@nextsparkjs/theme-crm 0.1.0-beta.19 → 0.1.0-beta.20

package/tests/cypress/e2e/ui/activities/activities-owner.cy.ts

@@ -0,0 +1,268 @@
+/// <reference types="cypress" />
+
+/**
+ * Activities CRUD - Owner Role (Full Access)
+ *
+ * Uses CRM theme-specific POMs with Entity Testing Convention.
+ * Selectors follow the pattern: {slug}-{component}-{detail}
+ */
+
+import { ActivitiesPOM } from '../../../src/entities/ActivitiesPOM'
+import { loginAsCrmOwner } from '../../../src/session-helpers'
+
+describe('Activities CRUD - Owner Role (Full Access)', () => {
+  const activities = new ActivitiesPOM()
+
+  beforeEach(() => {
+    loginAsCrmOwner()
+    cy.visit('/dashboard/activities')
+    activities.list.validatePageVisible()
+  })
+
+  describe('CREATE - Owner can create activities', () => {
+    it('OWNER_ACTIV_CREATE_001: should create new call activity', () => {
+      const timestamp = Date.now()
+      const subject = `Owner Call ${timestamp}`
+
+      activities.list.clickCreate()
+      activities.form.validateFormVisible()
+
+      activities.fillActivityForm({
+        type: 'call',
+        subject
+      })
+
+      activities.submitForm()
+
+      cy.url().should('include', '/dashboard/activities')
+      cy.contains(subject).should('be.visible')
+    })
+
+    it('OWNER_ACTIV_CREATE_002: should create meeting activity with all fields', () => {
+      const timestamp = Date.now()
+      const subject = `Owner Meeting ${timestamp}`
+
+      activities.list.clickCreate()
+      activities.form.validateFormVisible()
+
+      activities.fillActivityForm({
+        type: 'meeting',
+        subject,
+        description: 'Team sync meeting'
+      })
+
+      activities.submitForm()
+
+      cy.url().should('include', '/dashboard/activities')
+      cy.contains(subject).should('be.visible')
+    })
+
+    it('OWNER_ACTIV_CREATE_003: should create email activity', () => {
+      const timestamp = Date.now()
+      const subject = `Owner Email ${timestamp}`
+
+      activities.list.clickCreate()
+      activities.form.validateFormVisible()
+
+      activities.fillActivityForm({
+        type: 'email',
+        subject
+      })
+
+      activities.submitForm()
+
+      cy.url().should('include', '/dashboard/activities')
+      cy.contains(subject).should('be.visible')
+    })
+
+    it('OWNER_ACTIV_CREATE_004: should create task activity', () => {
+      const timestamp = Date.now()
+      const subject = `Owner Task ${timestamp}`
+
+      activities.list.clickCreate()
+      activities.form.validateFormVisible()
+
+      activities.fillActivityForm({
+        type: 'task',
+        subject,
+        description: 'Prepare report'
+      })
+
+      activities.submitForm()
+
+      cy.url().should('include', '/dashboard/activities')
+      cy.contains(subject).should('be.visible')
+    })
+
+    it('OWNER_ACTIV_CREATE_005: should validate required fields', () => {
+      activities.list.clickCreate()
+      activities.form.validateFormVisible()
+
+      // Try to submit without filling required fields
+      activities.submitForm()
+
+      // Form should still be visible (validation failed)
+      activities.form.validateFormVisible()
+    })
+
+    it('OWNER_ACTIV_CREATE_006: should cancel activity creation', () => {
+      activities.list.clickCreate()
+      activities.form.validateFormVisible()
+
+      activities.fillActivityForm({
+        type: 'call',
+        subject: 'Should not be created'
+      })
+
+      activities.form.cancel()
+      cy.url().should('not.include', '/create')
+    })
+  })
+
+  describe('READ - Owner can read activities', () => {
+    it('OWNER_ACTIV_READ_001: should view activity list', () => {
+      activities.list.validatePageVisible()
+      activities.list.validateTableVisible()
+    })
+
+    it('OWNER_ACTIV_READ_002: should view activity details', () => {
+      cy.get(activities.list.selectors.rowGeneric).then($rows => {
+        if ($rows.length > 0) {
+          activities.list.clickRowByIndex(0)
+          cy.url().should('match', /\/dashboard\/activities\/[a-z0-9-]+/)
+        }
+      })
+    })
+
+    it('OWNER_ACTIV_READ_003: should search activities', () => {
+      activities.list.search('test')
+      cy.wait(500)
+      activities.list.clearSearch()
+    })
+  })
+
+  describe('UPDATE - Owner can update activities', () => {
+    it('OWNER_ACTIV_UPDATE_001: should edit activity subject', () => {
+      cy.get(activities.list.selectors.rowGeneric).then($rows => {
+        if ($rows.length > 0) {
+          activities.list.clickRowByIndex(0)
+
+          cy.url().then(url => {
+            const activityId = url.split('/').pop()
+            activities.form.visitEdit(activityId!)
+            activities.form.validateFormVisible()
+
+            const updatedSubject = `Owner Updated ${Date.now()}`
+            activities.form.typeInField('subject', updatedSubject)
+
+            activities.submitForm()
+
+            cy.url().should('include', '/dashboard/activities')
+            cy.contains(updatedSubject).should('be.visible')
+          })
+        }
+      })
+    })
+
+    it('OWNER_ACTIV_UPDATE_002: should update activity type', () => {
+      cy.get(activities.list.selectors.rowGeneric).then($rows => {
+        if ($rows.length > 0) {
+          activities.list.clickRowByIndex(0)
+
+          cy.url().then(url => {
+            const activityId = url.split('/').pop()
+            activities.form.visitEdit(activityId!)
+            activities.form.validateFormVisible()
+
+            activities.form.selectOption('type', 'meeting')
+
+            activities.submitForm()
+            cy.url().should('include', '/dashboard/activities')
+          })
+        }
+      })
+    })
+
+    it('OWNER_ACTIV_UPDATE_003: should cancel update without saving', () => {
+      cy.get(activities.list.selectors.rowGeneric).then($rows => {
+        if ($rows.length > 0) {
+          activities.list.clickRowByIndex(0)
+
+          cy.url().then(url => {
+            const activityId = url.split('/').pop()
+            activities.form.visitEdit(activityId!)
+            activities.form.validateFormVisible()
+
+            activities.form.typeInField('subject', 'ShouldNotSave')
+
+            activities.form.cancel()
+            cy.url().should('not.include', '/edit')
+          })
+        }
+      })
+    })
+  })
+
+  describe('DELETE - Owner can delete activities', () => {
+    it('OWNER_ACTIV_DELETE_001: should delete activity successfully', () => {
+      const timestamp = Date.now()
+      const subject = `Owner Delete Test ${timestamp}`
+
+      activities.list.clickCreate()
+      activities.fillActivityForm({
+        type: 'task',
+        subject
+      })
+      activities.submitForm()
+
+      cy.contains(subject).should('be.visible')
+
+      activities.list.search(subject)
+
+      cy.get(activities.list.selectors.rowGeneric).first().within(() => {
+        cy.get('[data-cy*="delete"]').click()
+      })
+
+      activities.list.confirmDelete()
+
+      cy.wait(1000)
+      activities.list.search(subject)
+      cy.get(activities.list.selectors.emptyState).should('be.visible')
+    })
+
+    it('OWNER_ACTIV_DELETE_002: should cancel deletion', () => {
+      cy.get(activities.list.selectors.rowGeneric).then($rows => {
+        if ($rows.length > 0) {
+          cy.get(activities.list.selectors.rowGeneric).first().within(() => {
+            cy.get('[data-cy*="delete"]').click()
+          })
+
+          activities.list.cancelDelete()
+          activities.list.validateTableVisible()
+        }
+      })
+    })
+  })
+
+  describe('PERMISSIONS - Owner role capabilities', () => {
+    it('OWNER_ACTIV_PERM_001: should have full CRUD access', () => {
+      activities.list.validatePageVisible()
+
+      // Check for create button
+      cy.get(activities.list.selectors.createButton).should('be.visible')
+    })
+
+    it('OWNER_ACTIV_PERM_002: should have edit access', () => {
+      cy.get(activities.list.selectors.rowGeneric).then($rows => {
+        if ($rows.length > 0) {
+          activities.list.clickRowByIndex(0)
+          cy.url().then(url => {
+            const activityId = url.split('/').pop()
+            activities.form.visitEdit(activityId!)
+            activities.form.validateFormVisible()
+          })
+        }
+      })
+    })
+  })
+})

package/tests/cypress/e2e/ui/companies/companies-admin.cy.ts

@@ -0,0 +1,188 @@
+/// <reference types="cypress" />
+
+/**
+ * Companies CRUD - Admin Role (Full Access)
+ *
+ * Uses CRM theme-specific POMs with Entity Testing Convention.
+ * Selectors follow the pattern: {slug}-{component}-{detail}
+ */
+
+import { CompaniesPOM } from '../../../src/entities/CompaniesPOM'
+import { loginAsCrmAdmin } from '../../../src/session-helpers'
+
+describe('Companies CRUD - Admin Role (Full Access)', () => {
+  const companies = new CompaniesPOM()
+
+  beforeEach(() => {
+    loginAsCrmAdmin()
+    cy.visit('/dashboard/companies')
+    companies.list.validatePageVisible()
+  })
+
+  describe('CREATE - Admin can create companies', () => {
+    it('ADMIN_COMPANY_CREATE_001: should create new company with required fields', () => {
+      const timestamp = Date.now()
+      const companyName = `Admin Test Company ${timestamp}`
+
+      companies.list.clickCreate()
+      companies.form.validateFormVisible()
+
+      companies.fillCompanyForm({
+        name: companyName,
+        industry: 'retail'
+      })
+
+      companies.submitForm()
+
+      cy.url().should('include', '/dashboard/companies')
+      cy.contains(companyName).should('be.visible')
+    })
+
+    it('ADMIN_COMPANY_CREATE_002: should create company with optional fields', () => {
+      const timestamp = Date.now()
+      const companyName = `Admin Full Company ${timestamp}`
+
+      companies.list.clickCreate()
+      companies.form.validateFormVisible()
+
+      companies.fillCompanyForm({
+        name: companyName,
+        industry: 'manufacturing',
+        website: 'https://admin-company.com',
+        phone: '+1-555-4444'
+      })
+
+      companies.submitForm()
+
+      cy.url().should('include', '/dashboard/companies')
+      cy.contains(companyName).should('be.visible')
+    })
+  })
+
+  describe('READ - Admin can read companies', () => {
+    it('ADMIN_COMPANY_READ_001: should view company list', () => {
+      companies.list.validatePageVisible()
+      companies.list.validateTableVisible()
+    })
+
+    it('ADMIN_COMPANY_READ_002: should view company details', () => {
+      cy.get(companies.list.selectors.rowGeneric).then($rows => {
+        if ($rows.length > 0) {
+          companies.list.clickRowByIndex(0)
+          cy.url().should('match', /\/dashboard\/companies\/[a-z0-9-]+/)
+        }
+      })
+    })
+
+    it('ADMIN_COMPANY_READ_003: should search companies', () => {
+      companies.list.search('test')
+      cy.wait(500)
+      companies.list.clearSearch()
+    })
+  })
+
+  describe('UPDATE - Admin can update companies', () => {
+    it('ADMIN_COMPANY_UPDATE_001: should edit company', () => {
+      cy.get(companies.list.selectors.rowGeneric).then($rows => {
+        if ($rows.length > 0) {
+          companies.list.clickRowByIndex(0)
+
+          cy.url().then(url => {
+            const companyId = url.split('/').pop()
+            companies.form.visitEdit(companyId!)
+            companies.form.validateFormVisible()
+
+            const updatedName = `Admin Updated Company ${Date.now()}`
+            companies.form.typeInField('name', updatedName)
+
+            companies.submitForm()
+
+            cy.url().should('include', '/dashboard/companies')
+            cy.contains(updatedName).should('be.visible')
+          })
+        }
+      })
+    })
+
+    it('ADMIN_COMPANY_UPDATE_002: should update company contact information', () => {
+      cy.get(companies.list.selectors.rowGeneric).then($rows => {
+        if ($rows.length > 0) {
+          companies.list.clickRowByIndex(0)
+
+          cy.url().then(url => {
+            const companyId = url.split('/').pop()
+            companies.form.visitEdit(companyId!)
+            companies.form.validateFormVisible()
+
+            const timestamp = Date.now()
+            companies.form.typeInField('phone', `+1-555-${timestamp % 10000}`)
+
+            companies.submitForm()
+
+            cy.url().should('include', '/dashboard/companies')
+          })
+        }
+      })
+    })
+
+    it('ADMIN_COMPANY_UPDATE_003: should cancel update without saving', () => {
+      cy.get(companies.list.selectors.rowGeneric).then($rows => {
+        if ($rows.length > 0) {
+          companies.list.clickRowByIndex(0)
+
+          cy.url().then(url => {
+            const companyId = url.split('/').pop()
+            companies.form.visitEdit(companyId!)
+            companies.form.validateFormVisible()
+
+            companies.form.typeInField('name', 'ShouldNotSave')
+
+            companies.form.cancel()
+            cy.url().should('not.include', '/edit')
+          })
+        }
+      })
+    })
+  })
+
+  describe('DELETE - Admin can delete companies', () => {
+    it('ADMIN_COMPANY_DELETE_001: should delete company successfully', () => {
+      const timestamp = Date.now()
+      const companyName = `Admin Delete Test ${timestamp}`
+
+      companies.list.clickCreate()
+      companies.fillCompanyForm({
+        name: companyName,
+        industry: 'education'
+      })
+      companies.submitForm()
+
+      cy.contains(companyName).should('be.visible')
+
+      companies.list.search(companyName)
+
+      cy.get(companies.list.selectors.rowGeneric).first().within(() => {
+        cy.get('[data-cy*="delete"]').click()
+      })
+
+      companies.list.confirmDelete()
+
+      cy.wait(1000)
+      companies.list.search(companyName)
+      cy.get(companies.list.selectors.emptyState).should('be.visible')
+    })
+
+    it('ADMIN_COMPANY_DELETE_002: should cancel deletion', () => {
+      cy.get(companies.list.selectors.rowGeneric).then($rows => {
+        if ($rows.length > 0) {
+          cy.get(companies.list.selectors.rowGeneric).first().within(() => {
+            cy.get('[data-cy*="delete"]').click()
+          })
+
+          companies.list.cancelDelete()
+          companies.list.validateTableVisible()
+        }
+      })
+    })
+  })
+})

package/tests/cypress/e2e/ui/companies/companies-member.cy.ts

@@ -0,0 +1,166 @@
+/// <reference types="cypress" />
+
+/**
+ * Companies CRUD - Member Role (Restricted: Read Only)
+ *
+ * Uses CRM theme-specific POMs with Entity Testing Convention.
+ * Selectors follow the pattern: {slug}-{component}-{detail}
+ */
+
+import { CompaniesPOM } from '../../../src/entities/CompaniesPOM'
+import { loginAsCrmMember } from '../../../src/session-helpers'
+
+describe('Companies CRUD - Member Role (Restricted: Read Only)', () => {
+  const companies = new CompaniesPOM()
+
+  beforeEach(() => {
+    loginAsCrmMember()
+    cy.visit('/dashboard/companies')
+    companies.list.validatePageVisible()
+  })
+
+  describe('READ - Member CAN view companies', () => {
+    it('MEMBER_COMPANY_READ_001: should view company list', () => {
+      companies.list.validatePageVisible()
+      companies.list.validateTableVisible()
+    })
+
+    it('MEMBER_COMPANY_READ_002: should view company details', () => {
+      cy.get(companies.list.selectors.rowGeneric).then($rows => {
+        if ($rows.length > 0) {
+          companies.list.clickRowByIndex(0)
+          cy.url().should('match', /\/dashboard\/companies\/[a-z0-9-]+/)
+        }
+      })
+    })
+
+    it('MEMBER_COMPANY_READ_003: should search companies', () => {
+      companies.list.search('test')
+      cy.wait(500)
+      companies.list.clearSearch()
+    })
+  })
+
+  describe('CREATE - Member CANNOT create companies', () => {
+    it('MEMBER_COMPANY_CREATE_001: create button should be hidden', () => {
+      cy.get(companies.list.selectors.createButton).should('not.exist')
+    })
+
+    it('MEMBER_COMPANY_CREATE_002: should not be able to access create form via UI', () => {
+      // Verify no visible way to access create form
+      cy.get('[data-cy*="create"], [data-cy*="add"]').should('not.exist')
+    })
+
+    it('MEMBER_COMPANY_CREATE_003: direct navigation to create form should be blocked', () => {
+      cy.visit('/dashboard/companies/create', { failOnStatusCode: false })
+
+      // Should either redirect or show access denied
+      cy.url().then(url => {
+        if (url.includes('/dashboard/companies/create')) {
+          // If still on create page, should show error
+          cy.get('body').should('not.contain', companies.form.selectors.form)
+        } else {
+          // Should redirect away from create page
+          cy.url().should('not.include', '/create')
+        }
+      })
+    })
+  })
+
+  describe('UPDATE - Member CANNOT update companies', () => {
+    it('MEMBER_COMPANY_UPDATE_001: edit buttons should be hidden', () => {
+      cy.get('[data-cy*="edit"]').should('not.exist')
+    })
+
+    it('MEMBER_COMPANY_UPDATE_002: should not see edit action in company list', () => {
+      cy.get(companies.list.selectors.rowGeneric).then($rows => {
+        if ($rows.length > 0) {
+          cy.get(companies.list.selectors.rowGeneric).first().within(() => {
+            cy.get('[data-cy*="edit"]').should('not.exist')
+          })
+        }
+      })
+    })
+
+    it('MEMBER_COMPANY_UPDATE_003: should not see edit action in detail view', () => {
+      cy.get(companies.list.selectors.rowGeneric).then($rows => {
+        if ($rows.length > 0) {
+          companies.list.clickRowByIndex(0)
+          cy.url().should('match', /\/dashboard\/companies\/[a-z0-9-]+/)
+
+          cy.get('[data-cy*="edit"]').should('not.exist')
+        }
+      })
+    })
+  })
+
+  describe('DELETE - Member CANNOT delete companies', () => {
+    it('MEMBER_COMPANY_DELETE_001: delete buttons should be hidden', () => {
+      cy.get('[data-cy*="delete"]').should('not.exist')
+    })
+
+    it('MEMBER_COMPANY_DELETE_002: should not see delete action in company list', () => {
+      cy.get(companies.list.selectors.rowGeneric).then($rows => {
+        if ($rows.length > 0) {
+          cy.get(companies.list.selectors.rowGeneric).first().within(() => {
+            cy.get('[data-cy*="delete"]').should('not.exist')
+          })
+        }
+      })
+    })
+
+    it('MEMBER_COMPANY_DELETE_003: should not see delete action in detail view', () => {
+      cy.get(companies.list.selectors.rowGeneric).then($rows => {
+        if ($rows.length > 0) {
+          companies.list.clickRowByIndex(0)
+          cy.url().should('match', /\/dashboard\/companies\/[a-z0-9-]+/)
+
+          cy.get('[data-cy*="delete"]').should('not.exist')
+        }
+      })
+    })
+
+    it('MEMBER_COMPANY_DELETE_004: should NOT delete company via API', () => {
+      cy.get(companies.list.selectors.rowGeneric).then($rows => {
+        if ($rows.length > 0) {
+          cy.get(companies.list.selectors.rowGeneric).first().invoke('attr', 'data-cy').then(dataCy => {
+            if (dataCy) {
+              const companyId = dataCy.replace('companies-row-', '')
+
+              cy.request({
+                method: 'DELETE',
+                url: `/api/v1/companies/${companyId}`,
+                failOnStatusCode: false,
+              }).then(response => {
+                expect(response.status).to.be.oneOf([401, 403, 404])
+              })
+            }
+          })
+        }
+      })
+    })
+  })
+
+  describe('PERMISSIONS - Member role capabilities', () => {
+    it('MEMBER_COMPANY_PERMISSIONS_001: should have read-only access', () => {
+      companies.list.validatePageVisible()
+
+      // Check for no create button
+      cy.get(companies.list.selectors.createButton).should('not.exist')
+
+      // Check for no edit/delete buttons
+      cy.get('[data-cy*="edit"]').should('not.exist')
+      cy.get('[data-cy*="delete"]').should('not.exist')
+    })
+
+    it('MEMBER_COMPANY_PERMISSIONS_002: should see all organization companies', () => {
+      companies.list.validatePageVisible()
+
+      cy.get(companies.list.selectors.rowGeneric).then($rows => {
+        if ($rows.length > 0) {
+          cy.get(companies.list.selectors.rowGeneric).should('have.length.at.least', 1)
+        }
+      })
+    })
+  })
+})