Implement Care Circle Sharing & Delegated Access with granular permissions and audit logging

[Copilot]

This PR implements a comprehensive Care Circle feature that enables secure, time-limited sharing of health data with trusted caregivers, family members, and clinicians. The implementation provides granular scope-based permissions with complete audit trails and emergency access capabilities.

Key Features

Secure Invitation System

• Email-based invitations with magic links and secure token handling
• Role-based access control (Viewer for read-only, Editor for full CRUD)
• Granular scope permissions for medications, appointments, health logs, documents, and profile data
• Configurable expiration dates with preset options (24h, 7d, 30d, custom)
• Personal message support for invitation context

Database Architecture

Four new tables with comprehensive relationships:

• care_circle_members - Member relationships and invitation management
• access_grants - Permission scopes and expiration control
• audit_log - Complete activity tracking with metadata
• ice_tokens - Emergency access code management

Enhanced all existing tables with updated RLS policies supporting delegated access while maintaining security.

API Endpoints

• POST /api/care-circle?action=invite - Send secure invitations
• GET /api/care-circle - List members with grant details
• PUT /api/care-circle?memberId=X - Update permissions and roles
• DELETE /api/care-circle?memberId=X - Revoke access immediately
• GET /api/audit-log - Retrieve filtered activity logs with CSV export
• POST /api/ice - Generate 6-digit emergency access codes

User Interface

Complete Care Circle management interface with:

• Intuitive member invitation modal with permission preview
• Real-time status tracking (invited, active, expired, revoked)
• Comprehensive audit log viewer with filtering and export
• Restricted access wrapper components for scope enforcement
• Visual indicators showing delegated access throughout the app

Security & Compliance

• Row-level security enforcement at the database level
• Automatic audit logging via database triggers for all delegated actions
• Time-based access expiration with background cleanup
• Emergency ICE codes with single-use validation and owner notification
• Complete PHI protection within granted scopes only

Example Usage

// Invite a caregiver with medication access
await inviteCareCircleMember({
  email: 'caregiver@example.com',
  role: 'viewer',
  scopes: ['medications', 'appointments'],
  expiresAt: new Date(Date.now() + 30 * 24 * 60 * 60 * 1000), // 30 days
});

// Check access permissions
const hasAccess = await checkUserAccess(ownerId, 'medications', 'view');

// Generate emergency access code
const { code, expiresAt } = await generateICECode(); // Returns 6-digit code

Integration with Existing Features

All existing SymptomSync pages now support delegated access:

• Medication reminders can be shared with caregivers for schedule management
• Appointment calendars accessible to family members for coordination
• Health logs visible to healthcare providers for clinical review
• Documents shareable with appropriate download restrictions
• Profile data accessible for emergency contact information

The implementation uses RestrictedAccessWrapper components to seamlessly enforce permissions while providing clear visual feedback about access levels and data source.

Production Readiness

• Zero-downtime deployment with additive database changes
• Comprehensive TypeScript coverage with Zod validation
• Complete test suite including integration tests for full workflows
• Optimized database queries with proper indexing strategy
• Graceful error handling and user-friendly fallbacks
• Extensive documentation with usage examples and migration guides

This feature enables SymptomSync to support real-world care coordination scenarios while maintaining its privacy-first architecture and providing the transparency and control users need when sharing sensitive health information.

Fixes #24.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• fonts.googleapis.com
  • Triggering command: /usr/local/bin/node /home/REDACTED/work/SymptomSync-Health-App/SymptomSync-Health-App/web/node_modules/next/dist/compiled/jest-worker/processChild.js (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[Copilot]

@hoangsonww 👋 This repository doesn't have Copilot instructions. With Copilot instructions, I can understand the repository better, work faster and produce higher quality PRs.

I can generate a .github/copilot-instructions.md file for you automatically. Click here to open a pre-filled issue and assign it to me. I'll write the instructions, and then tag you for review.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
symptomsync-health-app	Error			Aug 22, 2025 8:49am