Implement DriverFeatureFlagConfig constants and model
epic-driver-and-confidentiality-management-foundation-task-008 — Define the Dart constants, enums, and data models for the driver feature flag configuration. Include the feature key constant 'driver_and_confidentiality', the FeatureFlagConfig model with org_id/feature_key/enabled fields, and serialization. This model is shared by the repository and service layers.
Acceptance Criteria
Technical Requirements
Execution Context
Tier 1 - 540 tasks
Can start after Tier 0 completes
Implementation Notes
Place the FeatureFlags constants in lib/core/config/feature_flags.dart as a class with only static const String fields — this makes it easy to add new feature flags later. Place the FeatureFlagConfig model in lib/features/driver_confidentiality/data/models/feature_flag_config.dart. If the project already uses freezed for other models (check existing model files), use the same pattern for consistency. If not, a simple immutable class with a const constructor and manual fromJson/toJson is sufficient given the low complexity.
Avoid using build_runner-generated code if the project does not already use it, as it adds build complexity for a 3-field model. Export from the feature barrel file so consuming layers import the feature index, not the deep file path.
Testing Requirements
Unit tests using flutter_test: (1) FeatureFlagConfig.fromJson correctly maps all fields from a sample Supabase JSON response; (2) FeatureFlagConfig.toJson produces correct snake_case keys; (3) fromJson → toJson round-trip produces identical JSON; (4) FeatureFlags.driverAndConfidentiality equals the string 'driver_and_confidentiality'; (5) copyWith correctly produces a new instance with the changed field and all other fields preserved. These tests are fast, pure unit tests with no dependencies.
Row-level security policies for driver assignments and declarations must correctly scope data to the coordinator's chapter without leaking records across organizations. An incorrect RLS predicate could silently return empty result sets or, worse, expose cross-org data, both of which are difficult to detect in unit tests.
Mitigation & Contingency
Mitigation: Write dedicated RLS integration test scenarios with multiple org fixtures asserting both data isolation and correct data visibility. Use Supabase's built-in policy testing utilities and review policies with a second developer.
Contingency: If RLS policies prove too complex to get right quickly, implement application-layer org scoping as a temporary guard while RLS is fixed in a follow-up, with an explicit security review gate before production deployment.
The declaration audit logger must produce tamper-evident records. If the database allows updates or deletes on audit rows, the compliance guarantee is broken. Supabase does not natively prevent row deletion by default.
Mitigation & Contingency
Mitigation: Implement an insert-only RLS policy on the audit table that denies UPDATE and DELETE for all roles including the service role. Add a database trigger that rejects mutation attempts and logs the attempt itself.
Contingency: If immutability cannot be enforced at the database level within the sprint, store audit entries in an append-only Supabase Edge Function log stream as a temporary alternative, with a migration plan to the proper table once constraints are implemented.
The org-feature-flag-service caches flag values to avoid repeated database reads. If the cache is not invalidated promptly after an admin toggles the flag, coordinators may see stale UI state — either seeing driver features when they should not, or not seeing them when they should.
Mitigation & Contingency
Mitigation: Use a Supabase Realtime subscription to listen for changes on the driver_feature_flag_config table and invalidate the in-memory cache immediately on change. Set a short TTL (60 seconds) as a safety net.
Contingency: If Realtime subscription proves unreliable, expose a manual cache-bust endpoint accessible from the admin toggle action, ensuring the cache is cleared synchronously on every flag change.