Skip to main content
The Platform Foundation provides the core infrastructure and shared services for the Encore OS platform.

How the platform is layered

Every domain core depends only on Platform Foundation — never on each other. PF provides multi-tenant isolation (organizations → sites), Supabase Auth + RBAC enforced through RLS, a dynamic module registry, and shared services (notifications, documents, reporting, audit).
Platform Foundation identity and SSO settings

Explore the platform foundation

Multi-tenancy

Organizations, sites, and RLS-based tenant isolation.

Auth & RBAC

Supabase Auth, role hierarchy, and permission checks.

Module registry

Dynamic, role-aware module loading and the app launcher.

Notifications

In-app, email, and SMS notification preferences.

Documents

Uploading and organizing documents.

Reporting

Creating and running reports.

📚 Table of Contents


Architecture Overview

Core Responsibilities

The Platform Foundation (PF) provides:
  1. Multi-Tenant Infrastructure
    • Organization and site management
    • Tenant isolation via RLS
    • Cross-tenant security enforcement
  2. Authentication & Authorization
    • User authentication via Supabase Auth
    • Role-Based Access Control (RBAC)
    • Permission enforcement at data and UI levels
  3. Shared Services
    • Notifications (in-app, email, SMS)
    • Document management
    • Reporting engine
    • Audit logging
    • Form analytics
  4. Developer Infrastructure
    • Module registry for dynamic navigation
    • Error handling and monitoring
    • Testing utilities
    • Shared UI components

Module Architecture

Key Principle: Modules depend ONLY on Platform Foundation, NEVER on each other.

Multi-Tenancy Model

Organization Hierarchy

Tenant Isolation

Every business table includes:
  • organization_id - Required, references pf_organizations
  • site_id - Optional, references pf_sites
RLS Enforcement:

Security Functions

has_org_access(user_id, org_id)
  • SECURITY DEFINER function (bypasses RLS recursion)
  • Checks if user has ANY role in the organization
  • Used by all RLS policies for tenant isolation
has_role(user_id, required_role, org_id, site_id)
  • Verifies user has required role level or higher
  • Respects role hierarchy (platform_admin > org_admin > site_admin > manager > staff)

Authentication & Authorization

Authentication Flow

  1. User signs in via email/password or OAuth
  2. Supabase Auth creates session with JWT
  3. JWT contains auth.uid() used by RLS policies
  4. User’s roles and permissions fetched from pf_user_role_assignments (V2 permissions system)

Role Hierarchy

Permission Checks

Backend (RLS):
Frontend (UI):

Module Registry

Dynamic Module Loading

Modules register themselves at app startup:

Benefits

  • ✅ No hardcoded module lists
  • ✅ Role-based visibility
  • ✅ Lazy loading (performance)
  • ✅ Easy to add/remove modules

App Launcher

The App Launcher displays available modules based on:
  1. User’s role
  2. Module’s requiredRole
  3. Module enablement in org settings

User Guides

For End Users

For Administrators

  • Organization Setup - Configuring organizations and sites
  • User Management - Adding users and assigning roles
  • Module Configuration - Enabling/disabling modules per org

For Developers


Database Naming Conventions

All Platform Foundation tables follow these patterns:

Key Technologies

  • Backend: Supabase (PostgreSQL + Auth + Storage)
  • Frontend: React + TypeScript + Tailwind CSS
  • State Management: TanStack Query (React Query)
  • Routing: React Router v6
  • Forms: React Hook Form + Zod
  • Testing: Vitest + Testing Library

Support & Resources

  • Internal Documentation: /docs/
  • Specifications: /specs/pf/
  • Implementation Logs: /specs/pf/IMPLEMENTATION_LOG.md
  • Test Coverage: /tests/README.md

Security Best Practices

  1. Always use RLS policies - Never trust client-side checks alone
  2. Use SECURITY DEFINER functions - Avoid RLS recursion issues
  3. Validate all inputs - Use Zod schemas for API inputs
  4. Test multi-tenant isolation - Every table needs RLS tests
  5. Scrub PII/PHI from logs - No sensitive data in error messages
  6. Audit critical actions - All data changes logged in pf_audit_logs

Version: 3.0.0
Last Updated: 2025-11-29