# Plan: User Creation, Login, and Access Testing

## 🎯 Objective
Verify that the RBAC system correctly restricts user creation based on account types and ensures that new users can successfully log in and access their respective dashboards.

## 🏗️ Technical Approach
The testing will be conducted using the browser tool to simulate real user interactions. We will iterate through each user type, perform creation attempts (both valid and invalid), and verify the results.

### 1. Test Data Setup
We need a set of "Parent" users for each type. I will verify if these exist or create them via the database if needed.
- `ULTIMATE`: `admin` (assuming exists)
- `SUPER_OPERATOR`: `test_super_op`
- `OPERATOR`: `test_op`
- `COORDINATOR`: `test_coord`
- `STORE_OWNER`: `test_store_owner`
- `USER`: `test_user`

### 2. Creation Permission Matrix (Target vs Actor)
| Actor \ Target | ULTIMATE | SUPER_OP | OPERATOR | COORD | SUPPLIER_O | WHOLESALE | SUPPLIER | STORE_OWNER | STORE_MGR | USER | RIDER | POS_T |
| :--- | :---: | :---: | :---: | :---: | :---: | :---: | :---: | :---: | :---: | :---: | :---: | :---: |
| **ULTIMATE** | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| **SUPER_OP** | ❌ | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
| **OPERATOR** | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ✅ | ✅ | ❌ | ❌ | ✅ | ✅ |
| **COORD** | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ✅ | ❌ | ✅ | ❌ |
| **STORE_OWNER** | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ✅ | ✅ |
| **USER** | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ |

### 3. Verification Steps
1.  **Login** as the Actor user.
2.  **Navigate** to the "Create User" page.
3.  **Check** the "User Type" dropdown for allowed options.
4.  **Attempt** to create an allowed user type:
    - Fill form with valid data.
    - Submit.
    - Verify "Success" message.
5.  **Attempt** to create a restricted user type (if UI allows selection or via direct API manipulation if possible, but primarily UI-based check).
6.  **Login** as the newly created user to verify account activation.
7.  **Logout** and repeat for next role.

## 🛠️ Tools & Commands
- **Browser**: Interaction and visual verification.
- **Tinker**: Quick user creation for testing setup if needed.
- **Docker**: Build and restart after any potential fixes (though this task is primarily testing).

## 📅 Timeline
- Phase 1: Environment Readiness (Verify/Create Actor Users)
- Phase 2: Browser Testing - ULTIMATE & SUPER_OPERATOR
- Phase 3: Browser Testing - OPERATOR & COORDINATOR
- Phase 4: Browser Testing - STORE_OWNER & USER (Restriction check)
- Phase 5: Final Report and Cleanup