Admin Portal
Feature Detail
Description
The Admin Portal provides a unified administrative interface for organization administrators and global admins to manage their organization's configuration, users, and system-wide settings. It consolidates the Organization Admin Dashboard and Global Admin View into a single cohesive experience, giving administrators full visibility and control over their organizational domain. The portal supports role-scoped views so that local admins see their association's data while national admins can oversee all levels of the hierarchy.
Analysis
Without a dedicated admin portal, each organization must rely on manual workarounds or external tools to manage users, configurations, and reporting settings. The Admin Portal eliminates this gap by providing a purpose-built interface that reduces administrative overhead and ensures consistent governance across all organizational levels. For a multi-tenant product serving NHF, Blindeforbundet, and HLF simultaneously, having a robust admin layer is essential for onboarding new organizations, managing permissions, and maintaining data integrity. It also enables Norse Digital Products to support client organizations remotely, reducing support burden and accelerating time-to-value for new deployments.
Built as a Flutter web or tablet-optimized layout using the existing design token system, the Admin Portal reuses role-scoped data fetching patterns already established in the BLoC/Riverpod architecture. Supabase Row Level Security (RLS) policies enforce access boundaries so that admins only retrieve data within their permitted scope. The portal integrates with the Role Authorization Service and Permission Guard components to enforce fine-grained access. Admin actions such as user deactivation, role assignment, and configuration changes are audited via database triggers or edge functions. The implementation should support both mobile and larger screen form factors using responsive Flutter layouts.
Dependencies
Definition of Done
Components (7)
User Stories (10)
As a As an administrator
I want I want to view a chronological, filterable audit trail of all administrative actions performed within my permitted scope
So that So that I can investigate suspicious activity, verify that changes were made correctly, and produce accountability evidence for compliance reviews
- Given I am an Organization Administrator, when I open the Audit Log, then I see only entries for actions performed within my organizational scope
- Given I am a Global Administrator, when I open the Audit Log, then I see audit entries across all organizations
- Given the audit log is displayed, when I filter by date range, then only entries within that range are shown
- +3 more
As a As a Organization Administrator
I want I want to configure my organization's settings including branding, custom terminology labels, integration parameters, and feature toggles
So that So that the app reflects my organization's specific language and workflows, reducing confusion for end users who are accustomed to organization-specific terms for roles and activities
- Given I am an Organization Administrator, when I open Admin Settings, then I see only configuration options within my permitted scope (local vs. national level)
- Given I update a terminology label (e.g., rename 'peer mentor' to organization-specific term), when I save the change, then the Dynamic Label Widget reflects the new term throughout the entire app for my organization's users
- Given I configure an integration parameter, when I save, then the change is persisted to the integration config store and the audit edge function records the modification
- +2 more
As a As an administrator
I want I want to view a chronological, filterable audit trail of all administrative actions performed within my permitted scope
So that So that I can investigate suspicious activity, verify that changes were made correctly, and produce accountability evidence for compliance reviews
- Given I am an Organization Administrator, when I open the Audit Log, then I see only entries for actions performed within my organizational scope
- Given I am a Global Administrator, when I open the Audit Log, then I see audit entries across all organizations
- Given the audit log is displayed, when I filter by date range, then only entries within that range are shown
- +3 more
As a As a Global Administrator
I want I want to manage platform-wide feature flags and control which features are enabled for each member organization
So that So that I can roll out new features incrementally to organizations as they are ready, without requiring a new app deployment for each change
- Given I am a Global Administrator, when I open Admin Settings, then I see a feature flag management section listing all available feature flags
- Given I toggle a feature flag for a specific organization, when the change is saved, then users in that organization see the feature enabled or disabled on their next app load
- Given I toggle a feature flag, when the change is persisted, then the audit edge function records the actor, timestamp, flag name, previous value, new value, and targeted organization
- +2 more
As a As a Global Administrator
I want I want to monitor system health indicators, integration statuses, and data quality metrics across all member organizations from a single dashboard view
So that So that I can proactively identify and address issues before they impact Organization Administrators or end users, and fulfill my responsibility for platform-wide GDPR and compliance oversight
- Given I am a Global Administrator, when I view the Admin Dashboard, then I see platform health indicators aggregated across all member organizations
- Given an integration sync fails for any organization, when the failure is detected, then it appears on the Global Administrator dashboard within the next real-time update cycle
- Given I see a health warning for a specific organization, when I click through, then I am taken to that organization's scoped admin view for investigation
- +2 more
As a As an administrator
I want I want to access an administrative dashboard that displays organizational data scoped to my permission level
So that So that I have an immediate, consolidated view of user counts, pending approvals, activity summaries, and system health without needing to navigate multiple screens
- Given I am an Organization Administrator, when I open the Admin Portal, then I see user counts, pending approvals, and activity summaries scoped exclusively to my organization hierarchy
- Given I am a Global Administrator, when I open the Admin Portal, then I see aggregated platform-wide metrics spanning all member organizations
- Given the dashboard is open, when underlying data changes in Supabase, then dashboard metrics update in real time without requiring a page refresh
- +2 more
As a As a Organization Administrator
I want I want to assign roles (coordinator, peer mentor) to users and revoke roles when access should be removed
So that So that the right people have the right level of access at all times, and departing or suspended users are promptly locked out of sensitive functionality
- Given I am viewing a user profile, when I assign a role, then the Admin Management Service validates the assignment against Role Authorization Service policies before saving
- Given a role is successfully assigned, when the change is persisted, then the Admin Audit Edge Function records actor, timestamp, old role, new role, and affected user
- Given I revoke a role from a user, when the revocation is confirmed, then the user's active session is invalidated and they are redirected to the no-access screen on next navigation
- +2 more
As a As a Organization Administrator
I want I want to view, search, and manage user profiles within my permitted organizational scope, including handling multi-organization memberships
So that So that I can maintain accurate user records, onboard new members, and resolve membership conflicts without relying on manual spreadsheet processes
- Given I am an Organization Administrator, when I open user management, then I see only users within my organizational scope as enforced by Supabase RLS
- Given the user list is displayed, when I search by name or email, then the list filters in real time to matching users only
- Given I select a user, when I view their profile, then I see all organizational memberships, current roles, and account status
- +3 more
As a As an administrator
I want I want to access an administrative dashboard that displays organizational data scoped to my permission level
So that So that I have an immediate, consolidated view of user counts, pending approvals, activity summaries, and system health without needing to navigate multiple screens
- Given I am an Organization Administrator, when I open the Admin Portal, then I see user counts, pending approvals, and activity summaries scoped exclusively to my organization hierarchy
- Given I am a Global Administrator, when I open the Admin Portal, then I see aggregated platform-wide metrics spanning all member organizations
- Given the dashboard is open, when underlying data changes in Supabase, then dashboard metrics update in real time without requiring a page refresh
- +2 more
As a As a Global Administrator
I want I want to provision a new member organization on the platform, including creating the organizational hierarchy, setting initial configuration, and bootstrapping administrator accounts
So that So that new client organizations can be onboarded onto the platform independently without requiring manual database operations or custom deployments
- Given I am a Global Administrator, when I initiate organization provisioning, then I can define the organization name, type, and hierarchical structure
- Given the organizational hierarchy is defined, when I save it, then Supabase RLS policies are automatically scoped so the new organization's data is isolated from all other organizations
- Given the organization is created, when I assign the first Organization Administrator, then that user receives access to the new organization's Admin Portal with the correct scope
- +3 more