B2B SaaS Recruitment Marketplace

Context

A Saudi HR-tech client needed a marketplace platform for three distinct user roles: companies that post jobs and pay for hires, HR freelancers (SMEs) who source and place candidates, and admins who oversee the entire platform. The business model required a configurable revenue-share pricing engine, a full ATS pipeline, contract creation, video meetings, and end-to-end payment handling with 15% VAT compliance — all in Arabic.

Constraints

• Three separate user portals with completely different workflows had to share one codebase without leaking cross-tenant data — enforced at the database level, not just the application layer.
• The pricing engine needed to be fully configurable by admins at runtime (salary tiers, freelancer multipliers, company-segment discounts, VAT) and had to snapshot pricing at contract creation to prevent retroactive changes.
• ATS phase transitions needed role-based enforcement: SMEs could move candidates through sourcing and screening; only companies could advance to shortlist and beyond. Max one phase jump per action.
• The platform had to operate in Arabic-first RTL with a ~5,000-key translation system from the start.

Approach

I used Next.js 15 App Router with a vertical-slice feature architecture (21 feature directories). PostgreSQL Row-Level Security with a `get_user_role()` RPC enforced multi-tenant data isolation at the database layer. The pricing engine was a pure TypeScript service that fetched live configuration, calculated fees, applied multipliers and discounts. Gemini AI was integrated via five separate Supabase Edge Functions for different AI workflows. Zoom Video SDK was embedded in-browser with server-side JWT signature generation.

Key decisions

• Enforced all multi-tenant access through PostgreSQL RLS (`is_company()`, `is_sme()`, `is_admin()` helper functions) rather than application-layer checks — so even direct database access could not leak cross-tenant data.
• Built a Zoom meeting AI summary pipeline to work around Zoom's lack of Arabic transcription support: captured meeting audio via Zoom webhooks, piped it through a third-party transcription service, then sent the transcript to Gemini to generate structured Arabic-language summaries — wiring three external services together to fill a gap the platform could not handle natively.
• Modeled ATS phase transitions as a state machine in `ats-validation-service.ts` with explicit allowed transitions per role — rather than a generic CRUD update — so illegal transitions were impossible to trigger from the UI or the API.
• Wired notifications through two channels: Supabase Realtime for in-app bell notifications and Resend for transactional email — 20+ route handlers covering the full hire lifecycle from meeting confirmations to payment receipts and ATS stage changes.

Tradeoffs and risks

• Chose Zoom Video SDK over the Zoom Meeting API to embed video calls directly in-browser without redirecting users to the Zoom app — the SDK gives full UI control but strips out Zoom's native AI summary features, which is what forced the custom webhook → transcription → Gemini pipeline.
• Pushing critical business rules (pricing, ATS transitions, role checks) into the database and service layers made the codebase harder to iterate on quickly, but eliminated a class of bugs where application-layer checks could be bypassed.
• Payout and refund flows were intentionally left as admin-managed manual operations — Moyasar requires government documentation to unlock automated disbursement, so rather than block the launch, payouts were handled by the admin dashboard with full visibility into pending requests.

Outcomes

• Delivered a 566-file, ~109k line TypeScript codebase with 21 feature modules, 200+ database migrations.
• Pricing engine correctly handled salary-tier classification, freelancer-type and company-segment multipliers, VAT, and revenue splits — all admin-configurable at runtime.
• ATS Kanban enforced 13 phase transitions with role-based rules and real-time chat between company and SME on each pipeline.
• Five Gemini AI workflows shipped: job description generation, PDF parsing, resume-to-profile extraction, candidate matching, and meeting summarization.

Artifacts

Technology