{ "id": "2026-05-06-b2bea-org-capability-map-57d00a6caf", "scope": "redkey", "source_of_truth": "repo", "source_path": "docs/specs/2026-05-06-b2bea-org-capability-map.md", "source_kind": "markdown", "visibility": "internal", "renderer_id": "design_doc.dreamborn-forge.generated.v1", "design_system": "dreamborn-design-system:forge", "generated_at": "2026-05-09T13:00:55.705Z", "artifact_type": "design_doc", "schema_version": "design_doc.generated.v1", "title": "B2BEA.org Capability Map v5", "summary": "B2BEA.org Capability Map v5 Source of record: RedKey Supabase Studio artifact. Project: B2BEA.org Rebuild Project ID: a820dd0c 6cef 4133 bfbd d802fd806e44 Artifact: capability map Artifact ID: c889a1fe c3ce 4b0d 873c af4e0ec8dfe4 Version: 5 Status: draft Updated: 2026 05 06T20:00:09.332+00:00 Purpose This capability map is derived from the reverse engineerin...", "format_source": "markdown", "sections": [ { "title": "B2BEA.org Capability Map v5", "level": 1, "body": "Source of record: RedKey Supabase Studio artifact.\n\n- Project: `B2BEA.org Rebuild`\n- Project ID: `a820dd0c-6cef-4133-bfbd-d802fd806e44`\n- Artifact: `capability-map`\n- Artifact ID: `c889a1fe-c3ce-4b0d-873c-af4e0ec8dfe4`\n- Version: `5`\n- Status: `draft`\n- Updated: `2026-05-06T20:00:09.332+00:00`" }, { "title": "Purpose", "level": 2, "body": "This capability map is derived from the reverse-engineering pass over the current B2BEA.org repo. It is now a V1 production-scope catalog: production-ready capability areas are included in V1 unless explicitly excluded.\n\nCapability names use `VerbObject` style so they can later become permissions, service methods, API operations, QA scenarios, and UI actions." }, { "title": "Status Legend", "level": 2, "body": "- `current`: Evidence exists in the current repo.\n- `partial`: Some evidence exists, but the capability is incomplete or indirectly implemented.\n- `planned`: Target capability implied by the rebuild/surface model but not present as a first-class current workflow.\n- `candidate`: Possible capability to review before committing to target scope." }, { "title": "Summary", "level": 2, "body": "- Current mapped capabilities: 161\n- V1 production capability target: 260 capabilities\n- Public Site: 25 capabilities\n- Auth / Account Security: 13 capabilities\n- Individual Member Dashboard + Profile: 21 capabilities\n- B2BEA Admin: 59 capabilities\n- Vendor Management Portal: 18 capabilities\n- Practitioner Company Workspace: 18 capabilities\n- Cross-cutting system capabilities: 7 capabilities\n- Additional V1 production capabilities: 99 capabilities" }, { "title": "V1 Production Scope Decision", "level": 2, "body": "V1 should be production-ready across the site, not a thin MVP with obvious operational gaps deferred to a later phase.\n\nThe only intentionally light area is internal core-site administration. Core site changes are handled by a small trusted team: Brett, Sarah, and Justin. V1 does not need granular internal admin privilege tiers or complex approval chains for that team.\n\nProduction controls still matter where changes affect public content, external users, self-service portals, entitlements, payments, learning access, surveys, jobs, vendor data, company workspaces, and reporting." }, { "title": "Core Publishing Model", "level": 2, "body": "B2BEA needs two production publishing paths:\n\n| Path | Use When | V1 Controls |\n|---|---|---|\n| Custom HTML import | A landing page or resource needs a custom look beyond standard templates. | Owner, status, preview, publish, rollback/archive, analytics hooks, SEO metadata. |\n| Sanity standard page creation | A standard site page should use structured content and reusable page templates. | Template selection, required fields, preview, publish/schedule, archive, SEO metadata. |" }, { "title": "Production Ready Definition", "level": 2, "body": "Every V1 capability should define:\n\n- Who owns the record or content.\n- Required lifecycle states.\n- Required fields and validation.\n- Public/private visibility rules.\n- Admin, vendor, company, member, and anonymous access behavior.\n- Notification side effects.\n- Audit/event logging for material public changes.\n- Empty, loading, error, and success states.\n- Acceptance criteria that can become QA checks.\n\nFor Brett, Sarah, and Justin, permissions can stay simple. For members, vendors, practitioner companies, entitlements, and public publishing, authorization and lifecycle rules need to be explicit and enforced." }, { "title": "Decisions", "level": 2, "body": "| ID | Topic | Decision |\n|---|---|---|\n| `DEC-001` | Public practitioner company profiles | Exclude from V1. Keep vendor public profiles; practitioner companies get private workspace only. |\n| `DEC-002` | Company-created jobs | Require B2BEA admin review before public publishing in V1. |\n| `DEC-003` | Sanity versus Supabase source of truth | Sanity owns editorial/public content. B2BEA Supabase owns application and operational data, including people, company, vendor, membership, course, survey, job, event, analytics, and notification records. |\n| `DEC-004` | Notifications | V1 is email-first with an internal notification event log. In-app notifications are designed for later unless a surface explicitly needs them. |\n| `DEC-005` | CRM source of truth | HubSpot is the primary CRM for leads, pipeline, sales activity, and renewals. B2BEA Supabase owns website profiles and operational entities. |\n| `DEC-006` | Vendor and company analytics exports | V1 allows bounded own-account exports only. No raw platform-wide data, cross-account comparisons, or sensitive user-level data unless explicitly consented and permitted. |" }, { "title": "Additional V1 Production Capability Groups", "level": 2, "body": "These groups are V1 scope unless removed during spec review.\n\n| Group | Count | Examples |\n|---|---:|---|\n| Surveys and assessments | 19 | `AdminCreateSurvey`, `AdminPublishSurvey`, `PublicTakeSurvey`, `MemberTakeSurvey`, `CompanyAssignSurvey`, `AdminDisplaySurveyData`, `AdminExportSurveyResponses` |\n| Forms and intake | 9 | `AdminCreateForm`, `PublicSubmitForm`, `VendorSubmitForm`, `AdminReviewFormSubmission`, `AdminExportFormSubmissions` |\n| Events and sponsorship | 11 | `AdminCreateEvent`, `AdminManageEventSponsors`, `MemberRegisterForEvent`, `VendorSponsorEvent`, `AdminExportEventRegistrations` |\n| Vendor commercial workflow | 12 | `VendorPurchaseMembership`, `VendorManageBilling`, `VendorInviteTeamMember`, `VendorViewLeads`, `AdminCreateVendorInvoice` |\n| Editorial workflow | 13 | `AdminCreateArticle`, `AdminScheduleArticle`, `AdminReviewVendorContent`, `AdminManageEditorialCalendar`, `AdminManageRedirects` |\n| Academy and certification | 11 | `AdminCreateCertification`, `AdminIssueCertificate`, `MemberViewCertificate`, `AdminCreateQuiz`, `CompanyAssignLearningPath` |\n| Notifications | 8 | `SystemSendEmailNotification`, `SystemSendInAppNotification`, `SystemNotifySurveyAssigned`, `UserManageNotificationPreferences` |\n| Reporting and analytics | 8 | `AdminViewPlatformAnalytics`, `AdminViewAcademyAnalytics`, `VendorViewProfileAnalytics`, `CompanyViewTeamAnalytics` |\n| CRM and sales operations | 7 | `AdminCreateLead`, `AdminAssignLead`, `AdminTrackOpportunity`, `AdminConvertLeadToVendor`, `AdminManageRenewalPipeline` |" }, { "title": "Public Site", "level": 2, "body": "Purpose: Browse, learn, discover, search, convert, and view public people/company/vendor/content pages." }, { "title": "Discovery And Search", "level": 3, "body": "| Capability | Status | Notes |\n|---|---:|---|\n| `PublicSearchSite` | current | Global modal search and page-level search/filter patterns exist. |\n| `PublicFilterVendorDirectory` | current | Filters by vendor type/category/search term. |\n| `PublicFilterPeopleDirectory` | current | People directory includes public browsing/filtering behavior. |\n| `PublicFilterCareerJobs` | current | Public jobs list has search/filter behavior. |\n| `PublicFilterCourses` | current | Course catalog filters and enrollment badges are client-side. |\n| `PublicFilterResources` | current | Resource/report/guide discovery patterns exist but should be unified. |" }, { "title": "Content, Resources, And Gating", "level": 3, "body": "| Capability | Status | Notes |\n|---|---:|---|\n| `PublicViewArticle` | current | Includes page-view tracking. |\n| `PublicViewGuide` | current | Supports vendor attribution and gated downloads. |\n| `PublicViewReport` | current | Supports vendor attribution and gated downloads. |\n| `PublicDownloadResource` | current | Current pages record `resource_downloads` in several places. |\n| `PublicGateResourceByAccount` | current | Anonymous users see signup/login CTA. |\n| `PublicGateResourceByMembership` | current | Pro-gated content checks membership client-side. |\n| `PublicViewTopicHub` | current | Topic/category hubs exist and need target model consolidation. |\n| `PublicViewConcept` | current | Concept detail pages exist. |" }, { "title": "Public Profiles And Directories", "level": 3, "body": "| Capability | Status | Notes |\n|---|---:|---|\n| `PublicViewVendorProfile` | current | Includes page-view tracking and vendor detail content. |\n| `PublicViewPersonProfile` | current | Public member/person profiles exist. |\n| `PublicViewAuthorProfile` | current | Author profile pages exist. |\n| `PublicViewCaseStudy` | current | Practitioner case-study detail pages exist. |\n| `PublicViewEvent` | current | Event detail pages exist. |\n| `PublicViewJob` | current | Career detail pages exist. |" }, { "title": "Conversion And Public Intake", "level": 3, "body": "| Capability | Status | Notes |\n|---|---:|---|\n| `PublicStartMembershipCheckout` | partial | Checkout flow is present but tied to current implementation. |\n| `PublicApplyVendorMembership` | current | Vendor application redirects and vendor membership page exist. |\n| `PublicClaimVendorListing` | current | Claim workflow exists as public/vendor bridge. |\n| `PublicTakeMaturityAssessment` | current | Creates `assessment_sessions`. |\n| `PublicViewMaturityAssessmentResults` | current | Loads `assessment_sessions` by ID. |" }, { "title": "Authentication And Account Security", "level": 2, "body": "Purpose: Shared identity layer across all surfaces." }, { "title": "Auth Core", "level": 3, "body": "| Capability | Status | Notes |\n|---|---:|---|\n| `AuthSignUpWithEmail` | current | Supabase auth signup. |\n| `AuthSignInWithPassword` | current | Supabase password login. |\n| `AuthSignInWithMagicLink` | current | Supabase OTP magic-link flow. |\n| `AuthSignInWithGoogle` | current | OAuth provider flow. |\n| `AuthSignInWithLinkedIn` | current | OAuth provider flow. |\n| `AuthConfirmEmail` | current | Email confirmation surface exists. |\n| `AuthResetPassword` | partial | Reset email flow points to `/reset-password/`, but reset page was not observed in inventory. |\n| `AuthSignOut` | current | Multiple surfaces sign out directly. |" }, { "title": "Account Security", "level": 3, "body": "| Capability | Status | Notes |\n|---|---:|---|\n| `AccountChangeEmail` | current | Supabase auth `updateUser` email. |\n| `AccountChangePassword` | current | Supabase auth `updateUser` password. |\n| `AccountLinkIdentity` | current | Links external auth identity. |\n| `AccountUnlinkIdentity` | current | Unlinks external auth identity. |\n| `AccountViewLinkedIdentities` | current | Renders linked identities list. |" }, { "title": "Individual Member Dashboard And Profile", "level": 2, "body": "Purpose: Personal member account, public profile projection, learning state, and benefits." } ], "html_path": "artifacts/2026-05-06-b2bea-org-capability-map-57d00a6caf.html", "json_path": "artifacts/2026-05-06-b2bea-org-capability-map-57d00a6caf.json" }