Project Prism — Developer Documentation

Prism is a commercial real estate intelligence platform for industrial property markets. It provides centralized tracking of buildings, lease comparables, tenant-in-market activity, ownership, brokerage relationships, analytics, and reporting within a multi-tenant, organization-isolated environment.

Quick Links

• Getting Started — Developer setup, prerequisites, local development
• System Architecture — High-level architecture, tech stack, data flow
• Frontend Features — All modules, pages, components, routing
• Backend API Reference — Complete REST API endpoint reference
• Database Schema — All tables, relationships, RLS, views, export
• Security Architecture — Auth, authorization, org isolation, data protection
• Infrastructure & Ops — CI/CD, deployment, monitoring, Docker

Source of Truth

When documentation conflicts with code, treat code as authoritative:

1. Database schema: database/PRISM_vNext_FINAL.sql
2. Backend implementation: go-backend/cmd/api/main.go + go-backend/internal/handler/
3. Generated API docs: go-backend/docs/swagger.yaml (may lag implementation)
4. Documentation: docs/ (this directory)

Documentation Map

Getting Started

• Developer Setup & Quick Start — Prerequisites, env config, running all services

Architecture

• System Architecture Overview — Tech stack, service boundaries, data flow, auth model
• Design System Specification — Design tokens, color system, typography, component standards

Frontend

• Frontend Features Reference — Complete module, page, component, and feature reference
• Frontend Docs Index — Index of all frontend-specific docs
• Frontend Quick Start — Setup, env vars, Clerk config
• API Integration Contract — Frontend/backend API contract and rules
• Navigation & IA — Information architecture and navigation standards (historical context)
• Menu Tree & Page Map — Sidebar menu tree and route mapping (historical context)
• Maps Architecture — MapLibre stack, component strategy, geocoding
• Engineering Standards — Coding standards, module structure, testing rules
• UI Style Guide — Visual system, typography, color, component principles
• Security Hardening — Frontend security checklist
• Deploy to Cloudflare Pages — Frontend deployment guide
• Implementation Checklist — Feature completion tracking
• Backend Wiring Checklist — Route-by-route backend integration status
• Backend API Work Items — Companion to wiring checklist
• TIM Building Interest Workflow — TIM-building interest CRUD workflow
• Rebuild Plan — Original rebuild scope (historical — rebuild complete)

Backend

• API Reference — Complete REST API endpoint, scope, and response reference
• Backend Docs Index — Index of all backend-specific docs
• Backend Overview & Setup — Quick start, project structure, commands, CI
• Architecture — Clean architecture, layering, design patterns
• Development Guide — Development workflow and conventions
• API Migration Status — Current route coverage vs legacy
• Account Onboarding Guide — Org creation, user provisioning, scope setup
• Import Jobs (Async Worker) — Async CSV import architecture
• Export Layer — BI export schema, refresh strategy, access model
• Security Audit (2026-02-07) — Historical security audit

Database

• Schema Reference — Complete table catalog, relationships, RLS, views, export schema, ER diagram
• Database Docs Index — Database setup and schema policy
• Database Reference (Legacy) — Detailed reference (being superseded by schema-reference.md)

Security

• Security Architecture — Comprehensive security model overview
• Access Control Policy — Roles, permissions, joiner/mover/leaver procedures
• Secrets Management — Secret inventory, Infisical setup, rotation policy
• Incident Response — Severity levels, triage, containment, postmortem
• Vulnerability Management — Dependency scanning, CVE response
• Backup & DR — Backup strategy, restore procedures, disaster recovery
• Data Deletion Policy — Data retention and deletion procedures
• Security Audit (2026-04-01) — Latest security audit

Infrastructure & Operations

• Infrastructure Overview — CI/CD, deployment, monitoring, Docker, secrets
• Ops Docs Index — Operations documentation index
• Production Runbook — Deploy, migrate, rollback, verify
• Backend Runbook — Local dev + Docker stack + alerting
• Monitoring Stack — Prometheus, Alertmanager, Grafana (local)
• k6 Smoke Test — Load testing SLO thresholds
• VM/EC2 Deploy — VM deployment notes
• HTTPS/TLS — Edge TLS termination guide
• Performance Audit (2026-03-31) — Backend performance analysis

Marketing Site

• Marketing Overview — Marketing site docs
• Marketing Architecture — Next.js marketing site conventions

Audit & Compliance

• SOC 2 Readiness (2026-03-26) — SOC 2 assessment
• Documentation Audit (2026-02-14) — Doc gaps analysis
• Evidence Index — Audit evidence catalog
• Risk Backlog — Risk tracking

Legacy

• Legacy Docs Index — Read before using legacy docs
• Legacy Supabase, migration, and import docs preserved for historical reference

Maintenance Rules

• Update docs in the same PR when you change schema, routes, contracts, or ops procedures
• Generated API docs (go-backend/docs/) are drift-checked in CI
• When backend routes or schema objects change, update affected docs
• Treat database/PRISM_vNext_FINAL.sql and handler code as authoritative over documentation