View Personal Statistics as a Peer Mentor Role

The personal stats view is a role-specific view of the statistics dashboard that shows only the authenticated peer mentor's data. It must use role-based access validation to ensure peer mentors cannot access coordinator-level aggregation data or other mentors' statistics. The view should present data in an encouraging, motivating manner aligned with the gamification goals outlined in the requirements. Access is controlled by the role-access-validator component which checks Supabase RLS policies.

HIGH story-activity-statistics-dashboard-peer-mentor-005 3 pts

Story Points

High

Priority

Activity Statistics Dashboard

Feature

User Story

As a Peer Mentor (Likeperson)

I want to access a dedicated personal statistics view showing only my own data without coordinator-level aggregations

So that I can focus on my own contribution and progress without being distracted by organizational-level data that I do not have the authority to act on

Audience Summaries

Role-scoped statistics views are a non-negotiable trust and compliance requirement for both NHF and HLF, organizations handling sensitive data about members with disabilities and health-related certifications. By enforcing that peer mentors see only their own statistics, the platform demonstrates GDPR-compliant data minimization and purpose limitation — directly reducing legal exposure for partner organizations. Beyond compliance, personal-only views create a psychologically safe environment where mentors engage authentically with their own performance data without social comparison anxiety, supporting the platform's gamification and motivation goals. Coordinators routing to an appropriately different dashboard view ensures each role receives contextually relevant information, improving decision quality across the organization and reinforcing the platform as a trusted operational tool rather than a surveillance mechanism.

This high-priority story sits at the intersection of security, access control, and UX, making it a cross-functional delivery with elevated risk. The role-access-validator component must correctly handle at least three routing cases: standard peer mentor, coordinator, and the edge case of a peer mentor who also holds the org-admin role. Dependencies on Supabase RLS policy configuration mean the backend team must finalize and test row-level security rules before frontend integration can be validated end-to-end. QA must include both positive access paths and negative security tests — verifying that direct API queries by a peer mentor return no unauthorized data.

Pull-to-refresh cache invalidation must be explicitly tested for stale-data scenarios. Stakeholder involvement from NHF and HLF data protection leads is advisable before launch to confirm GDPR alignment. Any delay in RLS policy finalization directly blocks acceptance testing for this story.

Implementation centers on the role-access-validator component reading the authenticated user's role from Supabase session context and routing to the correct dashboard variant — personal stats view for peer mentors, coordinator aggregate view for coordinators, with explicit handling for dual-role users (org-admin peer mentor). Supabase RLS policies must be configured on the stats-related tables to enforce server-side data isolation, ensuring that even direct queries from the client cannot surface another mentor's records. The personal stats view should pass the authenticated user's ID as a mandatory filter parameter on all Supabase queries, never relying solely on client-side filtering. Pull-to-refresh must invalidate the client-side cache (React Query, SWR, or equivalent) and trigger a fresh Supabase fetch.

Role routing logic should be unit-tested in isolation, and RLS enforcement should be covered by integration tests using separate test user accounts for each role. Avoid storing role assumptions in local state across sessions — always re-derive from the Supabase auth token on mount.

Acceptance Criteria

Given I am logged in as a peer mentor, When I navigate to the statistics screen, Then I see my personal statistics view and there is no option to view other mentors' data or organizational aggregations
Given I am viewing my personal stats, When I pull to refresh, Then the data reloads from Supabase and the cache is invalidated and updated
Given a coordinator is logged in and switches to the statistics tab, When they view the screen, Then they see the coordinator dashboard rather than the personal stats view
Given I am a peer mentor with the org-admin role, When I view the statistics screen, Then the role-access-validator correctly routes me to the appropriate view based on my active role
Given Supabase RLS policies are in place, When I attempt to query another mentor's stats directly, Then the query returns no data and the system does not expose unauthorized information

Business Value

Role-scoped statistics views are critical for data privacy compliance, particularly given that NHF handles sensitive information about members with disabilities and HLF processes certification and health-related data. Ensuring peer mentors only see their own data builds trust in the platform and satisfies GDPR requirements for data minimization and purpose limitation.

Components

Personal Peer Mentor Statistics View ui
Personal Statistics Service service
Role Access Validator service
Personal Statistics BLoC infrastructure
Stats Repository data
Supabase Stats Database Views infrastructure
Stats Cache Invalidator infrastructure
Statistics Cache Manager data

Dependencies

View Personal Activity Summary Cards high

Activity Statistics Dashboard

Related Feature

Peer Mentor (Likeperson)

User Role