# Navi Full Platform Demo Access Report Date: 2026-05-05 Branch: `wave1/full-platform-demo-access-and-reflection` ## 1. Executive Summary This slice makes demo access safer and more operationally useful. Demo accounts are seeded through a dedicated `pnpm seed:demo` command, use normal authentication, and are hidden unless demo mode is explicitly enabled. The dashboard and mobile login screens now expose demo role switchers only in demo-safe environments. RBAC seed data was tightened so Admin no longer has wildcard access; Super Admin remains full access. The platform is more connected for catalog search, suggestions, saved/favorites, trip generation, and engagement analytics. It is not yet fully production-ready across every listed module because partner applications, real payments, pharmacy prescription privacy, driver assignment, and full provider order fulfillment are still partial or missing. ## 2. Demo Users Created Demo users are created by: ```bash DEMO_USER_PASSWORD='...' pnpm seed:demo ``` Users: - `superadmin@navi.demo` — Super Admin - `admin@navi.demo` — Admin - `support@navi.demo` — Support Agent - `tourist@navi.demo` — Tourist User - `premium@navi.demo` — Premium User - `hotel.owner@navi.demo` — Partner Owner - `restaurant.owner@navi.demo` — Partner Owner - `pharmacy.owner@navi.demo` — Partner Owner - `grocery.owner@navi.demo` — Partner Owner - `taxi.owner@navi.demo` — Partner Owner - `sim.owner@navi.demo` — Partner Owner - `provider.manager@navi.demo` — Provider Manager - `provider.staff@navi.demo` — Provider Staff - `driver@navi.demo` — Driver / Delivery Partner The committed code does not contain a demo password. ## 3. Role And Permission Matrix Detailed matrix: `docs/audit/NAVI_ROLE_PERMISSION_DEMO_MATRIX.md`. Completed in this slice: - Seeded requested permission aliases such as `admin.report.read`, `provider.order.read.own`, `driver.order.update.assigned`, and Super Admin system permissions. - Added `PARTNER_OWNER`, `PROVIDER_MANAGER`, `PROVIDER_STAFF`, and `DRIVER` role codes. - Removed wildcard from `ADMIN`. - Preserved wildcard and explicit Super Admin system keys for `SUPER_ADMIN`. - Ensured authenticated dashboard-capable roles can load `/v1/users/me/access`. ## 4. APIs Verified Verified locally: - `POST /v1/auth/login` works for seeded demo accounts. - `GET /v1/users/me/access` returns roles, permissions, and memberships for demo users. - `GET /v1/home` returns real home content. - `GET /v1/search?q=desert` returns real suggestions/results. - `POST /v1/engagement/events` records behavior. - `GET /v1/engagement/dashboard` returns behavior analytics with admin token. - `POST /v1/trip-planner/generate` creates a real trip for tourist user. ## 5. Database Models Verified Confirmed present in Prisma schema: `User`, `UserCredential`, `Session`, `Role`, `Permission`, `RolePermission`, `UserRole`, `Business`, `UserMembership`, `Listing`, `Room`, `Category`, `Destination`, `EmergencyNumber`, `Booking`, `Order`, `PaymentIntent`, `Refund`, `Payout`, `SavedItem`, `EngagementEvent`, `Trip`, `TripStep`, `Review`, `SupportTicket`, `TicketMessage`, `AuditLog`, `ContentTranslation`, `ContentAsset`, `MarketingPage`, `OnboardingPage`, `TranslationJob`, `FeatureFlag`, `WebhookEvent`, `IdempotencyRecord`. Missing or incomplete versus requested model list: - `PartnerApplication` - Dedicated `Provider` model separate from `Business` - Dedicated `Hotel`, `Experience`, `Restaurant`, `MenuItem`, `Product`, `SIMPlan` models - Dedicated `UploadFile` - Dedicated `Notification` - Dedicated `OrderItem` ## 6. Mobile Flows Verified Code paths verified by typecheck/lint and API checks: - Login uses real API. - Demo mobile login uses real API when `EXPO_PUBLIC_DEMO_MODE=true`. - Home reads backend home content. - Discover reads backend search/suggestions. - Saved/favorites write `SavedItem` and `EngagementEvent`. - Trip planner writes `Trip`, `TripStep`, and `EngagementEvent`. Manual simulator proof is still recommended for iOS and Android after setting API URL/demo env. ## 7. Website Flows Verified Existing pages: - `/[locale]` - `/[locale]/about` - `/[locale]/contact` - `/[locale]/destinations` - `/[locale]/partners` - `/[locale]/privacy` - `/[locale]/terms` - `/[locale]/tourists` Website partner application submission is not yet real because the `PartnerApplication` model/API is missing. ## 8. Dashboard Flows Verified Completed/verified: - Demo switcher on login page, demo-mode only. - `/demo-access` page for Super Admin demo visibility. - `/engagement` reflects real search/click/save/trip behavior data. - Users, roles, permissions, businesses, listings, bookings, payments, payouts, refunds, reports, audit logs, content pages exist. Still partial: - Many pages are read-focused. - Create/edit workflows are not complete for every operational module. ## 9. Provider Flows Verified Provider demo users are seeded with business memberships. Provider-scoped read APIs rely on `applyScope` and memberships where implemented. Still partial: - Provider listing create/update flow. - Provider order and booking status update flow. - Provider reports beyond basic dashboard overview. ## 10. Staff And Driver Flows Verified Provider Manager, Provider Staff, and Driver demo users are seeded with role codes and memberships. Still partial: - Assigned operational item model is missing. - Driver can be permissioned, but assigned-job filtering needs an assignment table/API. ## 11. Super Admin Flows Verified Super Admin demo user has wildcard and explicit system permissions. Dashboard `/demo-access` is gated by `superadmin.system.manage`. ## 12. Dashboard Reflection Proof Search/suggestion/listing/save/trip behavior now writes `EngagementEvent` and appears in dashboard `/engagement`. Examples verified: - Search `desert` created `search.performed`. - Demo behavior event created `search.suggestion_clicked`. - Trip generation created `trip.generated`. ## 13. Audit Log Proof Existing audited actions include booking create and refund request/approve via `@Audited`. Still partial: - Registration, login failure, saved item, trip generation, admin content edits, provider listing edits, and role changes need stronger audit writes before production. ## 14. Tests Added Added: - `apps/api/test/demo/demo-access-contract.spec.ts` This verifies demo mode production safety and safe `@navi.demo` account definitions. ## 15. Commands Run ```bash git status --short --branch git branch --show-current pnpm typecheck pnpm lint pnpm test pnpm --filter @navi/api prisma:seed DEMO_USER_PASSWORD='Password123!' pnpm seed:demo curl /v1/auth/login curl /v1/users/me/access curl /v1/home curl /v1/search?q=desert curl /v1/engagement/dashboard curl /v1/trip-planner/generate ``` Final check results are recorded in the final response for this branch. ## 16. Screenshots If UI Changed UI changed: - Dashboard login demo switcher. - Dashboard `/demo-access`. - Mobile login demo role buttons. Screenshots were not captured in this slice; visual QA should capture them after running dashboard/mobile with demo env enabled. ## 17. Known Issues P0 before production: - Real payments and webhooks are not complete. - Partner application model/API/review workflow is missing. - Pharmacy prescription upload privacy flow is missing. P1 before strong demo: - Provider create/update listing flow is partial. - Order module and dedicated dashboard reflection are partial. - Driver assignment model/API is missing. - Dashboard create/edit pages are incomplete for many modules. - Audit logs need broader sensitive-action coverage. ## 18. Production Risks - Demo public env variables must never be enabled for a real production environment. - Admin no longer has wildcard in seed, but existing seeded DBs must rerun `prisma:seed` to remove wildcard from Admin. - Provider/staff/driver permissions need assignment-level data models to be fully enforceable. ## 19. What Must Be Fixed Before Demo 1. Run base seed and demo seed with a known demo password. 2. Start API, dashboard, website, and mobile with correct local API URL. 3. Capture dashboard and mobile screenshots for demo login and engagement reflection. 4. Implement or hide partner application CTA until backend exists. 5. Implement or clearly disable payment checkout. ## 20. What Can Wait For Next Wave - Full content CMS. - Rich provider reports. - Notification center. - Full AI provider queue/cost controls. - App store production hardening. ## Release Readiness Score Current score: `6/10` for demo foundation. Reason: demo access and engagement reflection are now strong, but key production modules remain partial.