Tester mode boundary

Tester tools are for controlled validation and support evidence. They must stay outside normal player navigation and must never grant admin or gameplay authority.

Tester onboarding and QA checklist

This guide helps testers exercise the live text client while preserving server authority. Use public API screens, current-state recovery, and sanitized reports; do not use database access.

Before testing

Access and account

  1. Open https://text.massiveworldgames.com and confirm the login/register screen loads.
  2. Register or log in with a test account. Do not reuse production personal passwords.
  3. Confirm Play / Current State routes through /session/current after authentication.
  4. Confirm browser localStorage/sessionStorage do not contain a backend bearer token.

First playable loop

  1. Create or recover a character from backend state.
  2. Open the public anchor and inspect contracts, rumours, NPCs, journal, and party.
  3. Create a party charter through the backend if one is not active.
  4. Review routes and hazards, create a travel plan, start travel, and resolve a leg.
  5. Instantiate an encounter only when the backend exposes that action.
  6. Submit encounter choices and enter combat when the backend permits it.
  7. Submit combat legal-action intents only; never expect the client to show or edit damage values it invented.
  8. Resolve combat, review pending reward, claim it once, and confirm duplicate claim is safe.
  9. Open consequences/report and confirm journal/rumour/consequence surfaces are backend-visible data.

Reconnect and stale-state recovery

  1. Refresh the browser on public anchor, travel, encounter, combat, reward, and report screens.
  2. Use Play / Current State after each refresh and confirm the backend routes the next screen.
  3. When the situation changes, confirm the recovery screen tells you to re-check current state rather than guessing.

Safe issue reporting

  1. Use /scenario/report to describe what loop areas were covered in this browser session.
  2. Download /debug/sanitized-report when reporting a bug.
  3. Include visible correlation IDs when available.
  4. Do not paste passwords, raw bearer tokens, cookies, database IDs from private tools, or screenshots of secrets.
  5. Report whether the issue blocked progress or whether current-state recovery worked.

Client safety expectations

  1. The debug panel should be hidden in production.
  2. Private files such as .env, composer.json, src/App.php, templates, and vendor files must not be publicly readable.
  3. Player/backend/generated text should render as text, not executable HTML.
  4. The client should never ask for database access or backend admin credentials.

Useful tester links

Choose a path forward. The campaign will check whether that choice is still possible.

Choices

  1. [1] Play / recover current scene

    Choose this path if it still fits the scene.

  2. [2] Open scenario report

    Review request-log coverage and current-state IDs.

  3. [3] Download sanitized debug report

    Download redacted harness metadata for support.

Campaign view. This page shows the adventure and safe help links. Support tools stay outside normal play. HelpSupportReport issue
Character and gear Adventurer Pack Gear Magic Coins