Role Repository - Likepersonsapp | Generated by Eircodex v1.0.0

Description

Fetches and caches user role assignments from Supabase, providing a data access layer between the role resolution service and the database. Handles caching to minimize repeated Supabase queries within a session.

Feature: Role-Based Access Control

role-repository

Summaries

The Role Repository is a data access component that ensures the application reliably knows what role each user holds, sourcing this information from Supabase and keeping it available locally throughout a session. From a business perspective, this component directly enables the role-based experience that differentiates the platform — without accurate, performant role resolution, the application cannot deliver personalized, permission-appropriate interfaces to different user types.

By caching roles locally for the session duration, it also reduces cloud database query costs and improves application responsiveness, contributing to a smoother user experience and lower operational overhead as the user base scales.

The Role Repository is a medium-complexity data layer component with a clear and bounded scope: fetch, cache, and map user role assignments from Supabase. It depends on the Supabase Role Provider, meaning any delays in Supabase integration or authentication setup will directly block this component's delivery. The cache invalidation logic — triggered on logout or role change — must be carefully coordinated with session management and authentication flows, representing a cross-team dependency risk. Testing requirements include unit tests for cache hit/miss behavior, mapping correctness for all role types, and integration tests against Supabase.

It is not a shared component, limiting its blast radius, but failures here cascade directly into the Role Resolution Service and all downstream access control.

The Role Repository is a mobile-context data component responsible for abstracting Supabase role data behind a typed domain model. It implements five interfaces: `fetchRoles(userId)` for fresh Supabase retrieval, `getCachedRoles(userId)` for session-local lookup, `invalidateCache()` for logout/role-change scenarios, `mapToRoleModel(Map)` for deserializing raw Supabase responses into typed `Role` objects, and `saveRoleLocally(List)` for persisting to local cache (e.g., SharedPreferences or in-memory store). It manages the `user-role` data model and acts as the single source of truth for role data within the session. Cache strategy should use userId as the key with a TTL or explicit invalidation on auth state changes.

The `mapToRoleModel` function is a critical correctness boundary — validate all required fields and handle missing or unexpected role values defensively to prevent silent access control failures downstream.

Responsibilities

Fetch role assignments from Supabase roles table or user metadata
Cache resolved roles locally for session duration
Invalidate cache on logout or role change
Map raw Supabase role data to typed Role domain models

Interfaces

fetchRoles(String userId)

getCachedRoles(String userId)

invalidateCache()

mapToRoleModel(Map<String, dynamic> data)

saveRoleLocally(List<Role> roles)

Relationships

Dependencies (1)

Components this component depends on

infrastructure Supabase Role Data Provider

Dependents (3)

Components that depend on this component

ui Role Switch Widget service Role Resolution Service service Role State Manager

Related Data Entities (2)

Data entities managed by this component

User 13 fields core User Role 13 fields core

Used Integrations (1)

External integrations and APIs this component relies on

Supabase PostgreSQL 15 API

API Contract

View full contract →

REST /api/v1/roles 5 endpoints

GET /api/v1/roles List all role definitions

GET /api/v1/roles/:roleId Get a role definition by ID

POST /api/v1/roles Create a new role definition

PUT /api/v1/roles/:roleId Update a role definition

DELETE /api/v1/roles/:roleId Delete a role definition and invalidate its cache