{
  "generatedAt": "2026-07-01T06:54:50.762Z",
  "mode": "dry-run",
  "apply": false,
  "status": "dry-run ready - true SharePoint sites still require owner/admin apply decision",
  "purpose": "Owner/admin packet for creating true SharePoint worker and creator sites without confusing them with the existing document-library portal folders.",
  "currentTruth": {
    "azureStaticWebApp": "https://agreeable-mushroom-05c98dd1e.7.azurestaticapps.net",
    "dnsStatus": "custom domains verified",
    "trueSharePointSites": "not created in current verified evidence",
    "currentFoldersAreSites": false,
    "currentFolderEvidence": [
      {
        "area": "workers",
        "mode": "current SharePoint document-library folder",
        "url": "https://ravefocus.sharepoint.com/Shared%20Documents/website%20-%20quest%20center/worker%20portal%20-%20workers",
        "purpose": "Worker docs, launch proof, and forms/list handoff notes while the Azure app remains the running portal.",
        "status": "exists as portal handoff/storage folder; not a separate SharePoint site"
      },
      {
        "area": "creators",
        "mode": "current SharePoint document-library folder",
        "url": "https://ravefocus.sharepoint.com/Shared%20Documents/website%20-%20quest%20center/creator%20portal%20-%20creators",
        "purpose": "Creator docs, launch proof, intake handoff notes, and creator-safe onboarding context.",
        "status": "exists as portal handoff/storage folder; not a separate SharePoint site"
      },
      {
        "area": "admin",
        "mode": "current SharePoint quest-center folder",
        "url": "https://ravefocus.sharepoint.com/Shared%20Documents/website%20-%20quest%20center",
        "purpose": "Launch archive, setup packet, proof reports, dashboard handoff, and private admin setup evidence.",
        "status": "active launch archive and fallback package location"
      }
    ],
    "sharepointListsMapped": 32,
    "workerFacingListsMapped": 15,
    "authOwnerActions": 7
  },
  "siteTargets": [
    {
      "area": "workers",
      "title": "ravefocus workers",
      "sitePath": "/sites/ravefocus-workers",
      "siteUrl": "https://ravefocus.sharepoint.com/sites/ravefocus-workers",
      "futureDomain": "https://workers.ravefocus.com",
      "appUrl": "https://agreeable-mushroom-05c98dd1e.7.azurestaticapps.net/workers",
      "audience": "approved workers only",
      "template": "modern communication site",
      "templateHint": "SITEPAGEPUBLISHING#0 or PnP CommunicationSite",
      "ownerRequirement": "tenant/sharepoint admin must choose the owner UPN at apply time",
      "status": "not verified as created; latest connector check returned 404 before this packet was generated",
      "pages": [
        "home",
        "quest hub",
        "forms center",
        "proof + payout",
        "guides + keys",
        "admin/owner-only links"
      ],
      "libraries": [
        "worker onboarding",
        "proof intake",
        "quest evidence",
        "public guides - read first"
      ],
      "permissionRules": [
        "workers get read/access only after Microsoft auth role assignment is tested",
        "admin/owner retains full control",
        "workers submit proof through role-safe forms/links and should not browse the proof vault"
      ],
      "keepOut": [
        "passwords or recovery codes",
        "billing, bank, card, payout, or pay review records",
        "private fan/customer records",
        "private creator records",
        "compliance/ID/legal records"
      ]
    },
    {
      "area": "creators",
      "title": "ravefocus creators",
      "sitePath": "/sites/ravefocus-creators",
      "siteUrl": "https://ravefocus.sharepoint.com/sites/ravefocus-creators",
      "futureDomain": "https://creators.ravefocus.com",
      "appUrl": "https://agreeable-mushroom-05c98dd1e.7.azurestaticapps.net/creators",
      "audience": "approved creators and owner-reviewed intake users",
      "template": "modern communication site",
      "templateHint": "SITEPAGEPUBLISHING#0 or PnP CommunicationSite",
      "ownerRequirement": "tenant/sharepoint admin must choose the owner UPN at apply time",
      "status": "not verified as created; latest connector check returned 404 before this packet was generated",
      "pages": [
        "creator home",
        "session intake",
        "availability",
        "bookings",
        "profile info",
        "safety/consent notes"
      ],
      "libraries": [
        "creator intake",
        "session proof",
        "public creator guides"
      ],
      "permissionRules": [
        "approved creators and support get only the sections they need",
        "admin/owner retains full control",
        "owner-only private records stay outside general creator pages"
      ],
      "keepOut": [
        "ID photos or legal/compliance files",
        "billing, bank, payout, or platform recovery details",
        "private worker pay data",
        "private fan/customer records",
        "unrestricted vault access"
      ]
    }
  ],
  "goLiveOrder": [
    "Keep the verified workers.ravefocus.com and creators.ravefocus.com DNS records as-is; do not add duplicates.",
    "Use the saved domain DNS verification and finalization proof showing both custom domains are ready and both routes open.",
    "Create and verify SharePoint Lists/forms before switching worker forms out of draft-safe mode.",
    "Apply Microsoft auth and role/privacy rules before inviting workers or creators.",
    "Create true SharePoint worker/creator sites only if owner/admin decides they are needed beyond the current quest-center folders.",
    "Add site navigation links back to the Azure app, future custom domains, setup packet, forms, and safe guides.",
    "Run final live verification and preflight before worker launch."
  ],
  "safetyRules": [
    "No proof = no payout.",
    "No assigned quest = not payable.",
    "No approved task order or written approval = not payable.",
    "Sensitive proof should be represented as owner-only private record required.",
    "Do not add passwords, recovery codes, ID photos, billing/card/bank details, payout settings, private fan/customer info, private creator records, platform recovery details, legal files, or compliance records to general SharePoint pages."
  ],
  "dryRunCommands": [
    "powershell -NoProfile -ExecutionPolicy Bypass -File launch\\create-worker-creator-sharepoint-sites.ps1",
    "powershell -NoProfile -ExecutionPolicy Bypass -File launch\\create-worker-creator-sharepoint-sites.ps1 -Apply -ConfirmOwnerAction -OwnerUpn owner@example.com"
  ],
  "ownerDecision": {
    "recommendedDefault": "keep Azure Static Web App as the running worker/creator portal and use SharePoint as the work-data hub",
    "createTrueSitesWhen": "owner wants separate SharePoint navigation, pages, permissions, or document libraries for workers and creators",
    "doNotCreateYetIf": "SharePoint Lists/forms, auth roles, or final launch checks are still unresolved"
  }
}
