[Enhancement] Admin deep-dive (commerce/config): AI feature flag changes require a manual PHP-FPM restart, surfaced only as a flash-message instruction

Area: Admin deep-dive (commerce/config) (audit p15b) · Surface: /admin/ai (AdminAIController@updateMaster, updateKey) · Dimension: ui-ux · Severity: major

No competitor asks a non-technical community admin to SSH in and run systemctl after toggling a setting. The mobieusAI config page tells a tenant Super Admin to run a root shell command for a change to take effect — most tenant admins cannot do this and have no idea what php8.3-fpm is. The setting silently appears saved but does nothing until someone with server access restarts FPM, which looks like the toggle is broken. This is a hard blocker on the self-serve promise of the whole AI surface.

Evidence

AdminAIController::updateMaster (AdminAIController.php:134-136) flashes 'AI master switch ON. Restart PHP-FPM to take effect: sudo systemctl reload php8.3-fpm.' and updateKey (line 181) flashes the same. The master switch and key are read from $_ENV (index() lines 42-44), which is only re-read on FPM restart.

Suggested fix. Store the AI master switch and API key where they are read live per-request (app.ini via Config, or a cache file the runtime re-reads) the way every other feature flag works, so the toggle takes effect on the next request. The page should never instruct a tenant admin to restart a system service.

Filed by the automated tenant-app audit and adversarially evidence-verified. Status: verified. Open — not yet actioned.