# Checklist: User Creation & Login Verification ## 1. Setup & Pre-verification - [ ] **Database**: Verify existence of 'admin' user (ULTIMATE). - [ ] **Database**: Create/Reset 'test_super_op' (SUPER_OPERATOR) via tinker. - [ ] **Database**: Create/Reset 'test_op' (OPERATOR). - [ ] **Database**: Create/Reset 'test_coord' (COORDINATOR). - [ ] **Database**: Create/Reset 'test_store_owner' (STORE_OWNER). - [ ] **Database**: Create/Reset 'test_store_manager' (STORE_MANAGER). - [ ] **Database**: Create/Reset 'test_sup_ovr' (SUPPLIER_OVERSEER). - [ ] **Database**: Create/Reset 'test_supplier' (SUPPLIER). - [ ] **Database**: Create/Reset 'test_user' (USER). ## 2. Testing: ULTIMATE - [ ] **Login**: Login as 'admin'. - [ ] **Navigate**: Go to `/create-user`. - [ ] **Verification**: Check if all roles are displayed in 'User Type' dropdown. - [ ] **Action**: Create all available types (ULTIMATE, SUPER_OPERATOR, OPERATOR, COORDINATOR, SUPPLIER_OVERSEER, WHOLESALE_BUYER, SUPPLIER, STORE_OWNER, STORE_MANAGER, USER, RIDER, AUDIT, POS_TERMINAL). - [ ] **ULTIMATE**: `test_ult_child_ult` - [ ] **SUPER_OPERATOR**: `test_ult_child_super` - [ ] **OPERATOR**: `test_ult_child_op` - [ ] **COORDINATOR**: `test_ult_child_coord` - [ ] **SUPPLIER_OVERSEER**: `test_ult_child_sup_ovr` - [ ] **WHOLESALE_BUYER**: `test_ult_child_wholesale` - [ ] **SUPPLIER**: `test_ult_child_sup` - [ ] **STORE_OWNER**: `test_ult_child_owner` - [ ] **STORE_MANAGER**: `test_ult_child_mgr` - [ ] **USER**: `test_ult_child_user` - [ ] **RIDER**: `test_ult_child_rider` - [ ] **AUDIT**: `test_ult_child_audit` - [ ] **POS_TERMINAL**: `test_ult_child_pos` ## 3. Testing: SUPER_OPERATOR - [ ] **Login**: Login as 'test_super_op'. - [ ] **Navigate**: Go to `/create-user`. - [ ] **Verification**: Confirm 'SUPER_OPERATOR' or 'ULTIMATE' are NOT in roles list. - [ ] **Action**: Create all allowed types: - [ ] **OPERATOR**: `test_super_child_op` - [ ] **COORDINATOR**: `test_super_child_coord` - [ ] **SUPPLIER_OVERSEER**: `test_super_child_sup_ovr` - [ ] **WHOLESALE_BUYER**: `test_super_child_wholesale` - [ ] **SUPPLIER**: `test_super_child_sup` - [ ] **STORE_OWNER**: `test_super_child_owner` - [ ] **STORE_MANAGER**: `test_super_child_mgr` - [ ] **USER**: `test_super_child_user` - [ ] **RIDER**: `test_super_child_rider` - [ ] **POS_TERMINAL**: `test_super_child_pos` ## 4. Testing: OPERATOR - [ ] **Login**: Login as 'test_op'. - [ ] **Navigate**: Go to `/create-user`. - [ ] **Verification**: Confirm only allowed types are visible. - [ ] **Action**: Create all allowed types: - [ ] **COORDINATOR**: `test_op_child_coord` - [ ] **SUPPLIER**: `test_op_child_sup` - [ ] **STORE_OWNER**: `test_op_child_owner` - [ ] **RIDER**: `test_op_child_rider` - [ ] **POS_TERMINAL**: `test_op_child_pos` ## 5. Testing: COORDINATOR - [ ] **Login**: Login as 'test_coord'. - [ ] **Navigate**: Go to `/create-user`. - [ ] **Verification**: Confirm only allowed types are visible. - [ ] **Action**: Create all allowed types: - [ ] **SUPPLIER**: `test_coord_child_sup` - [ ] **STORE_MANAGER**: `test_coord_child_mgr` - [ ] **RIDER**: `test_coord_child_rider` ## 6. Testing: STORE_OWNER - [ ] **Login**: Login as 'test_store_owner'. - [ ] **Navigate**: Go to `/create-user`. - [ ] **Verification**: Confirm only allowed types are visible. - [ ] **Action**: Create all allowed types: - [ ] **STORE_MANAGER**: `test_owner_child_mgr` - [ ] **RIDER**: `test_owner_child_rider` - [ ] **POS_TERMINAL**: `test_owner_child_pos` ## 7. Testing: STORE_MANAGER - [ ] **Login**: Login as 'test_store_manager'. - [ ] **Navigate**: Go to `/create-user`. - [ ] **Verification**: Confirm only allowed types are visible. - [ ] **Action**: Create all allowed types: - [ ] **RIDER**: `test_mgr_child_rider` ## 8. Testing: SUPPLIER_OVERSEER - [ ] **Login**: Login as 'test_sup_ovr'. - [ ] **Navigate**: Go to `/create-user`. - [ ] **Verification**: Confirm only allowed types are visible. - [ ] **Action**: Create all allowed types: - [ ] **SUPPLIER**: `test_ovr_child_sup` - [ ] **WHOLESALE_BUYER**: `test_ovr_child_buyer` - [ ] **RIDER**: `test_ovr_child_rider` ## 9. Testing: SUPPLIER - [ ] **Login**: Login as 'test_supplier'. - [ ] **Navigate**: Go to `/create-user`. - [ ] **Verification**: Confirm only allowed types are visible. - [ ] **Action**: Create all allowed types: - [ ] **RIDER**: `test_sup_child_rider` ## 10. Testing: Restricted Types (No Creation Access) Check that these roles cannot access `/create-user` (redirected or 401 message): - [ ] **USER**: Login as 'test_user', attempt access. - [ ] **RIDER**: Login as any RIDER, attempt access. - [ ] **POS_TERMINAL**: Login as any POS_TERMINAL, attempt access. - [ ] **WHOLESALE_BUYER**: Login as any WHOLESALE_BUYER, attempt access. - [ ] **AUDIT**: Login as any AUDIT user, attempt access. ## 11. Final Verification - [ ] **Consistency**: Ensure all newly created test users can login correctly. - [ ] **Hierarchy Check**: Verify `parentuid` in the users table correctly links to the creator. - [ ] **Cleanup**: (Optional) Remove test users if desired.