Skip to main content
This page summarizes effective access in BrikSync PropOS. Decision rule:
  • ALLOW = Role permission AND Plan entitlement/limit AND RLS scope
This customer guide covers organization roles only.

Plan Features

FeatureFREEPROBUSINESS
Financial reportingYesYesYes
AI featuresNo*YesYes
Advanced analyticsNo*YesYes
Broker managementNo*YesYes
Bulk importNo*YesYes
Property inspectionsNo*YesYes
Availability calendarNo*YesYes
Marketing brochuresNo*YesYes
Portal syndicationNo*No*Yes
API accessNo*No*Yes
Multi-org managementNo*No*Yes
* Can be enabled by organization-level feature override.

Plan Limits

LimitFREEPROBUSINESS
Properties325Unlimited
Tenants10100Unlimited
Brokers03Unlimited

CRUD by Role (Summary)

Domainsuper_adminadminproperty_managerlandlordbrokertenant
PropertiesCRUDCRUDCRUCRU--
TenantsCRUDCRUDCRUCRU-R (self)
LeasesCRUCRUCRUCRUR**R (own)
PaymentsCR*CR*CR*RR**CR
BrokersCRCR--R (self)-
Team ManagementYesYesNoNoNoNo
BillingYesYesNoNoNoNo
Audit LogsYesYesNoNoNoNo
* Payment delete is not exposed in current role permission map. ** Broker read access is limited to downloading payment receipts and move-out report PDFs within their organisation.

Scope and Security

  • Cross-tenant access is blocked by org-scoped RLS.
  • Role checks are enforced in server actions.
  • Plan limits are enforced in UI + action + RLS.
  • Broker over-read on properties/units is explicitly denied by policy hardening.
Note: Task 051 added the rent_payments table and associated server actions to record and list rent payments. Payments CRUD remains RLS-scoped — delete is not exposed in the UI and payment mutations verify lease/org ownership and role gating. Task 053 (2026-03-23) adds unit tests validating late fee calculation, Stripe PaymentIntent wiring, and receipt PDF generation.
Last modified on April 7, 2026