TODO.LAWDEALROOM

Supervision & Administration

How Dealroom's two-level administration system manages the platform, supervisors, and deal access.

Role Hierarchy

Dealroom uses three distinct roles with strict separation of access:

Platform Admin

/admin portal

  • • Manages the entire platform
  • • Creates and manages supervisors
  • • Assigns supervisors to deals
  • • Controls skills and licensing

Supervisor

/supervise portal

  • • Monitors assigned deals only
  • • Reviews negotiation progress
  • • Cannot modify deal selections
  • • Read-only access to assigned deals

Deal Parties

/deals portal

  • • Creates and negotiates deals
  • • Selects clause preferences
  • • Signs completed contracts
  • • Sees only their own deals

Two Portal System

Admin Portal (/admin)

Platform-wide management for the organisation running Dealroom.

Dashboard

Customer count, deal statistics, recent activity overview.

Supervisor Management

Create, activate, and deactivate supervisor accounts. Manage bar admissions.

Deal Management

View all deals, assign supervisors, monitor platform-wide negotiation activity.

Skills Marketplace

View installed skills, manage entitlements, activate and deactivate premium packages.

Supervisor Portal (/supervise)

Deal-level monitoring for assigned supervisors and reviewing attorneys.

Assigned Deals

View only the deals you are assigned to supervise.

Negotiation Progress

Track which clauses are agreed, pending, or in dispute.

Client Vetting

Pre-configure deals with recommended positions for lawyer vetting workflows.

Attorney Review

Review party positions and approve as Stage A or Stage B counsel.

Assignment-Based Access

Supervisors can only view deals they are explicitly assigned to. This ensures confidentiality across concurrent negotiations.

Deal Confidentiality

Supervisor A cannot see Supervisor B's deals, even on the same platform.

Specialisation

Admins can assign supervisors based on expertise (jurisdiction, contract type).

Audit Trail

Every assignment and action is logged with timestamp and actor identity.

Visibility Matrix

ResourcePlatform AdminSupervisorDeal Party
All deals on platformView & Manage
Assigned dealsView & ManageView only
Own dealsView & ManageIf assignedView & Negotiate
Supervisor accountsManage
Skills & licensingManage

Audit Trail

All platform actions are recorded in a tamper-proof audit log:

2024-01-15 14:32:01AdminAssigned Supervisor 'Jane Smith' to deal 'Acme NDA Q2'
2024-01-15 14:35:22SupervisorViewed deal 'Acme NDA Q2' — clause progress: 8/10 agreed
2024-01-15 15:01:45Party ASubmitted selections for 'Acme NDA Q2' (10 clauses)
2024-01-15 16:22:11Party BSubmitted selections for 'Acme NDA Q2' (10 clauses)
2024-01-15 16:22:12SystemCompromise calculated — 8 agreed, 2 require negotiation

Security

Two-Factor Authentication

Platform admins authenticate with magic link plus 2FA verification. A separate 2FA cookie ensures session security.

Session Isolation

Admin, supervisor, and user sessions use separate cookies. Being logged in as a user does not grant admin or supervisor access.

Technical note: Authentication logic is split between src/lib/auth-admin.ts and src/lib/auth-supervisor.ts.