Implement typed NotificationPayload sub-models
epic-in-app-notification-centre-foundation-task-002 — Define Dart sealed classes or freezed union types for NotificationPayload with five concrete subtypes: ReminderPayload (contact_id, due_date, activity_type), ExpiryPayload (certification_id, expiry_date, course_name), ScenarioPayload (scenario_id, prompt_text, deep_link), PausePayload (mentor_id, pause_reason, expected_return), and SystemPayload (message, action_url). Each subtype must parse from and serialize to JSONB maps.
Acceptance Criteria
Technical Requirements
Implementation Notes
Use the `freezed` package with `@freezed` annotation and `@JsonSerializable` for code generation — this eliminates boilerplate and gives copyWith, equality, and hashCode for free. Define a shared `NotificationPayload` sealed base with `const factory` constructors for each subtype. The `fromJson` dispatch logic (selecting the correct subtype from a `type` string key) belongs in task-003's `Notification.fromJson`, not here — these classes only need to parse their own fields from a pre-selected map. For DateTime fields, use `DateTime.parse(json['field'] as String)` and `.toIso8601String()` in toJson.
Register a custom JsonConverter if needed. Keep all model files under `lib/features/notifications/domain/models/`. Run `flutter pub run build_runner build --delete-conflicting-outputs` after annotating. Avoid dynamic casting; use `as String`, `as int`, etc.
with explicit null checks.
Testing Requirements
Unit tests using `flutter_test`. One test file per payload subtype (e.g., `reminder_payload_test.dart`). Each file must contain: (1) valid fromJson round-trip test, (2) toJson output shape test, (3) copyWith immutability test, (4) equality test for two identical instances, (5) at least one malformed-input test verifying graceful error or default. Target 100% line coverage for all payload model files.
No integration or widget tests needed for this task.
Supabase Realtime channels on mobile networks can drop silently. If reconnection logic is flawed, users miss notifications without knowing it, undermining the audit-trail guarantee.
Mitigation & Contingency
Mitigation: Implement exponential-backoff reconnection with a maximum of 5 retries; expose a channel-status stream to the BLoC so it can trigger a full-fetch fallback when the channel reconnects after a gap.
Contingency: If Realtime reliability proves insufficient in production, fall back to polling the repository every 60 seconds as a background supplement to the Realtime channel.
Coordinator and org-admin RLS expansions require joining user_roles and org_memberships tables. An incorrect policy could expose notifications to wrong users or block legitimate access entirely.
Mitigation & Contingency
Mitigation: Write dedicated RLS integration tests for each role (peer mentor, coordinator, org admin) using separate Supabase test projects. Review policies with the security checklist before merging.
Contingency: If an RLS defect is discovered post-deployment, disable the expanded-scope policy and revert to user-scoped-only access while a corrected migration is prepared and tested.
JSONB payload structure may vary across notification types created by different Edge Functions (reminder, expiry, scenario, pause). Missing or renamed fields will cause runtime parse failures.
Mitigation & Contingency
Mitigation: Define a canonical NotificationPayload union type in a shared schema document. Each Edge Function must validate its payload against this schema before inserting. Add fallback parsing with default values in the domain model.
Contingency: Wrap all payload parsing in try/catch and log malformed payloads to a monitoring channel; render a generic notification item rather than crashing when the payload cannot be parsed.