Access Map View Only with Coordinator Role
The Map View Screen is protected by a role-based access guard that allows only coordinator and above roles to navigate to the map. Peer mentor users do not see a map view entry point in their navigation. Supabase row-level security policies on the peer_mentor_locations table enforce that only coordinators within the same organisation can read location records, providing a second layer of protection beyond the Flutter-level role guard. Attempts to access the map route without coordinator role result in redirection to the No-Access Screen.
User Story
Acceptance Criteria
- Given I am authenticated with a peer mentor role, when I attempt to navigate to the map view route, then I am redirected to the No-Access Screen and no location data is returned from the API
- Given I am authenticated as a coordinator, when I open the map view, then only mentor location pins within my own organisational scope are visible
- Given I am authenticated as a coordinator in Organisation A, when I view the map, then I cannot see pins for mentors belonging to Organisation B
- Given an unauthenticated user attempts to access the map API endpoint directly, when the request is processed by Supabase RLS, then the response returns zero rows and no location data is exposed
Business Value
Protecting location data from unauthorised access is both a GDPR obligation and a prerequisite for peer mentor trust. If mentors suspected their location was visible to other mentors or the general public, they would decline consent en masse, rendering the entire geographic matching feature non-functional. Dual enforcement via app-level role guards and database-level RLS policies provides defence in depth.
Components
- Map View Screen ui
- Geographic Matching Service service
- Location Repository data