My Jet Pool — Private jet Uber

Private jet booking platform with three-tier access control and optimistic locking for double-booking prevention.

Tags: MobileAviationC2BB2BSocial
Tech Stack: C# PostgreSQL Redis
My Jet Pool — Private jet Uber

Introduction

My Jet Pool was a private jet booking platform — ‘Uber for private jets’ — connecting jet owners, operators, and travelers through a unified booking workflow. I built the complete backend: three-tier user management (admin, operators, customers), jet and flight schedule listings, seat availability and booking workflows, and real-time status updates across all stakeholder roles.

The Challenge & Solution

Two problems had to be solved simultaneously: double-booking prevention and hierarchical access control across three stakeholder roles. On the booking side, two customers confirming the same seat at nearly the same time is a race condition — optimistic locking in PostgreSQL ensured the second confirmer received a conflict error rather than a silent double-booking, with the application retrying on a different available seat. On the access control side, the three roles had fundamentally different resource scopes: admins managed the full platform, operators managed their own aircraft and schedules, and customers could only access their own bookings. PostgreSQL row-level security policies enforced these boundaries at the database layer, so a compromised operator token could not query another operator’s jets or customer data regardless of what the application code did.

Technologies & Architecture

  • C#: Multi-role API complexity — the booking workflow state machine (pending, confirmed, cancelled, completed) and the three-tier RBAC logic were implemented in C# where the type system made invalid state transitions compile-time errors rather than runtime surprises.
  • PostgreSQL: ACID transactions for booking confirmation with optimistic locking prevented double-booking races; row-level security policies enforced operator-scoped and customer-scoped data isolation at the database level.
  • Redis: Session caching for authenticated stakeholders and real-time dashboard state for operators monitoring live booking activity across their fleet — kept the dashboard responsive without polling the database on every update.

Key Highlights

  • Live check‑ins
  • Map view
  • Push notifications

Impact

Optimistic locking in PostgreSQL eliminated double-booking races without requiring pessimistic locks that would have serialised all booking confirmations under load. Row-level security made the three-tier access control structural — operator data isolation was enforced at the database layer, not reliant on application-level filtering that could have security gaps.

Visit Project