Role-Based Access Control
5 roles. 65 permissions. Enterprise-grade.
Five roles (Owner, Manager, Accountant, Maintenance, Viewer) with 65 granular permissions mapped to all server actions. PII projection tiers, FCRA-compliant audit trail, and client-side permission framework.
5 roles with granular permissions
OWNER has full access. MANAGER handles day-to-day operations. ACCOUNTANT sees financials and GL. MAINTENANCE handles work orders and inspections. VIEWER is read-only. 65 permissions map to every server action in the system, with 4-tier data sensitivity levels for PII projection.
Activity logging and audit trail
The ActivityLog model captures who did what, when, and from where. FCRA-compliant logging for screening-related actions. Session invalidation via Supabase admin sign-out when roles change. The Authorize component and permission-filtered sidebar adapt the UI to each user’s role.
Capabilities
- 5 roles: Owner, Manager, Accountant, Maintenance, Viewer
- 65 granular permissions across all actions
- 4-tier PII data sensitivity levels
- FCRA-compliant activity logging
- Client-side Authorize component
- Permission-filtered sidebar navigation
- Session invalidation on role changes
- Role assignment and management UI