Product - Section 2 | Admin Coordinator to remove guests, hosts, and coordinators who are no longer needed

[sanjumv]

🧩 Overview

Admin Coordinators need the ability to manage user access across the Home Unite Us (HUU) platform. This includes removing Guests, Hosts, or Coordinators who are no longer participating in the program or whose access privileges have expired. Implementing a secure “Remove User” functionality will ensure the system remains up-to-date, compliant, and accessible only to active participants.

🧩 Objective

Develop a secure and auditable user removal feature that allows Admin Coordinators to deactivate or remove inactive Guests, Hosts, and Coordinators, thereby maintaining system integrity and compliance while preventing unauthorized access.

🔍 Context / Background
The Admin Coordinator’s oversight responsibilities — including ensuring that only verified and active program members have access to the system. Once a participant (Guests, Hosts, Coordinator) completes or exits the program, their system access should be revoked to maintain confidentiality and operational security. The figma workflow shows that data handling and tracking are done manually, with Guest and Host information being updated frequently by Coordinators. A formalized system function for removal helps replace manual deletions or spreadsheet tracking and ensures auditability. The Coordinator Dashboard (Issue #501) can view and manage Guests and Hosts via their dashboard. This story extends that control to Admin Coordinators by enabling them to remove profiles system-wide, ensuring that the Coordinator Dashboard and user tables display only relevant, active participants.

This user story provides the baseline for defining administrative actions (such as add/edit) and maintaining traceability for all user management actions.

📌 Scope of Work

• Implement “Remove User” functionality within the Admin Dashboard under the “All Profiles” or “User Management” table.
• Admin Coordinator can select a user (Guest, Host, or Coordinator) and remove or deactivate their profile.
• Two-level confirmation process:
  • Step 1: Confirmation pop-up with reason selection (e.g., program completion, violation, inactive status).
  • Step 2: Final confirmation before permanent removal or deactivation.
• System should support two modes:
• Deactivate (recommended default): preserves user data but disables login access.
• Delete (permanent): available only with higher-level authorization or after data retention period.
• Audit log records user removal activity (user name, role, removed by, date/time, reason).
• Notification email sent to removed user (if applicable).
• Update the dashboard and profile lists dynamically to reflect removal status.
• Ensure role-based permission: only Admin Coordinators can perform this action.

🧠 Problem Statement

Currently, there is no centralized, secure process for Admin Coordinators to revoke access for Guests, Hosts, or Coordinators who leave the program or are no longer authorized. This results in outdated user records, potential privacy risks, and compliance gaps. The removal functionality ensures that system access remains current and controlled, reducing operational and data integrity risks.

🙋 User Story

As an Admin Coordinator,
I want to be able to remove Guests, Hosts, and Coordinators who no longer need or are allowed access,
So that I can keep the platform accessed only by relevant, active users.

🎯 Acceptance Criteria (Definition of Done)

Functional Criteria:

• Admin Coordinator can view a list of all users (Guests, Hosts, Coordinators).
• Each user entry includes an option to “Remove” or “Deactivate.”
• Upon clicking “Remove,” the system displays a two-step confirmation dialog.
• Admin must select a reason for removal (dropdown list).
• Removed user loses login access immediately.
• Deactivated users are marked with a “Deactivated” status tag in the user table.
• Admin can optionally reactivate a user (if deactivated).

Audit trail captures:

• Who was removed/deactivated
• Who performed the action
• Timestamp
• Reason for removal
• Success and error messages displayed appropriately.
• System updates all related dashboards (Coordinator and Admin) to reflect removal.
• Email notifications sent to both the removed user and Admin Coordinator (confirmation copy).
• Data handling complies with privacy standards (e.g., GDPR/HIPAA).

Non-Functional Criteria:

• Action limited to Admin Coordinators via Role-Based Access Control (RBAC).
• Response time for removal < 3 seconds.
• Supports rollback in case of accidental removal (soft delete).
• Compliant with organizational retention and data deletion policies.

🖼 Design Notes (Preliminary)

Ready for design: In-Progress

• Follow UI patterns from Coordinator Dashboard Table (Section 2, Issue Section 2 | Coordinator: Dashboard - Table of Guests/Hosts #501).
• Add an action column with icons (trash or disable icons) for clarity.
• Include role-based color coding (Guest = green, Host = blue, Coordinator = orange).
• Display removal confirmation modals consistent with HUU design system.
• Accessibility: Screen reader-friendly confirmation and notification elements.
• Ensure consistency with other Admin actions (e.g., Add Coordinator, Edit Profile).

🛑 Constraints / Risks / Workflow Dependencies

• Requires integration with the User Management API and Authentication Service for deactivation and deletion.
• Dependencies on Coordinator Dashboard Endpoint (Coordinator Dashboard Endpoint #651) for synchronized user data refresh.
• Must maintain data integrity for historical reporting (i.e., don’t purge linked records).
• System must prevent accidental deletion of active Coordinators with ongoing assignments.
• Data retention and deletion policies must be reviewed and approved before enabling permanent deletion.
• Testing must cover user journey, audit log validation, and permission enforcement.