npm - @nextsparkjs/theme-default - Versions diffs - 0.1.0-beta.2 → 0.1.0-beta.21 - Mend

@nextsparkjs/theme-default 0.1.0-beta.2 → 0.1.0-beta.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (222) hide show

package/package.json +8 -4
package/templates/(public)/page.tsx +1 -1
package/tests/cypress/e2e/_devtools/access.bdd.md +262 -0
package/tests/cypress/e2e/_devtools/access.cy.ts +171 -0
package/tests/cypress/e2e/_devtools/navigation.bdd.md +261 -0
package/tests/cypress/e2e/_devtools/navigation.cy.ts +157 -0
package/tests/cypress/e2e/_devtools/pages.bdd.md +303 -0
package/tests/cypress/e2e/_devtools/pages.cy.ts +184 -0
package/tests/cypress/e2e/_docs/README.md +215 -0
package/tests/cypress/e2e/_docs/tutorials/sector7-superadmin-teams.narration.json +155 -0
package/tests/cypress/e2e/_docs/tutorials/sector7-superadmin.cy.ts +390 -0
package/tests/cypress/e2e/_docs/tutorials/teams-system.doc.cy.ts +349 -0
package/tests/cypress/e2e/_docs/tutorials/teams-system.narration.json +165 -0
package/tests/cypress/e2e/_selectors/auth.cy.ts +306 -0
package/tests/cypress/e2e/_selectors/billing.cy.ts +89 -0
package/tests/cypress/e2e/_selectors/dashboard-mobile.cy.ts +113 -0
package/tests/cypress/e2e/_selectors/dashboard-navigation.cy.ts +89 -0
package/tests/cypress/e2e/_selectors/dashboard-sidebar.cy.ts +60 -0
package/tests/cypress/e2e/_selectors/dashboard-topnav.cy.ts +146 -0
package/tests/cypress/e2e/_selectors/devtools.cy.ts +210 -0
package/tests/cypress/e2e/_selectors/global-search.cy.ts +88 -0
package/tests/cypress/e2e/_selectors/pages-editor.cy.ts +179 -0
package/tests/cypress/e2e/_selectors/posts-editor.cy.ts +282 -0
package/tests/cypress/e2e/_selectors/public.cy.ts +112 -0
package/tests/cypress/e2e/_selectors/settings-api-keys.cy.ts +228 -0
package/tests/cypress/e2e/_selectors/settings-billing.cy.ts +105 -0
package/tests/cypress/e2e/_selectors/settings-layout.cy.ts +119 -0
package/tests/cypress/e2e/_selectors/settings-password.cy.ts +71 -0
package/tests/cypress/e2e/_selectors/settings-profile.cy.ts +82 -0
package/tests/cypress/e2e/_selectors/settings-teams.cy.ts +68 -0
package/tests/cypress/e2e/_selectors/superadmin.cy.ts +185 -0
package/tests/cypress/e2e/_selectors/tasks.cy.ts +242 -0
package/tests/cypress/e2e/_selectors/taxonomies.cy.ts +126 -0
package/tests/cypress/e2e/_selectors/teams.cy.ts +142 -0
package/tests/cypress/e2e/_superadmin/all-teams.bdd.md +261 -0
package/tests/cypress/e2e/_superadmin/all-teams.cy.ts +177 -0
package/tests/cypress/e2e/_superadmin/all-users.bdd.md +406 -0
package/tests/cypress/e2e/_superadmin/all-users.cy.ts +294 -0
package/tests/cypress/e2e/_superadmin/dashboard.bdd.md +235 -0
package/tests/cypress/e2e/_superadmin/dashboard.cy.ts +149 -0
package/tests/cypress/e2e/_superadmin/subscriptions-overview.bdd.md +290 -0
package/tests/cypress/e2e/_superadmin/subscriptions-overview.cy.ts +194 -0
package/tests/cypress/e2e/ai/ai-usage.cy.ts +209 -0
package/tests/cypress/e2e/ai/chat-api.cy.ts +107 -0
package/tests/cypress/e2e/ai/guardrails.cy.ts +332 -0
package/tests/cypress/e2e/api/billing/BillingAPIController.js +319 -0
package/tests/cypress/e2e/api/billing/check-action.cy.ts +326 -0
package/tests/cypress/e2e/api/billing/checkout.cy.ts +358 -0
package/tests/cypress/e2e/api/billing/lifecycle.cy.ts +423 -0
package/tests/cypress/e2e/api/billing/plans/README.md +345 -0
package/tests/cypress/e2e/api/billing/plans/business.cy.ts +412 -0
package/tests/cypress/e2e/api/billing/plans/downgrade.cy.ts +510 -0
package/tests/cypress/e2e/api/billing/plans/fixtures/billing-plans.json +163 -0
package/tests/cypress/e2e/api/billing/plans/free.cy.ts +500 -0
package/tests/cypress/e2e/api/billing/plans/pro.cy.ts +497 -0
package/tests/cypress/e2e/api/billing/plans/starter.cy.ts +342 -0
package/tests/cypress/e2e/api/billing/portal.cy.ts +313 -0
package/tests/cypress/e2e/api/devtools/registries.bdd.md +300 -0
package/tests/cypress/e2e/api/devtools/registries.cy.ts +368 -0
package/tests/cypress/e2e/api/entities/blocks-scope.cy.ts +396 -0
package/tests/cypress/e2e/api/entities/customers-crud.cy.ts +648 -0
package/tests/cypress/e2e/api/entities/customers-metas.cy.ts +839 -0
package/tests/cypress/e2e/api/entities/pages-crud.cy.ts +425 -0
package/tests/cypress/e2e/api/entities/pages-status.cy.ts +335 -0
package/tests/cypress/e2e/api/entities/post-categories-crud.cy.ts +610 -0
package/tests/cypress/e2e/api/entities/posts-crud.cy.ts +709 -0
package/tests/cypress/e2e/api/entities/posts-status.cy.ts +396 -0
package/tests/cypress/e2e/api/entities/tasks-crud.cy.ts +602 -0
package/tests/cypress/e2e/api/entities/tasks-metas.cy.ts +878 -0
package/tests/cypress/e2e/api/entities/users-crud.cy.ts +469 -0
package/tests/cypress/e2e/api/entities/users-metas.cy.ts +913 -0
package/tests/cypress/e2e/api/entities/users-security.cy.ts +375 -0
package/tests/cypress/e2e/api/scheduled-actions/cron-endpoint.bdd.md +375 -0
package/tests/cypress/e2e/api/scheduled-actions/cron-endpoint.cy.ts +346 -0
package/tests/cypress/e2e/api/scheduled-actions/devtools-endpoint.bdd.md +451 -0
package/tests/cypress/e2e/api/scheduled-actions/devtools-endpoint.cy.ts +447 -0
package/tests/cypress/e2e/api/scheduled-actions/scheduling.bdd.md +649 -0
package/tests/cypress/e2e/api/scheduled-actions/scheduling.cy.ts +333 -0
package/tests/cypress/e2e/api/settings/api-keys.crud.cy.ts +923 -0
package/tests/cypress/e2e/uat/auth/app-roles/developer-login.bdd.md +231 -0
package/tests/cypress/e2e/uat/auth/app-roles/developer-login.cy.ts +144 -0
package/tests/cypress/e2e/uat/auth/app-roles/superadmin-login.bdd.md +118 -0
package/tests/cypress/e2e/uat/auth/app-roles/superadmin-login.cy.ts +84 -0
package/tests/cypress/e2e/uat/auth/custom-roles/editor-login.bdd.md +288 -0
package/tests/cypress/e2e/uat/auth/custom-roles/editor-login.cy.ts +188 -0
package/tests/cypress/e2e/uat/auth/login-logout.bdd.md +160 -0
package/tests/cypress/e2e/uat/auth/login-logout.cy.ts +116 -0
package/tests/cypress/e2e/uat/auth/password-reset.bdd.md +289 -0
package/tests/cypress/e2e/uat/auth/password-reset.cy.ts +200 -0
package/tests/cypress/e2e/uat/auth/team-roles/admin-login.bdd.md +225 -0
package/tests/cypress/e2e/uat/auth/team-roles/admin-login.cy.ts +148 -0
package/tests/cypress/e2e/uat/auth/team-roles/member-login.bdd.md +251 -0
package/tests/cypress/e2e/uat/auth/team-roles/member-login.cy.ts +163 -0
package/tests/cypress/e2e/uat/auth/team-roles/owner-login.bdd.md +231 -0
package/tests/cypress/e2e/uat/auth/team-roles/owner-login.cy.ts +141 -0
package/tests/cypress/e2e/uat/billing/extended.bdd.md +273 -0
package/tests/cypress/e2e/uat/billing/extended.cy.ts +209 -0
package/tests/cypress/e2e/uat/billing/feature-gates.bdd.md +407 -0
package/tests/cypress/e2e/uat/billing/feature-gates.cy.ts +307 -0
package/tests/cypress/e2e/uat/billing/page.bdd.md +329 -0
package/tests/cypress/e2e/uat/billing/page.cy.ts +250 -0
package/tests/cypress/e2e/uat/billing/status.bdd.md +190 -0
package/tests/cypress/e2e/uat/billing/status.cy.ts +145 -0
package/tests/cypress/e2e/uat/billing/team-switch.bdd.md +156 -0
package/tests/cypress/e2e/uat/billing/team-switch.cy.ts +122 -0
package/tests/cypress/e2e/uat/billing/usage.bdd.md +218 -0
package/tests/cypress/e2e/uat/billing/usage.cy.ts +176 -0
package/tests/cypress/e2e/uat/blocks/hero.bdd.md +124 -0
package/tests/cypress/e2e/uat/blocks/hero.cy.ts +56 -0
package/tests/cypress/e2e/uat/devtools/api-tester.cy.ts +390 -0
package/tests/cypress/e2e/uat/entities/customers/member.bdd.md +275 -0
package/tests/cypress/e2e/uat/entities/customers/member.cy.ts +122 -0
package/tests/cypress/e2e/uat/entities/customers/owner.bdd.md +243 -0
package/tests/cypress/e2e/uat/entities/customers/owner.cy.ts +165 -0
package/tests/cypress/e2e/uat/entities/pages/block-crud.bdd.md +476 -0
package/tests/cypress/e2e/uat/entities/pages/block-crud.cy.ts +486 -0
package/tests/cypress/e2e/uat/entities/pages/block-editor.bdd.md +460 -0
package/tests/cypress/e2e/uat/entities/pages/block-editor.cy.ts +301 -0
package/tests/cypress/e2e/uat/entities/pages/list.bdd.md +432 -0
package/tests/cypress/e2e/uat/entities/pages/list.cy.ts +273 -0
package/tests/cypress/e2e/uat/entities/pages/public-rendering.bdd.md +696 -0
package/tests/cypress/e2e/uat/entities/pages/public-rendering.cy.ts +340 -0
package/tests/cypress/e2e/uat/entities/posts/categories-api-aware.bdd.md +161 -0
package/tests/cypress/e2e/uat/entities/posts/categories-api-aware.cy.ts +104 -0
package/tests/cypress/e2e/uat/entities/posts/categories.bdd.md +375 -0
package/tests/cypress/e2e/uat/entities/posts/categories.cy.ts +241 -0
package/tests/cypress/e2e/uat/entities/posts/editor.bdd.md +429 -0
package/tests/cypress/e2e/uat/entities/posts/editor.cy.ts +257 -0
package/tests/cypress/e2e/uat/entities/posts/list.bdd.md +340 -0
package/tests/cypress/e2e/uat/entities/posts/list.cy.ts +177 -0
package/tests/cypress/e2e/uat/entities/posts/public.bdd.md +614 -0
package/tests/cypress/e2e/uat/entities/posts/public.cy.ts +249 -0
package/tests/cypress/e2e/uat/entities/tasks/member.bdd.md +222 -0
package/tests/cypress/e2e/uat/entities/tasks/member.cy.ts +165 -0
package/tests/cypress/e2e/uat/entities/tasks/owner.bdd.md +419 -0
package/tests/cypress/e2e/uat/entities/tasks/owner.cy.ts +191 -0
package/tests/cypress/e2e/uat/roles/editor-role.bdd.md +552 -0
package/tests/cypress/e2e/uat/roles/editor-role.cy.ts +210 -0
package/tests/cypress/e2e/uat/roles/member-restrictions.bdd.md +450 -0
package/tests/cypress/e2e/uat/roles/member-restrictions.cy.ts +189 -0
package/tests/cypress/e2e/uat/roles/owner-full-crud.bdd.md +530 -0
package/tests/cypress/e2e/uat/roles/owner-full-crud.cy.ts +247 -0
package/tests/cypress/e2e/uat/scheduled-actions/devtools-ui.bdd.md +736 -0
package/tests/cypress/e2e/uat/scheduled-actions/devtools-ui.cy.ts +740 -0
package/tests/cypress/e2e/uat/teams/roles-matrix.bdd.md +553 -0
package/tests/cypress/e2e/uat/teams/roles-matrix.cy.ts +185 -0
package/tests/cypress/e2e/uat/teams/switcher.bdd.md +1151 -0
package/tests/cypress/e2e/uat/teams/switcher.cy.ts +497 -0
package/tests/cypress/e2e/uat/teams/team-switcher.md +198 -0
package/tests/cypress/fixtures/blocks.json +218 -0
package/tests/cypress/fixtures/entities.json +78 -0
package/tests/cypress/fixtures/page-builder.json +21 -0
package/tests/cypress/src/components/CategoriesPOM.ts +382 -0
package/tests/cypress/src/components/CustomersPOM.ts +439 -0
package/tests/cypress/src/components/DevKeyringPOM.ts +160 -0
package/tests/cypress/src/components/EntityForm.ts +375 -0
package/tests/cypress/src/components/EntityList.ts +389 -0
package/tests/cypress/src/components/PageBuilderPOM.ts +710 -0
package/tests/cypress/src/components/PostEditorPOM.ts +370 -0
package/tests/cypress/src/components/PostsListPOM.ts +223 -0
package/tests/cypress/src/components/PublicPagePOM.ts +447 -0
package/tests/cypress/src/components/PublicPostPOM.ts +146 -0
package/tests/cypress/src/components/TasksPOM.ts +272 -0
package/tests/cypress/src/components/TeamSwitcherPOM.ts +450 -0
package/tests/cypress/src/components/index.ts +21 -0
package/tests/cypress/src/controllers/ApiKeysAPIController.js +178 -0
package/tests/cypress/src/controllers/BaseAPIController.js +317 -0
package/tests/cypress/src/controllers/CustomerAPIController.js +251 -0
package/tests/cypress/src/controllers/PagesAPIController.js +226 -0
package/tests/cypress/src/controllers/PostsAPIController.js +250 -0
package/tests/cypress/src/controllers/TaskAPIController.js +240 -0
package/tests/cypress/src/controllers/UsersAPIController.js +242 -0
package/tests/cypress/src/controllers/index.js +25 -0
package/tests/cypress/src/core/AuthPOM.ts +450 -0
package/tests/cypress/src/core/BasePOM.ts +86 -0
package/tests/cypress/src/core/BlockEditorBasePOM.ts +576 -0
package/tests/cypress/src/core/DashboardEntityPOM.ts +692 -0
package/tests/cypress/src/core/index.ts +14 -0
package/tests/cypress/src/entities/CustomersPOM.ts +172 -0
package/tests/cypress/src/entities/PagesPOM.ts +137 -0
package/tests/cypress/src/entities/PostsPOM.ts +137 -0
package/tests/cypress/src/entities/TasksPOM.ts +176 -0
package/tests/cypress/src/entities/index.ts +14 -0
package/tests/cypress/src/features/BillingPOM.ts +385 -0
package/tests/cypress/src/features/DashboardPOM.ts +245 -0
package/tests/cypress/src/features/DevtoolsPOM.ts +739 -0
package/tests/cypress/src/features/PageBuilderPOM.ts +263 -0
package/tests/cypress/src/features/PostEditorPOM.ts +313 -0
package/tests/cypress/src/features/ScheduledActionsPOM.ts +463 -0
package/tests/cypress/src/features/SettingsPOM.ts +362 -0
package/tests/cypress/src/features/SuperadminPOM.ts +331 -0
package/tests/cypress/src/features/SuperadminTeamRolesPOM.ts +285 -0
package/tests/cypress/src/features/index.ts +28 -0
package/tests/cypress/src/helpers/ApiInterceptor.ts +177 -0
package/tests/cypress/src/index.ts +101 -0
package/tests/cypress/src/pages/dashboard/Dashboard.js +677 -0
package/tests/cypress/src/pages/dashboard/DashboardPage.js +43 -0
package/tests/cypress/src/pages/dashboard/DashboardStats.js +546 -0
package/tests/cypress/src/pages/dashboard/index.js +6 -0
package/tests/cypress/src/pages/index.js +5 -0
package/tests/cypress/src/pages/public/FeaturesPage.js +28 -0
package/tests/cypress/src/pages/public/LandingPage.js +69 -0
package/tests/cypress/src/pages/public/PricingPage.js +33 -0
package/tests/cypress/src/pages/public/index.js +6 -0
package/tests/cypress/src/selectors.ts +46 -0
package/tests/cypress/src/session-helpers.ts +500 -0
package/tests/cypress/support/doc-commands.ts +260 -0
package/tests/cypress.config.ts +150 -0
package/tests/jest/components/post-header.test.tsx +377 -0
package/tests/jest/config/role-config.test.ts +529 -0
package/tests/jest/jest.config.ts +81 -0
package/tests/jest/langchain/COVERAGE.md +372 -0
package/tests/jest/langchain/guardrails.test.ts +465 -0
package/tests/jest/langchain/streaming.test.ts +367 -0
package/tests/jest/langchain/token-tracker.test.ts +455 -0
package/tests/jest/langchain/tracer-callbacks.test.ts +881 -0
package/tests/jest/langchain/tracer.test.ts +823 -0
package/tests/jest/user-roles/role-helpers.test.ts +432 -0
package/tests/jest/validation/categories.test.ts +429 -0
package/tests/jest/validation/posts.test.ts +546 -0
package/tests/tsconfig.json +15 -0
package/LICENSE +0 -21

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@nextsparkjs/theme-default",
-  "version": "0.1.0-beta.2",
+  "version": "0.1.0-beta.21",
   "private": false,
   "type": "module",
   "main": "./config/theme.config.ts",
@@ -9,6 +9,7 @@
   ],
   "dependencies": {},
   "peerDependencies": {
+    "@nextsparkjs/core": "workspace:*",
     "@tanstack/react-query": "^5.0.0",
     "lucide-react": "^0.539.0",
     "next": "^15.0.0",
@@ -16,7 +17,10 @@
     "react": "^19.0.0",
     "react-dom": "^19.0.0",
     "react-markdown": "^10.1.0",
-    "zod": "^4.0.0",
-    "@nextsparkjs/core": "0.1.0-beta.6"
+    "zod": "^4.0.0"
+  },
+  "nextspark": {
+    "type": "theme",
+    "name": "default"
   }
-}
+}

package/templates/(public)/page.tsx CHANGED Viewed

@@ -69,7 +69,7 @@ function Home() {
                       <span className="text-sm font-medium">{t('auth.authenticated')}</span>
                     </div>
                     <p className="text-lg">
-                      {t('auth.welcomeBack', { email: user.email })}
+                      {t('auth.welcomeBack', { email: user.email || '' })}
                     </p>
                     <Link href="/dashboard">
                       <Button size="lg" className="gap-2">

package/tests/cypress/e2e/_devtools/access.bdd.md ADDED Viewed

@@ -0,0 +1,262 @@
+---
+feature: DevTools Access Control
+priority: critical
+tags: [dev-area, access-control, security, roles]
+grepTags: [uat, feat-dev-area, smoke, regression]
+coverage: 7
+---
+# DevTools Access Control
+> Role-based access control tests for the /devtools area. Validates that Developer users can access all /devtools routes and /admin, while Superadmin and Member users are blocked.
+## @test ACCESS-001: Developer can access /devtools
+### Metadata
+- **Priority:** Critical
+- **Type:** Smoke
+- **Tags:** developer, access, home
+- **Grep:** `@smoke`
+```gherkin:en
+Scenario: Developer can access /devtools home page
+Given I am logged in as Developer (developer@nextspark.dev)
+When I visit /devtools
+Then I should be on /devtools home page
+And the home page container should be visible
+```
+```gherkin:es
+Scenario: Developer puede acceder a /devtools home page
+Given estoy logueado como Developer (developer@nextspark.dev)
+When visito /devtools
+Then deberia estar en /devtools home page
+And el contenedor de home page deberia estar visible
+```
+### Expected Results
+- Developer successfully accesses /devtools
+- Home page renders correctly
+- No access denied errors
+---
+## @test ACCESS-002: Developer can access /devtools/style
+### Metadata
+- **Priority:** Critical
+- **Type:** Smoke
+- **Tags:** developer, access, style-gallery
+- **Grep:** `@smoke`
+```gherkin:en
+Scenario: Developer can access Style Gallery
+Given I am logged in as Developer (developer@nextspark.dev)
+When I visit /devtools/style
+Then the URL should include /devtools/style
+And the style page should be visible
+```
+```gherkin:es
+Scenario: Developer puede acceder a Style Gallery
+Given estoy logueado como Developer (developer@nextspark.dev)
+When visito /devtools/style
+Then la URL deberia incluir /devtools/style
+And la pagina de estilos deberia estar visible
+```
+### Expected Results
+- Style Gallery page loads successfully
+- All component sections available
+---
+## @test ACCESS-003: Developer can access /devtools/tests
+### Metadata
+- **Priority:** Critical
+- **Type:** Smoke
+- **Tags:** developer, access, test-cases
+- **Grep:** `@smoke`
+```gherkin:en
+Scenario: Developer can access Test Cases viewer
+Given I am logged in as Developer (developer@nextspark.dev)
+When I visit /devtools/tests
+Then the URL should include /devtools/tests
+And the tests page should be visible
+```
+```gherkin:es
+Scenario: Developer puede acceder al visor de Test Cases
+Given estoy logueado como Developer (developer@nextspark.dev)
+When visito /devtools/tests
+Then la URL deberia incluir /devtools/tests
+And la pagina de tests deberia estar visible
+```
+### Expected Results
+- Test Cases viewer loads successfully
+- File tree or empty state visible
+---
+## @test ACCESS-004: Developer can access /devtools/config
+### Metadata
+- **Priority:** Critical
+- **Type:** Smoke
+- **Tags:** developer, access, config
+- **Grep:** `@smoke`
+```gherkin:en
+Scenario: Developer can access Config Viewer
+Given I am logged in as Developer (developer@nextspark.dev)
+When I visit /devtools/config
+Then the URL should include /devtools/config
+And the config page should be visible
+```
+```gherkin:es
+Scenario: Developer puede acceder al Config Viewer
+Given estoy logueado como Developer (developer@nextspark.dev)
+When visito /devtools/config
+Then la URL deberia incluir /devtools/config
+And la pagina de config deberia estar visible
+```
+### Expected Results
+- Config Viewer loads successfully
+- Theme and Entities tabs available
+---
+## @test ACCESS-005: Developer can access /admin (inherited)
+### Metadata
+- **Priority:** High
+- **Type:** Regression
+- **Tags:** developer, admin, inherited
+```gherkin:en
+Scenario: Developer can access Admin area
+Given I am logged in as Developer (developer@nextspark.dev)
+When I visit /admin
+Then the URL should include /admin
+And the Admin container should be visible
+```
+```gherkin:es
+Scenario: Developer puede acceder al area Admin
+Given estoy logueado como Developer (developer@nextspark.dev)
+When visito /admin
+Then la URL deberia incluir /admin
+And el contenedor de Admin deberia estar visible
+```
+### Expected Results
+- Developer inherits superadmin privileges for Admin
+- Admin control panel accessible
+- No access denied redirect
+---
+## @test ACCESS-006: Superadmin is BLOCKED from /devtools
+### Metadata
+- **Priority:** Critical
+- **Type:** Smoke
+- **Tags:** superadmin, blocked, security
+- **Grep:** `@smoke`
+```gherkin:en
+Scenario: Superadmin is redirected when attempting to access /devtools
+Given I am logged in as Superadmin (superadmin@nextspark.dev)
+When I attempt to visit /devtools
+Then I should be redirected to /dashboard
+And the URL should include error=access_denied
+```
+```gherkin:es
+Scenario: Superadmin es redirigido al intentar acceder a /devtools
+Given estoy logueado como Superadmin (superadmin@nextspark.dev)
+When intento visitar /devtools
+Then deberia ser redirigido a /dashboard
+And la URL deberia incluir error=access_denied
+```
+### Expected Results
+- Superadmin cannot access /devtools area
+- Redirect to dashboard with error parameter
+- Access control working correctly
+---
+## @test ACCESS-007: Member is BLOCKED from /devtools
+### Metadata
+- **Priority:** Critical
+- **Type:** Smoke
+- **Tags:** member, blocked, security
+- **Grep:** `@smoke`
+```gherkin:en
+Scenario: Member is redirected when attempting to access /devtools
+Given I am logged in as Member (emily.johnson@nextspark.dev)
+When I attempt to visit /devtools
+Then I should be redirected to /dashboard
+And the URL should include error=access_denied
+```
+```gherkin:es
+Scenario: Member es redirigido al intentar acceder a /devtools
+Given estoy logueado como Member (emily.johnson@nextspark.dev)
+When intento visitar /devtools
+Then deberia ser redirigido a /dashboard
+And la URL deberia incluir error=access_denied
+```
+### Expected Results
+- Member cannot access /devtools area
+- Redirect to dashboard with error parameter
+- Access control working correctly
+---
+## UI Elements
+| Element | Selector | Description |
+|---------|----------|-------------|
+| Home Page | `[data-cy="dev-home-page"]` | Dev area home page container |
+| Style Page | `[data-cy="dev-style-page"]` | Style Gallery page container |
+| Tests Page | `[data-cy="dev-tests-page"]` | Test Cases viewer container |
+| Config Page | `[data-cy="dev-config-page"]` | Config Viewer page container |
+| Admin Container | `[data-cy="admin-container"]` | Admin main container |
+---
+## Summary
+| Test ID | Block | Description | Tags |
+|---------|-------|-------------|------|
+| ACCESS-001 | Developer Access | Developer can access /devtools home | `@smoke` |
+| ACCESS-002 | Developer Access | Developer can access /devtools/style | `@smoke` |
+| ACCESS-003 | Developer Access | Developer can access /devtools/tests | `@smoke` |
+| ACCESS-004 | Developer Access | Developer can access /devtools/config | `@smoke` |
+| ACCESS-005 | Inherited Access | Developer can access /admin | |
+| ACCESS-006 | Blocked Access | Superadmin BLOCKED from /devtools | `@smoke` |
+| ACCESS-007 | Blocked Access | Member BLOCKED from /devtools | `@smoke` |

package/tests/cypress/e2e/_devtools/access.cy.ts ADDED Viewed

@@ -0,0 +1,171 @@
+/// <reference types="cypress" />
+import * as allure from 'allure-cypress'
+import { DevtoolsPOM } from '../../src/features/DevtoolsPOM'
+import {
+  loginAsDefaultDeveloper,
+  loginAsDefaultSuperadmin,
+  loginAsDefaultMember,
+  CORE_USERS
+} from '../../src/session-helpers'
+/**
+ * DevTools Access Control Tests
+ *
+ * Tests the role-based access control for the /devtools area:
+ * - Developer users can access all /devtools routes
+ * - Developer users can access /admin (inherited privileges)
+ * - Superadmin users are BLOCKED from /devtools
+ * - Member users are BLOCKED from /devtools
+ *
+ * Test Users (from session-helpers):
+ * - Developer: developer@nextspark.dev (CORE_USERS.DEVELOPER)
+ * - Superadmin: superadmin@nextspark.dev (CORE_USERS.SUPERADMIN)
+ * - Member: emily.johnson@nextspark.dev (DEFAULT_THEME_USERS.MEMBER)
+ */
+describe('DevTools - Access Control', {
+  tags: ['@uat', '@feat-devtools', '@smoke', '@regression']
+}, () => {
+  const devtools = DevtoolsPOM.create()
+  beforeEach(() => {
+    allure.epic('UAT')
+    allure.feature('DevTools')
+    allure.story('Access Control')
+  })
+  describe('ACCESS-001: Developer can access /devtools', { tags: '@smoke' }, () => {
+    it('should allow developer to access /devtools home page', { tags: '@smoke' }, () => {
+      allure.severity('critical')
+      // 1. Login as developer
+      loginAsDefaultDeveloper()
+      // 2. Visit /devtools
+      devtools.visitHome()
+      // 3. Verify access granted
+      devtools.assertOnDevtoolsHome()
+      devtools.assertHomePageVisible()
+      cy.log(`✅ Developer (${CORE_USERS.DEVELOPER}) can access /devtools home page`)
+    })
+  })
+  describe('ACCESS-002: Developer can access /devtools/style', { tags: '@smoke' }, () => {
+    it('should allow developer to access Style Gallery', { tags: '@smoke' }, () => {
+      allure.severity('critical')
+      // 1. Login as developer
+      loginAsDefaultDeveloper()
+      // 2. Visit /devtools/style
+      devtools.visitStyleGallery()
+      // 3. Verify access granted
+      devtools.assertOnStyleGallery()
+      devtools.assertStylePageVisible()
+      cy.log(`✅ Developer can access /devtools/style`)
+    })
+  })
+  describe('ACCESS-003: Developer can access /devtools/tests', { tags: '@smoke' }, () => {
+    it('should allow developer to access Test Cases viewer', { tags: '@smoke' }, () => {
+      allure.severity('critical')
+      // 1. Login as developer
+      loginAsDefaultDeveloper()
+      // 2. Visit /devtools/tests
+      devtools.visitTestCases()
+      // 3. Verify access granted
+      devtools.assertOnTestCases()
+      devtools.assertTestsPageVisible()
+      cy.log(`✅ Developer can access /devtools/tests`)
+    })
+  })
+  describe('ACCESS-004: Developer can access /devtools/config', { tags: '@smoke' }, () => {
+    it('should allow developer to access Config Viewer', { tags: '@smoke' }, () => {
+      allure.severity('critical')
+      // 1. Login as developer
+      loginAsDefaultDeveloper()
+      // 2. Visit /devtools/config
+      devtools.visitConfig()
+      // 3. Verify access granted
+      devtools.assertOnConfig()
+      devtools.assertConfigPageVisible()
+      cy.log(`✅ Developer can access /devtools/config`)
+    })
+  })
+  describe('ACCESS-005: Developer can access /superadmin (inherited)', () => {
+    it('should allow developer to access Superadmin area', () => {
+      allure.severity('high')
+      // 1. Login as developer
+      loginAsDefaultDeveloper()
+      // 2. Visit /superadmin
+      cy.visit('/superadmin')
+      // 3. Verify access granted (developer inherits superadmin privileges)
+      devtools.assertOnSuperadmin()
+      cy.get('[data-cy="superadmin-container"]').should('be.visible')
+      cy.log(`✅ Developer can access /superadmin (inherited superadmin privileges)`)
+    })
+  })
+  describe('ACCESS-006: Superadmin is BLOCKED from /devtools', { tags: '@smoke' }, () => {
+    it('should redirect superadmin to /dashboard when attempting to access /devtools', { tags: '@smoke' }, () => {
+      allure.severity('critical')
+      // 1. Login as superadmin
+      loginAsDefaultSuperadmin()
+      // 2. Attempt to visit /devtools (should be blocked)
+      cy.visit('/devtools', { failOnStatusCode: false })
+      // 3. Verify redirected to /dashboard (access denied)
+      devtools.assertRedirectedToDashboard()
+      // 4. Should show access_denied error in URL
+      cy.url().should('include', 'error=access_denied')
+      cy.log(`✅ Superadmin (${CORE_USERS.SUPERADMIN}) correctly blocked from /devtools`)
+    })
+  })
+  describe('ACCESS-007: Member is BLOCKED from /devtools', { tags: '@smoke' }, () => {
+    it('should redirect member to /dashboard when attempting to access /devtools', { tags: '@smoke' }, () => {
+      allure.severity('critical')
+      // 1. Login as member
+      loginAsDefaultMember()
+      // 2. Attempt to visit /devtools (should be blocked)
+      cy.visit('/devtools', { failOnStatusCode: false })
+      // 3. Verify redirected to /dashboard (access denied)
+      devtools.assertRedirectedToDashboard()
+      // 4. Should show access_denied error in URL
+      cy.url().should('include', 'error=access_denied')
+      cy.log(`✅ Member correctly blocked from /devtools`)
+    })
+  })
+  after(() => {
+    cy.log('✅ DevTools access control tests completed')
+  })
+})