14. Notifications & Admin / Backoffice

← Business Requirements

(a) Business requirements

  • In-app notifications to all user types for booking, payment, payout, review, verification, and alert events. Carried as typed in-app records the front-end fetches on load and uses to deep-link to the relevant entity. No push notifications at launch.
  • A retention job hard-deletes read notifications older than 90 days to keep the table bounded.
  • Admin / backoffice tooling must cover the operational spine:
    • Verification queue — review uploaded MoH/INO/criminal-record documents, record structured credential numbers/expiries, pass/fail steps, and flip is_verified transactionally.
    • Refund tooling — initiate admin-only, ticket-linked refunds with tiered policy application and fee-leg decomposition; for BNPL, trigger the provider revert/cancel.
    • Payout tooling — initiate/inspect weekly batches, see eligibility (EVV + closed dispute window), apply clawback netting, schedule around bank holidays, and reconcile transfer references.
    • Support-alert console — triage low-rating, no-show, location-mismatch, expiry, and fraud-signal alerts.
    • RBAC — admin roles (super_admin / admin / support / finance / moderator) scope who can verify, refund, pay out, and moderate.
  • An append-only audit trail records every state-changing operation on sensitive entities (bookings, payments, refunds, verifications, reviews, users), and config changes (e.g., the platform fee rate) are auditable.

(b) Iran-specific considerations

  • No push at launch reflects a pragmatic MVP and the in-app polling norm; SMS-OTP already covers the critical auth path.
  • Back-office must reason over the Shamsi calendar and iranian_holidays for payout scheduling and deadline computation, and over the verification realities (manual MoH/INO checks, expiry-driven re-verification).
  • High-volume logs (audit_logs, system_events, notifications) need partitioning/retention planned before launch to avoid unbounded growth.

(c) MVP vs DEFERRED

  • MVP: in-app notifications with 90-day retention; admin verification/refund/payout/alert tooling; RBAC; append-only audit_logs; config-change auditing.
  • DEFERRED: push notifications; SMS/email notification channels beyond OTP; a full analytics warehouse (system_events piped out rather than queried in the transactional DB); ML fraud console.

(d) Supporting database entities

notifications, support_alerts, roles, user_roles, audit_logs, system_events, platform_configs, plus the operational entities each tool acts on (nurse_verifications / verification_steps / nurse_credentials, refunds, nurse_payout_batches / nurse_payouts / nurse_clawbacks, bookings).

Related: Data model — Audit, Config & Reference.

↑ Back to top