🏠 Overview 🎯 Features 🎯 Role-Based Access Control

Role-Based Access Control

Feature Detail

medium complexity extracted Authentication & Access Control Confidence: 100%
2
Components
58
Shared
0
User Stories
Yes
Analyzed

Description

This feature enforces the four-role access model (Peer Mentor, Coordinator, Organization Administrator, Global Administrator) across all mobile screens and API endpoints. A Role Guard Service evaluates the authenticated user's role and organization context on every navigation event, blocking access to screens outside the user's permission scope. A dedicated No-Access screen is shown to roles that have no mobile access (e.g., Global Administrator, who is redirected to the admin panel). An Auth Middleware on the backend validates role claims on every API request.

User Flow

Role-Based Access Control user flow
Click to expand

Analysis

Business Value

Role-based access control is the security foundation that makes multi-organization multi-role operation safe and correct. Without it, peer mentors could access coordinator tools, coordinators could view other organizations' data, and the entire data isolation model collapses. The four-role model directly maps to the organizational hierarchy of all partner organizations and drives role-specific home screens, navigation items, and feature availability. Correct RBAC also ensures compliance with GDPR data minimization principles — users only see data relevant to their role and organization context.

Implementation Notes

Role claims are embedded in the JWT issued at login and validated server-side on every request by the Auth Middleware (Next.js middleware layer). The Flutter Role Guard Service is a Riverpod provider that reads the current user's role from state and exposes a permission-checking API consumed by all navigators and conditional UI builders. The Permissions Repository caches the role-permission matrix locally for offline access. Navigation guards are implemented as route-level checks in the GoRouter configuration, redirecting unauthorized access to the No-Access screen. The no-access screen provides a clear message and a link to the web admin panel for Global Administrators.

Components (60)

User Interface (1)

ui No-Access Screen low

Data Layer (1)

data Permissions Repository medium

Shared Components

These components are reused across multiple features

Infrastructure (20)

infrastructure JWT Infrastructure medium Shared infrastructure JWT Infrastructure low Shared infrastructure Auth Middleware medium Shared infrastructure Report API Middleware low Shared infrastructure Report Access Guard low Shared infrastructure Approval Audit Logger low Shared infrastructure End-to-End Encryption Infrastructure high Shared infrastructure Email Delivery Infrastructure low Shared infrastructure Invitation Token Infrastructure medium Shared infrastructure Signed URL Provider low Shared infrastructure Multi-Tenancy Infrastructure high Shared infrastructure Calculator Export Infrastructure medium Shared infrastructure Request & Response Interceptors high Shared infrastructure Design Token System medium Shared infrastructure Semantic Labels Infrastructure medium Shared infrastructure Connectivity Infrastructure low Shared infrastructure Local Database Infrastructure high Shared infrastructure Secure Storage Infrastructure medium Shared infrastructure Connection Pool Infrastructure medium Shared infrastructure Database Migration Infrastructure medium Shared

User Stories

No user stories have been generated for this feature yet.