No-Access Screen
Component Detail
Description
Full-screen terminal route widget displayed when the authenticated user's role is not permitted to use the mobile application. Renders the organization logo, a clear human-readable explanation of why access is denied, a pointer to the admin portal, and a logout button.
no-access-screen-widget
Summaries
The No-Access Screen protects the organization from unauthorized mobile access by immediately informing blocked users—such as global administrators—that they must use the web portal instead. This component reduces support costs by providing a clear, branded explanation of access restrictions rather than leaving users confused by a generic error. It preserves the organization's professional image through consistent branding, improves security by prompting account switching, and ensures that the right tools reach the right people, reducing misuse risk and keeping workflows aligned with role-based governance policies.
This is a low-complexity UI component requiring one sprint cycle or less to implement and test. Its primary dependencies are the No-Access Logout Button, Admin Portal Link Display sub-components, and the Access Denial Service, which must be stable before integration testing can begin. Localization support is required for the denial message, so a translation pass must be scheduled. Accessibility testing (screen reader compatibility) is needed before release.
The component has no external API dependencies, reducing integration risk. Deployment is mobile-only and bundled with the main app release, requiring no separate infrastructure work.
NoAccessScreen is a stateless Flutter widget receiving an adminPortalUrl string parameter. It composes two sub-components: NoAccessLogoutButton (invokes shared logout handler via VoidCallback) and AdminPortalLinkDisplay (launches URL via url_launcher). The build() method renders the organization logo sourced from the design token system, a localized denial message, the admin portal link, and the logout button. It depends on access-denial-service to validate role-based access denial upstream.
The _onLogoutPressed() handler delegates to the shared authentication logout flow. No local state management is needed; the widget is purely presentational and driven by the router guard layer that navigates here when access is denied.
Responsibilities
- Render organization logo from design token system
- Display localized denial message explaining that global admins must use the web portal
- Show admin portal URL or instruction text
- Present a prominent logout button to allow the user to sign out
Interfaces
NoAccessScreen(adminPortalUrl: String)
build(BuildContext context)
_onLogoutPressed(BuildContext context)
Relationships
Sub-Components (2)
A clearly labelled logout button rendered on the no-access screen, triggering the shared logout flow so the user can switch accounts.
- Display a styled logout call-to-action
- Invoke the shared logout handler on tap
- Provide accessible label for screen readers
Widget that renders a tappable URL or instructional text directing the blocked user to the web-based admin portal. Handles URL launch and provides accessible affordances.
- Display the admin portal URL as tappable text or button
- Launch URL in external browser on tap
- Provide semantic label for screen reader accessibility