Validation Gates
Executable verification checkpoints. Run after completing architectural components to verify compliance. Gates pass or fail.
Gate Execution
For each gate:
- Run the verification commands/checks
- Compare results against expected outcomes
- Report: PASS (with evidence) or FAIL (with deviation)
Do not proceed past a failed gate. Correct and re-verify.
Gate 1: HubSpot Schema
Purpose: Verify required HubSpot schema elements exist.
Check 1.1: Company Portal Properties
Query: hubspot-list-objects companies limit=1 properties=portal_slug,portal_enabled,portal_theme_color,portal_logo_url
Expected: Properties return values (not null/undefined)
Pass criteria: All four properties exist in schema Fail criteria: Any property missing or unrecognized
Check 1.2: Test Company Configured
Query: hubspot-search-objects companies where portal_enabled=true
Expected: At least one Company with portal configuration
Pass criteria: Results include Company with portal_slug set Fail criteria: No Companies with portal configuration
Check 1.3: Deliverable Pipeline
Query: hubspot-list-objects 2-18484424 (Deliverables) limit=1
Expected: Deliverable object accessible, pipeline stages visible
Pass criteria: Can query Deliverables, stages include Backlog through Approved Fail criteria: Object inaccessible or pipeline not configured
Gate 2: No Hardcoded Configuration
Purpose: Verify no client configuration exists in codebase.
Check 2.1: Client ID Patterns
grep -r "clientId\s*[:=]" --include="*.ts" --include="*.tsx" --include="*.js"
grep -r "companyId\s*[:=]\s*['\"][0-9]" --include="*.ts" --include="*.tsx"
Expected: No matches (or only dynamic references)
Pass criteria: No hardcoded client/company IDs Fail criteria: Any hardcoded ID found
Check 2.2: Slug Patterns
grep -r "slug\s*[:=]\s*['\"]" --include="*.ts" --include="*.tsx" --include="*.json"
grep -r "paragon\|n2uitive" --include="*.ts" --include="*.tsx" --include="*.json"
Expected: No matches in configuration files (dynamic resolution only)
Pass criteria: Slugs resolved from HubSpot, not hardcoded Fail criteria: Any hardcoded slug found
Check 2.3: Client Config Objects
grep -r "clients\s*[:=]\s*{" --include="*.ts" --include="*.tsx"
grep -r "clientConfig" --include="*.ts" --include="*.tsx"
Expected: No client configuration objects
Pass criteria: Configuration comes from HubSpot Company properties Fail criteria: Client config objects exist in code
Gate 3: Custom Object Compliance
Purpose: Verify only valid custom objects are referenced.
Check 3.1: Custom Object References
grep -r "2-[0-9]" --include="*.ts" --include="*.tsx"
Expected: Only 2-18484424 (Deliverable), 2-54301725 (Interest), and 2-53994804 (Investment)
Pass criteria: No other custom object type IDs Fail criteria: Any custom object ID besides the three valid ones
Check 3.2: Object Type Assumptions
Review code for object instantiation patterns. Verify no assumptions about custom objects existing beyond Deliverable, Interest, and Investment.
Pass criteria: All HubSpot objects used are either native or Deliverable/Interest/Investment Fail criteria: Code assumes other custom objects exist
Gate 4: Language Compliance
Purpose: Verify no forbidden language in output documents.
Check 4.1: Forbidden Terms
grep -ri "leads\|prospects\|funnel\|conversion\|MQL\|SQL\|nurture" *.md docs/*.md
Expected: No matches
Pass criteria: No forbidden terms in documentation Fail criteria: Any forbidden term found
Check 4.2: Calendar Phases
grep -ri "week [0-9]\|phase [0-9].*month\|Q[1-4] \|weeks [0-9]" *.md docs/*.md
Expected: No matches
Pass criteria: No calendar-based phase language Fail criteria: Any time-bound phase language found
Check 4.3: Fallback Framing
grep -ri "quick win\|if time permits\|MVP\|start with\|priority [0-9]" *.md docs/*.md
Expected: No matches (or only in historical/quoted context)
Pass criteria: No fallback/prioritization framing Fail criteria: Scope hedging language found
Gate 5: Authentication Architecture
Purpose: Verify authentication uses HubSpot-native configuration.
Check 5.1: Slug Resolution
Trace authentication flow:
- User visits
/[slug]/login - System queries HubSpot:
Company where portal_slug = [slug] - No hardcoded lookup table
Pass criteria: Slug resolved via HubSpot query Fail criteria: Slug resolved via config file or hardcoded map
Check 5.2: JWT Storage
grep -r "localStorage\|sessionStorage" --include="*.ts" --include="*.tsx"
Expected: JWT not stored in browser storage (HttpOnly cookie only)
Pass criteria: JWT in HttpOnly cookie Fail criteria: JWT in localStorage/sessionStorage
Check 5.3: Contact Validation
Verify login validates Contact exists and is associated to Company.
Pass criteria: Contact lookup via HubSpot, association verified Fail criteria: Contact validation bypassed or hardcoded
Gate 6: Section Completeness
Purpose: Verify all 10 portal sections implemented.
Check 6.1: Route Existence
Verify routes exist for:
-
/[slug]/(Dashboard) -
/[slug]/projects(My Projects) -
/[slug]/sessions(My Sessions) -
/[slug]/deliverables(My Deliverables) -
/[slug]/action-items(My Action Items) -
/[slug]/team(My Team) -
/[slug]/budget(My Budget) -
/[slug]/support(My Support) -
/[slug]/resources(My Resources) -
/[slug]/profile(My Profile)
Pass criteria: All 10 routes exist and render Fail criteria: Any route missing
Check 6.2: HubSpot Data Binding
Each section queries appropriate HubSpot objects:
| Section | Must Query |
|---|---|
| Dashboard | Aggregated from multiple objects |
| My Projects | Project → Deliverable → Task |
| My Sessions | Appointment |
| My Deliverables | Deliverable |
| My Action Items | Task (filtered) |
| My Team | Contact |
| My Budget | Deal, Quote, Invoice |
| My Support | Ticket |
| My Resources | Listing, Course |
| My Profile | Contact |
Pass criteria: Each section queries correct objects Fail criteria: Any section uses wrong data source
Gate 7: Content Migration
Purpose: Verify playbook/assessment content migrated to HubSpot.
Check 7.1: Listing Records Exist
Query: hubspot-search-objects listings where listing_category=playbook
Query: hubspot-search-objects listings where listing_category=assessment_template
Expected: Playbook and assessment records in HubSpot
Pass criteria: Content exists as Listing records Fail criteria: Content still hardcoded in components
Check 7.2: Website Fetches from HubSpot
Review website playbook pages—they should fetch from HubSpot API, not import from local files.
Pass criteria: Website fetches Listing records Fail criteria: Website imports hardcoded content
Check 7.3: Portal Reads Same Source
Portal My Resources section queries same Listing records as website.
Pass criteria: Single source of truth (HubSpot Listings) Fail criteria: Duplicate content sources
Gate Execution Summary
| Gate | Status | Evidence |
|---|---|---|
| 1: HubSpot Schema | ||
| 2: No Hardcoded Config | ||
| 3: Custom Object Compliance | ||
| 4: Language Compliance | ||
| 5: Authentication Architecture | ||
| 6: Section Completeness | ||
| 7: Content Migration |
All gates must PASS for implementation to be complete.
Failed gates require:
- Identify specific failure
- Correct implementation
- Re-run gate
- Document correction
No partial credit. No "mostly passing." Gates pass or fail.