Overview#
Six investigators from three different units are working a complex organised crime case simultaneously. One is updating the financial analysis; another is working the communications evidence; a third is coordinating with prosecutors. Without real-time collaboration tools, they pass files by email, overwrite each other's notes, and lose track of who owns which tasks.
The Collaboration domain replaces that fragmented workflow with a shared operational environment. War room notes, task assignments, real-time activity feeds, and conflict-safe editing give investigation teams the coordination infrastructure they need to work as a unit rather than as parallel individuals.
Key Features#
- War room notes with rich text, priority levels, @-mentions, and file attachments.
- Task management with subtasks, assignments, priorities, due dates, and labels.
- @-mention system with real-time notifications and unread badge counts.
- Comprehensive activity log tracking all collaboration actions with audit trail.
- Pessimistic entity locking for concurrent editing with automatic expiration.
- Real-time cursor position sharing for collaborative editing awareness.
- Multi-tenancy with organisation-level isolation and RBAC integration.
- WebSocket-based live updates for presence and activity feeds.
Use Cases#
Investigation teams coordinate in real-time war rooms during active investigations, with notes, tasks, and activity feeds keeping every team member aligned regardless of their physical location.
Law enforcement joint operations assign tasks across team members with due dates and priority levels, creating an accountable task record that supervisors can monitor without interrupting investigators mid-work.
Concurrent document editing teams use entity locking to prevent conflicting changes, with automatic lock expiration ensuring that abandoned sessions do not block other team members indefinitely.
Cross-agency investigation coordination uses @-mentions to draw specific individuals into threads without broadcasting to the entire team, keeping communication targeted and reducing notification noise.
Integration#
Integrates with investigation management for context, user management for authentication, notification system for alerts, and WebSocket infrastructure for real-time updates.
Open Standards#
- RFC 6455 (WebSocket Protocol): Real-time presence awareness, cursor-position sharing, typed event broadcasting, and live activity feeds are all delivered over persistent WebSocket connections conforming to this standard.
- GraphQL (June 2018 specification): All war room queries and mutations (notes, tasks, subtasks, entity locks, mentions, and activities) are exposed through a typed GraphQL API implemented with the Strawberry library.
- RFC 7519 (JSON Web Tokens): Every GraphQL field and mutation is gated behind JWT-based authentication; the service issues and verifies RS256 tokens, and the
IsAuthenticatedpermission class validates the Bearer token on each request. - ISO 8601 / RFC 3339: All timestamps across notes, tasks, locks, cursors, and activity log entries are serialised in UTC ISO 8601 format, ensuring interoperability with external consumers of the API.
- RFC 4122 (UUID): Every collaboration entity (notes, tasks, subtasks, locks, mentions, activities) is uniquely identified by a version-4 UUID, preventing key collisions across tenants.
- RFC 8259 (JSON): WebSocket event payloads, JSONB database columns (labels, attachments, mention lists, activity details), and GraphQL scalar fields all use JSON as the canonical serialisation format.
- NIST RBAC (Role-Based Access Control): All collaboration operations enforce multi-tenant, role-based access control; every query and mutation checks the caller's organisation-scoped role via
can_read_investigationandcan_write_investigationbefore returning or modifying data.
Last Reviewed: 2026-02-05 Last Updated: 2026-04-14