Skip to main content

Pastor edits listing and manages requests

Persona

A pastor who claimed their church weeks or months ago and is now in active management mode. Updates service hours seasonally, adds staff photos for new team members, responds to visitor inquiries. Logs in 1–3 times per month via magic link. Expects the dashboard to load fast without re-authentication.

Entry points

  1. Magic link email — welcome email or "resend magic link" reply from support: pewsearch.com/admin/[admin_token].
  2. Bookmarked URL — pastor bookmarked the admin URL during onboarding.
  3. Browser history — device auto-completes the URL.
  4. Transactional email — "New visitor contact" or "New prayer request" email includes a dashboard link.
  5. Support resend — pastor emails support@churchwiseai.com; support replies with magic link.

Click-through flow

Steps

  1. Access the admin dashboard — Middleware validates admin_token against premium_churches. If valid and status='active', dashboard loads. Token does NOT expire. Dashboard shows tabs: Overview, Requests, Training, Settings, Status.

  2. View and update hours and church info — Training tab → Hours section: day-of-week toggles (Closed / Open) and time pickers. Save updates premium_churches.custom_hours JSONB. On save, updated_at triggers ISR revalidation on the public listing.

  3. Add and manage staff profiles — Training tab → Staff section: cards with Name, Title, photo thumbnail, Edit/Delete buttons. "Add Staff Member" form: Name (required), Title (required), Photo upload, Bio (textarea). Photo uploads go to Supabase Storage premium_churches/[church_id]/staff/[uuid].[ext].

  4. View visitor requests and prayer requests — Requests tab shows three sections: Prayer Requests, Visitor Contacts, Callback Requests. Each item shows date, source label (pewsearch / churchwiseai / voice), sender name/email preview, and actions: "Mark as Read," "Archive." Requests from voice_prayer_requests, voice_visitor_contacts, and voice_callback_requests tables filtered by source='pewsearch'. Confidential requests visible only to PASTORAL_ROLES (Admin, Office Admin).

  5. Manage team members and roles — Settings tab → Team Members: list of members with name, email, role dropdown (Admin, Office Admin, Prayer Team, Care Team, Treasurer, Volunteer Coordinator, Worship Leader), "Remove" button. "Invite Team Member" form generates a link (no email auto-sent). An invite token creates a church_team_members row with accepted_at: null. When invitee visits the URL, their session is authenticated with that token and they see the dashboard filtered for their role permissions.

  6. Receive notifications and respond — Transactional emails fire when new requests arrive (from chatbot or voice agent). Email includes dashboard link with the request highlighted. In dashboard, "New" badge shows unread count on Requests tab. Pastor reads, marks as read, archives. For requests with an email address, "Reply via Email" is available if implemented.

Acceptance spec

Canonical: knowledge/acceptance/pewsearch-premium.md (Touchpoints 9–12: Overview, Requests, Training, Settings).

Success criteria

  • Dashboard loads immediately on magic link click.
  • All editable fields accept changes and save with "Saved!" toast.
  • Public listing reflects changes within a few seconds.
  • Photos upload without requiring manual resize.
  • Prayer requests and visitor contacts are easy to find and read.
  • Team member roles assign correctly; no permission leaks.

Known failure modes

  • Hours validation. Entering end time before start time (11:00 AM – 9:00 AM) must be rejected: "End time must be after start time."

  • Role permission leak. "Prayer Team" role must not see confidential prayer requests. Enforce PASTORAL_ROLES check server-side before returning full prayer text.

  • Removed team member still has dashboard access. Invalidate old invite tokens immediately on removal; check church_team_members.role is still valid on every session validation.

  • Prayer request overload. High-traffic churches with 50+ requests/week need pagination or infinite scroll (20 per page) and search/filter by date or sender.