Implementation vs Manifest
How the current platform maps to the project manifest and where source requirements remain useful context.
Source requirement material
The repository includes product and audit material under Project Manifest/, docs/, and app/docs/. Those files describe the intended role flows, worksheet fields, reimbursement flows, allowance rules, audit requirements, and Phase 1 gaps.
This Fumadocs site documents the implemented system first. Manifest notes are used as context where they explain why a feature exists or where a workflow is still broader than the current code.
Implemented core
| Manifest expectation | Current implementation evidence |
|---|---|
| Web portal with user management, timesheets, Xero, reporting, and API layer | Controllers under Portal/, API Platform routes, API v2 controllers, Xero services, report and invoice routes. |
| Role-based access for admin, client supervisor, payroll, client finance, electrician | Auth0 web authentication plus portal route groups and role-specific controllers. |
| Timesheet creation, submission, approval, rejection, and resubmission | TimesheetStatus, portal/API update routes, supervisor and payroll approval routes. |
| Reimbursement submission and review | Expense, ExpenseStatus, electrician expense routes, supervisor/client/payroll expense routes. |
| Allowance rules by client, project, hours, vehicle, work condition, and manual selection | ClientAllowance, Project.allowances_data, TimeEntry.allowancesData, and AllowanceMatrixCalculator. |
| Calculation snapshots for payroll and billing | TimesheetCalculation, TimesheetCalculationLine, AwardTimesheetCalculationManager, AwardTimesheetCalculator. |
| Invoice review and Xero dispatch | PayrollInvoice, PayrollInvoiceItem, finance/payroll finance routes, Xero OAuth and submission services. |
| Change/audit history on timesheet edits | TimesheetChangeLog, TimesheetChangeLogger, TimesheetChangeViewBuilder, redline/history views. |
| Risk and fraud-prevention signals | TimesheetRiskScorer, TimesheetRiskAssessment, risk portal routes. |
Known implementation boundaries
The manifest contains broader ideas than the currently implemented platform. Treat these as product context, not proof that the feature is complete:
- full GPS geofence enforcement and override approval workflows
- formal exportable version history with restore from arbitrary version
- full payroll profile data capture for TFN, bank details, superannuation, and similar sensitive fields
- cross-device duplicate prevention with conflict-resolution screens
- all advanced award matrix rule categories enabled by default
- direct Xero pay-run creation for payroll
How to read gaps safely
When adding a feature from the manifest:
- Check whether an entity and route already exist.
- Check whether a policy or subscriber already enforces lifecycle behavior.
- Check whether the behavior is only captured in a markdown/CSV requirement.
- Document the source of truth in this Fumadocs site after the implementation changes.
Do not infer operational behavior only from the original manifest. The code is the final authority for what runs today.