rx-db

Roadmap

to mvp

programming

major

• Create Login Page -> BetterAuth
  • magic links
• remaking solid-start actions api into REST api
  • member
    • zod validation
  • banking
    • zod validation
• revamping route structure
  • one single route for the table w/ edits, additions etc.
  • implement @kobalt/core instead of relying on own popups
• change login to login/register site
• rbac
  • add auth to backend
    • members
    • banking
  • add /member/:id/banking routes
  • add front-end support for new routes
  • delete old banking api routes -> maybe even remove delete banking routes (auto deletes w/ cascade)
  • make role api routes
  • make member roles and permissions api routes
  • add role managment panel to front-end
  • add permission routes to back-end -> check permissions
    • rolepermission db wrapper
    • memberrole db wrapper
    • role wrapper
  • only show nav links for things the user is allowed to access
  • add auth to front-end protected routes
• fix error handling between api and front-end => custom error type?
• make verify and cert routes only accessible by admins -> disable self-verify even for admins?
• make callback site for new users -> input member info
  • input page
  • "thanks for signing up please wait to get verified" page
  • settings page for users to change their info and view verification status
• improve seperation of admin permissions and members
  • clean up different (validation) schemas for user creation
    • onboarding vs. creation by admin -> new naming UserMember and AdminMember?
    • editing by member vs admin
    • maybe make seperate Validation and Certification Tables to also save who accepted validation and certification? -> would require soft-delete of members -> maybe change 'certification' in schema to 'police record'
  • adapt new schema to backend and front-end
• unify styling
  • button and input to accept state -> loading, failed, etc.
  • make meta classes with tailwind
• add logging -> winston or pino
• add rate limiting, csrf, etc.
• export feature: export (partial) table -> select certain columns -> emails etc.
• make design responsive/mobile support
• add search to table -> query params in backend? and input
• add alerts when error occur

minor

• fix bug: user gets 401 when its the first request to a protected route. potential ssr problem?
• prevent duplicate user creation
• zod for env
• feat: deny signup before sending email
• add BIC auto generation
• add format validation for IBAN, BIC, year of exchange and phone number
• add local store to member table for "hot reload" -> remove verified members from table on edit
• change db schema to have a memberId in banking with on delete cascade instead of a banking id in member
• fix @/schema import bug
• change email equality check between user and email to memberId in requireUser

deployment

• make Dockerfile for app -> seed/start config
• postgres with tde
• hashicorp vault for storing encryption keys and certs?
• email back-end? -> 2 birds 1 stone for email hosting?

post-mvp

• add I18n
• add 2n-eyes -> certain actions have to be checked by n amount of people
• docusign implementation for direct debit
• make upload feature for policy records

to more features:

• events -> event colaboration
  • online sign-up for attendees
  • calendar exportation
• todos and kanban?

to lunatic level features:

• rxchat
• rxvideo