Scaffold ReferralAttributionService Riverpod provider
epic-membership-recruitment-core-services-task-005 — Create the ReferralAttributionService class as a Riverpod provider with constructor injection of the RecruitmentAttributionRepository and a reference to the BadgeCriteriaIntegration layer. Define the full public interface: recordClickEvent, matchRegistrationToCode, confirmAttribution, getAttributionCountsForMentor, and publishMilestoneEvent. Ensure the provider compiles against all injected abstractions.
Acceptance Criteria
Technical Requirements
Implementation Notes
Use Riverpod's `Provider
Place the provider definition in `lib/features/recruitment/services/referral_attribution_service.dart`. Export the provider constant from the feature barrel file. Use `@visibleForTesting` annotation on any internal helpers that tests need to access.
Testing Requirements
Write a single flutter_test that creates a ProviderContainer, overrides referralAttributionServiceProvider with a fake repository and fake BadgeCriteriaIntegration, reads the provider, and asserts the returned object is a ReferralAttributionService instance. Each stub method should throw UnimplementedError; assert that calling one throws. This test validates the scaffolding wiring before any logic is implemented. Test file: test/services/referral_attribution_service_test.dart.
Confirmed registration events originate from the membership system (Dynamics portal for HLF), which may call back asynchronously with significant delay. If the attribution service only accepts synchronous confirmation at registration time, late callbacks will fail to match the originating referral code, resulting in under-counted conversions.
Mitigation & Contingency
Mitigation: Design the attribution confirmation path as a webhook endpoint (Supabase Edge Function) that accepts a referral_code + new_member_id pair at any time after click. The service matches by code string, not by session. Persist pending_signup events immediately at onboarding screen submission so there is always a record to upgrade to 'confirmed' when the webhook fires.
Contingency: If the membership system cannot reliably call the webhook, implement a polling reconciliation job (Supabase pg_cron, daily) that queries the membership system for recently registered members and back-fills any unmatched attribution records.
If confirmRegistration() is called more than once for the same new member (e.g., idempotency retry from the webhook), duplicate milestone events could be emitted, causing the badge system to award badges multiple times.
Mitigation & Contingency
Mitigation: Use a UNIQUE constraint on (referral_code_id, new_member_id) in the referral_events table for confirmed events. The confirmRegistration() method uses upsert semantics; milestone evaluation reads the confirmed count from the aggregation query rather than counting individual calls.
Contingency: If duplicate awards occur in production, the badge system should support idempotent award checks (query existing badges before awarding). Add a deduplication guard in BadgeCriteriaIntegration as a secondary defence.
Stakeholder review may expand attribution requirements mid-epic to include click-through tracking per channel (WhatsApp vs SMS vs email), which is not currently in scope but was mentioned in user story discussions. This would require schema changes in the foundation epic and delay delivery.
Mitigation & Contingency
Mitigation: Capture per-channel data in the device_metadata JSONB field from day one as an unstructured field (share_channel: 'whatsapp'). This preserves data without requiring a schema column, allowing structured querying to be added later without migrations.
Contingency: If channel-level analytics become a hard requirement during this epic, timebox the change to adding a nullable channel column to referral_events and a corresponding filter parameter on the aggregation query, deferring dashboard UI to a separate task.