🏠 Overview 🎯 Features 🎯 Role-Based Access Control

Role-Based Access Control

Feature Detail

medium complexity extracted Authentication & Access Control Confidence: 100%
6
Components
198
Shared
18
User Stories
Yes
Analyzed

Description

The app enforces three primary roles — peer mentor (likeperson), coordinator, and organization admin — each with distinct UI views, navigation options, and data access permissions. Role assignment is managed in Supabase and resolved at login time. Home screen content, contact list views, and available actions all vary by role. Global admins (Norse Digital Products staff) have a no-access screen shown in the mobile app since their administration is performed via a separate admin portal. Role-switching capability exists as a shared widget for users who hold multiple roles.

Analysis

Business Value

Ensures users only see and access functionality relevant to their responsibilities, reducing cognitive load and preventing accidental data modification. Supports NHF's complex org structure (12 national associations, 9 regions, 1400 local chapters) and HLF's coordinator oversight requirements.

Implementation Notes

Role resolved from Supabase user metadata or a roles table post-login. Stored in app state (BLoC/Riverpod). StatefulShellRoute and bottom nav tabs rendered conditionally per role. No-access screen for global admin role on mobile. Role switch widget for multi-role users.

Components (204)

User Interface (2)

ui No-Access Screen low ui Role-Based Home Screen medium

Service Layer (1)

service Role Resolution Service medium

Data Layer (1)

data Role Repository medium

Infrastructure (2)

infrastructure Role-Based Route Guard medium infrastructure Supabase Role Data Provider low

Shared Components

These components are reused across multiple features

User Interface (59)

ui Role Switch Widget medium Shared ui Role-Aware Bottom Navigation medium Shared ui Activity Type Selection Screen low Shared ui Speech-to-Text Field Overlay medium Shared ui Receipt Capture Widget medium Shared ui Peer Mentor Single Selector low Shared ui Proxy Audit Badge Widget low Shared ui Export Period Picker low Shared ui Contact Card Widget low Shared ui Contact Search Bar low Shared ui Peer Mentor Card Widget low Shared ui Activity History List low Shared ui Multi-Chapter Affiliation Chip Widget medium Shared ui Certification Status Badge low Shared ui Duplicate Activity Warning Dialog medium Shared ui Mentor Multi-Select Widget medium Shared ui Map Filter Panel medium Shared ui Claim Status Badge low Shared ui Export Date Range Picker low Shared ui Custom Date Range Picker low Shared ui Duplicate Activity Warning Dialog low Shared ui Proxy Activity Form medium Shared ui Proxy Peer Mentor Selector medium Shared ui Expected Return Date Picker low Shared ui Pause Activation Screen low Shared ui Pause Status Indicator low Shared ui Admin KPI Stat Widget low Shared ui Organisation Hierarchy Navigator high Shared ui Bufdir Period Selector Widget low Shared ui Export History List medium Shared ui Activity Type Donut Chart medium Shared ui Monthly Activity Bar Chart medium Shared ui Statistics Period Filter Bar low Shared ui Statistics Summary Cards low Shared ui Notification Badge Widget low Shared ui Certificate Expiry Status Indicator low Shared ui Animated Stat Card Widget medium Shared ui In-App Notification Banner low Shared ui Accessible Modal Sheet Widget high Shared ui Live Region Announcer medium Shared ui Semantics Wrapper Widget medium Shared ui Sensitive Field Warning Dialog high Shared ui Confirm Before Submit Screen medium Shared ui Inline Contextual Help Widget low Shared ui Labelled Navigation Bar low Shared ui Plain Language Error Display low Shared ui Single-Action Screen Layout medium Shared ui Wizard Progress Indicator low Shared ui Accessible Text Style System medium Shared ui Accessible Touch Target Wrapper low Shared ui Contrast-Safe Color Palette Widget medium Shared ui Accessible Bottom Navigation Bar medium Shared ui Modal Close Button low Shared ui Persistent Back Button low Shared ui Vertical Scroll Container low Shared ui Organization Card Widget low Shared ui Terminology-Aware Text Widget low Shared ui FeatureGate Widget low Shared ui Chapter Switcher medium Shared

Service Layer (52)

service Authentication Service medium Shared service Authentication Session Manager medium Shared service Biometric Authentication Service medium Shared service Biometric Authentication Service medium Shared service Biometric Authentication Service medium Shared service Permission Checker Service medium Shared service Role State Manager medium Shared service No-Access Route Guard low Shared service Activity Type Metadata Resolver low Shared service Chapter Scope Resolver medium Shared service Organisation Hierarchy Resolver medium Shared service Coordinator Notification Service medium Shared service Duplicate Activity Detection Service high Shared service Mentor Filter Service low Shared service Receipt Threshold Validator low Shared service Approval Status Notification Service medium Shared service Threshold Evaluation Service medium Shared service Declaration Encryption Service high Shared service Organization Feature Flag Service low Shared service Participant Deduplication Service high Shared service Reporting Period Service medium Shared service Activity Attribution Service low Shared service Proxy Duplicate Detection Service medium Shared service Pause Management Service medium Shared service Pause Notification Service medium Shared service Admin Export Service medium Shared service Admin Row-Level Security Guard high Shared service Organisation Hierarchy Service high Shared service User Management Service high Shared service Role Access Validator low Shared service Peer Mentor Stats Aggregator medium Shared service Push Notification Dispatcher medium Shared service Notification Preference Service low Shared service Scenario Deep-Link Router medium Shared service Scenario Notification Content Builder medium Shared service Badge Criteria Integration medium Shared service Activity Summary Aggregator low Shared service Focus Management Service medium Shared service Screen Reader Detection Service medium Shared service Sensitive Field Privacy Guard high Shared service Plain Language Content Service medium Shared service Wizard State Manager medium Shared service Tab State Manager medium Shared service Organization Route Guard medium Shared service Tenant Context Service high Shared service Label Key Resolver Service low Shared service Organization Labels Notifier medium Shared service FeatureFlagProvider (Riverpod) medium Shared service Access Scope Service high Shared service Hierarchy Aggregation Service high Shared service Hierarchy Service high Shared service Unit Assignment Service medium Shared

Data Layer (33)

data Authentication Repository low Shared data Auth Token Store low Shared data Secure Session Storage low Shared data Activity Type Cache Provider medium Shared data Receipt Storage Adapter medium Shared data Proxy Contact List Provider low Shared data Contact Repository medium Shared data Contact Detail Repository medium Shared data Peer Mentor Repository low Shared data Mentor Status Repository low Shared data Contact Chapter Repository medium Shared data Contact Cache Sync Repository low Shared data Organisation Rate Configuration Repository low Shared data Multi-Organization Data Isolator medium Shared data Bufdir Aggregation Repository low Shared data Report File Storage Client low Shared data Certification Status Repository low Shared data Peer Mentor Status Repository medium Shared data Statistics Cache Manager low Shared data In-App Notification Repository low Shared data Pause Status Record Repository low Shared data Activity Aggregation Repository medium Shared data Notification Preferences Repository low Shared data Scenario Notification Repository medium Shared data Sensitive Field Configuration low Shared data Error Message Registry low Shared data Help Content Registry low Shared data Wizard Draft Repository low Shared data Design Token Provider medium Shared data Organization Repository medium Shared data Terminology Local Cache Adapter low Shared data Organization Unit Repository high Shared data Unit Assignment Repository medium Shared

Infrastructure (54)

infrastructure Keyboard-Aware Layout Utility low Shared infrastructure Supabase Auth Client low Shared infrastructure Deep Link / OAuth Redirect Handler medium Shared infrastructure Secure Storage Adapter low Shared infrastructure Supabase Session Manager medium Shared infrastructure URL Launcher Utility low Shared infrastructure Local Storage Adapter low Shared infrastructure Supabase Activity Client low Shared infrastructure Organization Labels Provider low Shared infrastructure Supabase Client low Shared infrastructure Organisation Field Config Loader medium Shared infrastructure Speech-to-Text Adapter medium Shared infrastructure File Download Handler low Shared infrastructure Duplicate Reviewed Flag Middleware low Shared infrastructure Contact RLS Query Builder low Shared infrastructure Contact Form Validator low Shared infrastructure Design Token Theme low Shared infrastructure Organization Labels Provider low Shared infrastructure Supabase Client Provider low Shared infrastructure Search Debounce Utility low Shared infrastructure Expense Type Analytics Tracker low Shared infrastructure Receipt Image Picker Integration low Shared infrastructure CSV / JSON File Generator medium Shared infrastructure Coordinator Role Guard low Shared infrastructure Nightly Job Scheduler medium Shared infrastructure Supabase RLS Policy Configuration high Shared infrastructure Export File Storage Adapter low Shared infrastructure Supabase Storage Adapter low Shared infrastructure Peer Mentor Pause Management Service medium Shared infrastructure Push Notification Service medium Shared infrastructure fl_chart Adapter medium Shared infrastructure Push Notification Service low Shared infrastructure FCM Push Notification Sender medium Shared infrastructure FCM Notification Dispatcher medium Shared infrastructure Push Notification Dispatcher medium Shared infrastructure Supabase Realtime Subscription Service medium Shared infrastructure Organisation Data Isolation Guard low Shared infrastructure Push Notification Dispatcher medium Shared infrastructure Deep Link Handler medium Shared infrastructure QR Code Generator low Shared infrastructure Share Sheet Bridge low Shared infrastructure Semantics Service Facade medium Shared infrastructure Accessibility Design Token Enforcer medium Shared infrastructure Accessible Theme Builder medium Shared infrastructure Navigation Route Configuration medium Shared infrastructure Accessibility Live Region Announcer low Shared infrastructure Feature Flag Provider low Shared infrastructure Secure Storage Adapter low Shared infrastructure Supabase RLS Tenant Scope Configurator medium Shared infrastructure Label Key Registry low Shared infrastructure Terminology Riverpod Providers low Shared infrastructure WCAG Semantics Label Resolver low Shared infrastructure Feature Flag Key Constants low Shared infrastructure RLS Policy Manager high Shared

User Stories (18)

Permission Check Before Sensitive Coordinator Actions
high 5 pts

As a As a Peer Mentor (Likeperson)

I want the app to verify my permissions before I execute sensitive actions such as bulk registrations or pause management

So that I am notified immediately if my permissions have changed (e.g., due to an admin action) rather than encountering a cryptic server error mid-flow

Acceptance Criteria
  • Given a coordinator attempts to initiate a bulk registration, When the permission checker determines their bulk registration permission is active, Then the action proceeds normally
  • Given a coordinator's bulk registration permission has been revoked by an admin since login, When the permission checker runs before the action, Then a clear error message is shown explaining the permission issue and no partial action is taken
  • Given the permission checker service is unavailable due to a network error, When a coordinator attempts a sensitive action, Then the app displays a retry prompt rather than proceeding without verification
  • +1 more
View Full Story →
Role Switch Between Coordinator and Peer Mentor
high 5 pts

As a As a Peer Mentor (Likeperson)

I want to switch between my coordinator and peer mentor roles within the same session without logging out

So that I can register my own peer mentor activities while also performing coordinator duties, using a single app session

Acceptance Criteria
  • Given a user holds both coordinator and peer mentor roles, When they open the role switch widget, Then both roles are listed as selectable options
  • Given a user selects the peer mentor role from the switch widget, When the switch completes, Then the home screen, bottom nav, and all role-gated UI elements update to peer mentor context
  • Given a user holds only one role, When they open the role switch widget, Then no switch option is shown and the widget informs them of their single role
  • +2 more
View Full Story →
Organization-Scoped Role Resolution Across Multiple Chapters
high 8 pts

As a As a Peer Mentor (Likeperson)

I want my coordinator permissions to be correctly scoped to the specific chapter or organizational unit I am responsible for

So that I cannot view or modify data belonging to other chapters I do not administer, ensuring data privacy across the organization hierarchy

Acceptance Criteria
  • Given a coordinator is assigned to Chapter A, When they load the contacts list, Then only contacts associated with Chapter A are returned
  • Given a coordinator attempts to access a peer mentor from Chapter B via a direct URL, When the data query executes, Then Supabase RLS policies return no data and the screen shows an appropriate empty state
  • Given a coordinator is assigned to multiple chapters, When they select their active chapter context, Then data and actions are scoped to the selected chapter only
  • +2 more
View Full Story →
Permission Check Before Sensitive Coordinator Actions
high 5 pts

As a As a Coordinator

I want the app to verify my permissions before I execute sensitive actions such as bulk registrations or pause management

So that I am notified immediately if my permissions have changed (e.g., due to an admin action) rather than encountering a cryptic server error mid-flow

Acceptance Criteria
  • Given a coordinator attempts to initiate a bulk registration, When the permission checker determines their bulk registration permission is active, Then the action proceeds normally
  • Given a coordinator's bulk registration permission has been revoked by an admin since login, When the permission checker runs before the action, Then a clear error message is shown explaining the permission issue and no partial action is taken
  • Given the permission checker service is unavailable due to a network error, When a coordinator attempts a sensitive action, Then the app displays a retry prompt rather than proceeding without verification
  • +1 more
View Full Story →
Role Switch Between Coordinator and Peer Mentor
high 5 pts

As a As a Coordinator

I want to switch between my coordinator and peer mentor roles within the same session without logging out

So that I can register my own peer mentor activities while also performing coordinator duties, using a single app session

Acceptance Criteria
  • Given a user holds both coordinator and peer mentor roles, When they open the role switch widget, Then both roles are listed as selectable options
  • Given a user selects the peer mentor role from the switch widget, When the switch completes, Then the home screen, bottom nav, and all role-gated UI elements update to peer mentor context
  • Given a user holds only one role, When they open the role switch widget, Then no switch option is shown and the widget informs them of their single role
  • +2 more
View Full Story →
Organization-Scoped Role Resolution Across Multiple Chapters
high 8 pts

As a As a Coordinator

I want my coordinator permissions to be correctly scoped to the specific chapter or organizational unit I am responsible for

So that I cannot view or modify data belonging to other chapters I do not administer, ensuring data privacy across the organization hierarchy

Acceptance Criteria
  • Given a coordinator is assigned to Chapter A, When they load the contacts list, Then only contacts associated with Chapter A are returned
  • Given a coordinator attempts to access a peer mentor from Chapter B via a direct URL, When the data query executes, Then Supabase RLS policies return no data and the screen shows an appropriate empty state
  • Given a coordinator is assigned to multiple chapters, When they select their active chapter context, Then data and actions are scoped to the selected chapter only
  • +2 more
View Full Story →
Permission Check Before Sensitive Coordinator Actions
high 5 pts

As a As a Organization Administrator

I want the app to verify my permissions before I execute sensitive actions such as bulk registrations or pause management

So that I am notified immediately if my permissions have changed (e.g., due to an admin action) rather than encountering a cryptic server error mid-flow

Acceptance Criteria
  • Given a coordinator attempts to initiate a bulk registration, When the permission checker determines their bulk registration permission is active, Then the action proceeds normally
  • Given a coordinator's bulk registration permission has been revoked by an admin since login, When the permission checker runs before the action, Then a clear error message is shown explaining the permission issue and no partial action is taken
  • Given the permission checker service is unavailable due to a network error, When a coordinator attempts a sensitive action, Then the app displays a retry prompt rather than proceeding without verification
  • +1 more
View Full Story →
Role Switch Between Coordinator and Peer Mentor
high 5 pts

As a As a Organization Administrator

I want to switch between my coordinator and peer mentor roles within the same session without logging out

So that I can register my own peer mentor activities while also performing coordinator duties, using a single app session

Acceptance Criteria
  • Given a user holds both coordinator and peer mentor roles, When they open the role switch widget, Then both roles are listed as selectable options
  • Given a user selects the peer mentor role from the switch widget, When the switch completes, Then the home screen, bottom nav, and all role-gated UI elements update to peer mentor context
  • Given a user holds only one role, When they open the role switch widget, Then no switch option is shown and the widget informs them of their single role
  • +2 more
View Full Story →
Organization-Scoped Role Resolution Across Multiple Chapters
high 8 pts

As a As a Organization Administrator

I want my coordinator permissions to be correctly scoped to the specific chapter or organizational unit I am responsible for

So that I cannot view or modify data belonging to other chapters I do not administer, ensuring data privacy across the organization hierarchy

Acceptance Criteria
  • Given a coordinator is assigned to Chapter A, When they load the contacts list, Then only contacts associated with Chapter A are returned
  • Given a coordinator attempts to access a peer mentor from Chapter B via a direct URL, When the data query executes, Then Supabase RLS policies return no data and the screen shows an appropriate empty state
  • Given a coordinator is assigned to multiple chapters, When they select their active chapter context, Then data and actions are scoped to the selected chapter only
  • +2 more
View Full Story →
Role-Aware Bottom Navigation Tabs
critical 3 pts

As a As a Peer Mentor (Likeperson)

I want to see only the navigation tabs that are relevant to my coordinator role

So that the bottom navigation is uncluttered and I am not distracted by tabs I cannot or should not use

Acceptance Criteria
  • Given a coordinator is logged in, When the bottom navigation renders, Then exactly the coordinator-permitted tabs are visible and no admin-only tabs appear
  • Given a coordinator switches to a peer mentor role using the role switch widget, When the switch completes, Then the bottom navigation updates to show peer mentor tabs
  • Given a coordinator is on the Contacts tab and navigates to a contact detail then back, When they return to the tab, Then their scroll position and list state are preserved
  • +1 more
View Full Story →
Role-Specific Home Screen After Login
critical 5 pts

As a As a Peer Mentor (Likeperson)

I want to land on a home screen tailored to my coordinator role immediately after logging in

So that I can access my most relevant tools and information without navigating away from an irrelevant default screen

Acceptance Criteria
  • Given a user with the coordinator role logs in, When role resolution completes, Then the coordinator-specific home screen is displayed without any additional navigation steps
  • Given a user has multiple roles, When they switch roles using the role switch widget, Then the home screen updates to reflect the newly selected role
  • Given a user's role is revoked between sessions, When they log in again, Then the no-access screen is shown instead of the coordinator home screen
  • +1 more
View Full Story →
Route-Level Access Enforcement for Coordinator Screens
critical 5 pts

As a As a Peer Mentor (Likeperson)

I want to be prevented from accidentally navigating to screens that belong to other roles

So that I only interact with functionality appropriate for my role, and sensitive peer mentor or admin screens are not inadvertently accessible

Acceptance Criteria
  • Given a coordinator is authenticated, When they attempt to navigate to a route permitted only for admins, Then they are redirected to the no-access screen
  • Given a coordinator is on the no-access screen, When it renders, Then it displays a human-readable explanation and an option to contact support or switch roles
  • Given a coordinator navigates to a route they are permitted to access, When the route guard evaluates, Then navigation proceeds without interruption
  • +1 more
View Full Story →
Role-Aware Bottom Navigation Tabs
critical 3 pts

As a As a Coordinator

I want to see only the navigation tabs that are relevant to my coordinator role

So that the bottom navigation is uncluttered and I am not distracted by tabs I cannot or should not use

Acceptance Criteria
  • Given a coordinator is logged in, When the bottom navigation renders, Then exactly the coordinator-permitted tabs are visible and no admin-only tabs appear
  • Given a coordinator switches to a peer mentor role using the role switch widget, When the switch completes, Then the bottom navigation updates to show peer mentor tabs
  • Given a coordinator is on the Contacts tab and navigates to a contact detail then back, When they return to the tab, Then their scroll position and list state are preserved
  • +1 more
View Full Story →
Role-Specific Home Screen After Login
critical 5 pts

As a As a Coordinator

I want to land on a home screen tailored to my coordinator role immediately after logging in

So that I can access my most relevant tools and information without navigating away from an irrelevant default screen

Acceptance Criteria
  • Given a user with the coordinator role logs in, When role resolution completes, Then the coordinator-specific home screen is displayed without any additional navigation steps
  • Given a user has multiple roles, When they switch roles using the role switch widget, Then the home screen updates to reflect the newly selected role
  • Given a user's role is revoked between sessions, When they log in again, Then the no-access screen is shown instead of the coordinator home screen
  • +1 more
View Full Story →
Route-Level Access Enforcement for Coordinator Screens
critical 5 pts

As a As a Coordinator

I want to be prevented from accidentally navigating to screens that belong to other roles

So that I only interact with functionality appropriate for my role, and sensitive peer mentor or admin screens are not inadvertently accessible

Acceptance Criteria
  • Given a coordinator is authenticated, When they attempt to navigate to a route permitted only for admins, Then they are redirected to the no-access screen
  • Given a coordinator is on the no-access screen, When it renders, Then it displays a human-readable explanation and an option to contact support or switch roles
  • Given a coordinator navigates to a route they are permitted to access, When the route guard evaluates, Then navigation proceeds without interruption
  • +1 more
View Full Story →
Role-Aware Bottom Navigation Tabs
critical 3 pts

As a As a Organization Administrator

I want to see only the navigation tabs that are relevant to my coordinator role

So that the bottom navigation is uncluttered and I am not distracted by tabs I cannot or should not use

Acceptance Criteria
  • Given a coordinator is logged in, When the bottom navigation renders, Then exactly the coordinator-permitted tabs are visible and no admin-only tabs appear
  • Given a coordinator switches to a peer mentor role using the role switch widget, When the switch completes, Then the bottom navigation updates to show peer mentor tabs
  • Given a coordinator is on the Contacts tab and navigates to a contact detail then back, When they return to the tab, Then their scroll position and list state are preserved
  • +1 more
View Full Story →
Role-Specific Home Screen After Login
critical 5 pts

As a As a Organization Administrator

I want to land on a home screen tailored to my coordinator role immediately after logging in

So that I can access my most relevant tools and information without navigating away from an irrelevant default screen

Acceptance Criteria
  • Given a user with the coordinator role logs in, When role resolution completes, Then the coordinator-specific home screen is displayed without any additional navigation steps
  • Given a user has multiple roles, When they switch roles using the role switch widget, Then the home screen updates to reflect the newly selected role
  • Given a user's role is revoked between sessions, When they log in again, Then the no-access screen is shown instead of the coordinator home screen
  • +1 more
View Full Story →
Route-Level Access Enforcement for Coordinator Screens
critical 5 pts

As a As a Organization Administrator

I want to be prevented from accidentally navigating to screens that belong to other roles

So that I only interact with functionality appropriate for my role, and sensitive peer mentor or admin screens are not inadvertently accessible

Acceptance Criteria
  • Given a coordinator is authenticated, When they attempt to navigate to a route permitted only for admins, Then they are redirected to the no-access screen
  • Given a coordinator is on the no-access screen, When it renders, Then it displays a human-readable explanation and an option to contact support or switch roles
  • Given a coordinator navigates to a route they are permitted to access, When the route guard evaluates, Then navigation proceeds without interruption
  • +1 more
View Full Story →