Skip to content

COMMUNITY-EPIC — Unified member access and community integrations #79

Description

@daliu

Outcome

Create one coordinated program for member-only content, authoritative website accounts, WhatsApp and Strava access reconciliation, and approval-gated Instagram coordination.

Architectural boundaries

  • Firebase UID plus server-verified current MPRC membership is the only membership authority.
  • Account entry must offer both email/password and a plain-language Continue with Google option on one simple screen. Provider choice proves identity only and never grants membership, discounts, member pricing, payment state, or admin access.
  • Member-facing membership, navigation, and payment journeys minimize steps for elderly and nontechnical members: preserve the task they started, use one clear next action, readable controls/status, and consistent recovery without provider jargon.
  • Google Sites/Groups, WhatsApp, and Strava are derived access projections. They never grant website membership, discounts, or admin privileges.
  • Instagram is a separate one-way club publishing integration. Personal member Instagram accounts are out of scope.
  • Provider tokens, invite links, phone identifiers, and private rosters are not stored in public issues, logs, custom claims, or client-readable documents.

Coordination with the secure-commerce backlog

Stable dependencies owned by the parallel planning/security work:

  • SAFETY-001 — callback preservation and local Firebase isolation (currently in progress)
  • SEC-001 — resource-specific Firestore trust boundaries (currently in progress)
  • AUTH-001 — verified email for member and privileged claims
  • AUTH-002 — secure authoritative membership synchronization
  • AUTH-003 — scoped admin capabilities, MFA, and recent authentication
  • ABUSE-001 — App Check and abuse controls
  • ADMIN-001 — scoped admin APIs and append-oriented audit
  • CI-001 / OBS-001 — reliable deployment and operational alerting

The canonical detailed backlog is currently GITHUB_ISSUES.md in the shared worktree. Child issues below must keep these stable IDs in their dependency sections until the coordinating agent publishes corresponding GitHub issue numbers.

Provider constraints

  • Google Sites can be Restricted to named Google principals or a Google Group, but Firebase claims cannot directly authorize a Google Site.
  • WhatsApp automation for the existing large club group must not be assumed. The Groups API is restricted and unsuitable unless provider-console evidence proves eligibility.
  • Strava supports per-user OAuth and a self club-list check, but no club join/approve/remove API.
  • Instagram publishing uses one club-owned professional account and must never ingest member-only content or member data.

Work claim protocol

No child issue is claimed by creating it. Before implementation begins:

  1. Confirm dependencies are complete and the issue has status:ready.
  2. Assign the issue to the worker.
  3. Post: CLAIMED by at ; branch .
  4. Re-read comments before editing. The earliest valid claim wins.
  5. Change status only after the claim; never work two outcomes in one branch.

Child tickets

Immediate containment

Membership and Google access

WhatsApp and Strava reconciliation

Instagram coordination

Recommended sequence

  1. Contain the public Google Site (MEMBERS-ACCESS-001 — Restrict the exposed Google Site and contain leaked discounts #80) now.
  2. Complete the coordinating SEC-001/AUTH-001/AUTH-002 foundations, then MEMBERS-IDENTITY-001 — Define authoritative membership and external-account state #81.
  3. Complete AUTH-004 — Link a Google identity to an existing Firebase member account #82's existing-account Google linking/recovery contract, then AUTH-006 — Offer simple email/password and Google sign-in #109's dual-method account entry before calling MEMBERS-CONTENT-001 — Build the Firebase-native members-only discounts page #83 production-ready.
  4. Run owner discovery WHATSAPP-001 — Inventory MPRC WhatsApp topology and choose a supported integration mode #85 and INSTAGRAM-001 — Provision a club-owned Instagram publishing integration #91 in parallel.
  5. Choose Firebase-native discounts (MEMBERS-CONTENT-001 — Build the Firebase-native members-only discounts page #83, recommended) versus interim Google Group access (GSITE-002 — Pilot Google Group access to the restricted member Site #84).
  6. Harden Strava (STRAVA-001 — Harden and modernize the existing Strava OAuth connection #88) before any club-status check (STRAVA-002 — Add a self-service MPRC club-status check without roster scraping #89).
  7. Build manual runbook OPS-CHANNEL-001 — Document claimable WhatsApp and Strava provisioning runbook #86 before reconciliation queue CHANNEL-QUEUE-001 — Build an audited membership-to-channel reconciliation queue #90.
  8. Build Instagram state/approval INSTAGRAM-002 — Add an approval-gated social-post state and audit model #92 before provider publishing INSTAGRAM-003 — Build a secret-safe adapter and publish one approved JPEG #93, then UI INSTAGRAM-004 — Generate event-reminder drafts and an operator scheduling UI #94 and operations INSTAGRAM-005 — Add token refresh, publishing reconciliation, and alerts #95.

Definition of done

All provider integrations have least-privilege ownership, explicit consent, idempotent desired/observed reconciliation, safe deprovisioning, redacted audit, non-production tests, and documented manual fallbacks. Critical member journeys offer plain-language email or Google entry, preserve navigation intent, and never confuse account creation with membership or payment approval. External provider-console work requires a named owner and private evidence.

Metadata

Metadata

Assignees

No one assigned

    Labels

    area:communityCross-channel member community workenhancementNew feature or requestpriority:P1High-priority follow-upsize:LLarge cross-boundary issuestatus:proposedDesigned but dependencies or decisions remaintype:architectureArchitecture and contract design

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions