تشغيل أي مهارة في Manus بنقرة واحدة

unity-erp-tenancy

النجوم٠

التفرعات١

آخر تحديث١٦ فبراير ٢٠٢٦ في ٠٥:٠٣

Unity ERP multi-tenancy (organizations) workflow. Use when adding org_id, backfilling data, tightening RLS, debugging "null nested relation" issues, or implementing tenant-scoped module access.

التثبيت

التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.

تشغيل في Manus

المصدر

MaierG74

MaierG74/unity-erp

فتح مستودع GitHub عرض مستودعات المنشئ

تنزيل

تشغيل في Manus

المهن ذات الصلةSOC

استنادا إلى تصنيف SOC المهني

مصممو قواعد البياناتمهن الحاسوب والرياضيات·SOC 15-1243

SKILL.md

readonly

name	unity-erp-tenancy
description	Unity ERP multi-tenancy (organizations) workflow. Use when adding org_id, backfilling data, tightening RLS, debugging "null nested relation" issues, or implementing tenant-scoped module access.
argument-hint	[table/feature to change or debug]
allowed-tools	Read, Grep, Glob, Edit, Write, Bash

Unity ERP Tenancy (Organizations)

Scope: $ARGUMENTS

Canonical Docs (start here)

docs/README.md
docs/operations/tenant-data-isolation-zero-downtime-runbook.md
docs/operations/tenant-module-entitlements-runbook.md
docs/operations/tenant-rollout-status.md
docs/overview/todo-index.md

Vocabulary

Use organization consistently in UI/code/docs.
"Tenant" is acceptable as a synonym in technical discussion.

Default Approach (safe for live systems)

Follow the staged plan in the runbook. The intent is zero downtime and easy rollback:

Expand-only first: add org_id as nullable + default/backfill + indexes + NOT VALID FK.
Verify data consistency:
- No org_id IS NULL rows for the tables you touched.
- Parent/child org alignment is correct.
- No users missing public.organization_members.
Tighten RLS in baby steps:
- One table at a time.
- Add org-scoped policies while leaving existing permissive policies in place.
- Verify with a normal user.
- Only then remove permissive policies.
Enforce constraints later:
- VALIDATE CONSTRAINT on FKs once stable.
- Only then consider SET NOT NULL on org_id.

Common Pitfall: "Nested relation is null"

Supabase nested selects can return null for embedded objects when:

the user is missing an org membership row, or
one related table is RLS-locked while the other is not, or
the join row exists but is blocked by RLS.

UI code must treat nested relations as nullable and avoid direct dereferences like: row.supplier_component.component.internal_code

Server-Side Patterns (prefer these)

Org resolution + membership:
- lib/api/org-context.ts
Module entitlement checks:
- lib/api/module-access.ts

Guard Rails

Never tighten RLS in production without running the "users missing membership" check in the runbook.
When debugging a "works for super admin but not normal user" issue, suspect:
- missing organization_members row, or
- RLS blocking a nested relation.

المزيد من هذا المستودع

نفس المستودع

detail-page-depth

MaierG74/unity-erp

Blueprint for building or upgrading detail pages (entity views with tabs/sections) to match Unity ERP's visual depth standard. Use when creating a new detail page, upgrading an existing one that feels flat, or adding tabs/sections to an entity view. Covers page canvas, sticky headers, sidebar decisions, gradient stat cards, and accent borders.

2026-05-070

furniture-configurator

MaierG74/unity-erp

Use when adding a new furniture template, modifying parametric parts generation, extending the configurator UI (forms, previews, edge banding), or porting the configurator pattern to another project.

2026-05-070

polygon-pitch-pamphlet

MaierG74/unity-erp

Use when building a Polygon sales document — pitch advert, capability pamphlet, product brochure, or any image-and-quote-led PDF in the spine+nervous-system visual brand. Triggers include "build a pitch pamphlet for [prospect]", "make an advert for [agent name]", revising/extending the existing Tight Factories advert or Purchasing Agent pamphlet, or porting the same pattern to a new agent (Inter-Site Transfer Agent, Daily Brief Agent, etc.).

2026-05-070

tailwind-v4

MaierG74/unity-erp

Tailwind CSS v4 and shadcn v4 reference for Unity ERP. Use when writing or editing Tailwind classes, modifying globals.css or @theme config, adding shadcn components, or any frontend styling work. Prevents writing outdated v3 syntax from training data.

2026-05-070

unity-erp-business-rules

MaierG74/unity-erp

Unity ERP domain-specific business rules. Use when working on staff/attendance/payroll, time clock logic, file storage/uploads, or any module where non-obvious business logic applies.

2026-05-070

cutlist-pdf

MaierG74/unity-erp

Cutting diagram PDF layout, dimension labels, and rendering. Use when fixing or enhancing the PDF cutting diagram — panel labels, dimension overlays, sheet dimensions, legend table, or SVG layout.

2026-05-050

Unity ERP Tenancy (Organizations)

Scope: $ARGUMENTS

Canonical Docs (start here)

docs/README.md

docs/operations/tenant-data-isolation-zero-downtime-runbook.md

docs/operations/tenant-module-entitlements-runbook.md

docs/operations/tenant-rollout-status.md

docs/overview/todo-index.md

Vocabulary

Use organization consistently in UI/code/docs.

"Tenant" is acceptable as a synonym in technical discussion.

Default Approach (safe for live systems)

Follow the staged plan in the runbook. The intent is zero downtime and easy rollback:

Expand-only first: add org_id as nullable + default/backfill + indexes + NOT VALID FK.

Verify data consistency:

No org_id IS NULL rows for the tables you touched.
Parent/child org alignment is correct.
No users missing public.organization_members.

Tighten RLS in baby steps:

One table at a time.
Add org-scoped policies while leaving existing permissive policies in place.
Verify with a normal user.
Only then remove permissive policies.

Enforce constraints later:

VALIDATE CONSTRAINT on FKs once stable.
Only then consider SET NOT NULL on org_id.

Common Pitfall: "Nested relation is null"

Supabase nested selects can return null for embedded objects when:

the user is missing an org membership row, or

one related table is RLS-locked while the other is not, or

the join row exists but is blocked by RLS.

UI code must treat nested relations as nullable and avoid direct dereferences like: row.supplier_component.component.internal_code

Server-Side Patterns (prefer these)

Org resolution + membership:

lib/api/org-context.ts

Module entitlement checks:

lib/api/module-access.ts

Guard Rails

Never tighten RLS in production without running the "users missing membership" check in the runbook.

When debugging a "works for super admin but not normal user" issue, suspect:

missing organization_members row, or
RLS blocking a nested relation.