changed stop-servers to better kill the process on updates and added test cases for feature

2026-01-28 15:31:13 -07:00
parent 696569e6c7
commit 38dcbb1122
2 changed files with 188 additions and 5 deletions
--- a/test_cases_auth.md
+++ b/test_cases_auth.md
@@ -0,0 +1,164 @@
+# Authentication Feature - Test Cases
+
+**Feature Branch:** feature/login
+**Date:** 2026-01-28
+**Tester:** _______________
+
+---
+
+## Pre-Test Setup
+- [ ] Backend server running on port 3001
+- [ ] Frontend server running on port 3000
+- [ ] Database has been set up with `node setup.js`
+- [ ] Can access http://[SERVER_IP]:3000 in browser
+
+---
+
+## 1. Login Page Display
+| # | Test Case | Expected Result | Pass/Fail |
+|---|-----------|-----------------|-----------|
+| 1.1 | Navigate to app URL when not logged in | Login page displays | |
+| 1.2 | Login page shows username field | Field is visible and editable | |
+| 1.3 | Login page shows password field | Field is visible and editable | |
+| 1.4 | Login page shows "Sign In" button | Button is visible | |
+| 1.5 | Default credentials hint is shown | Shows "admin / admin123" | |
+
+---
+
+## 2. Login Functionality
+| # | Test Case | Expected Result | Pass/Fail |
+|---|-----------|-----------------|-----------|
+| 2.1 | Login with valid credentials (admin/admin123) | Redirects to dashboard | |
+| 2.2 | Login with invalid username | Shows "Invalid username or password" | |
+| 2.3 | Login with invalid password | Shows "Invalid username or password" | |
+| 2.4 | Login with empty username | Form validation prevents submit | |
+| 2.5 | Login with empty password | Form validation prevents submit | |
+| 2.6 | Press Enter in password field | Submits form (same as clicking Sign In) | |
+
+---
+
+## 3. Session Persistence
+| # | Test Case | Expected Result | Pass/Fail |
+|---|-----------|-----------------|-----------|
+| 3.1 | Refresh page after login | Stays logged in, dashboard displays | |
+| 3.2 | Open new browser tab to same URL | Already logged in | |
+| 3.3 | Close browser, reopen, navigate to app | Still logged in (within 24hrs) | |
+
+---
+
+## 4. Logout
+| # | Test Case | Expected Result | Pass/Fail |
+|---|-----------|-----------------|-----------|
+| 4.1 | Click user menu in header | Dropdown menu appears | |
+| 4.2 | Click "Sign Out" in dropdown | Returns to login page | |
+| 4.3 | After logout, try to access dashboard URL directly | Redirects to login page | |
+| 4.4 | After logout, check browser cookies | session_id cookie is cleared | |
+
+---
+
+## 5. User Menu Display
+| # | Test Case | Expected Result | Pass/Fail |
+|---|-----------|-----------------|-----------|
+| 5.1 | User menu shows username | Displays "admin" | |
+| 5.2 | User menu shows role | Displays "admin" role | |
+| 5.3 | User menu dropdown shows email | Shows admin@localhost | |
+| 5.4 | Admin user sees "Manage Users" option | Option is visible | |
+
+---
+
+## 6. Role-Based UI - Admin Role
+*Login as: admin/admin123*
+
+| # | Test Case | Expected Result | Pass/Fail |
+|---|-----------|-----------------|-----------|
+| 6.1 | "Add CVE/Vendor" button in header | Visible | |
+| 6.2 | "Upload Document" button on CVE records | Visible | |
+| 6.3 | "Delete" button on documents | Visible | |
+| 6.4 | "Manage Users" in user menu | Visible | |
+| 6.5 | Can open User Management panel | Panel opens | |
+
+---
+
+## 7. User Management (Admin)
+*Login as: admin/admin123*
+
+| # | Test Case | Expected Result | Pass/Fail |
+|---|-----------|-----------------|-----------|
+| 7.1 | Open User Management panel | Shows list of users | |
+| 7.2 | Click "Add User" button | Add user form appears | |
+| 7.3 | Create user: editor1 / editor1@test.com / password123 / Editor | User created successfully | |
+| 7.4 | Create user: viewer1 / viewer1@test.com / password123 / Viewer | User created successfully | |
+| 7.5 | Edit existing user (change email) | Changes saved | |
+| 7.6 | Toggle user active status | Status changes | |
+| 7.7 | Delete a user (not self) | User deleted | |
+| 7.8 | Try to delete own account | Error: "Cannot delete your own account" | |
+| 7.9 | Try to deactivate own account | Error: "Cannot deactivate your own account" | |
+| 7.10 | Try to remove own admin role | Error: "Cannot remove your own admin role" | |
+| 7.11 | Create duplicate username | Error: "Username or email already exists" | |
+
+---
+
+## 8. Role-Based UI - Editor Role
+*Logout and login as: editor1/password123*
+
+| # | Test Case | Expected Result | Pass/Fail |
+|---|-----------|-----------------|-----------|
+| 8.1 | "Add CVE/Vendor" button in header | Visible | |
+| 8.2 | "Upload Document" button on CVE records | Visible | |
+| 8.3 | "Delete" button on documents | NOT visible | |
+| 8.4 | "Manage Users" in user menu | NOT visible | |
+| 8.5 | Can add a new CVE | CVE created successfully | |
+| 8.6 | Can upload a document | Document uploaded successfully | |
+
+---
+
+## 9. Role-Based UI - Viewer Role
+*Logout and login as: viewer1/password123*
+
+| # | Test Case | Expected Result | Pass/Fail |
+|---|-----------|-----------------|-----------|
+| 9.1 | "Add CVE/Vendor" button in header | NOT visible | |
+| 9.2 | "Upload Document" button on CVE records | NOT visible | |
+| 9.3 | "Delete" button on documents | NOT visible | |
+| 9.4 | "Manage Users" in user menu | NOT visible | |
+| 9.5 | Can view CVE list | CVEs display correctly | |
+| 9.6 | Can view documents (click View) | Documents accessible | |
+| 9.7 | Can use Quick CVE Status Check | Search works | |
+| 9.8 | Can use filters (vendor, severity) | Filters work | |
+
+---
+
+## 10. Deactivated User
+*As admin, deactivate viewer1 account*
+
+| # | Test Case | Expected Result | Pass/Fail |
+|---|-----------|-----------------|-----------|
+| 10.1 | Try to login as deactivated user | Error: "Account is disabled" | |
+| 10.2 | Reactivate user (as admin) | User can login again | |
+
+---
+
+## 11. Error Handling
+| # | Test Case | Expected Result | Pass/Fail |
+|---|-----------|-----------------|-----------|
+| 11.1 | Stop backend, try to login | Shows "Failed to fetch" or connection error | |
+| 11.2 | Backend returns 500 error | Error message displayed to user | |
+
+---
+
+## Sign-Off
+
+| Role | Name | Date | Signature |
+|------|------|------|-----------|
+| Tester | | | |
+| Developer | | | |
+
+### Notes / Issues Found:
+```
+
+
+
+
+```
+
+### Final Status: [ ] PASS  [ ] FAIL