Repository query: coordinator audit view methods
epic-bulk-and-proxy-registration-services-task-003 — Add query methods to ProxyActivityRepository that filter by recorded_by_user_id so a coordinator can retrieve only the proxy records they personally registered. Implement getActivitiesRecordedByCoordinator(coordinatorId, {dateRange, featureFilters}) returning a paginated list. This feeds the coordinator audit trail screen and must return the attributed peer mentor name alongside the coordinator's own entry.
Acceptance Criteria
Technical Requirements
Execution Context
Tier 2 - 518 tasks
Can start after Tier 1 completes
Implementation Notes
Use Supabase's `.select()` with a foreign-key join pattern: `activities.select('*, contacts(first_name, last_name)')` filtered by `recorded_by_user_id`. Do not perform a separate query for mentor names. Define a `ProxyAuditRecord` value object that combines the activity fields with the resolved mentor name. Apply `.range(offset, offset + pageSize - 1)` for pagination.
Wrap the Supabase call in a try/catch and map `PostgrestException` to the project's typed failure hierarchy. Keep this method read-only — no side effects. Coordinate with the RLS policy definition from task-002 to ensure the filter column is indexed.
Testing Requirements
Unit tests using flutter_test with a mocked Supabase client. Test scenarios: (1) returns only rows matching coordinatorId, (2) dateRange filter correctly excludes out-of-range rows, (3) featureFilters narrows by activity_type_id, (4) pagination returns correct page and cursor, (5) empty result returns empty list without error, (6) Supabase error maps to typed domain failure, (7) peer mentor name is present in each result item. Integration test: verify RLS prevents cross-coordinator data access using two seeded coordinator sessions.
The Proxy Registration Service must verify that the coordinator has a legitimate assignment relationship with the target peer mentor before creating a record. If this check is implemented only in application code and not enforced at the DB/RLS level, a compromised or buggy client could bypass it by calling the Supabase endpoint directly, creating fraudulent proxy records for arbitrary peer mentors.
Mitigation & Contingency
Mitigation: Implement permission validation at two levels: (1) application-layer check in Proxy Registration Service that queries the assignments table before constructing the payload, and (2) RLS policy on the activities table that restricts INSERT to rows where recorded_by_user_id matches the authenticated user AND peer_mentor_id is in the set of peer mentors assigned to that coordinator. The RLS policy is the authoritative guard; the service-layer check provides early user-facing feedback.
Contingency: If RLS policy implementation is blocked by Supabase plan constraints, implement a Supabase Edge Function as a proxy endpoint that enforces the permission check server-side before forwarding to the DB. Disable direct client inserts entirely for proxy activities.
For a bulk session with 30 selected peer mentors, the Proxy Duplicate Detector must query existing activities for each mentor. If implemented as 30 sequential Supabase queries, round-trip latency could make the bulk confirmation screen feel slow (>3s), degrading coordinator experience and potentially causing timeouts.
Mitigation & Contingency
Mitigation: Implement the duplicate check as a single Supabase query using an IN clause on peer_mentor_id combined with the activity_type and date filters, returning all potential duplicates for the entire batch in one network round-trip. Group results client-side by mentor ID to produce the per-mentor warning structure.
Contingency: If the single-query approach returns too much data for very large chapters, add a database index on (peer_mentor_id, activity_type, date) and profile query time. If still insufficient, accept a short loading state on the confirmation screen with a progress indicator rather than pre-loading duplicates before navigation.