Organization-Scoped Role Resolution Across Multiple Chapters

• Given a coordinator is assigned to Chapter A, When they load the contacts list, Then only contacts associated with Chapter A are returned
• Given a coordinator attempts to access a peer mentor from Chapter B via a direct URL, When the data query executes, Then Supabase RLS policies return no data and the screen shows an appropriate empty state
• Given a coordinator is assigned to multiple chapters, When they select their active chapter context, Then data and actions are scoped to the selected chapter only
• Given a coordinator's chapter assignment changes in the backend, When they next open the app or refresh their session, Then their scoped data view updates to reflect the new assignment
• Given duplicate activity detection runs across chapters (NHF requirement), When the system checks for duplicates, Then it queries across all chapters a coordinator manages without exposing other coordinators' chapter data

Data isolation between organizational chapters is a hard requirement given the sensitive personal information (health status, contact details, encrypted assignment data) stored in the system. Without proper org-scoped role resolution, a coordinator could inadvertently access or modify another chapter's member data, violating GDPR and the organizations' trust agreements.

• Role Resolution Service service
• Role Repository data
• Supabase Role Data Provider infrastructure
• Permission Checker Service service
• Access Scope Service service
• RLS Policy Manager infrastructure
• Active Chapter State (BLoC) service
• Hierarchy Structure Validator infrastructure

• Role-Specific Home Screen After Login critical
• Permission Check Before Sensitive Coordinator Actions high