# Zavvion Events Lite Launch Developer Brief Prepared: 2026-05-25 Branch: `codex-lite-launch-slice` Purpose: give the human architect a narrow, deploy-within-a-day slice for the first public ticket-selling release. ## Product Goal Lite Launch v1 should let the platform start selling real event tickets with only the essential actors: - Public visitor / customer: browse, select tickets/seats, pay online, receive/view tickets. - Organiser owner/admin: create events, configure venues/tickets, connect payment readiness, and review basic finance. - Platform admin: approve/monitor organisers, events, orders, payments, fees, tax, Stripe readiness, health, and public presentation. Everything else remains future scope and should not block this release unless it affects the above flows. ## What This Branch Changes - Login now presents and routes only the launch actors. - Organiser console hides/deactivates cashier, scanner, event-manager, staff, marketing, merchandise, and box-office launch surfaces. - Admin console is constrained to launch-critical routes. - MVP profile walkthrough now shows only visitor, customer, organiser, and platform admin. - Backend Lite Launch guards block standalone deferred-role accounts and deferred operational APIs while `APP_LAUNCH_PROFILE=ticket-selling-v1`. - Reusable venue seat maps now own customer reference PDF/image uploads through `seat_map_media`; venues may have many seat maps, and each event selects the exact seat map to use. - Documentation and regression tests describe the Lite Launch profile restrictions. These changes intentionally hide later-stage workflows rather than deleting them. ## Files To Review First - `docs/lite-launch-v1.md` - `docs/lite-launch-developer-brief.md` - `public/login.html` - `public/assets/js/login-page.js` - `public/organiser.html` - `public/assets/js/organiser-page.js` - `public/admin.html` - `public/assets/js/admin-page.js` - `public/mvp-profiles.html` - `public/assets/js/mvp-profiles-page.js` - `public/mvp.php` - `tests/LiteLaunchProfileTest.php` - `tests/RoleProfileAccessGuardTest.php` - `tests/CustomerRoleCommentResolutionTest.php` ## Required Pre-Deploy Checks Run these in the served deployment copy after `composer install` has populated `vendor/`: For commercial staging/production, use `.env.staging.example` or `.env.production.example` as the starting template and replace every placeholder outside Git. For local XAMPP only, `.env.example` remains the safer default. The exact remaining launch procedure is in `docs/commercial-launch-readiness.md`. ```powershell C:\xampp\php\php.exe -l public\index.php C:\xampp\php\php.exe -l public\mvp.php C:\xampp\php\php.exe composer.phar validate --strict C:\xampp\php\php.exe composer.phar audit C:\xampp\php\php.exe vendor\bin\phpunit C:\xampp\php\php.exe bin\check-mvp-smoke --base-url=http://localhost/zavvion-events/public C:\xampp\php\php.exe bin\check-local-live-run --base-url=http://localhost/zavvion-events/public C:\xampp\php\php.exe bin\check-stripe-readiness C:\xampp\php\php.exe bin\check-deployment-readiness C:\xampp\php\php.exe bin\check-frontend-links --base-url=http://localhost/zavvion-events/public ``` If `vendor/autoload.php` is missing, install dependencies before interpreting smoke-test failures. ## Manual Functional Test Matrix ### Public / Customer - Open `home.html`, `events.html`, and an event detail page. - Confirm public event browsing works without login. - Select tickets and reserved seats where available. - Confirm the hold timer shows a maximum 15-minute hold from the latest server hold, not per-ticket multiplied time. - Confirm public checkout never shows cash, external terminal, manual counter payment, or box-office payment. - Confirm Terms and Conditions acceptance is required. - Confirm totals and currency come from server responses. - Confirm paid tickets are not issued from browser redirect alone. - Log in as customer and verify account/ticket wallet surfaces. ### Organiser - Log in as `organiser@zavvion.test`. - Confirm visible routes are limited to dashboard, events, new event, venues, ticketing, finance, and profile. - Create or edit an event. - Set city, country, currency, timezone, venue/address, tickets, and publication details. - Confirm hidden legacy routes do not appear in the sidebar. - Directly try hashes such as `#box-office`, `#checkin`, `#marketing`, `#staff`, and confirm the UI redirects or blocks them in this branch. - Directly try deferred operational APIs such as `/api/v1/scanner/validate` and `/api/v1/organiser/box-office/sale`; they should return `403 launch_profile_deferred` while the Lite Launch profile is active. - Review Stripe/payment readiness messaging. ### Platform Admin - Log in as `admin@zavvion.test`. - Confirm visible routes are limited to launch-critical admin areas. - Review organiser approval/monitoring. - Review events, orders, payments, finance, fees, taxes, webhooks, health, and settings. - Confirm `platform_super_admin` assignment/editing remains protected. - Confirm fee policy model remains one global country policy plus optional event override, with no priority conflict UI. ### Deferred Roles - Attempt login using cashier, scanner, and event-manager demo accounts only as a negative test. - Confirm they do not get usable launch workspaces in this branch. - Confirm hidden menus are not treated as the only security control; backend RBAC and the Lite Launch API guard should still be tested separately. ## Stripe And Payment Readiness Before real paid sales: - Configure Stripe test secret/public keys. - Configure webhook signing secret. - Configure connected account flow for organiser payouts. - Run a real Stripe test purchase end to end. - Confirm webhook completion, not browser redirect, issues tickets. - Confirm payment, order, ticket, fee, tax, and ledger values reconcile. Do not enable live payments until the above is verified on the deployment server. ## Known Limitations - The richer MVP modules are still present in the codebase for later releases. - This branch is a UI/profile-surface reduction, not a deletion of future modules. - `APP_LAUNCH_PROFILE=ticket-selling-v1` keeps deferred operational APIs closed for this branch. Do not set it to a broader profile unless a later release explicitly reopens those modules and reruns RBAC tests. - The production launch gate now treats any production/staging deployment with a broader launch profile as blocked until `APP_LAUNCH_PROFILE=ticket-selling-v1` is restored for this commercial light package. - Server-side permission tests should still be rerun by the human architect. - Real-device mobile/scanner QA is deferred because scanner is not part of Lite Launch v1. ## Recommended Human Architect Review 1. Confirm the Lite Launch branch is the intended deployment branch. 2. Run `composer install` if `vendor/` is absent. 3. Run the command suite above. 4. Verify the three primary workflows manually. 5. Configure Stripe in test mode. 6. Run one complete public purchase with webhook completion. 7. Confirm organiser payout/connected-account readiness before live launch. 8. Confirm production `.env`, `APP_DEBUG=false`, secrets, mail, SSL, and database backups are ready. ## Codex Final Validation Evidence Latest local validation on 2026-05-25 against branch `codex-lite-launch-slice`: - PHP syntax passed for `public/index.php`, `public/mvp.php`, and changed Lite Launch tests. - JavaScript syntax passed for `login-page.js`, `organiser-page.js`, `admin-page.js`, `mvp-profiles-page.js`, and `checkout-page.js`. - `composer validate --strict` passed using the XAMPP Composer PHAR. - `composer audit --locked` passed with no vulnerability advisories when network access was allowed. - PHPUnit passed in the working copy: 678 tests, 2482 assertions. - `bin/check-frontend-links` passed: 423 links checked, 0 issues, 0 warnings. - `bin/check-mvp-smoke` returned one local warning for missing `.env`; no criticals. - `bin/check-local-live-run` returned warnings for fee/tax seed coverage and paid completion needing Stripe test credentials or explicit local mock mode outside production. - `bin/check-deployment-readiness` returned warnings for production env/secrets, ClamAV/media scanning, and Stripe setup; no criticals. - `bin/check-stripe-readiness` is not ready because test Stripe keys, webhook signing secret, and connected organiser account are not configured yet.