Skip to main content
Architectural documentation for the Encore OS Platform.

Overview

The Encore OS Platform is a multi-tenant, healthcare-grade ERP system built on modern web technologies with strict architectural boundaries. It is designed to run behavioral health and recovery housing operations end-to-end.

Structure

Status note: The PF feature list and core rollout labels below are a high-level sketch for orientation. For current implementation status, use specs/README.md and each core’s src/cores/{core}/AGENTS.md.

Platform Foundation (PF)

Core capabilities that all domain cores depend on: Identity & Access:
  • PF-01: Organization & Site Management
  • PF-02: Role-Based Access Control (RBAC)
  • PF-06: User Profile Management
Platform Services:
  • PF-03: App Launcher & Module Switcher
  • PF-04: Audit Logging System
  • PF-07: Error Handling & Monitoring
  • PF-08: Platform Forms Integration Layer
Data & Communication:
  • PF-09: Form Analytics (pending)
  • PF-10: Notifications System
  • PF-11: Document Management System
  • PF-12: Reporting Engine

Domain Cores

PF plus eleven domain cores are represented in the codebase: CE, CL, FA, FM, FW, GR, HR, IT, LO, PM, RH. Implementation depth varies by spec; do not treat this page as a release roadmap.

Key Principles

  1. Bounded Contexts: Each core owns its domain, no cross-core dependencies
  2. Platform Foundation Only: Cores depend only on PF, not each other
  3. Explicit Integration Contracts: Cross-core communication via defined APIs/events
  4. RLS-First Security: Multi-tenant isolation enforced at database level
  5. Spec-First Delivery: No feature without written specification

Integration Patterns (Constitution Section 1.3)

Pattern 1: Platform Integration Layer

When to Use: Cross-cutting capabilities needed by multiple cores (e.g., forms, notifications) Structure:
Example: Platform Forms Integration (PF-08)

Pattern 2: Event-Based Integration

When to Use: Asynchronous workflows, loose coupling between cores Structure:
Example: Automation Engine (FW-03) listens to form events

Pattern 3: API Contracts

When to Use: Synchronous request-response interactions Structure:

Data Flow

Multi-Tenant Request Flow

Cross-Module Communication

See: patterns/DATA_FLOW.md for detailed flow diagrams

Security Model

Layers of Defense

  1. Authentication: Supabase Auth (JWT tokens)
  2. Organization Context: PF-01 sets current_organization_id
  3. RLS Policies: Database-level enforcement
  4. RBAC Functions: Security definer functions (PF-02)
  5. Audit Logging: All actions logged (PF-04)

RLS Policy Template


Testing Strategy

Test Pyramid

Unit Tests (30%)
  • Business logic functions
  • Validation schemas
  • Utility functions
Integration Tests (50%)
  • RLS policies (critical!)
  • Database functions
  • API endpoints
  • Cross-module integrations
E2E Tests (20%)
  • Critical user journeys
  • Auth flows
  • Multi-tenant isolation
  • Compliance workflows

RLS Testing Approach

See tests/README.md for comprehensive RLS testing framework. Key Pattern:

Performance Targets (Constitution Section 5.6)

API Response Times (p95)

  • Read operations: < 500ms
  • Write operations: < 2s
  • Report queries: < 30s (with timeout)
  • Cached queries: < 1s

Page Load Times (p95)

  • Initial load: < 3s
  • Navigation: < 1s
  • Form render: < 500ms

Database Performance

  • All foreign keys indexed
  • Full-text search with GIN indexes
  • Query timeout: 30s max
  • Connection pooling: 15-25 connections

Monitoring & Observability

Key Metrics

  • API response times (p50, p95, p99)
  • Error rates by endpoint
  • Database query performance
  • RLS policy execution time
  • Audit log write latency

Logging Standards

Standards:
  • Use structured JSON logs
  • Include correlation IDs for tracing
  • Do NOT log PHI, PII, or secrets
  • Retention: 30 days (info), 90 days (errors), 1 year (audit)

Deployment Model

Environments

  • Local: Developer machines (Docker + Supabase CLI)
  • Dev: Shared development environment
  • Staging: Pre-production testing
  • Production: Live system with HA

Deployment Flow

See: Constitution Section 5.5 for deployment and rollback procedures

Technology Stack

Frontend

  • React 18 + TypeScript
  • Vite (build tool)
  • TailwindCSS + shadcn/ui
  • TanStack Query (data fetching)
  • React Router (navigation)

Backend

  • Supabase (Postgres + Auth + Storage + Realtime)
  • Edge Functions (Deno runtime)
  • Row-Level Security (RLS)
  • pg_cron (scheduled jobs)

DevOps

  • GitHub Actions (CI/CD)
  • Vitest (testing framework)
  • Docker (local development)

Directory Structure

  • patterns/ - Reusable architecture patterns (custom fields, data flow, etc.)
  • standards/ - Architecture standards and conventions (navigation, terminology)
  • analysis/ - Analysis and recommendation documents
  • integrations/ - Cross-core integration contracts
  • decisions/ - Architecture Decision Records (ADRs)
  • deprecation/ - Deprecation notices
  • archive/ - Historical architecture documentation

Documentation Files

Core Architecture

  • README.md (this file) - Architecture overview
  • standards/CORE_DEPENDENCIES.md - Module dependency structure
  • patterns/DATA_FLOW.md - Detailed request flows and integration patterns
  • patterns/ORGANIZATIONAL_DATA.md - Organizational entity structure
  • standards/TERMINOLOGY.md - Unified glossary of platform terms

Integration Documentation

  • integrations/README.md - Integration documentation overview and single source of truth (see Integration Documentation)
    • Note: Replaces the previous INTEGRATION_CONTRACTS.md (archived 2025-01-22)
  • integrations/PLATFORM_INTEGRATION_LAYERS.md - Platform integration layers (Pattern 1)
  • integrations/EVENT_CONTRACTS.md - Event-based integration contracts (Pattern 2)
  • integrations/API_CONTRACTS.md - API-based integration contracts (Pattern 3)
  • integrations/CROSS_CORE_INTEGRATIONS.md - Integration matrix
  • integrations/DATA_MODELS.md - Core data models
  • patterns/INTEGRATION_EXAMPLES.md - Integration pattern examples

Design Decisions & Analysis

  • integrations/PF-60-rag-infrastructure-INTEGRATION.md - Current platform AI/RAG integration strategy reference
  • Clarity Analysis - Forms vs Data Manager overlap analysis (includes wizards and templates)
  • analysis/IT_MODULE_RECOMMENDATION.md - IT module recommendation
  • Permissions System: See Permissions System Guide and Quick Reference
  • decisions/ADR-001-form-analytics-architecture.md - Architecture Decision Record
  • standards/NAVIGATION_STANDARD.md - Complete navigation standards, policies, and implementation guidelines
  • standards/navigation-quick-reference.md - Quick reference for navigation implementation tasks
  • reviews/NAVIGATION_AUDIT.md - Navigation and routing audit checklist (routes, sidebar, mobile nav, breadcrumbs)
  • Mobile Navigation Guide: See docs/development/mobile-navigation-guide.md - Mobile navigation patterns
  • Breadcrumb Guide: See docs/development/breadcrumb-implementation-guide.md - Breadcrumb implementation
  • UI/UX Standards: See docs/development/UI_UX_STANDARDS.md - Complete UI/UX standards
  • Spacing & UX Standards: See docs/development/SPACING_AND_UX_STANDARDS.md - Spacing patterns and responsive design

Customization

  • patterns/CUSTOM_FIELDS_GUIDE.md - Custom fields implementation guide

Deprecation

  • deprecation/pf_user_roles.md - Deprecation notice for pf_user_roles
  • constitution.md (current: see docs/VERSIONS.md) - Full architectural guardrails
  • AI_GUIDE.md (current: see docs/VERSIONS.md) - AI contribution guidelines (for AI agents writing code)
  • /specs/ - Feature specifications
  • /tests/README.md - Testing documentation
  • /docs/guides/use-cases/ - Practical use case guides

See Also

Integration Documentation

Design Decisions

Data & Flow

Standards & Guidelines

Documentation Management

  • Documentation inventory (archived) — historical architecture file list (2025-01-22)
  • Consolidation recommendations (archived) — historical consolidation notes
  • Documentation Standards — standards, maintenance, and high-traffic paths

References

  • /constitution.md - Full architectural guardrails
  • /AI_GUIDE.md - AI contribution guidelines
  • /specs/ - Feature specifications
  • /tests/README.md - Testing documentation
  • Supabase RLS Documentation

For questions, contact technical owners listed in /constitution.md. Version: 1.0.1
Last Updated: 2026-05-13
Status: Active
Maintained by: Platform Foundation Team