Phase 106

Golden Ticket Review Queue

Admin review is the safety layer for OurLocal Golden Ticket submissions. It helps manage platform access and member-to-member identity without pretending to be official hall verification.

Admin boundary

Admin approval is OurLocal platform approval only.

Admin review does not prove official dues standing, official union membership, hall approval, dispatch authorization, book status, referral eligibility, grievance authority, legal authority, or official hall action. Always verify official matters directly with the hall.

Review fields

What admin needs to see

  • Submission ID
  • Member name
  • Email
  • Local / LU number
  • Classification
  • Card number
  • Type
  • Paid-through date
  • Traveler status
  • Receipt photo
  • Address redaction confirmation
  • Boundary acceptance
  • Current status
  • Admin notes
  • Status history

Privacy controls

Private evidence stays private.

Receipt photos are private review evidence. They should never show publicly and should never show during ticket bumps.

Address information stays hidden by default. Admin notes stay private and should not appear on member-facing ticket views.

Admin should be able to request safer redaction if an uploaded image exposes more private information than needed.

Status actions

Allowed admin status changes

ACTIVE

Approve for OurLocal access

Use only when the submission is complete enough for OurLocal platform access and member-to-member identity.

NEEDS_MORE_INFO

Request correction

Use when a field is missing, unclear, expired, duplicated, or the receipt image needs safer redaction.

REJECTED

Reject for OurLocal access

Use when a submission should not be accepted for OurLocal platform access.

EXPIRED

Mark expired

Use when the paid-through date has passed or renewal is needed.

NEEDS_REVIEW

Keep in review

Use when admin review is still pending.

SELF_SUBMITTED

Mark self-submitted

Use when the member submitted information and it is waiting for review or confidence signals.

Implementation note

Next code step: wire actions to the protected admin API.

This page locks the admin language and workflow shell. The next code step is wiring the status buttons to a protected API that writes status, admin note, reviewed-by, reviewed-at, and status history. The API must stay protected. Plain curl should keep getting 401, because admin tools exposed to the public are how software becomes a haunted house with login buttons.