Implement contact_form_validator required field rules
epic-contact-detail-and-edit-foundation-task-005 — Create the contact-form-validator infrastructure component enforcing required field presence (name, contact method) and basic type constraints. Implement a ValidationResult type with field-level error messages compatible with Flutter form validation APIs. Returns typed errors for display in edit screens.
Acceptance Criteria
Technical Requirements
Implementation Notes
Model ContactFormData as a simple immutable Dart class with named fields. Use a sealed class for ValidationResult with Dart 3 pattern matching so callers are forced to handle both cases at compile time. Implement the Flutter FormFieldValidator
Keep the core validateRequired method free of Flutter imports so the business logic stays independently testable. Localisation key naming convention: 'validation.{fieldName}.{ruleCode}' (e.g., 'validation.name.required', 'validation.contactMethod.required').
Testing Requirements
Pure Dart unit tests (flutter_test package, no widget test needed): (1) blank name fails with key 'name'; (2) whitespace-only name fails with key 'name'; (3) valid name passes; (4) all contact methods empty fails with key 'contactMethod'; (5) at least one contact method non-empty passes; (6) both name and contact method missing returns both errors in ValidationFailure.errors; (7) FormFieldValidator
Blindeforbundet's encryption key retrieval mechanism may not be finalised at implementation time, or session key availability via Supabase RLS may be inconsistent, causing decryption failures that expose masked placeholders to users and degrade the experience.
Mitigation & Contingency
Mitigation: Agree with Blindeforbundet on key storage and retrieval contract before implementation starts. Prototype key retrieval in a spike against the staging Supabase instance and validate the full decrypt/verify cycle with real test data before committing to the implementation.
Contingency: Implement a fallback that shows a 'field temporarily unavailable' state with a retry affordance. Log decryption failures server-side for audit. Escalate to Blindeforbundet stakeholders to unblock key management before the service tier epic begins.
NHF contacts may belong to up to 5 chapters, each governed by separate RLS policies. A coordinator's chapter scope may not cover all affiliations, causing partial profile reads or silent data omissions that are difficult to detect in tests.
Mitigation & Contingency
Mitigation: Map all RLS policy combinations for multi-chapter contacts early. Write integration tests that create contacts with 5 affiliations and query them from coordinators with varying chapter scopes. Use Supabase's RLS test utilities to verify row visibility per role.
Contingency: Add an explicit 'affiliation partially visible' state in the repository response model so the UI can communicate scope limitations to the coordinator rather than silently showing incomplete data.
Organisation-specific validation rules (e.g., NHF chapter limit, Blindeforbundet encrypted field edit flow) may expand in scope during implementation as edge cases are discovered, causing the validator to grow beyond the planned complexity.
Mitigation & Contingency
Mitigation: Define the complete validation rule set with product and org stakeholders before coding begins. Document each rule with its source organisation and acceptance test. Use a rule registry pattern so new rules can be added without modifying core validator logic.
Contingency: Timebox validator enhancements to 2 hours per additional rule. Defer non-blocking rules to a follow-on maintenance task rather than blocking the epic delivery.