🏠 Overview › ✅ Implementation Tasks ›✅ epic-pause-status-notifications-backend-pipeline-task-010

Connect webhook handler to orchestrator

epic-pause-status-notifications-backend-pipeline-task-010 — Wire the pause status webhook handler to invoke the Pause Notification Orchestrator after successful payload validation and transition detection. Pass the resolved TransitionEvent and mentor ID, handle orchestrator errors by returning HTTP 500 with structured error details, and confirm the synchronous response contract satisfies Supabase webhook retry semantics.

critical priority low complexity integration pending integration specialist Tier 6

Acceptance Criteria

After successful payload validation and transition detection, the webhook handler calls `orchestrator.run(transitionEvent, mentorId)` synchronously before returning an HTTP response.
On orchestrator success, the handler returns HTTP 200 with a structured JSON body: `{ success: true, notifiedRecipients: string[] }`.
On orchestrator error (caught exception), the handler returns HTTP 500 with body: `{ success: false, error: { code: string, message: string } }` — never exposing internal stack traces.
HTTP 500 responses trigger Supabase webhook automatic retry — this behavior is documented and intentional.
HTTP 200 responses prevent retry — the handler must not return 200 if orchestration failed silently.
Non-transition events (old_status === new_status) already filtered by transition detection step continue to return HTTP 200 with `{ success: true, skipped: true }` without invoking orchestrator.
The wiring does not change the existing validation or transition detection logic — only adds the orchestrator call at the correct point in the handler flow.
End-to-end latency from webhook receipt to HTTP response is under 5 seconds (SLA validation).
Handler logs the full pipeline execution summary returned by the orchestrator (recipients notified, channels used, duration).
Webhook handler is idempotent: duplicate webhook deliveries for the same status change produce duplicate notification records but do not crash the pipeline.

Technical Requirements

frameworks
Supabase Edge Functions (Deno)
apis
Supabase Realtime (webhook trigger source)
Supabase Edge Functions (Deno) REST entry point
data models
assignment
performance requirements
Total end-to-end webhook handler execution under 5000ms including all orchestrator steps.
No unnecessary await chains — parallelism from task-009 must be preserved through the call stack.
security requirements
Webhook endpoint must validate the Supabase webhook secret header before invoking any logic — reject with HTTP 401 if missing or invalid.
Error responses must never include database error messages, stack traces, or internal identifiers that could aid enumeration attacks.
Webhook handler runs with service role permissions — confirm that no user-controlled input reaches raw SQL construction.

Execution Context

Execution Tier
Tier 6

Tier 6 - 158 tasks

Can start after Tier 5 completes

Implementation Notes

The wiring is minimal — this task is essentially two lines of code plus error handling: `const result = await orchestrator.run(event, mentorId); return new Response(JSON.stringify({ success: true, ...result }), { status: 200 })` wrapped in try/catch. The critical discipline here is the HTTP contract: return 500 on any orchestrator failure to leverage Supabase's built-in retry, and return 200 only on genuine success or intentional skip. Document this contract in a comment in the handler. For idempotency concerns, note that Supabase webhook retries are rare but possible — the orchestrator should be designed to handle duplicate invocations gracefully (duplicate in-app records are acceptable; a deduplication key on notifications table is a future enhancement).

Testing Requirements

Unit tests: mock orchestrator and verify (a) successful orchestration returns HTTP 200 with correct body, (b) orchestrator exception returns HTTP 500 with sanitized error body, (c) non-transition skipped event returns HTTP 200 with skipped=true and does not call orchestrator. Integration test: fire a real database update via Supabase test client and verify the Edge Function is triggered, executes end-to-end, and returns HTTP 200 within 5 seconds. Verify retry behavior by returning HTTP 500 once and confirming Supabase retries the webhook. Assert no stack traces appear in error response bodies.

Component
Pause Status Webhook Handler
infrastructure low
Dependencies (2)
Implement the logic that determines transition direction from the old and new status column values. Detect active→paused (pause event) and paused→active (resume event) transitions, ignore non-status-change updates, and map the transition to a typed TransitionEvent enum passed to the orchestrator. epic-pause-status-notifications-backend-pipeline-task-004 Wire the in-app notification channel into the orchestrator alongside the FCM push channel. Insert notification records into the in-app notifications table for both coordinator and peer mentor, ensure records are properly typed with pause or resume event metadata, and confirm that both channels are dispatched in parallel for the 5-second SLA. epic-pause-status-notifications-backend-pipeline-task-009
Epic Risks (3)
medium impact medium prob technical

Supabase Edge Functions have cold start latency that may push coordinator notification delivery beyond the 5-second SLA, particularly during low-traffic periods when the function is not warm.

Mitigation & Contingency

Mitigation: Keep the Edge Function lightweight — delegate all heavy logic to the orchestrator layer and avoid large dependency bundles. Measure p95 end-to-end latency in staging and document actual SLA achievable.

Contingency: If cold start latency consistently breaches 5 seconds, introduce a keep-warm ping from the nightly-scheduler or document the actual p95 latency in the feature spec and adjust the acceptance criterion to reflect the realistic bound.

medium impact medium prob technical

Supabase database webhooks may fire duplicate events for a single status change under retry conditions, causing coordinators to receive multiple identical notifications for one pause event.

Mitigation & Contingency

Mitigation: Add idempotency checking in the webhook handler using the event timestamp and peer mentor ID. Store a notification dispatch record in the pause-status-record-repository and skip dispatch if a record for the same event already exists.

Contingency: If duplicates slip through in production, add a de-duplication filter in the notification centre UI layer so the coordinator sees at most one card per event, and implement a cleanup job for the notifications table.

medium impact low prob scope

A peer mentor with multi-chapter membership may have more than one responsible coordinator. The orchestrator design currently targets a single coordinator, and resolving multiple recipients may require schema changes to the org membership query.

Mitigation & Contingency

Mitigation: Review the multi-chapter-membership-service patterns before implementing the orchestrator's coordinator resolution. Design the dispatcher call to accept an array of coordinator IDs from the outset so adding multiple recipients is non-breaking.

Contingency: If multi-coordinator dispatch is out of scope for this epic, document the limitation and create a follow-up task. Default to the primary coordinator (lowest chapter hierarchy level) as the single recipient in the interim.

Quick Links
All Tasks Execution Plan