🏠 Overview 🧩 Components 🧩 Supabase Mileage Adapter

Supabase Mileage Adapter

Component Detail

Infrastructure low complexity mobile
0
Dependencies
2
Dependents
2
Entities
0
Integrations

Description

Low-level Supabase client wrapper scoped to the mileage claims and org configuration tables. Translates domain model objects to/from Supabase JSON rows and handles Row Level Security policy compliance for peer mentor and coordinator access scopes.

Feature: Mileage Reimbursement Entry

supabase-mileage-adapter

Summaries

This infrastructure component forms the secure data bridge between the mobile application and the cloud database, enforcing access control rules that ensure peer mentors can only view their own claims while coordinators retain the oversight access they need to approve and manage submissions. By centralising all database communication logic, it protects the business from data leakage and unauthorised access, which are significant compliance and reputational risks for an organisation handling sensitive financial records. It also allows future database or security policy changes to be made in one place rather than scattered across the codebase.

As a foundational infrastructure component with no upstream dependencies, this adapter should be delivered and stabilised early in the sprint schedule, as all repository-layer components depend on it. The Row Level Security policy configuration in Supabase must be agreed with the backend or database team before development begins, making this a cross-team coordination risk. Testing must cover both peer mentor and coordinator access scopes to verify RLS enforcement, and error-path coverage for Supabase-specific error codes (e.g., 42501 permission denied, 23505 unique violation) is mandatory before other components can rely on its exception contract.

A thin data-layer wrapper around the Supabase Dart client, scoped exclusively to the `mileage_claims` and `org_configuration` tables. Each public method constructs the appropriate Supabase query builder chain and returns raw `Map` payloads — serialisation to typed domain models is the responsibility of the calling repository. RLS compliance is implicit via the authenticated Supabase session token; no manual header injection is required. The `watchOrgConfig()` method opens a Supabase realtime channel subscription and returns a `Stream>` that emits on every `UPDATE` event to the relevant org row.

Error handling must translate Supabase `PostgrestException` codes to domain exceptions before surfacing them to callers.

Responsibilities

  • Execute Supabase insert, select, update, and delete queries against the mileage_claims table
  • Execute select queries against the org_configuration table for rate and threshold fields
  • Map raw Supabase JSON responses to typed Dart model objects
  • Handle Supabase error codes and surface domain-friendly exceptions

Interfaces

insertClaimRow(Map<String, dynamic> data) → Future<Map<String, dynamic>>
selectClaimsWhere(Map<String, dynamic> filters) → Future<List<Map<String, dynamic>>>
updateClaimRow(String id, Map<String, dynamic> data) → Future<void>
selectOrgConfig(String orgId) → Future<Map<String, dynamic>>
watchOrgConfig(String orgId) → Stream<Map<String, dynamic>>

Relationships

Dependents (2)

Components that depend on this component

data Mileage Claim Repository data Organisation Rate Configuration Repository

Related Data Entities (2)

Data entities managed by this component

Mileage Claim 18 fields core Organisation Configuration 13 fields configuration

API Contract

View full contract →
REST /api/v1/claims 5 endpoints
GET /api/v1/claims
GET /api/v1/claims/:id
POST /api/v1/claims
PUT /api/v1/claims/:id
DELETE /api/v1/claims/:id