Delegation Grant
Data Entity
Description
Audit record capturing when a coordinator registered an activity on behalf of a peer mentor via proxy reporting, preserving coordinator identity, timestamp, and referenced activity ID for Bufdir audit trail accountability.
Data Structure
| Name | Type | Description | Constraints |
|---|---|---|---|
id |
uuid |
Immutable primary key for the delegation grant record, generated server-side on insert. | PKrequiredunique |
coordinator_id |
uuid |
Foreign key referencing the users table for the coordinator who performed the proxy registration. This is the acting user whose identity is preserved for audit purposes. | required |
mentor_id |
uuid |
Foreign key referencing the users table for the peer mentor on whose behalf the activity was registered. Must differ from coordinator_id. | required |
activity_id |
uuid |
Foreign key referencing the activities table for the specific activity record created via proxy. Enforces referential integrity between the delegation audit and the actual activity data. | requiredunique |
granted_at |
datetime |
UTC timestamp of when the proxy registration was executed. Recorded server-side to prevent client-side tampering. Used as the canonical delegation time for Bufdir audit trail ordering. | required |
reason |
text |
Optional free-text justification provided by the coordinator explaining why the proxy registration was performed (e.g., 'Peer mentor without smartphone', 'Bulk registration for weekly group session'). Not required but recommended for audit clarity. | - |
grant_type |
enum |
Distinguishes between a single proxy registration initiated from the Proxy Registration Screen and a bulk registration initiated from the Bulk Registration Screen. Aids in audit segmentation and Bufdir reporting. | required |
organization_id |
uuid |
Foreign key to the organizations table representing the organizational scope under which the delegation was performed. Required for RLS enforcement and multi-org Bufdir report scoping. | required |
Database Indexes
idx_delegation_grants_coordinator_id
Columns: coordinator_id
idx_delegation_grants_mentor_id
Columns: mentor_id
idx_delegation_grants_activity_id
Columns: activity_id
idx_delegation_grants_organization_id
Columns: organization_id
idx_delegation_grants_granted_at
Columns: granted_at
idx_delegation_grants_mentor_granted_at
Columns: mentor_id, granted_at
idx_delegation_grants_coordinator_granted_at
Columns: coordinator_id, granted_at
idx_delegation_grants_org_granted_at
Columns: organization_id, granted_at
Validation Rules
coordinator_id_is_valid_user
error
Validation failed
mentor_id_is_valid_user
error
Validation failed
activity_id_is_valid_activity
error
Validation failed
granted_at_is_not_future
error
Validation failed
reason_max_length
error
Validation failed
grant_type_is_valid_enum
error
Validation failed
organization_id_is_valid
error
Validation failed
mentor_is_peer_mentor_role
error
Validation failed
Business Rules
coordinator_role_required
The acting user (coordinator_id) must hold a coordinator or admin role within the organization at the time of delegation. Peer mentors cannot create delegation grants. Enforced before insert via role authorization check.
delegation_grants_are_immutable
Once a delegation grant is created, no fields may be updated. The record serves as an immutable audit artifact for Bufdir compliance. Any correction must be handled by creating a new activity and a new grant, not by mutating the existing record.
one_grant_per_activity
Each activity may have at most one delegation grant record (activity_id is unique). If an activity was self-registered by the peer mentor, no delegation grant exists. If it was proxy-registered, exactly one grant record must exist.
coordinator_cannot_delegate_to_self
The coordinator_id and mentor_id must refer to different users. A coordinator cannot perform a proxy registration where they themselves are the nominal peer mentor.
activity_must_exist_before_grant
The referenced activity_id must exist in the activities table before the delegation grant can be created. The activity insert and delegation grant insert must occur within the same database transaction to prevent orphaned grants.
organization_scoped_delegation
A coordinator may only create delegation grants for peer mentors who belong to the same organization scope as the coordinator. Cross-organization proxy registration is not permitted. Enforced via Supabase RLS policies tied to organization_id.
bufdir_audit_trail_preservation
Delegation grant records must never be deleted except by a global admin for documented data correction purposes. The permanent retention policy ensures that all Bufdir grant audit trails remain intact for the full statutory retention period (minimum 5 years under Norwegian accounting law).
CRUD Operations
Storage Configuration
Entity Relationships
Each delegation grant references the specific activity that was registered by proxy
Each delegation grant records the coordinator who performed the proxy registration
Each delegation grant records the peer mentor on whose behalf the activity was registered