You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Admin Coordinators need the ability to manage user access across the Home Unite Us (HUU) platform. This includes removing Guests, Hosts, or Coordinators who are no longer participating in the program or whose access privileges have expired. Implementing a secure “Remove User” functionality will ensure the system remains up-to-date, compliant, and accessible only to active participants.
🧩 Objective
Develop a secure and auditable user removal feature that allows Admin Coordinators to deactivate or remove inactive Guests, Hosts, and Coordinators, thereby maintaining system integrity and compliance while preventing unauthorized access.
🔍 Context / Background
The Admin Coordinator’s oversight responsibilities — including ensuring that only verified and active program members have access to the system. Once a participant (Guests, Hosts, Coordinator) completes or exits the program, their system access should be revoked to maintain confidentiality and operational security. The figma workflow shows that data handling and tracking are done manually, with Guest and Host information being updated frequently by Coordinators. A formalized system function for removal helps replace manual deletions or spreadsheet tracking and ensures auditability. The Coordinator Dashboard (Issue #501) can view and manage Guests and Hosts via their dashboard. This story extends that control to Admin Coordinators by enabling them to remove profiles system-wide, ensuring that the Coordinator Dashboard and user tables display only relevant, active participants.
This user story provides the baseline for defining administrative actions (such as add/edit) and maintaining traceability for all user management actions.
📌 Scope of Work
Implement “Remove User” functionality within the Admin Dashboard under the “All Profiles” or “User Management” table.
Admin Coordinator can select a user (Guest, Host, or Coordinator) and remove or deactivate their profile.
Two-level confirmation process:
Step 1: Confirmation pop-up with reason selection (e.g., program completion, violation, inactive status).
Step 2: Final confirmation before permanent removal or deactivation.
System should support two modes:
Deactivate (recommended default): preserves user data but disables login access.
Delete (permanent): available only with higher-level authorization or after data retention period.
Audit log records user removal activity (user name, role, removed by, date/time, reason).
Notification email sent to removed user (if applicable).
Update the dashboard and profile lists dynamically to reflect removal status.
Ensure role-based permission: only Admin Coordinators can perform this action.
🧠 Problem Statement
Currently, there is no centralized, secure process for Admin Coordinators to revoke access for Guests, Hosts, or Coordinators who leave the program or are no longer authorized. This results in outdated user records, potential privacy risks, and compliance gaps. The removal functionality ensures that system access remains current and controlled, reducing operational and data integrity risks.
🙋 User Story
As an Admin Coordinator,
I want to be able to remove Guests, Hosts, and Coordinators who no longer need or are allowed access,
So that I can keep the platform accessed only by relevant, active users.
🎯 Acceptance Criteria (Definition of Done)
Functional Criteria:
Admin Coordinator can view a list of all users (Guests, Hosts, Coordinators).
Each user entry includes an option to “Remove” or “Deactivate.”
Upon clicking “Remove,” the system displays a two-step confirmation dialog.
Admin must select a reason for removal (dropdown list).
Removed user loses login access immediately.
Deactivated users are marked with a “Deactivated” status tag in the user table.
Admin can optionally reactivate a user (if deactivated).
Audit trail captures:
Who was removed/deactivated
Who performed the action
Timestamp
Reason for removal
Success and error messages displayed appropriately.
System updates all related dashboards (Coordinator and Admin) to reflect removal.
Email notifications sent to both the removed user and Admin Coordinator (confirmation copy).
Data handling complies with privacy standards (e.g., GDPR/HIPAA).
Non-Functional Criteria:
Action limited to Admin Coordinators via Role-Based Access Control (RBAC).
Response time for removal < 3 seconds.
Supports rollback in case of accidental removal (soft delete).
Compliant with organizational retention and data deletion policies.
🧩 Overview
Admin Coordinators need the ability to manage user access across the Home Unite Us (HUU) platform. This includes removing Guests, Hosts, or Coordinators who are no longer participating in the program or whose access privileges have expired. Implementing a secure “Remove User” functionality will ensure the system remains up-to-date, compliant, and accessible only to active participants.
🧩 Objective
Develop a secure and auditable user removal feature that allows Admin Coordinators to deactivate or remove inactive Guests, Hosts, and Coordinators, thereby maintaining system integrity and compliance while preventing unauthorized access.
🔍 Context / Background
The Admin Coordinator’s oversight responsibilities — including ensuring that only verified and active program members have access to the system. Once a participant (Guests, Hosts, Coordinator) completes or exits the program, their system access should be revoked to maintain confidentiality and operational security. The figma workflow shows that data handling and tracking are done manually, with Guest and Host information being updated frequently by Coordinators. A formalized system function for removal helps replace manual deletions or spreadsheet tracking and ensures auditability. The Coordinator Dashboard (Issue #501) can view and manage Guests and Hosts via their dashboard. This story extends that control to Admin Coordinators by enabling them to remove profiles system-wide, ensuring that the Coordinator Dashboard and user tables display only relevant, active participants.
This user story provides the baseline for defining administrative actions (such as add/edit) and maintaining traceability for all user management actions.
📌 Scope of Work
🧠 Problem Statement
Currently, there is no centralized, secure process for Admin Coordinators to revoke access for Guests, Hosts, or Coordinators who leave the program or are no longer authorized. This results in outdated user records, potential privacy risks, and compliance gaps. The removal functionality ensures that system access remains current and controlled, reducing operational and data integrity risks.
🙋 User Story
As an Admin Coordinator,
I want to be able to remove Guests, Hosts, and Coordinators who no longer need or are allowed access,
So that I can keep the platform accessed only by relevant, active users.
🎯 Acceptance Criteria (Definition of Done)
Functional Criteria:
Audit trail captures:
Non-Functional Criteria:
🖼 Design Notes (Preliminary)
Ready for design: In-Progress
🛑 Constraints / Risks / Workflow Dependencies