Marketplace 'Bans' tab is unreachable — controller whitelist omits 'bans' so the tab never activates and ban/unban redirects land on the wrong tab

Area: Admin deep-dive (commerce/config) (audit p15b) · Surface: /admin/marketplace?tab=bans · Dimension: Law 2 (no nav orphans) / functional · Severity: major

Clicking the 'Bans' tab (always visible) shows a different tab's content and never marks 'Bans' active, and the redirect after banning/unbanning a user never shows the bans list. The bans panel in the template is effectively dead because the controller refuses the tab value that would render it.

Evidence

templates/admin/marketplace/index.php:175 renders a permanent, clickable tab `'bans' => ['Bans', count($bannedUsers), 'danger', '/admin/marketplace?tab=bans']` and :471 has `<?php elseif ($tab === 'bans'): ?>` rendering the banned-users panel. But AdminMarketplaceController.php:60-64 whitelists only `['flagged','removed','reports','recent']` and silently rewrites any other value: `if (!in_array($tab, ['flagged','removed','reports','recent'], true)) { $tab = ... default ... }`. So $tab can never equal 'bans'. Worse, banUser() redirects to `/admin/marketplace?tab=bans` (AdminMarketplaceController.php:281) and unbanUser() to the same (:304) — both land on the default tab, never showing the result of the action just taken.

Suggested fix. Add 'bans' to the whitelist in AdminMarketplaceController.php:61 (`['flagged','removed','reports','recent','bans']`).

Filed by the automated tenant-app audit and adversarially evidence-verified. Status: verified. Open — not yet actioned.