Register Proxy Activity Only for Contacts Within My Assigned Chapter Scope

• Given the coordinator enters the proxy registration flow, when the peer mentor list loads, then only peer mentors whose primary or secondary chapter assignment matches the coordinator's active chapter are shown
• Given a coordinator with multi-chapter access, when they enter the proxy flow, then they are prompted to select an active chapter context before the peer mentor list is shown
• Given the coordinator attempts to submit a proxy registration via the API with a peer mentor ID outside their scope, when the backend processes the request, then RLS policies reject the insert and return a permission error
• Given the coordinator switches their active chapter context, when they return to the proxy flow, then the peer mentor list refreshes to reflect the newly selected chapter
• Given the coordinator's chapter assignment changes while they have the proxy flow open, when they attempt to submit, then the system re-validates scope and surfaces an error if the scope is no longer valid

Cross-chapter data pollution is a direct risk in multi-chapter organisations like NHF with 1,400 local chapters. If coordinators could register proxy activities outside their scope, it would corrupt chapter-level statistics, misattribute Bufdir-reportable activities, and breach data privacy obligations under GDPR for sensitive peer mentor contact data. Enforcing scope at both client and database level is a non-negotiable data integrity requirement.

• Coordinator Role Guard infrastructure
• Proxy Contact List Provider data
• Permission Checker Service service
• Role Repository data
• Contact RLS Query Builder infrastructure
• Access Scope Service service
• RLS Policy Manager infrastructure
• Supabase RLS Tenant Scope Configurator infrastructure
• Active Chapter State (BLoC) service
• Chapter Switcher ui
• Hierarchy Service service