Architecture Overview
Architecture
Abschnitt betitelt „Architecture“Multi-tenant SaaS with strict Row Level Security on all tables.
| Layer | Technology |
|---|---|
| Frontend | React 18 + TypeScript + Vite 5 |
| UI | shadcn/ui + Tailwind CSS v4 (oklch) |
| Backend | Supabase (PostgreSQL + Auth + Edge Functions) |
| State | TanStack React Query + React Hook Form + Zod |
| Routing | react-router-dom v6 |
Multi-Tenancy
Abschnitt betitelt „Multi-Tenancy“Every table has a tenant_id column enforced by RLS policies using get_jwt_tenant_id().
Module entitlements are checked at three layers: frontend (ModuleGuard),
backend (checkModuleEntitlement()), database (tenant_modules).
User Roles
Abschnitt betitelt „User Roles“| Role | Access |
|---|---|
| SaaS Owner | All tenants, all modules |
| Tenant Admin | Own tenant, all enabled modules |
| Tenant User | Own tenant, assigned modules |
| Individual User | Own data only |
Edge Functions
Abschnitt betitelt „Edge Functions“~68 Edge Functions in supabase/functions/ with shared withAuth() middleware.
Self-hosted on Hetzner, deployed via scripts/deploy-functions.sh.