Security and permissions
Access control
Role boundaries, sensitive scopes, and permission risk checks for owner, coach, front desk, parent, and member access.
Access-control board is live
The app now has a dedicated surface for permission design and sensitive-access review.
Clean
1
Roles with clean access boundaries.
Review
1
Roles that need policy review.
Risky
1
Roles with risky or overly broad access.
Roles
3
Role models currently represented.
Owner
Full workspace control
Owner access is broad by design, but destructive actions should remain explicit and auditable.
Coach
Roster, attendance, progress, limited health notes
Coach access should stay practical on the mats while keeping billing and family admin out of reach.
Front desk
Check-in, documents, bookings, recovery cues
This role touches sensitive workflows and needs crisp rules around health notes, payments, and family permissions.