Role capabilities

Enforced at server, not just in the UI
Staff
  • Move-in / move-out
  • Post payments (manual, offline)
  • Issue refunds < ¥50,000
  • Add charges / invoices
  • Edit billing rules
  • Manage users
Manager STAFF +
  • Everything staff can do
  • Issue refunds ≥ ¥50,000
  • Override rent / discounts
  • View all reports
  • Edit billing rules
  • Manage users
Admin MANAGER + MFA required
  • Everything manager can do
  • Locations, Unit Types
  • Billing Cycle Rules
  • Users & roles
  • Stripe / email / integrations
  • Audit log (read-only)
Users
User Role Location scope MFA Last login Status
SK
Sato Kenji
sato.k@shunopro.jp
 Admin All locations TOTP enabled 2026-04-23 08:14 Active
TM
Tanaka Mei
tanaka.m@shunopro.jp
 Manager Naha Main, Okinawa City TOTP enabled 2026-04-23 07:02 Active
YH
Yamada Hana
yamada.h@shunopro.jp
 Staff Chibana Not set 2026-04-22 16:40 Active
NR
Nakamoto Ren
nakamoto.r@shunopro.jp
 Staff Misato TOTP enabled 2026-04-21 11:08 Active
IT
Ito Takumi
ito.t@shunopro.jp
 Staff Naha Main 2025-11-02 14:22 Deactivated
Session policy
Active session: 8 hours
Remember-me: 30 days (rotating refresh)
Idle timeout: 30 minutes
Password policy
Minimum length: 12 characters
Breach check: haveibeenpwned
Rate limit: 5 / 15 min per email + IP
Audit
Retention: indefinite
Append-only enforced at DB grant level
Open audit log →