Spec:
specs/pf/specs/PF-88-tenant-onboarding-data-import.mdPlan:
specs/pf/plans/PF-88-tenant-onboarding-data-import-PLAN.mdLast updated: 2026-03-24
Purpose
Document how the tenant onboarding and batch import framework (pf_import_*, pf_onboarding_sessions) integrates with Data Manager (PF-23/24/25), bulk operations (PF-47), terminology validation (PF-70), and downstream cores (HR, PM, FA) without core-to-core imports.
Scope
- In scope: Import adapters (CSV/XLSX/JSON), field-mapping UI, batch pipeline, deduplication, onboarding wizard orchestration, tenant-scoped storage, RLS, permission keys from the spec.
- Out of scope: Live/API sync (PF-63/65/66), outbound export (PF-44), form-submission-only import (FW-02).
Related platform documents
Consumer obligations (HR / PM / FA / others)
- Use platform import APIs and shared UI components; do not duplicate
pf_import_*RLS or storage paths in domain cores. - Mutations must include
organization_id(defense in depth) when writing target entities created from imports. - PHI: Treat uploaded source files as PHI artifacts; mask previews per spec; no PHI in logs, toasts, or analytics payloads.
Auth and tenant isolation
- All
pf_import_*andpf_onboarding_sessionsrows are scoped byorganization_idwith RLS (pf_has_org_accesspattern as in spec). - Storage objects must use tenant-namespaced paths; signed URLs short-lived.
Checklist (implementation)
- Migration creates four tables with JSONB
CHECKconstraints andCOMMENT ON COLUMNfor mapping/error arrays as in spec. - Permission keys seeded +
constants.tsentries forpf.import.*,pf.onboarding.manage. - RLS tests for all four tables; UPDATE policies use
WITH CHECK. - User/admin guides linked from UI when
docs/pf/data-import-guide.mdanddocs/pf/onboarding-admin-guide.mdexist.