`, `quote_change_requests`, `quote_payment_schedule_steps` | Resend, PDF, Xero via invoice | Prod | PDF compliance default risk; `QuoteDetail.jsx` large | Customers, pricelist, projects, invoices | Needs business-scoped verification; public token access | Stage 1 | +| Quote portal | Customer quote view/accept | Customer/public | `/q/:token` | `/api/quotes/view/:token` | `quotes`, `quote_change_requests`, `portal_users` optional | Email links | Prod | Public token permissions need test | Quotes, portal, invoices | Token scoped by quote | Stage 1 | +| Invoices | Deposit/final invoices and Xero push | Admin, manager, office | `/invoices`, `/invoices/:id` | `/api/invoices`, `/api/invoice-profiles` | `invoices`, `invoice_line_items`, `invoice_profiles`, `invoice_profile_steps`, `invoice_activity` | Xero, Resend/PDF | Prod | Xero E2E depends on scopes/env | Quotes, jobs, Xero | Needs business-scoped verification | Stage 1 | +| Pricelist | Products/services and customer pricing | Admin, manager | `/pricelist` | `/api/pricelists`, `/api/customer-pricing`, `/api/quotes/:id/pricelist-items` | `price_lists`, `price_list_items`, `price_list_category_rules`, `price_list_item_overrides`, `pricelist_import_batches`, `pricelist_import_actions` | CSV/Excel import | Prod | New customer setup not guided enough | Quotes, invoices, PO, inventory | Needs business-scoped verification | Stage 1 | +| Communications | Unified outbound/inbound communication log | Admin, manager, office | `/communications` | `/api/communications` | `communications` | Resend, SMS/Twilio indirectly | Prod | Body drill-down/bulk actions missing | Quotes, invoices, projects, SMS | Needs business-scoped verification | Stage 1.5 | +| Email Intake | IMAP polling, AI parse, operational queue | Admin, manager, office | `/enquiries/email-intake` | `/api/email-intake` | `email_intake_logs`, `email_intake_filters`, `email_intake_settings`, `email_intake_trusted_senders` | IMAP, OpenAI | Staging | OpenAI key pending; privacy/failure mode setup needed | Enquiries, customers, projects, attachments | Must prove business_id on logs/settings | Stage 1.5 | +| Xero | OAuth, contacts/invoices/payment sync, P&L | Admin/manager | `/settings/integrations`, `/financials` | `/api/integrations/xero` | `integration_connections`, `integration_sync_logs`, `xero_*_cache` | Xero OAuth2 | Blocked | Brendan must enable scopes; per-tenant OAuth setup required | Invoices, financials, contacts | `integration_connections.business_id`; verify tokens per business | Stage 1 | +| Settings / Module Access | Business setup, users, modules, numbering, appearance | Admin/manager | `/settings` and child tabs | `/api/modules`, `/api/user/sidebar-*`, `/api/business`, `/api/numbering-settings` | `module_settings`, `user_sidebar_prefs`, `user_sidebar_groups`, `record_number_settings`, `businesses`, `staff` | Logo file storage | Prod | Needs onboarding-oriented setup path | All modules | Mixed; business logo/settings use business_id | Stage 1 | +| SaaS Admin | Provision/manage SaaS tenants | Founder/developer | `/admin/saas` | `/api/admin/saas` | `businesses`, `subscriptions`, tenant provisioning metadata | PostgreSQL/libpq | Staging | Not deployed; env vars needed; destructive drop endpoint must be protected | Auth, tenant create | Central to SaaS; DB-per-tenant/provision flow | Stage 1 blocker | +| Dev Centre | Internal planning/progress system | Admin/developer | `/dev-centre`, `/dev-centre/:id` | `/api/dev-centre` | `dev_*` tables | OpenRouter/OpenAI optional | Staging | Completion % manual and misleading for launch | All development modules | Internal only; should not be customer visible | Internal Stage 1 support | +| PDF Templates | Quote/invoice templates and terms | Admin/manager | `/settings/pdf-templates` | `/api/pdf-templates` | `pdf_templates`, `legal_terms`, `terms_acknowledgements` | PDF renderer | Missing/unknown in route map | Deposit clauses illegal in 4 states until defaults fixed | Quotes, invoices, compliance | Needs business_id per templates/terms | Stage 1 blocker | +| Customer Portal | Customer account/dashboard | Customer/admin | `/portal/*`, `/settings/portal-users` | `/api/portal/auth`, `/api/portal/admin` | `portal_users`, customer/job/quote/invoice views | Email links | Staging | Job progress/file access/password reset incomplete | Quotes, invoices, jobs | `portal_users.business_id`; verify customer scoping | Stage 2 | +| Production Planner | Shop planning by operations/capacity | Admin, manager, workshop | `/production`, `/production/floor-tv`, `/settings/production-routing` | `/api/production` | `production_*`, `job_production_hours`, `manual_production_entries` | Optional CNC | Staging | CNC estimates not wired; data setup heavy | Jobs, projects, schedule, capacity | Needs business scope review | Stage 2 | +| Dispatch / Scheduling | Dispatch board, legacy scheduler | Admin, manager, workshop | `/dispatch`, `/scheduling` redirect | `/api/scheduling` | `schedule_blocks`, `production_schedule_entries` | None | Staging/needs-work | Drag/drop issue in seed; superseded by planner | Jobs, production | Needs review | Later / parked | +| Inventory | Stock, remnants, transactions, kits | Admin, manager, workshop | `/inventory` | `/api/inventory` | `stock_master`, `stock_transactions`, `stock_kits`, `stock_kit_items`, `stock_remnants`, `stock_suppliers` | Barcode/CSV optional | Prod | PO receiving linkage must be verified | Pricelist, PO, production | Needs business scope review | Stage 1.5 | +| Purchase Orders | Supplier ordering and receiving | Admin, manager, office | `/purchase-orders` | `/api/purchase-orders` | `po_master`, `po_line_items`, `suppliers`, `stock_suppliers` | None | Prod | Receiving-to-inventory test required | Pricelist, inventory, financials | Needs business scope review | Stage 1.5 | +| Financials | Snapshots, forecasts, cost ledger, cashflow | Admin, manager | `/financials` | `/api/financials/*` | `financial_snapshots`, `forecast_*`, `manual_cost_entries`, `regular_expenses`, `project_back_costings`, `financial_settings` | Xero | Staging/blocked by scopes | Xero scopes; Premium-tier complexity | Invoices, Xero, jobs, PO | Uses business_id in newer tables; verify all routes | Stage 2 | +| Time Cards | Staff time entry and approval | Admin, manager, office, workshop | `/time-cards`, `/settings/time-cards` | `/api/time-cards` | `time_cards`, `time_card_entries`, `organisation_hours_defaults`, `staff_hour_templates` | Xero payroll future | Staging | Mobile/payroll export missing | Staff, financials, capacity | Needs business scope review | Stage 2 | +| Leave & Capacity | Leave requests and capacity flags | Admin, manager, office, workshop | `/leave` | `/api/leave` | `leave_requests`, `leave_balances`, `staff` | None | Prod according to route map | Needs capacity integration follow-up | Staff, time cards, production | Needs business scope review | Stage 2 | +| WHS / SOP | Safety registers and docs | Admin, manager, workshop | `/whs` | `/api/whs`, `/api/whs-ai` | `whs_*`, `training_*` overlap | OpenAI for generation | Prod | Template library setup for SaaS | Training, staff | Needs business scope review | Stage 2 | +| Training | Training modules and records | Admin, manager, office | `/training` | `/api/training` | `training_modules`, `training_records` | None | Staging | Not needed for first customer | WHS, staff | Needs business scope review | Stage 2 | +| Estimator | Material estimate sessions | Admin, manager, office | `/estimator` | `/api/estimator` | `estimate_sessions`, `estimate_lines`, `price_list_items` | None | Prod | Not fully integrated to planner | Quotes, pricelist | Older `tenant_id` model needs review | Stage 1.5 | +| Cabinet Builder | Cabinet BOM/pricing builder | Admin, manager, workshop | `/cabinet-builder` | `/api/cabinet-builder` | `cabinet_builder_*` | Mozaik optional | Prod | Uses separate `tenant_id`; folder creation issue | Quotes, jobs, Mozaik | Separate tenant model; reconcile with business_id | Stage 2 | +| Mozaik Library | Import/manage Mozaik library data | Admin/manager | `/settings/cabinet-library`, integration tabs | `/api/mozaik`, `/api/cabinet-library` | `mozaik_*`, `cnc_*`, `cabinet_builder_*` | Mozaik files | Missing/unknown/staging | Complex setup, not launch-critical | Cabinet builder, production, CNC | Needs tenant model review | Later unless first customer needs it | +| CNC Tooling | CNC tools, groups, runtime settings | Admin/manager | `/settings/cnc-tooling` | `/api/cnc` | `cnc_*` | Mozaik CNC files | Staging | Runtime not wired to planner | Mozaik, production | Partial `business_id` only | Later | +| Cabinet Library | Parameter reference, product briefs, presets | Admin, manager, workshop | `/cabinet-library` | `/api/cabinet-library` | `mozaik_parameter_reference`, `mozaik_product_briefs`, `mozaik_parameter_presets` | OpenAI formula assistant optional | Staging | Product-development oriented | Mozaik, cabinet builder | Needs review | Later | +| Team Notes | Internal notes board | Admin, manager, office, workshop | `/team-notes` | `/api/team-notes` | `team_note_pages`, `team_notes` | None | Prod | Rich text/@mentions missing | Jobs, quotes | Needs business scope review | Stage 1.5 | +| Help Centre | User guide/help | All internal users | `/help` | Mostly static | static docs | None | Built | SaaS onboarding help not complete | All modules | Not data sensitive | Stage 1.5 | +| Broadcasts | Internal announcements | Admin/staff | `/settings/broadcasts` | `/api/broadcasts` | `team_broadcasts`, `broadcast_acknowledgements` | None | Staging | Not launch-critical | Help/settings | Needs business scope review | Later | +| Database Admin | Internal database browser | Admin/developer | `/settings/database-admin` | `/api/admin/db`, `/api/admin/database-check` | All allowlisted tables, `audit_log` | None | Staging | Dangerous if exposed to customer tenants | Internal ops | Must be admin-only | Internal only | +| Tradify Import | Import legacy Tradify CSV data | Admin/developer/customer setup | `/settings/tradify-import` | `/api/tradify-import` | `tradify_import_*`, plus customers/jobs/quotes/invoices/projects | CSV upload | Staging | Customer instructions and supported CSV formats need clarity | Customers, jobs, quotes, invoices | Must write into correct tenant only | Stage 1.5 / DIFM | +| Texture Importer | Import supplier swatches into Mozaik files | Admin/manager | `/texture-importer` | `/api/mozaik/textures/*` | Mozaik texture/config tables/files | Supplier websites/files | Built/staging-ish | Not in route map summary as primary module | Mozaik | Needs review | Later | +| Door Orders | Public door order form and admin management | Public/admin | `/door-orders`, public routes | `/api/door-orders`, `/api/public/door-orders` | Door order tables (inline migration reference) | PDF/ZIP file generation | Dev | Customer-only workflow, not core SaaS launch | Customers/admin ops | Scope middleware noted | Later | +| Capture PWA | Quick capture notes | Internal/mobile | `/capture` (from source) | `/api/capture` | Capture-related or enquiries/notes | PWA | Built historically | Not in route map summary | Enquiries/notes | Needs review | Later | +| SMS | Customer notifications | Admin/office | integrated buttons | `/api/sms` | `communications`, SMS-specific fields | Twilio | Built | Customer tenant opt-in/env needed | Quotes/jobs/invoices/comms | Must isolate sender settings | Stage 1.5 | + +## Inventory Conclusions + +The product has enough built surface for Stage 1, but too many modules are marked "complete" without SaaS launch criteria. The first customer path should be narrow: Auth, Settings/business setup, Customers, Quotes, Pricelist, Projects, Jobs, Invoices, Xero, PDF compliance, SaaS Admin, and selected onboarding/import support. diff --git a/inbound/MODULE_READINESS_MASTER_REPORT.md b/inbound/MODULE_READINESS_MASTER_REPORT.md new file mode 100644 index 0000000..963b440 --- /dev/null +++ b/inbound/MODULE_READINESS_MASTER_REPORT.md @@ -0,0 +1,130 @@ +# Module Readiness Master Report + +This master report summarises the Stage 1 SaaS readiness audit. It answers: what is the shortest safe path to first paying SaaS customer? + +## Executive Summary + +BoundHQ has more than enough product surface for a first paying SaaS customer. The risk is not missing features. The risk is launching with too many modules exposed, stale Dev Centre completion scores, unresolved legal/compliance defaults, unverified tenant isolation, and onboarding steps that still rely on Brendan's implicit knowledge. + +The shortest safe path is a narrow, assisted launch: + +Tenant -> login -> business setup -> pricelist -> customer -> quote -> compliant PDF -> project/job -> invoice -> Xero/manual accounting -> support. + +## True Current Module Status + +| Category | Modules | +|---|---| +| Ready or close for Stage 1 product use | Customers, Contacts, Quotes, Projects, Jobs, Invoices, Pricelist, Settings | +| Stage 1 blockers | Auth login verification, SaaS Admin deployment, PDF compliance defaults, tenant isolation tests, Xero setup decision | +| Stage 1.5 assisted setup | Tradify Importer, Email Intake, Communications/SMS, Inventory, Purchase Orders, Estimator, Team Notes, Help Centre | +| Stage 2 | Production Planner, Financials, Time Cards, Leave & Capacity, WHS, Training, Customer Portal | +| Later / parked | Mozaik Library, CNC Tooling, Cabinet Library, Texture Importer, Door Orders, Database Admin, legacy Scheduler/Dispatch | + +## Dev Centre Accuracy + +Dev Centre module completion percentages are development memory, not launch readiness. Major inaccuracies: + +- PDF Templates show 95% complete but route map says missing/unknown and legal default risk remains. +- Financials show 100% but are staging and blocked by Xero scopes. +- Production Planner shows 95% but is Stage 2 for first customer. +- SaaS Foundations are lumped into one 75% score, hiding tenant provisioning, onboarding, SaaS Admin, and billing differences. +- Completion does not account for route promotion, tests, tenant isolation, external envs, or North Star priority. + +## Stage 1 Launch Blockers + +1. Fix/verify login bounce on staging. +2. Deploy/verify PDF compliance defaults for quote/invoice templates. +3. Deploy/verify SaaS Admin and tenant provisioning. +4. Run tenant isolation smoke tests. +5. Resolve Xero scopes or approve manual accounting fallback for first customer. +6. Create customer onboarding checklist and starter pricelist path. +7. Confirm VPS security items before real customer data: `.env` permissions and credential rotation plan. + +## Modules Ready for SaaS + +Ready means "close enough for first customer with focused testing", not "perfect". + +- Customers/Contacts +- Settings/business details/module access/numbering +- Pricelist core +- Quotes core +- Public quote acceptance +- Projects +- Jobs +- Invoices core +- Communications log + +## Modules Not Ready for Stage 1 Exposure + +- Dev Centre: internal only +- Database Admin: internal only +- Financials: Stage 2/Premium; Xero scopes blocker +- Production Planner: Stage 2 unless customer explicitly needs it +- Customer Portal: Stage 2; public quote portal is enough +- Mozaik/CNC/Cabinet Library/Texture Importer: later-stage manufacturing depth +- Door Orders: separate workflow +- Legacy Scheduler/Dispatch: park or simplify + +## Database / Source Issues + +Critical database audit points: + +- `business_id` tenant isolation must be proven across core tables. +- RLS migration exists but is dormant without session variable wiring. +- Older Cabinet Builder tables use `tenant_id`, not main `business_id`. +- Dev Centre readiness values are manually seeded/stale. +- Tradify Importer writes multiple operational tables and must be rehearsed in a throwaway tenant. +- Xero tokens/cache must be per business. +- PDF terms/templates must be business/state-scoped. + +## Onboarding Gaps + +- No single first-run onboarding wizard. +- No customer-facing Tradify export instructions. +- No starter pricelist pack. +- No explicit Xero setup fallback decision. +- No AI/email privacy consent flow. +- No clear "Do It For You" checklist in-app. + +## Testing Gaps + +Must add/run before first customer: + +- login smoke test +- quote-to-invoice E2E +- PDF compliance E2E +- tenant isolation tests +- SaaS tenant provisioning smoke test +- Xero invoice push or manual fallback test +- Tradify import dry run +- Email Intake dry run if enabled +- role/module access matrix + +## Recommended Next Actions + +| Order | Action | Owner | Why | +|---:|---|---|---| +| 1 | Verify/fix staging login bounce | Brendan + AI | Cannot test anything reliably without login | +| 2 | Deploy/fix PDF compliance defaults | AI | Legal blocker for quotes/invoices | +| 3 | Deploy SaaS Admin and run tenant smoke test | AI | Enables customer onboarding | +| 4 | Run core workflow E2E in throwaway tenant | AI | Proves launch path | +| 5 | Decide Xero now vs manual fallback | Brendan | Avoids blocking launch indefinitely | +| 6 | Create first-customer DIFM onboarding checklist | AI | Reduces customer confusion | +| 7 | Prepare starter pricelist/import guide | AI | Gets first quote created quickly | +| 8 | Hide/park non-Stage-1 modules for first tenant | AI/Brendan | Reduces support burden | + +## Shortest Safe Path to First Paying SaaS Customer + +Do not finish every module. Launch one narrow, assisted workflow. + +1. Brendan identifies first customer. +2. AI provisions a tenant through SaaS Admin. +3. AI configures business details, users, numbering, modules, and compliant templates. +4. AI imports or creates a minimum viable pricelist. +5. Brendan/customer creates one real quote. +6. AI verifies PDF compliance and quote acceptance. +7. AI verifies project/job/invoice creation. +8. Xero is connected if scopes are ready; otherwise first customer runs manual accounting fallback for the first week. +9. Keep Stage 2 modules hidden until the first customer is active and stable. + +Final recommendation: Stage 1 should be a concierge onboarding launch, not self-serve. BoundHQ should sell the first customer on the core cabinet-shop workflow and use manual setup to smooth every rough edge. diff --git a/inbound/NORTH_STAR.md b/inbound/NORTH_STAR.md new file mode 100644 index 0000000..9adbee9 --- /dev/null +++ b/inbound/NORTH_STAR.md @@ -0,0 +1,153 @@ +# Dev Centre North Star Spec + +This spec defines how the North Star should appear inside Dev Centre so Brendan sees launch readiness, not just generic module completion. + +## Goal + +When Brendan opens Dev Centre, the first screen should answer: + +1. Can we onboard the first paying SaaS customer? +2. What is blocking that? +3. Which module needs the next smallest safe action? + +## Recommended Layout + +### Top Band: North Star + +- Current North Star: first paying SaaS customer onboarded and retained for 90 days. +- Stage 1 readiness score. +- Launch status: Blocked / At Risk / Ready for first customer / In customer trial. +- Top 3 blockers. +- Next recommended action. + +### Launch Checklist + +Checklist groups: + +- Security and access +- Tenant provisioning +- Auth/login +- Compliance/PDF +- Core workflow +- Xero/accounting +- Onboarding assets +- Testing + +### Module Readiness Table + +Columns: + +- Module +- Stage classification +- Build status +- Data status +- SaaS safety +- Test status +- Blocker +- Owner +- Next action + +### Blockers Panel + +Show only launch blockers: + +- login bounce +- PDF compliance defaults +- Xero scopes/setup +- tenant isolation tests +- SaaS Admin deploy +- VPS credential/security items + +### First Customer Progress + +Fields: + +- Customer identified? +- Tenant provisioned? +- Owner login verified? +- First quote created? +- First invoice created? +- Xero connected/manual fallback? +- 7-day/30-day/90-day check-in status? + +## Data Needed + +Current Dev Centre tables can support some of this: + +- `dev_log_items` +- `dev_module_status` +- `dev_revisions` +- `dev_improvements` +- `dev_technical_debt` + +Additional fields or derived config needed: + +- stage classification: Stage 1, Stage 1.5, Stage 2, Later +- launch blocker boolean +- owner: Brendan / AI / customer / external +- test status: not run, failing, passing, blocked +- route promotion status from `route-module-map.json` +- North Star checklist status + +## Completion Scoring Logic + +Readiness should not equal build completion. + +Suggested formula: + +``` +stage_1_readiness = + 25% build_complete + + 25% data_source_correct + + 25% saas_safe + + 25% tested_in_launch_flow +``` + +Launch blockers should cap the score: + +- login broken: cap Auth and overall launch at 50% +- legal PDF issue: cap Quotes/PDF/overall launch at 70% +- tenant isolation untested: cap overall launch at 75% +- SaaS Admin not deployed: cap onboarding at 60% +- Xero blocked: cap Xero at 50%, but allow manual-accounting exception if Brendan approves + +## Module Readiness Categories + +| Category | Meaning | +|---|---| +| Stage 1 - Must Work | Required for first paying customer | +| Stage 1.5 - Strongly Recommended | Can be manual/assisted at launch | +| Stage 2 | Useful after first customer validates SaaS | +| Later / Parked | Do not spend launch time | +| Internal Only | Dev/admin tools not sold as product modules | + +## Testing Checklist + +Dev Centre should show pass/fail for: + +- login +- tenant creation +- customer creation +- quote creation +- compliant PDF generation +- quote acceptance +- project/job creation +- invoice creation +- Xero push or manual fallback +- cross-tenant data isolation +- Tradify import dry run +- Email Intake dry run + +## What Brendan Should See First + +Recommended first line: + +> Stage 1 SaaS launch is blocked by: login verification, PDF compliance defaults, SaaS Admin deploy, tenant isolation tests, and Xero setup decision. + +Then show one button or command: + +> Next best action: verify login on staging or approve AI to deploy SaaS Admin and PDF defaults. + +## Readiness Verdict + +Dev Centre should become the launch cockpit. The current module completion tab is useful history, but it is not a safe source of truth for Stage 1 launch decisions. diff --git a/inbound/POSITIONING.md b/inbound/POSITIONING.md new file mode 100644 index 0000000..eb0e647 --- /dev/null +++ b/inbound/POSITIONING.md @@ -0,0 +1,144 @@ +# BoundHQ Positioning + +> How BoundHQ compares to alternatives in the cabinet manufacturing +> and joinery software space. + +--- + +## Competitive Landscape + +| Competitor | Role | BoundHQ Advantage | BoundHQ Disadvantage | +|------------|------|-------------------|----------------------| +| **Tradify** | Field service management | Cabinetry-specific 14-stage workflow, state-regulated compliance, no per-seat pricing, open-source self-host option | Less mature, smaller ecosystem, fewer integrations, no mobile app | +| **Xero** | Accounting | Built-in job management, production tracking, quoting, CRM, compliance | Not an accounting system — two-way sync needed, manual invoice reconciliation | +| **ServiceM8** | Field service + CRM | Cabinetry-specific workflows, compliance, production tracking, AI features | Less mature, smaller user base, fewer integrations | +| **Generic ERP (Netsuite, SAP)** | Enterprise resource planning | Affordable ($39-199/mo vs $10K+/mo), cabinetry-specific, no implementation consultants needed | Not enterprise-grade, single-region (Australia), smaller team | +| **Built it yourself (spreadsheets + Xero)** | DIY | All-in-one platform, compliance built-in, production tracking, AI features | Ongoing subscription, dependency on BoundHQ team | +| **Folders and paper** | None | Digital transformation, compliance, production tracking, analytics | Learning curve for non-digital teams | + +--- + +## Primary Market Positioning + +**BoundHQ is the operations platform for cabinet manufacturers and joinery shops who have outgrown Tradify.** + +The key differentiators: + +1. **Cabinetry-Specific Workflow** — 14-stage production pipeline that matches actual cabinet shop operations: Enquiry → Quote → Accepted → Job Scheduled → Final Draft Approved → Programming Complete → Materials Ready → CNC Cutting → Secondary Operations → Assembly/Flat Pack → QA → Delivery/Pickup → Invoice Complete → Closed. Tradify has 5 generic stages. + +2. **State-Regulated Compliance (Australia)** — Deposit caps, insurance requirements, cooling-off periods, and statutory warranties for all 8 Australian states and territories. Currently illegal in 4 states without this. No other platform in this price range offers it. + +3. **All-in-One (No Stacking)** — CRM, quoting, job management, production tracking, invoicing, Xero integration, email intake, SMS, customer portal, compliance, Gantt scheduling, drawing management, purchase orders, financial planning. Tradify + Xero + ServiceM8 + Fathom + compliance tool would cost 5x and not integrate. + +4. **AI-Powered (Built for the AI Era)** — AI email intake parsing, compliance checking, cash flow predictions, margin alerts, capacity planning, customer Q&A. Tradify has no AI. ServiceM8 has basic automation. + +5. **Affordable SaaS ($39-99/mo)** or **Self-Hosted** — Flat per-business pricing (not per-seat). For a 6-person cabinet shop: Tradify = $270/mo (Essential) to $540/mo (Advanced). BoundHQ = $39-99/mo. Self-hosted option for privacy-conscious shops. + +--- + +## Battle Cards + +### vs Tradify + +| Feature | Tradify | BoundHQ | +|---------|---------|---------| +| Cabinetry workflow (14-stage) | 5 generic stages | Full 14-stage pipeline | +| State-regulated compliance | None | 8-state compliance built-in | +| Multi-section quoting | Limited | Full multi-section with dynamic totals | +| Production tracking | Basic | Kanban + Gantt + checklist | +| AI features | None | Email parsing, compliance, cashflow predictions | +| Pricing | $45-90/seat/mo (6 seats: $270-540) | $39-99/business/mo | +| Customer portal | Basic | 7-stage progress, quotes, invoices | +| SMS | Via add-on ($29/mo) | Built-in (Twilio) | +| Drawing management | None | Full revision control + register | +| Financial planning | None | Cashflow calendar, forecasting, pipeline | +| Open source | No | Yes (self-host option) | +| Data export | Proprietary format | Standard SQL + CSV | + +**Best win:** Shop with >3 users where per-seat Tradify pricing hurts, and/or shops needing state-regulated compliance. + +### vs Xero (for job management) + +| Capability | Xero | BoundHQ | +|-----------|------|---------| +| Job management | No (add-on required) | Built-in (14-stage pipeline) | +| Production tracking | No | Kanban + Gantt + checklist | +| Quoting | Basic invoice-style | Full multi-section quoting | +| Compliance (AU states) | No | Yes (8-state, built-in) | +| Customer portal | No | Yes (7-stage progress) | +| AI features | Limited (bank feed) | Yes (email parsing, compliance, forecasting) | +| Pricing | $65-94/mo | $39-99/mo | +| **Integration** | — | Two-way Xero sync (invoices, P&L, contacts) | + +**Best win:** Xero users who need job management and production tracking without adding 3 more tools. + +### vs ServiceM8 + +| Feature | ServiceM8 | BoundHQ | +|---------|-----------|---------| +| Cabinetry workflow | Generic (field service) | 14-stage cabinetry-specific | +| State-regulated compliance | None | 8-state built-in | +| Production tracking | Basic | Kanban + Gantt + checklist + 14 stages | +| AI features | Basic automation | AI email parsing, compliance, cashflow predictions | +| Multi-section quoting | No | Yes | +| Drawing management | No | Yes (revision control + register) | +| CNC integration | No | Mozaik import | +| Financial planning | No | Cashflow calendar, forecasting, pipeline | +| Pricing | $29-139/mo (single user) + $15/extra user | $39-99/business/mo | + +**Best win:** Cabinet shops on ServiceM8 who need production tracking, compliance, and quoting beyond basic field service templates. + +### vs Generic ERP + +| Factor | ERP (Netsuite/SAP) | BoundHQ | +|--------|-------------------|---------| +| Implementation cost | $50K-500K+ | $0 (self-serve) | +| Monthly cost | $10K-100K+ | $39-99 | +| Time to value | 6-18 months | Same day | +| Cabinetry-specific | No (config needed) | Yes (purpose-built) | +| Compliance | Country/industry specific | AU cabinet/building specific | +| Staff required | Full-time admin | Zero (existing staff) | + +**Best win:** Micro-businesses (1-20 staff) who would never consider an ERP but have outgrown spreadsheets. + +--- + +## Pricing Tiers + +| Tier | Price | Targets | Key Features | +|------|-------|---------|-------------| +| Starter | $39/mo | Solo operators (1-2 staff) | CRM, quotes, jobs, invoices, Xero sync, email intake | +| Professional | $59/mo | Growing shops (3-6 staff) | All Starter + Gantt, drawing management, compliance, portal, SMS | +| Premium | $99/mo | Professional + AI features | AI Q&A, cash flow predictions, margin alerts | +| Manufacturing | $199/mo | Production-focused shops | AI capacity planning, CNC integration, stock management, Mozaik import | + +All tiers: flat per-business pricing, no per-seat charge. Self-hosted: free (bring your own server). + +--- + +## Target Customer Profile + +**Primary:** Australian cabinet manufacturers and joinery shops with 2-20 staff. + +**Pain points:** +- Outgrown Tradify or ServiceM8 workflows +- Need state-regulated compliance (or worried about existing non-compliance) +- Tired of stacking 3-5 tools (quoting, job management, Xero, compliance, portal) +- Per-seat pricing hurts at 5+ users +- Want AI features but can't afford enterprise solutions + +**Secondary:** Other Australian trade businesses with regulated workflows (kitchen renovators, bathroom renovators, building contractors). + +**Aspirational:** Multi-trade service platforms (beyond cabinetry into broader building trades). + +--- + +## Key Risks to Positioning + +| Risk | Mitigation | +|------|------------| +| Tradify adds compliance features | First-mover advantage + deeper integration with cabinet workflow | +| Competitor builds AI features faster | Focus on domain-specific AI (compliance, production) rather than generic chatbot | +| Shops prefer per-seat pricing (perceived fairness) | Emphasize total cost of ownership at 5+ users | +| Self-hosted cannibalises SaaS revenue | Self-hosted lacks AI features, SMS, premium support — upsell path to SaaS | +| Australian-only limits TAM | Target AU cabinet shops (2,000+), expand to NZ/UK when proven | diff --git a/inbound/PRICELIST_BUILDER_ASSESSMENT.md b/inbound/PRICELIST_BUILDER_ASSESSMENT.md new file mode 100644 index 0000000..577e0ae --- /dev/null +++ b/inbound/PRICELIST_BUILDER_ASSESSMENT.md @@ -0,0 +1,77 @@ +# Pricelist Builder Assessment + +This assessment asks whether a new customer can realistically build a usable pricelist from scratch for Stage 1 SaaS. + +## Current State + +Pricelist is production mapped and has: + +- master pricelist items +- price lists and customer pricing rules +- item overrides and category rules +- Excel/CSV import/export +- import batches and rollback +- supplier/procurement foundation fields +- quote integration through quote-specific pricelist items + +## Assessment + +| Area | Current support | Stage 1 gap | +|---|---|---| +| Manual entry | Exists | Needs guided "minimum viable item" flow | +| Import tools | Exists | Needs customer-safe template and validation guide | +| Supplier support | Improving | Not necessary for first quote | +| Price levels | Exists | Needs default starter tiers explained | +| Units of measure | Exists in data model/import | Needs controlled list and examples | +| GST handling | Quote/invoice line support exists | Needs default GST behavior for new items | +| Quote integration | Exists | Must be tested with starter items | +| Starter templates | Not clearly present | Needed for first customer | +| Rollback | Exists for imports | Needs customer-facing explanation | + +## Minimum Viable Pricelist Setup + +For first customer, do not ask them to model their entire shop. + +Required starter fields: + +- item code +- description +- category +- unit +- sell price ex GST +- GST rate +- active/inactive + +Optional later: + +- supplier +- supplier SKU +- cost price +- markup +- stock link +- price tier rules +- customer-specific overrides + +## Recommended Starter Packs + +1. Basic cabinetry quoting pack: labour, delivery, install, hardware allowance, custom item. +2. Flat pack pack: carcass, doors, panels, edging, hardware, delivery. +3. Trade/customer tier pack: retail, builder, trade. + +## Better Guided Builder + +The guided builder should have three paths: + +| Path | Best for | Flow | +|---|---|---| +| Start simple | New customer wants to quote today | Add 10 core services/items | +| Import CSV | Customer has spreadsheet/pricelist | Upload -> preview -> fix required fields -> import | +| Do It For You | Customer sends spreadsheet | BoundHQ cleans/imports/validates | + +## Do It For You Recommendation + +For first paying customer, BoundHQ should offer DIFM pricelist setup. It reduces churn risk and avoids spending pre-revenue time on a perfect self-serve builder. + +## Readiness Verdict + +The pricelist engine is likely strong enough for Stage 1 product use, but the customer setup experience is not. Stage 1 should use starter packs plus DIFM import, with self-serve builder improvements later. diff --git a/inbound/PROJECT_EVOLUTION.md b/inbound/PROJECT_EVOLUTION.md new file mode 100644 index 0000000..f4d4d2c --- /dev/null +++ b/inbound/PROJECT_EVOLUTION.md @@ -0,0 +1,114 @@ +# BoundHQ Evolution + +> The timeline from custom cabinetry JMS to SaaS platform. +> AI reads this to understand where BoundHQ came from and where it's going. + +--- + +## Phase 0 — Tradify Era (Before 2025) + +Brendan runs Cabinet HQ, a custom cabinetry and joinery shop. Uses Tradify for job management, quoting, and invoicing. Tradify works for basic field service but frustrates on cabinetry-specific workflows: 14-stage production pipeline, multi-section quotes, state-regulated compliance, CNC integration, and per-user sidebar customisation. + +Key frustrations: +- No 14-stage cabinetry workflow (Tradify has 5 generic stages) +- No state-regulated deposit caps or payment schedules +- No production tracking beyond "in progress" +- No drawing management or revision control +- No Mozaik CNC integration +- Per-seat pricing for a 6-person shop gets expensive + +## Phase 1 — Custom JMS (Late 2025) + +Brendan starts building his own job management system. Initially just for Cabinet HQ — no multi-tenant, no SaaS ambitions. The system needs to: +- Handle the 14-stage cabinetry workflow Tradify can't +- Support complex multi-section quoting +- Track production through the workshop +- Manage drawings and revisions +- Integrate with Xero for invoicing + +Architecture decisions from this era: +- Single-file backend (server.js) — simple, no orchestration needed +- No ORM — raw SQL, Brendan knows PostgreSQL +- Desktop first — the team works at desks and workshop PCs +- PostgreSQL for metadata, filesystem for binary files +- JWT auth with localStorage tokens + +## Phase 2 — Feature Explosion (Early-Mid 2026) + +The system outgrows its JMS origins. Major modules added: +- CRM (customers, contacts, enquiries, projects) +- Kanban jobs with 14-stage production tracking +- Multi-section quotes with section totals +- Email Intake (IMAP + AI parsing) +- Xero Integration (invoice push, P&L sync) +- Mozaik CNC import and texture importing +- Team Notes, Time Cards +- Pricelist with supplier management +- Purchase Orders (Stage 1) +- Settings with module access control + +Key metric: 155 database tables, 40+ deployed modules. + +## Phase 3 — SaaS Awakening (June 2026) + +Brendan realises other cabinet shops have the same Tradify frustrations. The system is proven with Cabinet HQ's own 6-person shop. Key developments: + +- **June 4:** Multi-tenant architecture decision (shared schema + business_id + RLS). Base schema committed (155 tables). Tenant provisioning tool proven with 16 verification checks. +- **June 5:** SaaS Admin module built — tenant management with 7 API endpoints. Tradify import pipeline built to migrate competitor customers. +- **June 6-7:** PDF compliance service built (8-state awareness). State-regulated quotes. QLD insurance calculation. Revenue-legal foundation for regulated markets. +- **June 8:** Purchase Orders Stage 1 — supplier accounts, stock tracking, procurement foundation. Staging versioning standardised for deployment reliability. +- **June 9:** SMS notifications (Twilio) — first Podium-style customer communication feature. Tenant branding Phase 1 (sidebar white-label). +- **June 10-12:** Financial Planning engine — all 8 phases of Project Cost Ledger built in a single pass. Cashflow calendar, forecasting, pipeline, Xero OPEX scanner. Real P&L data: $115K monthly revenue, $78.4K average. +- **June 13:** Public door order form. Cashflow Needs Dates editor. + +## Phase 4 — BoundHQ Brand (Current) + +cabinetHQ becomes BoundHQ — a SaaS platform for cabinet manufacturers and joinery shops. The product has: +- Proven multi-tenant architecture with provisioning tooling +- State-regulated compliance for all 8 Australian jurisdictions +- Financial planning engine (Fathom-style cashflow, forecasting, pipeline) +- Customer communication (SMS, email, portal with 7-stage progress) +- Production tracking (14-stage kanban, Gantt scheduling, drawing management) +- Integration ecosystem (Xero, Mozaik, Tradify import, IMAP email) +- AI-powered features (Email Intake parsing, OPEX scanning, compliance) + +## Future Phases + +### Phase 4 (Next 30 Days) +- SaaS launch: first paying customer onboarded via SaaS Admin +- Premium AI tier ($99/mo): AI Business Q&A, cash flow predictions, margin alerts +- Login bounce fix + VPS security sweep +- PDF compliance rollout (state-aware defaults) + +### Phase 5 (60 Days) +- Multi-tenant branding (Phase 2): PDF, email, portal skinning +- AI Capacity Planning ($199/mo manufacturing tier) +- Customer portal GA with quote acceptance + progress tracking +- Mozaik CNC import workflow completion + +### Phase 6 (90 Days) +- AI-powered onboarding wizard (15-min tenant setup) +- Anonymized cross-tenant benchmarks (content marketing + retention) +- Xero Smart Search (accounting.transactions.read + accounting.bills.read scopes) +- Cash flow predictions ($149/mo premium tier) + +### Phase 7 (180 Days) +- Industry platform play: published benchmarks, compliance-as-a-service +- AI project margin alerts (proactive, before job completion) +- Manufacturing tier full release ($199/mo) +- WhatsApp voice note inbox ("Hey Siri, note to BoundHQ") + +--- + +## Key Inflection Points + +| Date | Event | Significance | +|------|-------|-------------| +| Late 2025 | First line of custom JMS code | Tradify replacement begins | +| Early 2026 | 14-stage production kanban working | Cabinetry-specific workflow proven | +| 2026-06-04 | Base schema committed (155 tables) | Multi-tenant SaaS becomes possible | +| 2026-06-04 | Tenant provisioning tool working | Zero-touch customer onboarding proven | +| 2026-06-07 | State-regulated compliance service | First legal differentiator from competitors | +| 2026-06-09 | SMS notifications (Twilio) | Customer communication stack begins | +| 2026-06-10 | Financial Planning engine live | Fathom-style intelligence in-app | +| 2026-06-14 | BoundHQ-Memory v1 complete | AI operating system replaces ad-hoc agents | diff --git a/inbound/SAAS_STAGE_1_READINESS.md b/inbound/SAAS_STAGE_1_READINESS.md new file mode 100644 index 0000000..04c4187 --- /dev/null +++ b/inbound/SAAS_STAGE_1_READINESS.md @@ -0,0 +1,82 @@ +# SaaS Stage 1 Readiness + +This report classifies modules by their value to the North Star: first paying SaaS customer onboarded and retained for 90 days. + +## Stage 1 - Must Work + +These are required for onboarding and daily use by the first paying customer. + +| Module | Why required | Current readiness | Blocker / action | +|---|---|---|---| +| Auth / Users | Customer cannot use SaaS without reliable login and roles | Blocked | Fix/verify staging login bounce; test invite/set-password | +| SaaS Admin / Tenant Provisioning | First customer must be provisioned safely | Not launch-ready | Deploy/verify SaaS Admin and tenant smoke test | +| Settings / Business Setup | Business details, users, modules, numbering, branding | Mostly ready | Create manual onboarding checklist | +| Customers / Contacts | Core CRM source | Mostly ready | Tenant isolation smoke test | +| Pricelist | Quotes depend on products/services/pricing | Product ready, onboarding weak | Provide starter template and DIFM setup | +| Quotes / Public Quote Portal | Sales workflow and customer acceptance | Product ready, compliance risk | Deploy/verify PDF compliance defaults | +| PDF Templates / Compliance Terms | Legal quote/invoice output | Blocked | Fix deposit/default clauses for all required states | +| Projects | Customer work parent record | Ready | E2E link test | +| Jobs | Daily production tracking | Ready | Confirm Stage 1 workflow labels and role access | +| Invoices | Revenue and accounting handoff | Mostly ready | Test quote-to-invoice and Xero/manual path | +| Xero Integration | Expected by target market and pricing | Blocked/managed | Enable scopes or make first customer setup manual | +| Basic Support / Help | First customer needs help after onboarding | Partial | Create Stage 1 quick-start help/checklist | +| Tenant Isolation | Protects customer data | Not proven enough | Add cross-tenant smoke tests before launch | + +## Stage 1.5 - Strongly Recommended + +Important, but launch can proceed if BoundHQ handles them manually. + +| Module | Reason | Stage 1.5 approach | +|---|---|---| +| Email Intake / AI Parsing | Differentiator and time saver | DIFM setup after core launch | +| Tradify Importer | Reduces onboarding friction | Use BoundHQ-assisted import, not self-serve at first | +| Communications / SMS | Helpful customer comms | Enable after core quote/invoice path works | +| Inventory | Useful for shops with stock | Optional setup after quote/pricelist | +| Purchase Orders | Useful for procurement | Optional, especially for first customer if simple workflow | +| Estimator | Helps costing | Optional if pricelist quoting is enough | +| Team Notes | Internal collaboration | Optional but low-risk | +| Help Centre | Reduces support burden | Needs Stage 1 content | + +## Stage 2 - After First Customer + +Valuable once the SaaS model is proven. + +| Module | Reason to defer | +|---|---| +| Production Planner | Powerful but setup-heavy; not required to validate payment | +| Financials / Forecasting / Cashflow | Premium-tier feature; blocked by Xero scopes | +| Time Cards | Useful but not core onboarding | +| Leave & Capacity | Useful when staff/team management is mature | +| WHS / Training | Good tier feature, not first-customer proof | +| Customer Portal | Public quote portal is enough for first launch | +| Purchase order/inventory advanced links | Needs more testing before relying on stock accuracy | +| Broadcasts | Internal ops, not launch-critical | + +## Later / Parked + +Do not touch until revenue or customer need justifies it. + +| Module | Reason | +|---|---| +| Mozaik Library | Complex and customer-specific | +| CNC Tooling | Manufacturing tier feature | +| Cabinet Library | Product development/reference feature | +| Cabinet Builder advanced flows | Valuable but not needed for first SaaS validation | +| Texture Importer | Specific to Mozaik/material libraries | +| Door Orders | Separate public-order workflow | +| Database Admin | Internal only; risky to expose | +| Scheduler/Dispatch legacy workflow | Duplicates Production Planner and has known issues | +| Action Centre | Not built | + +## Stage 1 Launch Blockers + +1. Login bounce verification. +2. PDF compliance defaults. +3. SaaS Admin/tenant provisioning deployment and smoke test. +4. Xero setup decision: scopes fixed now, or first-customer accounting done manually while OAuth is completed. +5. Tenant isolation smoke tests. +6. Pricelist starter/onboarding pack. + +## Readiness Judgment + +BoundHQ is feature-rich enough for Stage 1, but not launch-safe until compliance, tenant provisioning, login, and Xero/onboarding decisions are resolved. The product should launch with a narrow workflow, not the whole module catalog. diff --git a/inbound/SAAS_STAGE_1_TEST_PLAN.md b/inbound/SAAS_STAGE_1_TEST_PLAN.md new file mode 100644 index 0000000..7b855a9 --- /dev/null +++ b/inbound/SAAS_STAGE_1_TEST_PLAN.md @@ -0,0 +1,122 @@ +# SaaS Stage 1 Test Plan + +This is a practical test plan for first paying customer launch. It prioritises customer data, invoicing, compliance, tenant isolation, and onboarding. + +## Test Environments + +| Environment | Purpose | +|---|---| +| Local | Fast developer checks only | +| Staging `dev.cabinethq.com.au` | Required acceptance environment | +| Throwaway tenant | Tenant isolation and onboarding rehearsal | +| Production | Only after staging passes and Brendan approves | + +## P0 Smoke Tests + +| Test | Expected result | +|---|---| +| Health endpoint | `/api/health` returns healthy version | +| Login | Admin can log in and remains logged in after refresh | +| Logout | Session clears and protected routes redirect | +| Sidebar modules | Stage 1 modules visible for correct roles | +| Business settings | Business details save and reload | +| Numbering settings | Quote/job/invoice numbering works | + +## Core Workflow E2E + +1. Create customer and contact. +2. Create enquiry or skip to quote. +3. Create quote using pricelist item. +4. Generate quote PDF. +5. Verify state-specific deposit/terms text. +6. Send or view quote through public token. +7. Accept quote. +8. Confirm project and job creation. +9. Create deposit invoice. +10. Create final invoice. +11. Push invoice to Xero draft or record manual fallback. +12. Confirm communications log. + +## Tenant Isolation Tests + +| Test | Expected result | +|---|---| +| Tenant A customer not visible to Tenant B | No cross-tenant reads | +| Tenant A quote token cannot expose Tenant B data | Public route scoped to token only | +| Xero connection per tenant | Tenant B cannot see Tenant A connection/status | +| Email Intake logs per tenant | Logs/settings isolated | +| Pricelist per tenant | No shared customer-specific pricing unless intentionally seeded | +| Files/drawings paths | Tenant folders do not overlap | + +## Module Tests + +| Module | Minimum tests | +|---|---| +| Auth | Login, refresh, logout, invite/set-password, role restrictions | +| Customers | Create/edit/search customer and contact | +| Pricelist | Add item, import small CSV, rollback import, use item in quote | +| Quotes | Create, edit line, GST, PDF, send/view/accept, revise | +| PDF Compliance | QLD/NSW/VIC/WA deposit rules and default terms | +| Projects | Create/link to quote/job/invoice, upload/list file metadata | +| Jobs | Stage update, checklist item, schedule fields | +| Invoices | Create from quote, edit lines, Xero push/manual fallback | +| Xero | OAuth status, accounts/tax rates, invoice push, sync invoices | +| SaaS Admin | Create tenant, list tenant, deactivate safe path, no accidental drop | +| Tradify Import | Upload sample, preview, confirm in throwaway tenant, rollback | +| Email Intake | Configure settings, poll one message, parse, create enquiry, ignore noisy email | +| Settings | Business details, logo, module access, numbering, users | + +## Role Tests + +| Role | Should access | +|---|---| +| Admin | All Stage 1 modules and setup | +| Manager | Operational modules; no SaaS Admin/Dev Centre | +| Office | CRM, quotes, invoices, jobs as configured | +| Workshop | Jobs/production-related views only | +| Customer | Public quote or portal only | +| Developer | Dev Centre/SaaS Admin if enabled | + +## Xero Integration Tests + +- Connect Xero. +- Confirm tenant name/status. +- Pull accounts and tax rates. +- Create invoice in BoundHQ. +- Push as Xero draft. +- Confirm local invoice stores Xero ID/status. +- Sync payment/status back. +- Disconnect test tenant. + +## Tradify Import Tests + +- Upload valid customers CSV. +- Upload valid jobs/quotes/invoices CSV. +- Preview row counts. +- Confirm import into throwaway tenant. +- Check created customers/jobs/quotes/invoices. +- Roll back. +- Confirm records removed or marked as rolled back. +- Re-run with duplicate rows. + +## Email Parsing Tests + +- IMAP failure shows clear error. +- OpenAI key missing queues/fails gracefully. +- Trusted sender email parses correctly. +- Spam/noise email can be ignored. +- Parsed email creates enquiry. +- Parsed email links to existing project. +- Tenant B cannot see Tenant A logs. + +## Launch Exit Criteria + +Stage 1 is ready only when: + +1. P0 smoke tests pass on staging. +2. Core workflow E2E passes in throwaway tenant. +3. Tenant isolation tests pass. +4. PDF compliance tests pass for target customer state and at-risk states. +5. Xero is either working or Brendan approves a manual first-customer fallback. +6. Onboarding checklist has been run once end-to-end. +7. Known launch blockers are documented in Dev Centre with owners. diff --git a/inbound/TRADIFY_IMPORTER_READINESS.md b/inbound/TRADIFY_IMPORTER_READINESS.md new file mode 100644 index 0000000..77905d2 --- /dev/null +++ b/inbound/TRADIFY_IMPORTER_READINESS.md @@ -0,0 +1,118 @@ +# Tradify Importer Readiness + +This assessment reviews the Tradify Importer for first-customer onboarding. It is based on `routes/tradifyImport.js`, route documentation, migrations, and current project state. + +## Current Capability + +The importer is mapped under `/settings/tradify-import` with backend routes under `/api/tradify-import`. + +Current documented routes: + +- `POST /api/tradify-import/upload` - upload CSV, parse, preview +- `GET /api/tradify-import/sessions` - list recent sessions +- `GET /api/tradify-import/sessions/:id` - session detail +- `GET /api/tradify-import/sessions/:id/logs` - import logs +- `POST /api/tradify-import/sessions/:id/confirm` - execute import +- `POST /api/tradify-import/sessions/:id/rollback` - rollback import + +Migrations: + +- `20260604_tradify_import.sql` +- `20260605_tradify_project_links.sql` +- `20260605_tradify_import_progress.sql` + +## Imports Currently Expected + +Based on project state, the importer handles Tradify CSV import into: + +- customers +- jobs +- quotes +- invoices +- projects / project links +- import session logs and rollback metadata + +## Safety Features + +| Feature | Status | +|---|---| +| Upload and parse before writing | Present | +| Preview before confirm | Present | +| Session history | Present | +| Logs per session | Present | +| Confirm step | Present | +| Rollback route | Present | +| Project linking migration | Present | +| Tenant write isolation proof | Needs test | +| Customer-facing instructions | Missing | +| Sample CSV templates | Missing | + +## What Would Confuse a Non-Technical Customer + +- Which Tradify export screens to use. +- Whether to export customers, jobs, quotes, and invoices separately. +- Whether closed/archived jobs should be imported. +- How duplicate customer emails are handled. +- What happens if an import is wrong. +- Whether quote/invoice numbers will change. +- Whether attachments come across. +- Whether imported data immediately syncs to Xero. + +## Recommended Stage 1 Approach + +Use the importer as a BoundHQ-assisted onboarding tool, not self-serve. + +1. Customer exports files. +2. BoundHQ reviews column headings. +3. BoundHQ imports into a throwaway/test tenant first. +4. Customer approves preview. +5. BoundHQ imports into real tenant. +6. BoundHQ validates customer/job/quote/invoice counts. +7. BoundHQ keeps rollback available until customer signs off. + +## Draft Customer-Facing Guide + +### Before You Start + +Do this when you have 20-30 minutes and no one is actively editing Tradify records. The import will not change Tradify. BoundHQ will preview the data before anything is committed. + +### Export From Tradify + +1. Open Tradify. +2. Export your Customers list to CSV. +3. Export your Jobs list to CSV. +4. Export your Quotes list to CSV. +5. Export your Invoices list to CSV. +6. Do not edit the column names. +7. Send the CSV files to BoundHQ or upload them during onboarding. + +### What BoundHQ Will Check + +- Number of customers, jobs, quotes, and invoices. +- Duplicate customer names or emails. +- Closed/archived jobs. +- Missing customer names. +- Imported quote and invoice numbers. +- Whether jobs can be linked to projects. + +### What Does Not Come Across Automatically + +- Tradify attachments unless specifically exported and supplied. +- Live Xero connection history. +- Tradify automations or reminders. +- Any custom fields that are not in the exported CSV. + +### After Import + +BoundHQ will show you: + +- Customer count. +- Job count. +- Quote count. +- Invoice count. +- Any rows skipped or needing review. +- Whether rollback is still available. + +## Readiness Verdict + +The importer is promising for Stage 1.5 and first-customer DIFM onboarding. It is not ready as a non-technical self-serve flow until export instructions, supported CSV formats, duplicate handling explanation, and tenant isolation tests are documented and verified.