Architecture diagrams
Visual source of truth for Kisum platform architecture. For implementation details, refer to section 2.x backend documents.
🧱 1. Master Architecture
Section titled “🧱 1. Master Architecture”flowchart TB
subgraph ENTRY["Access"]
U1["User"]
U2["Platform Admin"]
end
subgraph AUTH["Auth Layer"]
A1["Auth Backend"]
A2[(Auth DB)]
A3[(Redis)]
end
subgraph CORE["Platform Core"]
C1["Core Backend"]
C2[(Core DB)]
end
subgraph APP["App"]
F1["Frontend"]
F2["Core App"]
end
subgraph MODULES["Modules"]
M1["Finance"]
M2["Market"]
M3["Venue"]
M4["AI"]
end
subgraph BACKENDS["Backends"]
B1["Basic Backend"]
B2["Finance Backend"]
B3["Market Backend"]
B4["Venue Backend"]
B5["AI Backend"]
end
U1 --> A1
U2 --> A1
A1 <--> A2
A1 <--> A3
A1 --> C1
C1 <--> C2
F1 <--> A1
F1 --> F2
F2 --> M1
F2 --> M2
F2 --> M3
F2 --> M4
F2 --> B1
M1 --> B2
M2 --> B3
M3 --> B4
M4 --> B5
B1 -.-> A1
B2 -.-> A1
B3 -.-> A1
B4 -.-> A1
B5 -.-> A1
⚡ 2. Runtime Flow
Section titled “⚡ 2. Runtime Flow”flowchart TD A[Login] --> B[Auth] B --> C[JWT] C --> D[Frontend Load] D --> E["/auth/me/access"] E --> F[Auth loads membership] E --> G[Auth calls Core] F --> H[Merge Access] G --> H H --> I[Effective Access] I --> J[Frontend UI] J --> K[API Call] K --> L[Backend] L --> M[Validate JWT] M --> N[Check Module] N --> O[Check Permission] O -->|OK| P[Execute] O -->|NO| Q[403]
🧑💼 3. Platform Admin Flow
Section titled “🧑💼 3. Platform Admin Flow”flowchart TD A[Admin Login] --> B[Auth] B --> C[Admin UI] C --> D[Manage Packages] C --> E[Manage Permissions] C --> F[Manage Subscriptions] D --> G[Core Backend] F --> G E --> H[Auth Backend] G --> I[Update Entitlements] H --> J[Update Grants] I --> K[Invalidate Cache] J --> K K --> L[Next Access Rebuild]
🧠 4. Access Model
Section titled “🧠 4. Access Model”flowchart LR A[Company Entitlements] B[Membership Grants] C[Permissions] A --> D[Access Engine] B --> D C --> D D --> E[Modules] D --> F[Permissions]
🏢 5. Company vs User Access
Section titled “🏢 5. Company vs User Access”flowchart TD A[Company: Basic + Finance + Market] A --> B1[User A: All] A --> B2[User B: Finance] A --> B3[User C: Basic + Finance]
👑 6. Role Hierarchy
Section titled “👑 6. Role Hierarchy”flowchart TD A[SUPERADMIN] B[ADMIN] C[MANAGER] D[USER] A --> B --> C --> D
🔄 7. Full Execution Flow
Section titled “🔄 7. Full Execution Flow”flowchart TD L1[Login] --> L2[Auth] L2 --> L3[JWT] L3 --> B1[App Load] B1 --> B2["/auth/me/access"] B2 --> B3[Load Membership] B2 --> B4[Load Entitlements] B3 --> B5[Merge] B4 --> B5 B5 --> B6[Effective Access] B6 --> B7[Cache] B7 --> B8[Frontend] B8 --> B9[Call Backend] B9 --> B10[Validate] B10 --> B11[Authorize] B11 --> B12[Execute]
🎯 Final Rules
Section titled “🎯 Final Rules”Auth = access brainCore = commercial brainBackend = enforcementFrontend = UI only