Restrict Proxy Registration to Peer Mentors Within My Chapter Scope

Organizations such as NHF have complex hierarchies with up to 1,400 local chapters. A coordinator must only be able to register activities for the peer mentors they are responsible for. The proxy contact list provider must apply Row Level Security filtering to ensure the coordinator's chapter scope is enforced at the data layer, not just the UI layer. If a coordinator has multi-chapter access, all mentors across their assigned chapters should be available, clearly labeled by chapter. The coordinator role guard must block access to the proxy registration flow for users without the coordinator role.

CRITICAL story-proxy-bulk-activity-registration-coordinator-007 5 pts

Story Points

Critical

Priority

Proxy & Bulk Activity Registration

Feature

User Story

As a Coordinator

I want the proxy mentor selection list to show only peer mentors assigned to my chapter or unit

So that I cannot accidentally register activities for peer mentors outside my area of responsibility, and data remains properly scoped to the correct organizational unit

Acceptance Criteria

Given I am a coordinator assigned to Chapter Oslo East, when I open the proxy mentor selector, then only peer mentors assigned to Chapter Oslo East are shown
Given I am a coordinator with access to two chapters (Oslo East and Oslo West), when I open the proxy mentor selector, then mentors from both chapters are shown with a chapter label on each card
Given a peer mentor is not in my chapter, when I attempt to register a proxy activity for them via direct URL manipulation, then the API returns a 403 error and no record is created
Given I am logged in with a peer mentor role, when I attempt to access the proxy registration flow, then the coordinator role guard redirects me to the no-access screen
Given a peer mentor has been transferred to another chapter, when I view the proxy mentor selector, then they no longer appear in my list and any templates including them exclude that mentor with a notification

Business Value

Unauthorized cross-chapter activity registration would constitute a data governance failure, violating the organizational trust structures that underpin multi-tenant deployments. For organizations with strict hierarchical reporting (NHF with 12 national associations, 9 regions, 1,400 chapters), a coordinator registering activities for mentors outside their scope would corrupt statistics, create false reporting at higher organizational levels, and undermine the validity of Bufdir submissions. Security and data isolation at the chapter level is a foundational requirement for regulatory compliance and organizational trust.

Components

Coordinator Role Guard infrastructure
Proxy Contact List Provider data
Permission Checker Service service
Supabase Role Data Provider infrastructure
Role-Based Route Guard infrastructure
Role Resolution Service service
Role State Manager service
Contact RLS Query Builder infrastructure
Activity Attribution Service service
Activity Attribution Validator service
Proxy Activity Repository data
Proxy Activity Data Models data

Proxy & Bulk Activity Registration

Related Feature

Coordinator

User Role