{"id":"bumpgrade-android-mobile-admin-source-data","generatedFrom":"src/lib/mobile-admin-android.ts","updatedAt":"2026-05-19","platform":"android","issue":68,"parentIssue":13,"featureId":"feature-mobile-admin","status":"emulator-smoke-ready","appPath":"apps/mobile-admin","sourceContractRoute":"/mobile-admin/source-data","sourceDataRoute":"/mobile-admin/android/source-data","fixturePath":"apps/mobile-admin/fixtures/mobile-admin-contract.json","androidAssetPath":"apps/mobile-admin/android/src/main/assets/mobile-admin-contract.json","expoEntrypoint":"apps/mobile-admin/src/App.tsx","nativeProjectPath":"apps/mobile-admin/android","nativePackage":"com.bumpgrade.mobileadmin","defaultAvd":"MusicWebs_API_36","smokeCommand":"npm run mobile:android:smoke","validationCommand":"npm run mobile:android:validate","screenshotPath":"/pr-screenshots/issue-68-android-mobile-admin-emulator.png","dashboardPanelIssue":155,"liveHydrationIssue":157,"liveDashboardUrl":"https://bumpgrade.com/mobile-admin/dashboard/source-data","directorDigest":{"route":"/admin/director/source-data","dashboardField":"directorDigest","redactionBoundary":"The Android app foundation reads only public-safe Director workstream IDs, titles, statuses, compact signals, and 1-day/7-day counts from the live dashboard payload."},"privateAuth":{"issue":414,"status":"owner-session-contract-ready","sessionRoute":"/api/auth/[...all]","loginRoute":"/login","callbackSurface":"/admin/director","deniedStates":["signed_out","not_allowlisted","email_unverified","session_unavailable"]},"privateRowsApi":{"issue":414,"status":"owner-mobile-private-rows-ready","route":"/api/mobile-admin/private-rows","authBoundary":"owner-session","readBoundary":"The endpoint returns owner-only private row notes and synthetic private payload metadata only to authenticated owners. Public mobile source-data exposes route, status, counts, public row labels, and redaction flags without owner-only notes, private payload JSON, owner email values, session IDs, cookies, tokens, or raw rows."},"privateRowActionsApi":{"issue":428,"status":"owner-mobile-private-row-actions-ready","route":"/api/mobile-admin/private-rows/actions","authBoundary":"owner-session","actionBoundary":"The endpoint mutates only private-row workflow state after exact confirmation, idempotency, stale row revision, stale-state token, and audit-correlation checks. It creates no billing mutation, commerce mutation, publishing mutation, push notification, distribution state change, moderation action, creator-speech action, or public agent write."},"directorReviewApi":{"issue":414,"status":"owner-mobile-director-review-ready","route":"/api/mobile-admin/director-reviews","authBoundary":"owner-session","reviewBoundary":"The endpoint records low-risk production owner review state after exact confirmation, idempotency, current Director source-revision checks, stale-state token checks, and audit correlation. It changes only Director review state and creates no billing mutation, publishing mutation, push notification, distribution state change, public agent write, or private-row change."},"commerceReviewApi":{"issue":414,"status":"owner-mobile-commerce-review-ready","route":"/api/mobile-admin/commerce-reviews","authBoundary":"owner-session","reviewBoundary":"The endpoint records low-risk owner commerce review state after exact confirmation, idempotency, current commerce source-revision checks, stale-state token checks, and audit correlation. It changes only commerce review state and creates no billing mutation, refund, subscription change, price change, fulfillment change, entitlement change, push notification, distribution state change, public agent write, or private-row change."},"actionIntentApi":{"issue":414,"status":"owner-mobile-action-intent-ready","route":"/api/mobile-admin/actions","authBoundary":"owner-session","intentBoundary":"The endpoint records redacted action intent evidence only. It creates no production admin mutation, billing mutation, push notification, distribution state change, private mobile row exposure, or direct public agent write."},"pushNotificationBoundary":{"issue":414,"status":"push-boundary-ready","sendCapability":"disabled-provider-contract-required","requiredProvider":{"platform":"android","provider":"FCM","credentialBoundary":"FCM server keys, service account JSON, sender IDs, device tokens, and push payloads must stay out of public source-data and fixture files.","requiredEvidence":["FCM provider choice and credential storage path","Android package and google-services configuration proof","Device-token registration contract","Owner-confirmed send preflight with idempotency and audit correlation"]},"blockedBy":["No APNs credential plumbing is present in the repo.","No FCM credential plumbing is present in the repo.","No private device-token registration contract exists yet.","No owner-confirmed push send preflight or provider-call API exists yet."],"redactionFlags":["apnsCredentialsIncluded=false","fcmCredentialsIncluded=false","deviceTokensIncluded=false","recipientIdentifiersIncluded=false","pushPayloadBodiesIncluded=false","providerResponsesIncluded=false","queueRowsIncluded=false","deliveryReceiptsIncluded=false","pushNotificationsSent=false"]},"distributionReadiness":{"issue":414,"status":"distribution-boundary-ready","installableDistributionClaim":false,"platformEvidence":{"platform":"android","currentEvidence":"The Android app foundation has an emulator smoke target and screenshots, but physical-device proof is parked because no Android device is attached.","requiredBeforeClaim":["Attached Android physical device or explicit emulator-only acceptance decision","Release signing and package identity decision","Play Console/internal testing distribution path","Private-row/auth smoke proof labeled as emulator, physical device, or distribution evidence"],"blockedBy":["adb currently reports no attached physical Android devices in the project blocker audit."]},"redactionFlags":["signingCredentialsIncluded=false","provisioningProfilesIncluded=false","keystoreMaterialIncluded=false","storeAccountIdentifiersIncluded=false","privateTesterListsIncluded=false","physicalDevicePrivateRowsIncluded=false","appStoreDistributionLive=false","playStoreDistributionLive=false"]},"confirmedActions":[{"id":"mobile-confirm-review-agent-work","issue":414,"status":"owner-director-review-api-ready","surface":"Owner-attention and work-log inbox","requiredInputs":["actorUserId","role","workstreamId","expectedDirectorGeneratedAt","idempotencyKey","staleStateToken","auditCorrelationId"]},{"id":"mobile-confirm-commerce-health-review","issue":414,"status":"owner-commerce-review-api-ready","surface":"Commerce health summary","requiredInputs":["actorUserId","role","reviewTargetId","expectedCommerceGeneratedAt","idempotencyKey","staleStateToken","auditCorrelationId"]},{"id":"mobile-confirm-commerce-change","issue":414,"status":"future-api-required","surface":"Commerce health summary","requiredInputs":["actorUserId","role","priceId","amount","currency","idempotencyKey","staleStateToken","auditCorrelationId"]}],"reads":[{"id":"android-read-mobile-contract-fixture","route":"/mobile-admin/source-data","fixturePath":"apps/mobile-admin/fixtures/mobile-admin-contract.json","purpose":"The Expo entrypoint and native Android activity render the mobile admin digest from the checked-in fixture generated from the shared source-data contract when live hydration is unavailable."},{"id":"android-read-live-mobile-dashboard","route":"/mobile-admin/dashboard/source-data","fixturePath":null,"purpose":"The Expo entrypoint and native Android activity fetch the live public-safe mobile dashboard contract, render its Director workstream brief, and distinguish live network hydration from fixture fallback."},{"id":"android-read-director-workstreams","route":"/admin/director/source-data","fixturePath":null,"purpose":"The live dashboard payload carries a redacted Director workstream digest so the Android app foundation can show CEO-style nesting without scraping the private admin page."},{"id":"android-read-mobile-private-rows","route":"/api/mobile-admin/private-rows","fixturePath":null,"purpose":"A verified owner can inspect read-only Mobile Admin private rows through the shared Better Auth owner session without exposing owner-only notes or private payloads in public source-data."},{"id":"android-record-mobile-private-row-action","route":"/api/mobile-admin/private-rows/actions","fixturePath":null,"purpose":"A verified owner can mark private rows read or deferred after exact confirmation, idempotency, stale row revision, stale-state token, and audit-correlation checks."},{"id":"android-record-mobile-director-review","route":"/api/mobile-admin/director-reviews","fixturePath":null,"purpose":"A verified owner can acknowledge a Director workstream after exact confirmation, idempotency, current Director generated-at checks, stale-state token checks, and audit correlation."},{"id":"android-record-mobile-commerce-review","route":"/api/mobile-admin/commerce-reviews","fixturePath":null,"purpose":"A verified owner can acknowledge commerce-health source-data after exact confirmation, idempotency, current commerce revision checks, stale-state token checks, and audit correlation."},{"id":"android-record-mobile-action-intent","route":"/api/mobile-admin/actions","fixturePath":null,"purpose":"A verified owner can record audit-only mobile action intent evidence after exact confirmation, idempotency, contract revision, stale-state token, source-route, and audit-correlation checks."},{"id":"android-read-mobile-push-boundary","route":"/mobile-admin/source-data","fixturePath":"apps/mobile-admin/fixtures/mobile-admin-contract.json","purpose":"The Android app foundation renders the FCM push-notification readiness boundary while sends, device tokens, provider credentials, payload bodies, and delivery receipts remain disabled and redacted."},{"id":"android-read-mobile-distribution-boundary","route":"/mobile-admin/source-data","fixturePath":"apps/mobile-admin/fixtures/mobile-admin-contract.json","purpose":"The Android app foundation renders the distribution boundary that separates emulator proof from physical-device, internal testing, and Play Store claims."},{"id":"android-read-admin-source-next","route":"/admin/source-data","fixturePath":null,"purpose":"The next Android slice should replace or supplement the generated fixture with live public-safe admin source-data reads."}],"writeBoundary":"Read-only private rows can be inspected through /api/mobile-admin/private-rows, low-risk private-row workflow actions can be recorded through /api/mobile-admin/private-rows/actions, Director workstream acknowledgements can be recorded through /api/mobile-admin/director-reviews, commerce-health acknowledgements can be recorded through /api/mobile-admin/commerce-reviews, and audit-only action intents can be recorded through /api/mobile-admin/actions. Android now renders the shared Director workstream brief, owner-session, private-row API, private-row action API, Director review API, commerce review API, action-intent API, push-notification boundary, distribution-readiness boundary, and confirmed-action contract, but public, billing-impacting, fulfillment, publishing, source-editing, moderation, creator-speech, push sends, distribution, and high-risk production mutations stay disabled until additional domain-specific confirmed-write APIs and platform evidence exist.","caveat":"This source-data route proves the Android app foundation, emulator smoke path, live dashboard hydration, redacted Director workstream digest, owner-session/private-row/private-row-action/Director-review/commerce-review/confirmed-action UI contract, audit-only action-intent route, FCM readiness boundary, and distribution boundary. It does not mean Play Store/internal-testing distribution, push notifications, physical-device private row proof, or high-risk production write actions are live."}