Access Previously Submitted Receipt for Reference
From the expense claim history or claim status screen, the peer mentor can tap on a submitted claim to view its details, including the attached receipt image. The receipt is loaded via a time-limited signed URL from Supabase Storage. The image is displayed in a full-screen modal with pinch-to-zoom support. This allows the peer mentor to self-service verify their submission without contacting the coordinator, reducing unnecessary communication overhead. Access is restricted to the peer mentor who submitted the claim and authorized coordinators.
User Story
Audience Summaries
Providing peer mentors read access to their own submitted receipts is a trust and transparency feature that reduces operational overhead for coordinators and strengthens audit compliance. When mentors cannot verify what they submitted, they route queries to coordinators — creating unnecessary communication load that scales poorly as program enrollment grows. Self-service receipt access eliminates this friction point. For Bufdir reporting and organizational audit requirements, a complete and accessible receipt trail visible to both submitter and approver demonstrates program accountability and financial transparency.
The absence of this capability would be perceived as a notable gap compared to standard expense management tools, potentially affecting mentor confidence in the platform and organizational willingness to mandate its use. This is a retention and trust feature with direct compliance implications.
Delivery complexity is moderate. The primary dependency is the receipt capture story (story-receipt-capture-and-attachment-peer-mentor-004) and an established Supabase Storage configuration with row-level security policies. Key deliverables include: claim detail screen enhancements to display receipt thumbnails, a full-screen image modal with pinch-to-zoom gesture support, signed URL generation logic with automatic refresh on expiry, and RLS enforcement ensuring cross-user access is blocked at the data layer. UAT must cover expired URL scenarios, storage error states, and unauthorized access attempts.
Testing should include devices with varying screen sizes to validate modal and zoom UX. Stakeholder sign-off should include a coordinator to confirm they can also access receipts for claims under their purview. Rollout is low risk — this is additive read-only functionality with no write-path changes.
On the claim detail screen, fetch the receipt storage path from the claim record and call Supabase Storage's `createSignedUrl()` to generate a time-limited URL for display. Do not store signed URLs persistently — always generate on demand to avoid serving expired links. Implement auto-refresh: if the URL fetch returns a 400/403 (expired), silently regenerate before rendering the modal. The full-screen modal should use a gesture-capable image viewer (e.g., react-native-image-zoom-viewer or equivalent) supporting pinch-to-zoom and dismiss-on-swipe.
RLS policies on the Supabase Storage bucket must restrict object access to the submitting user's UID and coordinator roles — enforce this at the storage policy level, not just in application code. Handle the deleted/missing object case gracefully with a descriptive error message rather than a broken image state. Ensure the thumbnail in the claim list view uses a smaller signed URL with a short TTL to reduce bandwidth. No local caching of receipt images is needed for this read-only flow.
Acceptance Criteria
- Given I have submitted an expense claim with a receipt, When I navigate to my expense history and open the claim, Then the receipt thumbnail is visible in the claim detail view
- Given I tap the receipt thumbnail on a submitted claim, When the image loads, Then a full-screen modal opens with the receipt image
- Given the full-screen modal is open, When I pinch the image, Then I can zoom in to read receipt details
- Given the signed URL has expired, When I open the receipt modal, Then a new signed URL is generated automatically and the image loads without me needing to take any action
- Given I am viewing a claim submitted by a different peer mentor, When I attempt to access the receipt, Then access is denied and no image is shown (RLS enforced)
- Given the receipt image cannot be loaded (deleted or storage error), When I open the claim detail, Then a clear message is shown instead of a broken image placeholder
Business Value
Giving peer mentors read access to their own submitted receipts reduces the volume of coordinator queries ('what did I submit?') and builds trust in the system. For audit and compliance purposes (Bufdir reporting), having an auditable receipt trail accessible to the submitter and approver ensures transparency. This is standard behaviour in expense management tools and its absence would be perceived as a gap.
Components
- Receipt Thumbnail Preview Widget ui
- Receipt Attachment Service service
- Claim Receipt Repository data
- Receipt Storage Repository data
- Signed URL Service service
- Supabase Storage Adapter infrastructure
- Claim Status Badge ui
- Claim Status Audit Timeline ui