Request-to-join flow for private forums (request/approve/deny) is undocumented

Area: Forums (re-run) (audit p2r) · Surface: POST /forums/{slug}/request-join, POST /forums/{slug}/request/approve, POST /forums/{slug}/request/deny (ForumMembershipController@request/approve/deny) · Dimension: documentation · Severity: major

Private (non-paid) forums show a 'Request to Join' button; owners/mods approve or deny from the pending page. This member-onboarding path is entirely undocumented, separate from both the paid-subscription flow and platform invite codes.

Evidence

Live search https://support.mobieus.io/know/search?q=request%20to%20join returns "No results for \"request to join\"." Feature is real and user-facing: templates/forums/preview.php:33 `<p>This forum is private. Request to join to see discussions.</p>`, :49 form action `/forums/<slug>/request-join`, :51 `<button ...>Request to Join</button>`; ForumMembershipController.php:217 `request()`, :261 `approve()`, :292 `deny()`. The pending-requests review UI exists at templates/forums/pending.php. No forum article body documents the private-forum join-request workflow (paid-forums covers Stripe subscription only: live body says "Non-members see the forum's landing page with the price and a 'Subscribe' button").

Suggested fix. Add a section (in the forum-membership article) describing private forums: what members see (preview/request-to-join), how owners review pending requests, and approve/deny actions.

Filed by the automated tenant-app audit and adversarially evidence-verified. Status: verified. Open — not yet actioned.