Write integration tests for detection logic

epic-organizational-hierarchy-management-duplicate-detection-task-011 — Write integration tests covering the full duplicate detection pipeline: trigger fires on new activity insert, cross-hierarchy comparison identifies matching fingerprints, suspected duplicate record is created, RLS policies correctly scope data per organization, and resolution updates are persisted. Use Supabase local dev environment for test execution.

high priority high complexity testing pending testing specialist Tier 5

Acceptance Criteria

A Supabase local dev environment (supabase start) is configured and seeded with test data for two organizations

Integration test: inserting an activity with identical title/date/duration as an existing activity in the same org triggers the detection function and creates a suspected_duplicates row within 500ms

Integration test: inserting an activity with similarity score below the configured threshold does NOT create a suspected_duplicates row

Integration test: inserting an activity that matches an activity in a different organization does NOT create a suspected_duplicates row (cross-org isolation)

Integration test: admin JWT for org A can read suspected_duplicates rows for org A and receives empty result for org B

Integration test: coordinator JWT can read only their own submitted activity's duplicate rows — other rows return empty

Integration test: updateReviewStatus with confirmedDuplicate status persists status, resolved_at, and resolved_by correctly in the database

Integration test: updateReviewStatus with falsePositive status persists correctly

Integration test: a second update attempt on an already-resolved row is handled (either rejected by DB constraint or service AlreadyResolvedException)

All integration tests are runnable via a single command: `flutter test integration_test/duplicate_detection/` against local Supabase

Test setup and teardown scripts clean up inserted test data after each test to prevent state leakage between tests

Tests are documented with comments explaining the scenario being validated

Technical Requirements

frameworks

flutter_test

Flutter integration_test package

Supabase CLI (local dev)

apis

Supabase PostgREST API

Supabase Auth API (test JWTs)

PostgreSQL trigger functions

data models

suspected_duplicates

activities

organization_units

user_profiles

DuplicateDetectionConfig

performance requirements

Trigger-based duplicate detection must complete and write to suspected_duplicates within 500ms of activity insert

Full integration test suite must complete in under 5 minutes on CI

security requirements

Test JWTs must be generated with scoped org_id and role claims matching test data

Local Supabase service role key used only in test setup/teardown, never in the actual test assertions

No real user data or production credentials used in tests

Execution Context

Execution Tier

Tier 5

Tier 5 - 253 tasks

Can start after Tier 4 completes

View Full Execution Plan

Implementation Notes

Set up Supabase local with `supabase init` and `supabase start`. Use `supabase/seed.sql` to insert deterministic test organizations, users, and activities. For trigger testing, insert activities directly via the service role client in test setup and assert the suspected_duplicates table state after a brief await (Future.delayed or polling loop with timeout). For RLS testing, create two SupabaseClient instances authenticated with different test JWTs (one per org) and assert query results are scoped correctly.

Use `supabase db reset` between test runs if full isolation is needed. Document the local setup steps in a `INTEGRATION_TEST_SETUP.md` file so any developer can run tests locally.

Testing Requirements

This task IS the testing task. Tests must be written as Flutter integration tests in `integration_test/duplicate_detection/`. Use a test helper class (DuplicateDetectionTestHelper) that wraps Supabase admin client for seeding and cleanup. Each test file should have a setUpAll that seeds the local DB and a tearDownAll that removes test data.

Group tests by concern: trigger tests, RLS tests, resolution workflow tests. Use expect() with meaningful failure messages. Add a CI step in the project's GitHub Actions (or equivalent) workflow that runs `supabase start` and then executes the integration tests.

Component

Duplicate Activity Detector

infrastructure high

Dependencies (1)

Implement the DuplicateActivityDetectorService in Dart that wraps the repository and provides business logic: loading pending duplicates for admin review, submitting resolution decisions (confirmed duplicate vs false positive), and reading detection configuration. Expose as a Riverpod provider for consumption by UI and BLoC layers. epic-organizational-hierarchy-management-duplicate-detection-task-010

Epic Risks (3)

medium impact high prob technical

Fingerprint-based similarity matching may produce high false-positive rates for common activity types (e.g., weekly group sessions with the same participants), causing alert fatigue among coordinators and undermining trust in the detection system.

Mitigation & Contingency

Mitigation: Start with conservative, high-confidence thresholds (exact peer mentor match + same date + same activity type) before adding looser fuzzy matching. Allow NHF administrators to tune thresholds based on observed false-positive rates. Log all detection decisions for retrospective threshold calibration.

Contingency: Introduce a snooze mechanism allowing coordinators to dismiss false positives for a configurable period. Track dismissal rates per activity type and automatically raise the similarity threshold for activity types with high dismissal rates.

medium impact medium prob technical

A database trigger on the activities insert path adds synchronous overhead to every activity registration. For HLF peer mentors with 380 annual registrations or coordinators doing bulk proxy registration, this could create perceptible latency or lock contention.

Mitigation & Contingency

Mitigation: Implement the trigger as a DEFERRED constraint trigger (fires after the transaction commits) or replace it with a LISTEN/NOTIFY pattern that queues detection work asynchronously via an Edge Function, completely decoupling detection from the registration write path.

Contingency: Disable the synchronous trigger entirely and rely solely on the scheduled Edge Function for batch detection. Accept a detection delay of up to the scheduling interval (e.g., 15 minutes) in exchange for zero impact on registration latency.

medium impact medium prob dependency

The duplicate detection logic must be validated and approved by NHF before go-live, including agreement on threshold values and the review workflow. NHF stakeholder availability for sign-off may delay this epic's release independently of technical readiness.

Mitigation & Contingency

Mitigation: Gate the feature behind the NHF-specific feature flag so technical deployment can proceed independently of business approval. Involve an NHF administrator in threshold calibration sessions during QA, reducing the formal sign-off surface to policy and workflow rather than technical details.

Contingency: Release the detection system in 'silent mode' — flagging duplicates internally without surfacing notifications to coordinators — until NHF approves the workflow. Use the silent period to collect real data on false-positive rates and refine thresholds before activating notifications.

Quick Links

All Tasks Execution Plan