jramos/cve-dashboard

Fork 0

Files

jramos 38dcbb1122 changed stop-servers to better kill the process on updates and added test cases for feature

2026-01-28 15:31:13 -07:00

5.8 KiB

Raw Blame History

Authentication Feature - Test Cases

Feature Branch: feature/login Date: 2026-01-28 Tester: _______________

Pre-Test Setup

Backend server running on port 3001
Frontend server running on port 3000
Database has been set up with node setup.js
Can access http://[SERVER_IP]:3000 in browser

#	Test Case	Expected Result
1.1	Navigate to app URL when not logged in	Login page displays
1.2	Login page shows username field	Field is visible and editable
1.3	Login page shows password field	Field is visible and editable
1.4	Login page shows "Sign In" button	Button is visible
1.5	Default credentials hint is shown	Shows "admin / admin123"

#	Test Case	Expected Result
2.1	Login with valid credentials (admin/admin123)	Redirects to dashboard
2.2	Login with invalid username	Shows "Invalid username or password"
2.3	Login with invalid password	Shows "Invalid username or password"
2.4	Login with empty username	Form validation prevents submit
2.5	Login with empty password	Form validation prevents submit
2.6	Press Enter in password field	Submits form (same as clicking Sign In)

3. Session Persistence

#	Test Case	Expected Result
3.1	Refresh page after login	Stays logged in, dashboard displays
3.2	Open new browser tab to same URL	Already logged in
3.3	Close browser, reopen, navigate to app	Still logged in (within 24hrs)

4. Logout

#	Test Case	Expected Result
4.1	Click user menu in header	Dropdown menu appears
4.2	Click "Sign Out" in dropdown	Returns to login page
4.3	After logout, try to access dashboard URL directly	Redirects to login page
4.4	After logout, check browser cookies	session_id cookie is cleared

#	Test Case	Expected Result
5.1	User menu shows username	Displays "admin"
5.2	User menu shows role	Displays "admin" role
5.3	User menu dropdown shows email	Shows admin@localhost
5.4	Admin user sees "Manage Users" option	Option is visible

6. Role-Based UI - Admin Role

Login as: admin/admin123

#	Test Case	Expected Result
6.1	"Add CVE/Vendor" button in header	Visible
6.2	"Upload Document" button on CVE records	Visible
6.3	"Delete" button on documents	Visible
6.4	"Manage Users" in user menu	Visible
6.5	Can open User Management panel	Panel opens

7. User Management (Admin)

Login as: admin/admin123

#	Test Case	Expected Result
7.1	Open User Management panel	Shows list of users
7.2	Click "Add User" button	Add user form appears
7.3	Create user: editor1 / editor1@test.com / password123 / Editor	User created successfully
7.4	Create user: viewer1 / viewer1@test.com / password123 / Viewer	User created successfully
7.5	Edit existing user (change email)	Changes saved
7.6	Toggle user active status	Status changes
7.7	Delete a user (not self)	User deleted
7.8	Try to delete own account	Error: "Cannot delete your own account"
7.9	Try to deactivate own account	Error: "Cannot deactivate your own account"
7.10	Try to remove own admin role	Error: "Cannot remove your own admin role"
7.11	Create duplicate username	Error: "Username or email already exists"

8. Role-Based UI - Editor Role

Logout and login as: editor1/password123

#	Test Case	Expected Result
8.1	"Add CVE/Vendor" button in header	Visible
8.2	"Upload Document" button on CVE records	Visible
8.3	"Delete" button on documents	NOT visible
8.4	"Manage Users" in user menu	NOT visible
8.5	Can add a new CVE	CVE created successfully
8.6	Can upload a document	Document uploaded successfully

9. Role-Based UI - Viewer Role

Logout and login as: viewer1/password123

#	Test Case	Expected Result
9.1	"Add CVE/Vendor" button in header	NOT visible
9.2	"Upload Document" button on CVE records	NOT visible
9.3	"Delete" button on documents	NOT visible
9.4	"Manage Users" in user menu	NOT visible
9.5	Can view CVE list	CVEs display correctly
9.6	Can view documents (click View)	Documents accessible
9.7	Can use Quick CVE Status Check	Search works
9.8	Can use filters (vendor, severity)	Filters work

10. Deactivated User

As admin, deactivate viewer1 account

#	Test Case	Expected Result	Pass/Fail
10.1	Try to login as deactivated user	Error: "Account is disabled"
10.2	Reactivate user (as admin)	User can login again

11. Error Handling

#	Test Case	Expected Result	Pass/Fail
11.1	Stop backend, try to login	Shows "Failed to fetch" or connection error
11.2	Backend returns 500 error	Error message displayed to user

Sign-Off

Role	Name	Date	Signature
Tester
Developer

5.8 KiB

Raw Blame History

Authentication Feature - Test Cases

Pre-Test Setup

3. Session Persistence

4. Logout

5. User Menu Display

6. Role-Based UI - Admin Role

7. User Management (Admin)

8. Role-Based UI - Editor Role

9. Role-Based UI - Viewer Role

10. Deactivated User

11. Error Handling

Sign-Off

Notes / Issues Found:

Final Status: [ ] PASS [ ] FAIL

5.8 KiB Raw Blame History

Authentication Feature - Test Cases

Pre-Test Setup

1. Login Page Display

2. Login Functionality

3. Session Persistence

4. Logout

5. User Menu Display

6. Role-Based UI - Admin Role

7. User Management (Admin)

8. Role-Based UI - Editor Role

9. Role-Based UI - Viewer Role

10. Deactivated User

11. Error Handling

Sign-Off

Notes / Issues Found:

Final Status: [ ] PASS [ ] FAIL

5.8 KiB

Raw Blame History