🏠 Overview ✅ Implementation Tasks ✅ epic-organizational-hierarchy-management-core-services-task-001

Define HierarchyService data models and interfaces

epic-organizational-hierarchy-management-core-services-task-001 — Define the core Dart interfaces, data classes, and type definitions for the HierarchyService layer. This includes OrganizationUnit model, HierarchyNode, parent-child relationships, and the service interface contract that all downstream components will depend on.

critical priority medium complexity backend pending backend specialist Tier 0

Acceptance Criteria

A Dart file lib/features/hierarchy/data/models/organization_unit.dart is created containing an immutable OrganizationUnit data class with fields: id (String), name (String), parentId (String?), depth (int), organizationId (String), isActive (bool), createdAt (DateTime), updatedAt (DateTime)
A HierarchyNode data class wraps OrganizationUnit with a children (List<HierarchyNode>) field to represent the in-memory tree structure
A HierarchyServiceException sealed class hierarchy is defined covering: UnitNotFound, CyclicRelationship, DepthLimitExceeded, UnauthorizedAccess, and a generic HierarchyServiceError
An abstract HierarchyService class (or Dart interface via abstract class) is defined with method signatures: getUnit, listChildren, getFullTree, createUnit, updateUnit, deleteUnit — all returning Future or Stream types
All data classes implement copyWith, ==, hashCode, and toJson/fromJson (using json_serializable or manual implementation consistent with project conventions)
The interface file is exported from the feature's public barrel file (lib/features/hierarchy/hierarchy.dart)
All type definitions compile without errors via flutter analyze with zero warnings
A code review confirms the interface is stable enough for downstream tasks (task-002, task-003) to begin in parallel

Technical Requirements

frameworks
Dart (latest)
json_serializable (if used in project)
equatable or manual == implementation
data models
OrganizationUnit
HierarchyNode
HierarchyServiceException
performance requirements
Data classes must be immutable (all fields final) to support safe use in BLoC state and Riverpod providers
fromJson must handle null parentId gracefully (root nodes have no parent)
security requirements
organizationId must be a required, non-nullable field on OrganizationUnit to prevent cross-organization data leakage at the model level

Execution Context

Execution Tier
Tier 0

Tier 0 - 440 tasks

Implementation Notes

Define the interface contract before implementation details. The abstract HierarchyService should return typed Futures (e.g., Future, Future>) not dynamic. Use Dart's sealed classes (Dart 3+) for HierarchyServiceException to enable exhaustive switch matching downstream. OrganizationUnit.parentId being nullable is the canonical signal for a root node — document this with a comment.

Align naming conventions with the rest of the Flutter project (check existing model files for whether the project uses snake_case JSON keys with camelCase Dart fields, and match that pattern). The HierarchyNode children list enables BLoC/Riverpod state to hold a fully materialized tree without repeated database queries — this is the key architectural decision that enables efficient UI rendering of NHF's 1,400-chapter tree.

Testing Requirements

Write unit tests in test/features/hierarchy/data/models/ for: (1) OrganizationUnit.fromJson parses a valid JSON map correctly including null parentId; (2) OrganizationUnit.toJson round-trips correctly; (3) HierarchyNode children list is empty by default; (4) sealed exception classes can be matched in a switch statement without a default branch (exhaustiveness check). Tests should use flutter_test. No mocking required for this task — pure Dart data model tests only. Target 100% line coverage for the models and interface files.

Component
Hierarchy Service
service high
Epic Risks (4)
high impact medium prob security

Injecting all unit assignment IDs into JWT claims for users assigned to many units (up to 5 for NHF peer mentors, many more for national coordinators) may exceed JWT size limits, causing authentication failures.

Mitigation & Contingency

Mitigation: Store unit IDs in a Supabase session variable or a dedicated Postgres function rather than embedding them directly in the JWT payload. Use set_config('app.unit_ids', ...) within RLS helper functions querying the assignments table at policy evaluation time.

Contingency: Fall back to querying the unit_assignments table directly within RLS policies using the authenticated user ID, accepting a small per-query overhead in exchange for removing the JWT size constraint.

medium impact medium prob technical

Rendering 1,400+ nodes in a recursive Flutter tree widget may cause jank or memory pressure on lower-end devices used by field peer mentors, degrading the admin experience.

Mitigation & Contingency

Mitigation: Implement lazy tree expansion — only the root level is rendered on initial load. Child nodes are rendered on demand when the parent is expanded. Use const constructors and ListView.builder for all node lists to minimize rebuild scope.

Contingency: Add a search/filter bar that scopes the visible tree to matching nodes, reducing the visible node count. Provide a 'flat list' fallback view for administrators who prefer searching over browsing the tree.

medium impact medium prob scope

Requirements for what constitutes a valid hierarchy structure may expand during NHF sign-off (e.g., mandatory coordinator assignments per chapter, minimum member counts per region), requiring repeated validator redesign.

Mitigation & Contingency

Mitigation: Design the validator as a pluggable rule engine where each check is a discrete, independently testable function. New rules can be added without changing the core validation orchestration. Surface all rules in a configuration table per organization.

Contingency: Defer non-blocking validation rules to warning-level feedback rather than hard blocks, allowing structural changes to proceed while flagging potential issues for admin review.

high impact low prob integration

Deploying RLS policy migrations to a shared Supabase project used by multiple organizations simultaneously could lock tables or interrupt active sessions, causing downtime during production migration.

Mitigation & Contingency

Mitigation: Write all RLS policies as CREATE POLICY IF NOT EXISTS statements. Schedule migrations during off-peak hours. Use Supabase's migration preview environment to validate policies against production data shapes before applying.

Contingency: Prepare rollback migration scripts for every RLS policy. If a migration causes issues, execute the rollback immediately and re-test the policy logic in staging before reattempting.

Quick Links
All Tasks Execution Plan