🏠 Overview 👥 User Roles 📖 Global Administrator Is Guided to Admin Portal Whe...

Global Administrator Is Guided to Admin Portal When Accessing Standard App Flows

Global Administrators operate exclusively through the admin portal and elevated tooling, not through standard peer mentor or coordinator app flows. When a global admin authenticates and attempts to navigate standard app routes such as activity registration, contacts, or expense registration, the Permission Guard redirects them to the No-Access Screen. This screen is contextually tailored for the global admin persona — it explains that the standard app is not the right tool for their role and provides a prominent action to navigate to the admin portal. This prevents global admins from accidentally creating data in the wrong context or conflating platform configuration work with standard user workflows.

MEDIUM story-role-based-access-control-global-admin-008 3 pts
3
Story Points
Medium
Priority
Role-Based Access Control
Feature

User Story

As a Global Administrator
I want the no-access screen to provide me with a clear path to the admin portal when I access standard app flows not intended for my role
So that So that I am not confused by peer mentor or coordinator screens I should not interact with, and I can quickly navigate to the elevated tooling designed for platform administration

Acceptance Criteria

  • Given a user authenticated as a Global Administrator, when they attempt to access standard peer mentor routes such as activity registration or contacts, then the Permission Guard redirects them to the No-Access Screen
  • Given the No-Access Screen is displayed to a Global Administrator, when they view it, then the screen includes an action to navigate to the admin portal
  • Given a Global Administrator is on the No-Access Screen, when they view the explanation, then it clearly states that their role requires the admin portal rather than the standard app
  • Given a Global Administrator navigates to the admin portal, when they arrive, then they have access to platform-wide configuration and management features
  • Given a Global Administrator uses admin features, when actions are performed, then they are logged with a full audit trail in the admin audit log

Business Value

Global administrators are technical users who provision and configure the platform across all member organizations. Allowing them to accidentally interact with standard app flows creates risk of data contamination — for example, test activities appearing in real Bufdir reports — and configuration errors affecting multiple organizations. The no-access redirect protects data integrity across all organizations and ensures global admins use the correct tooling for their elevated responsibilities.

Components

Role-Based Access Control
Related Feature
Global Administrator
User Role