8.0 KiB
8.0 KiB
Module Database Source Audit
This audit maps module data sources and highlights table/source risks for Stage 1 SaaS. It uses migrations, the base schema, route map, and project docs. It does not directly query a live database.
Cross-Cutting Findings
- Multi-tenant strategy is in transition. Newer SaaS tables use
business_id, older Cabinet Builder tables usetenant_id, and some legacy operational tables need verified business scoping. - RLS exists as migration
20260701_data_authorization_rls.sql, but current project state says it is dormant untilSET LOCAL app.business_idpre-handler wiring exists. - Several docs conflict on auth and response format. Older
API_OVERVIEW.mdsays localStorage/plain JSON, while newer route docs and decisions say httpOnly cookies and response envelopes. Treat this as a launch audit item. - Dev Centre completion values are not sourced from live module health or database relationships.
- Fresh customer onboarding depends on correct seed data for
module_settings,record_number_settings, PDF templates, price lists, invoice profiles, and business settings.
Source Table Map
| Module | Reads from | Writes to | Correct source? | Relationship concerns | Mock/stale/wrong source risk |
|---|---|---|---|---|---|
| Customers | customers, contacts, customer_addresses, customer_notes, customer_activities |
same | Yes | Must link customer to enquiries, quotes, projects, invoices | Duplicate customer detection absent |
| Contacts | contacts, contact_price_lists |
same | Yes | Customer/contact split can confuse onboarding | Sidebar disabled but routes exist |
| Enquiries | enquiries, enquiry_files, enquiry_notes, email_intake_logs |
same; creates projects on conversion | Yes | Must preserve enquiry-to-project lineage | Conversion flow must be retested |
| Quotes | quotes, quote_line_items, quote_payment_schedule_steps, quote_events, customers/contacts/pricelist |
same; creates invoices | Yes | State compliance data and template defaults must align | Legal terms/defaults risk |
| Projects | projects, project_notes, project_files, project_update_log, drawings |
same | Yes | Parent to jobs/quotes/invoices must be complete | OneDrive path mismatch |
| Jobs | jobs, job_tasks, job_notes, job_files, job_schedules, projects |
same | Yes | Stage labels must match SaaS 14-stage workflow | Legacy 12-stage references |
| Invoices | invoices, invoice_line_items, invoice_profiles, invoice_profile_steps, quotes/projects/jobs |
same | Yes | Xero IDs/status sync must be tenant-scoped | Payment state depends on Xero sync |
| Pricelist | price_lists, price_list_items, pricing rules, import batches/actions |
same | Yes | Quote pricing and PO links depend on codes/UOM/GST | New-customer starter data missing |
| Xero | integration_connections, integration_sync_logs, xero_accounts_cache, xero_contacts_cache, xero_invoices_cache, xero_tax_rates_cache |
same | Yes in design | OAuth tokens must be per business | Scopes/env blocker |
| Email Intake | email_intake_logs, settings, filters, trusted senders |
same; creates enquiries/project updates | Yes in design | Must link to tenant records only | Staging OpenAI key missing; failure modes |
| Production Planner | production_*, jobs, routing, resources, manual entries |
same | Mostly | Needs routing setup before useful | Stage 2; not launch-critical |
| Scheduler/Dispatch | schedule_blocks, production_schedule_entries, jobs |
same | Legacy/unclear | Overlaps Production Planner | Park or replace to avoid duplicate workflow |
| Inventory | stock_master, stock_transactions, stock_kits, stock_kit_items, stock_remnants, suppliers |
same | Yes | PO receiving to stock must be verified | Stale module-level user bug noted historically |
| Purchase Orders | po_master, po_line_items, suppliers, stock/pricelist refs |
same | Yes | Receiving should update inventory | Verify stock_id and transaction write path |
| Time Cards | time_cards, time_card_entries, staff, hour templates |
same | Yes | Labour cost feeds financials/capacity later | Stage 2 |
| Dev Centre | dev_log_items, dev_module_status, revisions, improvements, debt, feedback |
same | Yes for internal planning | No live readiness calculation | Manual percentages stale |
| SaaS Admin | businesses, subscriptions, tenant provisioning artifacts |
same plus new tenant DB/schema | Yes in design | Must seed all required setup tables | Staging only; destructive drop endpoint |
| Tradify Importer | tradify_import_* plus customers/jobs/quotes/invoices/projects |
writes many operational tables | Yes in design | Must dedupe customers and preserve import rollback links | Needs customer CSV guide and tenant write tests |
| Financials | financial_snapshots, forecast_*, manual_cost_entries, regular_expenses, project_back_costings, Xero cache, invoices/PO/time cards |
same | Yes but broad | Xero scopes and report access required | Stage 2; route status staging |
| PDF Templates | pdf_templates, legal_terms, business logo/details, quote/invoice data |
same | Yes in design | Defaults must match state compliance | Route status missing/unknown; legal blocker |
| Settings | module_settings, record_number_settings, record_number_preferences, businesses, staff, sidebar prefs/groups |
same | Yes | Must seed per business | Onboarding wizard missing |
| Portal | portal_users, customer/job/quote/invoice records |
portal users and auth tokens | Yes in design | Customer data scoping is high risk | Stage 2 |
| WHS/Training | whs_*, training_modules, training_records, staff |
same | Yes | Template library needed for SaaS | Stage 2 |
| Cabinet Builder/Mozaik/CNC | cabinet_builder_*, mozaik_*, cnc_* |
same/files | Mixed | Separate tenant_id conflicts with main business_id model |
Later-stage tenant model risk |
| Team Notes | team_note_pages, team_notes |
same | Yes | Links to jobs/quotes/projects | Stage 1.5 |
| Communications/SMS | communications, SMS-related fields |
same | Yes | Twilio config must be per tenant if enabled | Stage 1.5 |
Tables That Need Tenant Isolation Verification
Priority Stage 1 tables:
users,businesses,module_settingscustomers,contacts,customer_addresses,customer_notesenquiries,enquiry_files,enquiry_notesquotes,quote_line_items,quote_payment_schedule_stepsprojects,project_files,project_notes,project_update_logjobs,job_tasks,job_notes,job_schedulesinvoices,invoice_line_items,invoice_profilesprice_lists,price_list_items,contact_price_listsintegration_connections,xero_*_cachepdf_templates,legal_termstradify_import_*
Duplicate / Orphan / Wrong-Source Risks
| Risk | Why it matters | Recommendation |
|---|---|---|
business_id vs tenant_id |
Cabinet Builder uses a separate tenant model from SaaS business scope | Do not rely on Cabinet Builder for Stage 1 SaaS until mapped |
| Dormant RLS | Migration exists but does not enforce without session variable wiring | Add tenant isolation smoke tests before first customer |
| Scheduler vs Production Planner | Duplicate scheduling workflows can confuse users | Park Scheduler/Dispatch unless required |
| Dev Centre module status | Manual source can mislead launch decisions | Add launch readiness fields and calculated checks |
| PDF legal terms/defaults | Wrong default clauses create legal exposure | Make PDF compliance a Stage 1 blocker |
| Tradify import writes many tables | Bad import could pollute a new tenant | Use preview/confirm/rollback and test in throwaway tenant |
Stage 1 Database Gate
Before first paying customer, prove these with a throwaway tenant:
- Create business/admin user.
- Create customer/contact/enquiry.
- Convert or create project.
- Create quote from pricelist item.
- Generate compliant PDF for customer state.
- Accept quote and create job/deposit invoice.
- Push invoice to Xero draft, or mark Xero setup as BoundHQ-managed manual step.
- Confirm another tenant cannot read any of the above.