Skip to main content

Features Inventory

Last reviewed: 2026-05-13
Maintained by: Engineering

Purpose + Rules

This document is a snapshot of current repository state based on code that exists today. It is not a guarantee that UX is fully polished across all surfaces.

Prefer ../08-applications/features-by-application.md when you need a higher-level onboarding view grouped by application and maturity status.

Rules for this inventory:

  • Implemented-only: include only capabilities backed by current code paths.
  • No roadmap/speculation: planned features are intentionally excluded.
  • Use (partial) when flow exists but is gated, incomplete, or lacks full UI/ops completion.
  • Feature names should describe user-facing capability, not internal symbol names.

Inventory by App / Package

apps/api

Core route groups and capabilities:

  • Auth and session management: login, refresh, logout, current context, cookie/bearer transport support.
  • Account privacy and profile services: tenant data export, account deletion request create/status, mobile preference and device token management.
  • Tenant onboarding: building code resolve, structure lookup, registration, status, resubmission.
  • Technician onboarding: invite resolve, specialty listing, profile completion, invite management.
  • Building context and hierarchy: building/section/entrance/floor/unit listing and manager CRUD, resident access code regeneration.
  • Issues workflow: create/list/detail, assignment, status transitions, comments, attachments, reviews, reopen requests, work logs, feedback.
  • Service Requests workflow: tenant create/list/detail and manager transition actions with status history.
  • Conduct Reports workflow: tenant submit/list/detail and manager moderation actions (warn/resolve/dismiss/abuse-mark).
  • Help Requests workflow: building-scoped listing, create, claim, fulfill, delete.
  • Resident Directory workflow: building list, preference read/update, filtered resident listing.
  • Announcements/Documents/Voting/Billing/Reserve Funds/Debtors: tenant-facing and manager-facing operational endpoints.
  • Notifications: list/read/read-all + push/device registration pathways.
  • Admin platform endpoints: overview, organizations, subscriptions, feature entitlements, issues, privacy deletion queue, audit log.
  • Health/meta/webhook endpoints: health checks, metadata endpoints, Lemon webhook ingestion.

Auth/RBAC enforcement present:

  • Role checks (tenant, manager, technician, super_admin) at route level.
  • Additional tenant approval and workspace/subscription access guards on relevant manager/tenant routes.
  • Organization/building scope checks in service layers for sensitive flows.

Background/scheduled/ops behavior:

  • Scheduled privacy metadata cleanup workflow exists in GitHub Actions.
  • Retention/cleanup scripts and migration drift/schema checks are wired through repo scripts.
  • No always-on in-process job scheduler is defined in API runtime (cleanup is workflow/script-driven).

apps/back-office (Back Office)

Pages and user-facing capabilities:

  • Sign-in and auth guard flow.
  • Overview dashboard with platform summary cards.
  • Organizations list and organization detail.
  • Subscriptions list and per-organization subscription detail/override actions.
  • Feature entitlement management per organization.
  • Issues list and issue detail (platform visibility).
  • Privacy deletion requests queue and processing screens.
  • Audit log page.
  • Admin profile page.
  • Forbidden/error routing pages.

Admin action surface:

  • Activate/deactivate organizations.
  • Change/override subscription plan for organizations.
  • Enable/disable organization feature entitlements.
  • Process account deletion requests (reject/complete).
  • Platform-wide issue visibility and auditing.

apps/manager-desk (Manager Desk)

Pages and user-facing capabilities:

  • Sign-in, dashboard, and guarded workspace shell.
  • Buildings list/detail with structure management (sections/entrances/floors/units).
  • Issues list/detail and operational issue handling.
  • Service Requests manager queue.
  • Tenant onboarding requests list/detail and approve/reject.
  • Representatives management page.
  • Announcements/Documents/Votes management pages and details.
  • Invoices, reserve funds, debtors, maintenance pages.
  • Subscription page (plan/usage/access mode/billing controls).
  • Notifications, profile, settings, legal pages.

Manager action surface:

  • Maintain building hierarchy and unit inventory.
  • Review/approve/reject tenant onboarding requests.
  • Manage operational issues and service request lifecycle steps.
  • Manage representative assignments.
  • Manage content and voting artifacts.
  • Access subscription and billing controls for organization.

apps/zgrid-mobile (Zgrid App)

Tenant

  • Auth/session flow: login, session restore, logout cleanup boundaries.
  • Home tabs: announcements, issues, profile, payments (feature-gated), plus shared entry routing.
  • Issue reporting split flow: emergency vs common-area forms.
  • Issue detail and issue list viewing.
  • Documents, voting, reserve funds, and notifications screens.
  • Service Requests: list and report/create flow.
  • Help Requests: building-scoped community request screen.
  • Resident Directory: visibility-based directory access and listing.
  • Privacy and legal screens (including export/deletion request UX).
  • Onboarding pending/rejected state screen.
  • Payments “coming soon” gating route/screen when feature flag disabled (partial).

Technician

  • Technician-specific layout and route group.
  • Jobs list screen.
  • Technician issue detail flow.
  • Technician profile screen.
  • Technician setup/onboarding continuation screen.

packages/api-client

Typed client surface:

  • Shared request client with refresh retry behavior and typed ApiRequestError.
  • Auth and context contracts.
  • Tenant onboarding + technician onboarding contracts.
  • Building context and hierarchy CRUD contracts.
  • Issues, comments, attachments, work logs, feedback, reopen/activity contracts.
  • Service Requests contracts and lifecycle action methods.
  • Conduct Reports contracts and moderation actions.
  • Help Requests contracts.
  • Resident Directory contracts/preferences/list filters.
  • Notifications, announcements, documents, votes, billing/reserve funds contracts.
  • Account privacy export/deletion request contracts.
  • Manager subscription and checkout/portal/change contracts.
  • Admin contracts (overview, orgs, subscriptions, issues, privacy queue, audit).

database

Schema is migration-driven and grouped by domain:

  • Auth/session domain: users, refresh tokens/session metadata hardening, device token/installations.
  • Organization/building/unit domain: organizations, buildings, sections/entrances/floors/units, memberships.
  • Operational work domain: issues, comments, reviews, work logs, reopen/feedback history.
  • Community domain: conduct reports, resident directory preferences, help requests.
  • Service and onboarding domain: tenant onboarding, technician onboarding, service requests and status history.
  • Billing/subscription domain: plans, subscriptions, history, payment/provider linkage, webhook event storage.
  • Privacy/audit domain: account deletion requests, audit logs, privacy metadata cleanup support.

Inventory by Role

super_admin

  • Access Back Office dashboards, organizations, subscriptions, features, issues, audit, privacy requests.
  • Can process deletion requests and apply platform-level organization controls.
  • Can inspect cross-organization operational and billing state.

manager

  • Access Manager Desk workspace for their organization/buildings.
  • Can manage buildings/units structure and operational modules.
  • Can review onboarding requests and manage representatives.
  • Can manage issues/service requests, announcements/documents/votes, and organization billing page.

tenant

  • Uses Zgrid mobile routes and tenant-scoped API surfaces.
  • Can report issues (emergency/common-area), create service requests, create conduct reports, and use community modules.
  • Can access announcements/documents/voting/billing views, notifications, privacy export/deletion request.
  • Subject to onboarding approval and building/membership scope checks.

technician

  • Uses technician mobile route group and technician-scoped issue handling surfaces.
  • Can access jobs/profile/setup flows and technician issue detail actions permitted by API role policy.

tenant + representative capability (scoped assignment)

  • Representative capability is assignment-based (not global role replacement).
  • Assignment and candidate management is exposed on manager side.
  • Minimal representative scope is present in auth context for downstream feature gating.
  • Dedicated zgrid-mobile representative UX beyond shared tenant flows is (partial).

Known Partial Areas

  • Payments tab in Zgrid mobile is feature-gated with “coming soon” fallback (partial).
  • Representative capability has backend/context support and manager assignment UI, but tenant-side dedicated representative UX is (partial).
  • Some newly added community flows are implemented in API/mobile but still depend on continued UX hardening and content maturity (partial).

Source Pointers

  • apps/api/src/routes/
  • apps/api/src/features/
  • apps/back-office/app/
  • apps/manager-desk/app/
  • apps/zgrid-mobile/app/
  • packages/api-client/src/
  • database/migrations/
  • database/schema.snapshot.sql