PrimeStay
PRIMESTAY
STR Platform

What's new

A chronological log of new features, performance improvements and security fixes. We ship often, and small things make the list too.

Secure email change — industry-standard double-confirm

  • NewEmail address change now follows the Stripe / GitHub pattern — initiate from Settings → Profile, re-confirming with your current password. The system sends two separate links: a confirm link to the new address and a revoke notice to the old one. The email only changes once you confirm from the new address.
  • SecurityForensic block in the "your email is changing" notice email — IP address, approximate location (city, country) from the local GeoIP database, and a precise UTC timestamp. So you can recognise instantly whether you initiated the change.
  • SecurityOn confirmation, every active session across every device is signed out — you have to log in again everywhere, with the new email. This prevents an attacker who initiated the change from keeping their session when the email flips.
  • New"Change password urgently" button in the notice email, next to "Cancel the change" — if you know it was not you, you can both abort the change and trigger a password reset in one place.
  • SecurityPer-user security audit log — every sensitive action (requested / confirmed / revoked / cancelled / resent) is recorded internally for the upcoming Security page and forensic needs.

Financial polish: expense paidBy, form defaults, Settings split

  • NewExpense — new "paid by" field (Owner / Agency). When the owner paid the expense, it is deducted in their favour on the ledger; the agency-side analytics no longer counts it as a cost they bore.
  • NewTourism tax (boravišna taksa) as a first-class booking field — auto-recomputes on changes in nights or guest count, with an "Edit manually" toggle for exempt cases.
  • NewPer-platform default channel fee at the organisation level and per-property default cleaning fee — the booking form picks them up automatically so you do not retype the same number every time.
  • ImprovedSettings split into "Account" (personal profile + security + notifications) and "Agency" (organisation settings + team members + plan). Smaller screens, clearer structure.
  • ImprovedMaster toggle for all push notifications in Settings — one click disables / enables everything, granular preferences remain.
  • ImprovedOwner side: paidBy filter on the ledger (see only the expenses you actually paid), itemised owner-paid expenses with category + description, "Explain" modal rewritten in plain Serbian.
  • ImprovedBooking validation — nights count must match the date span between check-in and check-out (catches off-by-one bugs). Expenses and tasks detach from a booking if it moves to another property.
  • FixedMore stable billing state machine — TRIAL cancellation lands in the EXPIRED state, the plan-overflow check runs after subscription.created too, manual subscriptions expire at the end of their prepaid period, the Paddle subscription is cancelled before an org is deleted (no more "ghost" charges).
  • FixedfullName propagates immediately on login and profile edit — sidebar and mobile bar update instantly without a refresh.

Role-based security, sessions survive deploys (v2.7.x series)

  • SecuritySTAFF and OWNER roles are now strictly read-only across every write surface — they cannot create or edit bookings, expenses, tasks or properties without an ADMIN/MANAGER signing off. Multi-tenant boundary E2E tests cover every route (Session 3 Iter A and B).
  • SecurityMulti-mode financial regression — a locked fixture covers all calculation modes (PERCENTAGE, FIXED_RENT, FIXED_MONTHLY, SPLIT) so future cross-surface drift gets caught in CI (Session 4).
  • ImprovedYou no longer get logged out on every deploy — refresh tokens survive new releases (except in the rare cases where they really must be invalidated). A big UX win for anyone who got used to "something weird" happening on updates.
  • NewBooking override toggle — the "manually edit owner %" field is no longer always visible. Hidden behind an explicit toggle, with a warning if it is 0% (a suspicious value that often signals a data-entry error).
  • FixedDeploys no longer crash the VPS — the API and worker are stopped properly before npm install so memory is freed. Plus auto-rollback if a pre-flight check fails.

Push notifications, biometric unlock and Android polish

  • NewPush notifications on the mobile app — Android (FCM) and iOS (APNs via Firebase). You receive a lock-screen notification when there is a new booking, status change, cancellation, today's check-in/out, new task assignment or trial reminder. Tapping the notification opens the specific detail screen.
  • NewBiometric unlock — Face ID and Touch ID on iOS, fingerprint and face recognition on Android. The refresh token lives in the system secure storage (iOS Keychain, Android EncryptedSharedPreferences). Toggle in Settings → Security.
  • NewTrusted Devices — Settings section listing every active session per device with location (city/country from IP). One click revokes access from a remote device.
  • ImprovedSerious Android polish for Galaxy S10 and other older devices. No more grey strips around the status bar, the keyboard no longer covers form fields, calendar and forms feel native on touch.
  • ImprovedInfo icons (i) on Dashboard and Analytics now work on mobile — tap to see the formula explanation (Net profit, Platform fees, Gross revenue...).
  • ImprovedConsistent date picker — task Due date and expense Date now use the same calendar as booking dates (custom calendar instead of the OS-native picker).
  • FixedMobile login — when the keyboard opens, the password field is now reachable by scrolling above the keyboard.
  • FixedSmall i18n fix — "Booking history" wording corrected on the guest detail page.

Team invites, plan preselection and smarter notifications

  • NewTeam invite flow with email activation — new team members receive a personal invite link and set their own password. Admins no longer manage other people's passwords (the same security model Slack, Notion and Linear use).
  • NewDirect path from marketing site to subscription — clicking a plan on primestay.rs/pricing takes you straight into the app with the plan and cycle (monthly/yearly) already selected. After email verification and sign-in, the Paddle checkout opens automatically for the chosen plan.
  • FixedMore stable plan transitions between Starter / Pro / Business — fixed issues that could appear on certain upgrade/switch combinations.
  • NewRelative timestamps in notifications — "2 hours ago", "yesterday", "3 days ago" instead of absolute timestamps.
  • ImprovedSmarter check-in and check-out messages — if you do not open the app for a day, you will see "Check-in was yesterday" instead of a confusing "Check-in today".
  • NewInternational phone input with country search — 95 countries with flags, from the Balkans to the US and Asia, available in the guest and booking forms.
  • ImprovedTraffic-light plan usage indicator — the "X of 10 properties" bar changes colour (green / amber / red) as you approach the plan limit. The Business plan gets a dedicated premium treatment.
  • NewFinal preparations for App Store and Google Play — the mobile app acts as a companion to the web platform. Subscriptions are still managed from the web (Paddle as Merchant of Record).

Stability and performance

  • FixedFixed race conditions in booking creation — concurrent requests can no longer create double-bookings.
  • ImprovedMeaningful error toasts on mutations — users now see specific backend messages instead of a generic "Error".
  • ImprovedN+1 query fix in Owners and Payouts screens — dramatically faster for portfolios with 50+ properties.
  • SecurityDefensive check for null resetTokenExpiry on password reset.

Self-service organisation deletion

  • NewDanger Zone in Settings — ADMIN can permanently delete the organisation and all its data, with password and organisation-name re-entry.
  • ImprovedPrivacy Policy and Terms of Use updated with a mobile section and the required Apple EULA clauses.

Paddle verification and new pricing

  • NewPaddle account verified — preparing for the live cutover.
  • ImprovedNew pricing: Starter €9.99, Pro €24.99, Business €79.99 (monthly).
  • NewBusiness plan switched to self-service Paddle checkout (manual activation remains as a fallback).

Mobile app — Capacitor shell

  • NewWeb app wrapped in Capacitor 8 (iOS + Android). Phase 1 (viewport), 2 (haptics, status bar, keyboard, preferences, filesystem, share), and 3 (forms, tabbar) complete.
  • ImprovedStaging and production split into physically independent deploys on the VPS.

CI/CD and super-admin toolkit

  • NewGitHub Actions auto-deploy to staging on every push to the staging branch.
  • NewSuper-admin crisis toolkit: session invalidate-all, maintenance mode, org suspend/export, user impersonate, subscription reconcile.
  • FixedMobile Safari Paddle portal — synchronous blank window open instead of an async callback.

Subscription system complete

  • NewSubscriptionGuard, PlanLimitGuard, PlanFeatureGuard — full access control per plan.
  • NewPaddle checkout, webhook and customer portal integrated.
  • NewTrial cron, email notifications, PDF invoices, cancel-with-survey, reactivate subscription.
  • NewUpgradeModal with reasons: trial_expired, subscription_inactive, plan_limit_reached, feature_not_in_plan.
  • NewForgot password and reset password flow.

Property-level access control

  • NewUserProperty junction table — OWNER and STAFF only see properties assigned to them.
  • NewAuto-expense on booking — commission (%) and fixed monthly fee (€) are created automatically on each booking.
  • NewAnalytics: individual-month filter (last 13 months).

Guests and Directory

  • NewPhoneInput with country picker (Base UI, ISO badge).
  • NewDirectory — a central catalog of service contacts, with categories and filtering.
  • ImprovedPhone numbers normalised to digits-only storage.

MVP deploy

  • NewInitial public platform deploy. Session management, single-device login, query invalidation, dark/light favicon.