🏠 Overview 💾 Data Models 🗄️ Organisation Label

Organisation Label

Data Entity

configuration PK: id 8 required 1 unique

Description

Stores organisation-specific display labels used when warning a user or nearby listeners before a screen reader vocalises sensitive field content. Allows each organisation (NHF, Blindeforbundet, HLF) to customise the terminology and phrasing shown in the sensitive field warning banner for their user context.

10
Attributes
4
Indexes
7
Validation Rules
17
CRUD Operations

Data Structure

Name Type Description Constraints
id uuid Surrogate primary key, generated server-side on insert
PKrequiredunique
organisation_id uuid Foreign key referencing the organisation that owns this label override. Scopes the record to a single tenant (NHF, Blindeforbundet, or HLF).
required
field_id string Identifier of the sensitive field definition this label applies to. References the logical field key stored in sensitive_field_definitions (e.g., 'address', 'medical_history', 'contact_details'). Not a UUID FK — uses the canonical string key so label lookups can be done without a join.
required
language_code string BCP 47 language tag for the locale this label applies to (e.g., 'nb' for Norwegian Bokmål, 'nn' for Nynorsk, 'en' for English). Allows multi-language label sets per organisation per field.
required
label_text text The full warning message displayed in the sensitive field warning banner before screen reader vocalisation. Written in plain language tailored to the organisation's user population. Must clearly communicate that sensitive content is about to be read aloud and nearby listeners may hear it.
required
short_label string Optional abbreviated version of the warning label for compact UI contexts (e.g., banner titles, toast messages). Falls back to a truncation of label_text when absent.
-
is_active boolean Soft-disable flag. When false the system falls back to the default system label for this field, allowing an organisation to temporarily revert without deleting their customisation.
required
created_at datetime UTC timestamp of row creation, set automatically by the database.
required
updated_at datetime UTC timestamp of the last modification. Updated by a database trigger on every UPDATE. Used by the terminology sync service to detect stale cached labels.
required
updated_by uuid User ID of the admin or coordinator who last modified this label entry. Stored for audit traceability.
-

Database Indexes

idx_organisation_label_org_field_lang
btree unique

Columns: organisation_id, field_id, language_code

idx_organisation_label_org_id
btree

Columns: organisation_id

idx_organisation_label_field_id
btree

Columns: field_id

idx_organisation_label_updated_at
btree

Columns: organisation_id, updated_at

Validation Rules

label_text_non_empty error

Validation failed

label_text_max_length error

Validation failed

short_label_max_length error

Validation failed

language_code_bcp47_format error

Validation failed

field_id_snake_case_format error

Validation failed

organisation_id_active_organisation error

Validation failed

updated_by_authenticated_user error

Validation failed

Business Rules

unique_label_per_org_field_language
on_create

Each combination of (organisation_id, field_id, language_code) must be unique. An organisation may have exactly one active custom label per sensitive field per locale. Enforced by the unique index idx_organisation_label_org_field_lang.

org_scoped_label_ownership
always

An organisation may only create, read, update, or delete label rows where organisation_id matches the authenticated user's organisation claim. Enforced through Supabase RLS policies keyed on the JWT's org claim.

field_id_must_reference_known_sensitive_field
on_create

The field_id value must correspond to a field key registered in sensitive_field_definitions. Labels for unknown field keys are rejected to prevent orphaned configuration records.

inactive_label_falls_back_to_default
always

When is_active = false, the sensitive field warning system must use the built-in system default label for that field, not the organisation-specific text. This ensures the warning is never silently suppressed.

cache_invalidated_on_label_change
on_update

Any INSERT, UPDATE, or DELETE on organisation_label must trigger invalidation of the in-memory and local-storage label cache held by org-labels-provider and terminology-cache-adapter so that the updated warning text is reflected in the app within the next session start or sync cycle.

label_text_must_communicate_listener_risk
on_create

Label text must be reviewed by an organisation admin before activation. The system cannot automatically validate that the text is appropriate, but the minimum-length constraint (10 characters) prevents trivially empty or cryptic warnings.

default_language_nb_required
on_create

Every organisation must have at least one active label in language_code 'nb' (Norwegian Bokmål) for each customised field_id before labels for other language codes are accepted. This ensures a fallback is always available for the primary user base.

CRUD Operations

create allowed
read allowed
update allowed
delete allowed

Storage Configuration

Storage Type
lookup_table
Location
main_db
Partitioning
No Partitioning
Retention
Permanent Storage

Entity Relationships

organisation_configuration
incoming one_to_many

Organisation configuration embeds the full terminology label map whose individual entries are logically represented as organisation_label records

optional cascade delete

Components Managing This Entity

infrastructure Organization Labels Provider ["mobile"] infrastructure Organization Labels Provider ["frontend","mobile"] data Admin Data Repository ["backend"] service User Management Service ["backend"] data Sensitive Field Configuration ["mobile"] service Sensitive Field Privacy Guard ["mobile"] ui Sensitive Field Warning Dialog ["mobile"] data Terminology Local Cache Adapter ["mobile"] data Terminology Repository ["mobile"] service Organization Labels Notifier ["mobile"] service Terminology Sync Service ["mobile"]