← Zakázky

Legal Property Platform

Rozpočet: $5000.0 FIXED / ⭐ 0.00 (0) Australia

next.js, react-js, typescript, postgresql, tailwind-css-framework

Legal Practice Management Platform — Developer Brief Project Overview We're building a web-based practice management platform for a licensed legal practice specialising in residential property transactions in Australia. The platform manages matters (cases) end-to-end: client intake, document management, task tracking, compliance checks, AI-powered document analysis, real-time messaging, and settlement preparation. The platform serves three user types with three separate interfaces sharing one database. Scope Note This brief covers the technical build requirements only. Domain-specific workflow logic will be provided during development via detailed step-by-step specifications. The developer does not need prior conveyancing knowledge — all process rules will be supplied. Tech Stack (Non-Negotiable) Layer Technology Frontend Next.js 14 (App Router), TypeScript Styling Tailwind CSS UI Components shadcn/ui Database Supabase (PostgreSQL) — Sydney region (ap-southeast-2) Auth Supabase Auth File Storage Supabase Storage Real-time Supabase Realtime AI AI Provider API (Messages API, server-side only) Email Resend SMS Twilio Hosting Vercel The Three Interfaces 1. Client Portal (/) Access method: No account or password. Client enters a reference number and their last name. If the combination matches a record, they see their matter. Session stored in a secure cookie. Features: Matter header: property address, key dates, reference number 9-step progress tracker: visual progress bar showing completed (green), current (blue), and upcoming (grey) steps. Steps are configurable — we will provide the specific step labels. Document upload area: client uploads files with a type selector from a predefined list. Shows a checklist of what's been received vs still needed. Messaging: iMessage-style chat thread. Client can send messages and see replies from staff with role labels. Real-time updates via Supabase Realtime. Notifications: alerts when matter advances a stage, when a document is uploaded by staff, when they receive a new message. Action buttons: configurable per-stage client actions (e.g. "Upload document X", "Confirm status Y"). These trigger matter updates when completed. UX rules: Mobile-responsive as primary design target No legal jargon in UI — plain English labels Must never expose internal staff views or navigation Dead simple — assume a first-time user who has never used anything like this 2. Staff Dashboard — Operations (/operations) Access method: Email and password via Supabase Auth. Route-protected. Features: Task list across all active matters, sorted by urgency relative to each matter's key deadline Tasks colour-coded: red = overdue, amber = due within 3 days, green = on track Grouped by matter — all tasks for one matter visible together Mark tasks complete with optimistic UI update Show/hide completed tasks toggle Badge counts per matter for unread messages and new tasks since last visit Matter detail view: all tasks, read-only message thread, read-only document list Cannot send client-facing messages (communicates via tasks only) 3. Staff Dashboard — Review (/dashboard) Access method: Email and password via Supabase Auth. Route-protected. This role can access both /dashboard and /operations. Features: Summary cards: total active matters, matters needing attention (overdue/blocked tasks), matters with key deadlines this week, matters with key deadlines next week Matter table: all active matters sorted by key deadline. Columns: reference address, client name, current stage (coloured badge), key deadline date, assigned operations staff, attention flag (warning icon if overdue/blocked tasks). Red row highlighting for overdue matters. Badge counts for unread items. Create new matter: form that creates a matter, generates a reference number (prefix + sequential 5-digit number), creates the client user record, and generates a default task list — all in one action. Fields will be specified. Matter detail page: Matter header with all matter info 9-step progress tracker with "Move to Next Stage" button (confirmation modal) Tasks panel: all tasks / my tasks filter, mark complete, add new tasks Document checklist with upload and download (signed URLs from Supabase Storage) Messaging panel: full message thread, send and receive, real-time updates, sender name and role displayed AI Reviews section: displays structured AI analysis outputs with status (pending review / approved / rejected) and approve/reject actions Compliance section: displays compliance check results with status indicators (not started / in progress / complete / flagged) Authentication Model Staff (two roles): Email/password via Supabase Auth Role stored in users table linked by auth_id Role determines which routes are accessible Middleware-based route protection Clients: No auth account Access via reference_number + last_name Session cookie with matter_id, validated against database on every request Portal API routes validate the session cookie before any read/write Database Schema Core Tables organisations id (UUID, PK) name (text) abn (text, nullable) created_at, updated_at users id (UUID, PK) auth_id (UUID, links to Supabase Auth — nullable for clients) organisation_id (UUID, FK → organisations) email (text) first_name, last_name (text) phone (text, nullable) role (text: 'client', 'operations', 'reviewer', 'admin') created_at, updated_at matters id (UUID, PK) reference_number (text, unique, auto-generated) organisation_id (UUID, FK → organisations) client_id (UUID, FK → users) operations_user_id (UUID, FK → users, nullable) reviewer_id (UUID, FK → users) primary_address (text) matter_type (text) property_type (text: 'freehold', 'strata') transaction_type (text: 'purchase', 'sale') key_amount (numeric) deposit_amount (numeric, nullable) current_stage (text — from configurable stage list) key_deadline (date, nullable) secondary_date (date, nullable) tertiary_date (date, nullable) client_last_name (text — used for portal access) status (text: 'active', 'completed', 'cancelled') metadata (jsonb, nullable — flexible field for additional matter-specific data) created_at, updated_at matter_stages id (UUID, PK) matter_id (UUID, FK → matters) stage (text) entered_at (timestamp) completed_at (timestamp, nullable) advanced_by (UUID, FK → users, nullable) tasks id (UUID, PK) matter_id (UUID, FK → matters) title (text) description (text, nullable) assigned_role (text: 'ai', 'operations', 'reviewer') status (text: 'pending', 'in_progress', 'completed', 'blocked') due_date (date, nullable) completed_at (timestamp, nullable) completed_by (UUID, FK → users, nullable) sort_order (integer) created_at, updated_at ai_reviews id (UUID, PK) matter_id (UUID, FK → matters) review_type (text — configurable) source_document_id (UUID, FK → documents, nullable) input_data (jsonb) output_data (jsonb — structured AI response) risk_flags (jsonb — array of severity, field, description) confidence_score (numeric, nullable) tokens_used (integer) estimated_cost (numeric) status (text: 'pending_review', 'approved', 'rejected', 'superseded') reviewed_by (UUID, FK → users, nullable) reviewed_at (timestamp, nullable) reviewer_notes (text, nullable) created_at documents id (UUID, PK) matter_id (UUID, FK → matters) file_name (text) file_path (text — Supabase Storage path) file_size (integer, nullable) mime_type (text, nullable) document_type (text — from configurable document type list) uploaded_by (UUID, FK → users) created_at messages id (UUID, PK) matter_id (UUID, FK → matters) sender_id (UUID, FK → users) sender_role (text) content (text) is_read (boolean, default false) created_at notifications id (UUID, PK) user_id (UUID, FK → users) matter_id (UUID, FK → matters, nullable) type (text — configurable) title (text) body (text) is_read (boolean, default false) created_at matter_views id (UUID, PK) user_id (UUID, FK → users) matter_id (UUID, FK → matters) last_viewed_at (timestamp) Unique constraint on (user_id, matter_id) compliance_checks id (UUID, PK) matter_id (UUID, FK → matters) client_id (UUID, FK → users) check_type (text — configurable, e.g. 'identity_verification', 'screening', 'risk_assessment') provider (text, nullable) result (text: 'clear', 'match', 'potential_match', 'pending', 'failed') risk_rating (text: 'low', 'medium', 'high', nullable) raw_response (jsonb — full API response for audit) checked_by (UUID, FK → users) created_at notes (text, nullable) trust_ledger id (UUID, PK) matter_id (UUID, FK → matters) transaction_date (date) description (text) amount (numeric — positive for money in, negative for money out) transaction_type (text: 'receipt', 'payment', 'transfer', 'fee_deduction', 'refund') authorised_by (UUID, FK → users — must be reviewer role) authorised_at (timestamp) reference (text, nullable — bank reference, receipt number etc.) running_balance (numeric) created_at notes (text, nullable) Row Level Security RLS must be enabled on every table: Clients can only see rows linked to their own matter Operations users can only see rows for matters assigned to them Reviewers can see all rows within their organisation Trust ledger: reviewer role only (operations users cannot read or write) Compliance checks: reviewer can read/write, operations can read only, clients cannot access AI Layer Requirements Architecture All AI API calls happen server-side via Next.js API routes — never from client-side browser code AI Provider API key stored in environment variables, never exposed to browser Every AI call must be logged: input, output, tokens used, estimated cost — stored in ai_reviews table All AI output presented as a draft requiring human review — UI must include clear labels indicating this Prompts stored centrally in /src/lib/ai/ — never inline in components or API routes Set appropriate max_tokens limits per call type AI Agent 1: Document Analysis Input: PDF document uploaded to matter Process: Extract text from PDF. Send to AI Provider API with a structured system prompt. Return structured JSON output. Output: Structured JSON containing extracted fields (field list will be provided per document type), risk flags with severity (red/amber/green) and explanations, confidence scores per field. Edge cases: Scanned PDFs (OCR required), multi-part documents with annexures, varying document formats, handwritten amendments. AI Agent 2: Secondary Document Analysis Input: Various PDF documents (different types) Process: Identify document type, extract key fields per type, cross-reference against data already extracted from primary documents. Output: Per-document analysis plus consolidated summary with risk flags. AI Agent 3: Financial Calculator Input: Rate amounts extracted from documents, key dates, rating periods Process: Calculate daily rates and pro-rate between parties based on date. Output: Itemised calculation sheet with line items and net figure. Note: The actual arithmetic should be deterministic code, not AI inference. AI is used for extracting values from documents — the calculation itself must be precise. AI Agent 4: Correspondence Drafter Input: Brief instructions from reviewer (e.g. "advise client results are clean, no issues found") Process: Generate professional correspondence in plain English. Output: Draft for reviewer approval before sending. Tone: Professional but approachable. No jargon. Reader is typically a first-time user. Notification System In-App Notifications Badge count in navigation Dropdown showing unread notifications Mark as read on click Triggered by: stage changes, new messages, document uploads, overdue tasks, AI review ready, compliance check results Email Notifications (Resend) Stage advancement → notify client New message → notify recipient Document uploaded → notify reviewer Task overdue → notify assigned role Templated emails with matter context SMS Notifications (Twilio) Key deadline reminders (T-7 days, T-2 days, T-1 day) Urgent alerts (overdue compliance, failed checks) Trust Ledger Module The platform tracks financial movements per matter. It does NOT integrate with banking — it is a ledger only. The actual bank account is managed separately. Features: Per-matter trust account view: all transactions, running balance, expected vs actual Overall trust summary: combined balance across all matters Reviewer-only authorisation on every transaction (operations staff cannot authorise) Monthly reconciliation sign-off by reviewer End-of-matter trust statement: auto-generated summary of all movements No deletion of trust records — ever. Corrections made via offsetting entries. All trust records retained for minimum 7 years No hard-delete capability on trust data Stage Automation Stages can auto-advance when certain conditions are met. The reviewer can also manually advance or reverse stages. Automation rules will be provided as a configuration — the platform should support rule-based stage advancement where rules are defined as: "when all tasks with tag X are completed, advance to stage Y." Security Requirements All client data stored in Supabase Sydney region (ap-southeast-2) Row Level Security on every table Document storage bucket with restricted access (signed URLs, expiring) No client data in URL parameters Session cookies: secure, httpOnly, sameSite strict Validate all user input on client and server side Sanitise file uploads (check types, limit sizes) Environment variables for all API keys and secrets Every AI call, document access, stage change, and login logged with timestamp and user All logs and records retained for minimum 7 years Audit trail: who did what, when, to which matter File/Folder Structure /src /app page.tsx — Client portal access form /auth/login — Staff login /portal — Client portal pages /operations — Operations dashboard pages /dashboard — Reviewer dashboard pages /matters/[id] — Matter detail page /api /ai — AI agent endpoints /matters — Matter CRUD /notifications — Notification endpoints /portal — Portal access/signout /trust — Trust ledger endpoints /components /ui — shadcn/ui base components /matters — Matter-specific components /portal — Client portal components /operations — Operations dashboard components /dashboard — Reviewer dashboard components /lib /supabase — Supabase client configuration /ai — AI prompt templates and helpers /utils — General utilities /types — TypeScript type definitions middleware.ts — Route protection /public — Static assets /supabase — Database migrations Deliverables & Milestones Milestone 1: Foundation + Auth + Security Next.js 14 project with Tailwind + shadcn/ui Supabase connected (Sydney region) Authentication working (staff login + client portal access) Route protection via middleware Database tables created with proper RLS policies All three interfaces with basic layouts Milestone 2: Core Platform Matter creation with auto-generated reference numbers and default task lists Matter detail page with progress tracker, tasks, documents, messaging Operations dashboard with task list, urgency sorting, mark complete Reviewer dashboard with summary cards, matter table, attention flags Client portal with progress tracker, document upload, messaging Supabase Realtime for messaging Document upload/download with signed URLs Milestone 3: AI Layer + Notifications AI document analysis (PDF upload → structured JSON output) AI secondary document analysis with cross-referencing AI financial calculator AI correspondence drafter In-app notification system Email notifications via Resend SMS notifications via Twilio Milestone 4: Compliance + Trust + Polish Compliance check workflow (identity verification, screening, risk assessment) Compliance hard gate (matters cannot advance without completed checks) Trust ledger module with reviewer-only authorisation Trust reconciliation view Stage automation rules engine Mobile responsiveness audit Landing/marketing page Security audit and final testing Budget & Terms Fixed-price engagement, milestone-based payments. Payment on delivery and confirmation of each milestone. What We Provide Detailed domain-specific workflow documentation (provided after engagement, under NDA) AI prompt specifications and system prompts Configurable stage labels, task templates, and document type lists Access to Supabase project, Vercel, and all API keys Responsive communication and feedback within 24 hours on all deliverables
Otevřít na Upwork