plum-e2e 1.3.7 → 2.1.0

package/backend/services/userService.js

@@ -0,0 +1,114 @@
+/*
+ * This file is part of Plum.
+ *
+ * Plum is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Plum is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Plum. If not, see https://www.gnu.org/licenses/.
+ */
+
+const bcrypt = require('bcryptjs');
+const jwt = require('jsonwebtoken');
+const prisma = require('./prisma');
+
+const JWT_SECRET = process.env.JWT_SECRET || 'plum-dev-secret-change-in-production';
+const JWT_EXPIRY = '7d';
+const SALT_ROUNDS = 10;
+
+const userSelect = { id: true, name: true, email: true, role: true, createdAt: true };
+
+async function needsSetup() {
+	const count = await prisma.user.count();
+	return count === 0;
+}
+
+async function createUser({ name, email, password, role = 'user' }) {
+	const hashed = await bcrypt.hash(password, SALT_ROUNDS);
+	return prisma.user.create({
+		data: { name, email, password: hashed, role },
+		select: userSelect
+	});
+}
+
+async function login({ email, password }) {
+	const user = await prisma.user.findUnique({ where: { email } });
+	if (!user) return null;
+	const match = await bcrypt.compare(password, user.password);
+	if (!match) return null;
+	const token = jwt.sign(
+		{ userId: user.id, email: user.email, name: user.name, role: user.role },
+		JWT_SECRET,
+		{ expiresIn: JWT_EXPIRY }
+	);
+	return { token, user: { id: user.id, name: user.name, email: user.email, role: user.role } };
+}
+
+function verifyToken(token) {
+	return jwt.verify(token, JWT_SECRET);
+}
+
+async function getAll() {
+	return prisma.user.findMany({ select: userSelect, orderBy: { createdAt: 'asc' } });
+}
+
+async function getMembers() {
+	return prisma.user.findMany({
+		select: { id: true, name: true },
+		orderBy: { name: 'asc' }
+	});
+}
+
+async function getById(id) {
+	return prisma.user.findUnique({ where: { id }, select: userSelect });
+}
+
+async function updateProfile(id, { name, email }) {
+	if (email) {
+		const conflict = await prisma.user.findFirst({ where: { email, NOT: { id } } });
+		if (conflict) return { ok: false, error: 'Email already in use' };
+	}
+	const user = await prisma.user.update({
+		where: { id },
+		data: {
+			...(name !== undefined && { name }),
+			...(email !== undefined && { email })
+		},
+		select: userSelect
+	});
+	return { ok: true, user };
+}
+
+async function updatePassword(id, { currentPassword, newPassword }) {
+	const user = await prisma.user.findUnique({ where: { id } });
+	if (!user) return { ok: false, error: 'User not found' };
+	const match = await bcrypt.compare(currentPassword, user.password);
+	if (!match) return { ok: false, error: 'Current password is incorrect' };
+	const hashed = await bcrypt.hash(newPassword, SALT_ROUNDS);
+	await prisma.user.update({ where: { id }, data: { password: hashed } });
+	return { ok: true };
+}
+
+async function deleteUser(id) {
+	return prisma.user.delete({ where: { id } });
+}
+
+module.exports = {
+	needsSetup,
+	createUser,
+	login,
+	verifyToken,
+	getAll,
+	getMembers,
+	getById,
+	updateProfile,
+	updatePassword,
+	deleteUser
+};

package/backend/websockets/socketHandler.js

@@ -30,12 +30,13 @@ const socketHandler = (io) => {
 		const activeProcs = new Set();
 
 		socket.on('run-test', async (payload, legacyWorkers) => {
-			let tag, workers, browser, runners;
+			let tag, workers, browser, runners, testRunId;
 			if (typeof payload === 'string') {
 				tag = payload;
 				workers = Number(legacyWorkers) > 1 ? Number(legacyWorkers) : 1;
 				browser = 'chromium';
 				runners = [BUILT_IN_RUNNER_ID];
+				testRunId = null;
 			} else {
 				tag = payload.tag ?? '';
 				workers = Number(payload.workers) > 1 ? Number(payload.workers) : 1;
@@ -44,6 +45,7 @@ const socketHandler = (io) => {
 					Array.isArray(payload.runners) && payload.runners.length > 0
 						? payload.runners
 						: [BUILT_IN_RUNNER_ID];
+				testRunId = payload.testRunId ?? null;
 			}
 
 			// Drop runner ids that no longer exist (e.g. a deleted runner still
@@ -61,9 +63,9 @@ const socketHandler = (io) => {
 			const isSingleBuiltIn = runners.length === 1 && runners[0] === BUILT_IN_RUNNER_ID;
 
 			if (isSingleBuiltIn) {
-				runBuiltIn(io, socket, activeProcs, tag, workers, browser);
+				runBuiltIn(io, socket, activeProcs, tag, workers, browser, testRunId);
 			} else {
-				runDistributed(io, socket, activeProcs, tag, workers, browser, runners);
+				runDistributed(io, socket, activeProcs, tag, workers, browser, runners, testRunId);
 			}
 		});
 
@@ -85,7 +87,7 @@ const socketHandler = (io) => {
 // Single built-in runner
 // ---------------------------------------------------------------------------
 
-function runBuiltIn(io, socket, activeProcs, tag, workers, browser) {
+function runBuiltIn(io, socket, activeProcs, tag, workers, browser, testRunId) {
 	const env = {
 		...process.env,
 		TAG: tag,
@@ -94,6 +96,7 @@ function runBuiltIn(io, socket, activeProcs, tag, workers, browser) {
 		BROWSER: browser
 	};
 	if (workers > 1) env.PARALLEL = String(workers);
+	if (testRunId) env.TEST_RUN_ID = testRunId;
 
 	const proc = spawn('npm', ['run', 'test'], { env, shell: true });
 	activeProcs.add(proc);
@@ -114,7 +117,16 @@ function runBuiltIn(io, socket, activeProcs, tag, workers, browser) {
 // Distributed (multi-runner) path
 // ---------------------------------------------------------------------------
 
-async function runDistributed(io, socket, activeProcs, tag, workers, browser, runnerIds) {
+async function runDistributed(
+	io,
+	socket,
+	activeProcs,
+	tag,
+	workers,
+	browser,
+	runnerIds,
+	testRunId
+) {
 	const allIds = getTestIdsForTag(tag);
 	const chunks = chunkTests(allIds, runnerIds.length);
 
@@ -170,7 +182,8 @@ async function runDistributed(io, socket, activeProcs, tag, workers, browser, ru
 					overallCode,
 					tag,
 					triggerType: TRIGGER_TYPE.MANUAL,
-					browser
+					browser,
+					testRunId: testRunId ?? null
 				})
 				.then((saved) => {
 					// Result is authoritative from the merged report, not the exit code —

package/bin/plum.js

@@ -279,8 +279,75 @@ async function serverStart() {
 	applyServerConfig(cfg);
 	clack.log.info(`UI:                    ${pc.cyan(`http://localhost:${cfg.frontendPort}`)}`);
 	clack.log.info(`Nodes register against: ${pc.dim(cfg.primaryPublicUrl)}`);
-	execSync('docker compose up --build', { cwd: plumRoot, stdio: 'inherit' });
-	clack.outro(pc.dim('Plum server stopped.'));
+
+	execSync('docker compose up --build -d', { cwd: plumRoot, stdio: 'inherit' });
+
+	const apiBase = `http://localhost:${cfg.backendPort}`;
+	const s = clack.spinner();
+	s.start('Waiting for server to be ready…');
+	let ready = false;
+	for (let i = 0; i < 40; i++) {
+		await new Promise((r) => setTimeout(r, 1500));
+		try {
+			const res = await fetch(`${apiBase}/auth/needs-setup`);
+			if (res.ok) {
+				ready = true;
+				break;
+			}
+		} catch {}
+	}
+	s.stop(ready ? pc.green('✓ Server is ready') : pc.yellow('Server may still be starting'));
+
+	if (ready) {
+		let needsSetup = false;
+		try {
+			const res = await fetch(`${apiBase}/auth/needs-setup`);
+			const data = await res.json();
+			needsSetup = data.needsSetup;
+		} catch {}
+
+		if (needsSetup) {
+			clack.log.info('No users found — create your first account to get started.');
+
+			const name = await clack.text({ message: 'Your name', placeholder: 'Jane Smith' });
+			if (clack.isCancel(name)) {
+				clack.log.warn('Skipped. Create a user at /setup in the UI.');
+			} else {
+				const email = await clack.text({
+					message: 'Email address',
+					placeholder: 'jane@example.com'
+				});
+				if (clack.isCancel(email)) {
+					clack.log.warn('Skipped. Create a user at /setup in the UI.');
+				} else {
+					const password = await clack.password({ message: 'Password (min 8 characters)' });
+					if (clack.isCancel(password)) {
+						clack.log.warn('Skipped. Create a user at /setup in the UI.');
+					} else {
+						try {
+							const res = await fetch(`${apiBase}/auth/setup`, {
+								method: 'POST',
+								headers: { 'Content-Type': 'application/json' },
+								body: JSON.stringify({ name, email, password })
+							});
+							if (res.ok) {
+								clack.log.success(`Account created for ${email}. You can now log in.`);
+							} else {
+								const err = await res.json();
+								clack.log.error(`Failed to create account: ${err.error ?? 'unknown error'}`);
+							}
+						} catch (e) {
+							clack.log.error(`Failed to create account: ${e.message}`);
+						}
+					}
+				}
+			}
+		}
+	}
+
+	clack.log.info(pc.dim('Streaming logs (Ctrl+C to detach — server keeps running):'));
+	execSync('docker compose logs -f', { cwd: plumRoot, stdio: 'inherit' });
+	clack.outro(pc.dim('Detached from logs. Run "docker compose down" to stop.'));
 }
 
 async function serverReconfig() {
@@ -588,7 +655,7 @@ switch (command) {
 				const readmeContent = [
 					'# My Tests',
 					'',
-					'Powered by [Plum](https://github.com/silverlunah/plum) — Playwright + Cucumber.',
+					'Powered by [Plum](https://github.com/silverlunah/plum) — Playwright + Cucumber + Test Repository.',
 					'',
 					'## Getting Started',
 					'',
@@ -599,15 +666,16 @@ switch (command) {
 					'   ```bash',
 					'   plum run-test',
 					'   ```',
-					'3. **Write your first test** — edit a file in `tests/features/` or generate a step:',
+					'3. **Write your first test** — scaffold a full feature or generate a single step:',
 					'   ```bash',
-					'   plum create-step',
+					'   plum create-test   # scaffold .feature + Page.ts + Steps.ts',
+					'   plum create-step   # add a single step to an existing file',
 					'   ```',
-					'4. **Start the full UI** (requires Docker) to trigger tests and view reports in the browser:',
+					'4. **Start the full UI** (requires Docker) to trigger tests, view reports, and manage your test repository:',
 					'   ```bash',
 					'   plum start',
 					'   ```',
-					'   Then open **http://localhost:5173**.',
+					'   On first run, Plum asks you to create an admin account. Then open **http://localhost:5173** and sign in.',
 					'',
 					'---',
 					'',
@@ -667,6 +735,19 @@ switch (command) {
 					'',
 					'---',
 					'',
+					'## Test Repository',
+					'',
+					'Plum includes a built-in test case management system. Access it from the **Test Repository** tab in the UI.',
+					'',
+					'- **Test Suites** — Group related test cases. Each suite gets an auto-assigned ID (e.g. `TS-001`).',
+					'- **Test Cases** — Document steps (Action / Test Data / Expected Output), set priority, and assign a Cucumber `@tag` to link automation.',
+					'- **Test Runs** — Build a run from any combination of cases, execute them one by one (pass/fail/blocked/skip), and track history.',
+					'- **Auto-linking** — When a build completes, Plum matches Cucumber scenario tags against `automatedTag` values on your test cases and marks them as automated.',
+					'',
+					'To link a test case to automation, set its **Automated tag** (e.g. `test-login-1`) to match the `@tag` on the Cucumber scenario.',
+					'',
+					'---',
+					'',
 					'## Cucumber & Gherkin Resources',
 					'',
 					'New to Cucumber? These links will get you up to speed quickly:',
@@ -700,8 +781,9 @@ switch (command) {
 				`${pc.bold('Start the full UI')}  ${pc.dim('(requires Docker)')}`,
 				`  ${pc.cyan('plum server start')}`,
 				'',
-				`${pc.bold('Generate a step definition')}`,
-				`  ${pc.cyan('plum create-step')}`
+				`${pc.bold('Generate tests')}`,
+				`  ${pc.cyan('plum create-test')}         scaffold a new feature`,
+				`  ${pc.cyan('plum create-step')}         add a step definition`
 			].join('\n'),
 			'Next steps'
 		);
@@ -885,6 +967,19 @@ switch (command) {
 		break;
 	}
 
+	case 'create-test': {
+		const createTestScript = path.join(plumRoot, 'backend', 'config', 'scripts', 'create-test.mjs');
+		execSync(`node "${createTestScript}"`, {
+			cwd: process.cwd(),
+			stdio: 'inherit',
+			env: {
+				...process.env,
+				TESTS_ROOT: userTestsPath
+			}
+		});
+		break;
+	}
+
 	default:
 		console.log('--------------------------------------\n');
 		console.log('Usage: plum <command>\n');
@@ -918,5 +1013,6 @@ switch (command) {
 		console.log('    --parallel <n>     Run across n parallel workers');
 		console.log('    --browser <name>   chromium | firefox (default: chromium)');
 		console.log('  create-step          Interactively scaffold a new step definition');
+		console.log('  create-test          Scaffold a new .feature + Page.ts + Steps.ts');
 		console.log('\n--------------------------------------\n');
 }

package/frontend/src/lib/api/auth.js

@@ -0,0 +1,69 @@
+/*
+ * This file is part of Plum.
+ *
+ * Plum is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Plum is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Plum. If not, see https://www.gnu.org/licenses/.
+ */
+
+import { API_BASE } from '$lib/constants';
+
+export async function checkNeedsSetup() {
+	const res = await fetch(`${API_BASE}/auth/needs-setup`);
+	if (!res.ok) return false;
+	const data = await res.json();
+	return data.needsSetup;
+}
+
+export async function setup({ name, email, password }) {
+	const res = await fetch(`${API_BASE}/auth/setup`, {
+		method: 'POST',
+		headers: { 'Content-Type': 'application/json' },
+		body: JSON.stringify({ name, email, password })
+	});
+	const data = await res.json();
+	if (!res.ok) throw new Error(data.error ?? 'Setup failed');
+	return data;
+}
+
+export async function login({ email, password }) {
+	const res = await fetch(`${API_BASE}/auth/login`, {
+		method: 'POST',
+		headers: { 'Content-Type': 'application/json' },
+		body: JSON.stringify({ email, password })
+	});
+	const data = await res.json();
+	if (!res.ok) throw new Error(data.error ?? 'Login failed');
+	return data;
+}
+
+export async function updateProfile({ token, name, email }) {
+	const res = await fetch(`${API_BASE}/auth/update-profile`, {
+		method: 'PUT',
+		headers: { 'Content-Type': 'application/json', Authorization: `Bearer ${token}` },
+		body: JSON.stringify({ name, email })
+	});
+	const data = await res.json();
+	if (!res.ok) throw new Error(data.error ?? 'Failed to update profile');
+	return data;
+}
+
+export async function changePassword({ token, currentPassword, newPassword }) {
+	const res = await fetch(`${API_BASE}/auth/change-password`, {
+		method: 'POST',
+		headers: { 'Content-Type': 'application/json', Authorization: `Bearer ${token}` },
+		body: JSON.stringify({ currentPassword, newPassword })
+	});
+	const data = await res.json();
+	if (!res.ok) throw new Error(data.error ?? 'Failed to change password');
+	return data;
+}

package/frontend/src/lib/api/repository.js

@@ -0,0 +1,256 @@
+/*
+ * This file is part of Plum.
+ *
+ * Plum is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Plum is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Plum. If not, see https://www.gnu.org/licenses/.
+ */
+
+import { API_BASE, REPO_PAGE_SIZE } from '$lib/constants';
+import { auth } from '$lib/stores/auth';
+
+function getToken() {
+	return auth.getToken();
+}
+
+function authHeaders() {
+	return { 'Content-Type': 'application/json', Authorization: `Bearer ${getToken()}` };
+}
+
+// ── Test Suites ──────────────────────────────────────────────────────────────
+
+export async function fetchSuites({ page = 1, limit = REPO_PAGE_SIZE, sortBy, sortOrder } = {}) {
+	const params = new URLSearchParams({ page, limit });
+	if (sortBy) params.set('sortBy', sortBy);
+	if (sortOrder) params.set('sortOrder', sortOrder);
+	const res = await fetch(`${API_BASE}/test-suites?${params}`, { headers: authHeaders() });
+	if (!res.ok) throw new Error('Failed to fetch suites');
+	return res.json(); // { suites, total }
+}
+
+export async function fetchAllSuitesWithCases() {
+	const res = await fetch(`${API_BASE}/test-suites?withCases=true`, { headers: authHeaders() });
+	if (!res.ok) throw new Error('Failed to fetch suites');
+	const data = await res.json();
+	return data.suites;
+}
+
+export async function searchRepository(q) {
+	const enc = encodeURIComponent(q);
+	const [sRes, rRes] = await Promise.all([
+		fetch(`${API_BASE}/test-suites?q=${enc}`, { headers: authHeaders() }),
+		fetch(`${API_BASE}/test-runs?q=${enc}&limit=50`, { headers: authHeaders() })
+	]);
+	const { suites, cases } = await sRes.json();
+	const { runs } = await rRes.json();
+	return { suites, cases, runs };
+}
+
+export async function fetchSuite(id) {
+	const res = await fetch(`${API_BASE}/test-suites/${id}`, { headers: authHeaders() });
+	if (!res.ok) throw new Error('Suite not found');
+	const data = await res.json();
+	return data.suite;
+}
+
+export async function createSuite({ name, description, priority }) {
+	const res = await fetch(`${API_BASE}/test-suites`, {
+		method: 'POST',
+		headers: authHeaders(),
+		body: JSON.stringify({ name, description, priority })
+	});
+	const data = await res.json();
+	if (!res.ok) throw new Error(data.error ?? 'Failed to create suite');
+	return data.suite;
+}
+
+export async function updateSuite(id, { name, description, priority }) {
+	const res = await fetch(`${API_BASE}/test-suites/${id}`, {
+		method: 'PUT',
+		headers: authHeaders(),
+		body: JSON.stringify({ name, description, priority })
+	});
+	const data = await res.json();
+	if (!res.ok) throw new Error(data.error ?? 'Failed to update suite');
+	return data.suite;
+}
+
+export async function deleteSuite(id) {
+	const res = await fetch(`${API_BASE}/test-suites/${id}`, {
+		method: 'DELETE',
+		headers: authHeaders()
+	});
+	if (!res.ok) throw new Error('Failed to delete suite');
+}
+
+// ── Test Cases ───────────────────────────────────────────────────────────────
+
+export async function fetchTestCase(id) {
+	const res = await fetch(`${API_BASE}/test-cases/${id}`, { headers: authHeaders() });
+	if (!res.ok) throw new Error('Test case not found');
+	const data = await res.json();
+	return data.testCase;
+}
+
+export async function createTestCase({ suiteId, title, description, priority }) {
+	const res = await fetch(`${API_BASE}/test-cases`, {
+		method: 'POST',
+		headers: authHeaders(),
+		body: JSON.stringify({ suiteId, title, description, priority })
+	});
+	const data = await res.json();
+	if (!res.ok) throw new Error(data.error ?? 'Failed to create test case');
+	return data.testCase;
+}
+
+export async function updateTestCase(id, { title, description, priority }) {
+	const res = await fetch(`${API_BASE}/test-cases/${id}`, {
+		method: 'PUT',
+		headers: authHeaders(),
+		body: JSON.stringify({ title, description, priority })
+	});
+	const data = await res.json();
+	if (!res.ok) throw new Error(data.error ?? 'Failed to update test case');
+	return data.testCase;
+}
+
+export async function saveSteps(caseId, steps) {
+	const res = await fetch(`${API_BASE}/test-cases/${caseId}/steps`, {
+		method: 'PUT',
+		headers: authHeaders(),
+		body: JSON.stringify({ steps })
+	});
+	const data = await res.json();
+	if (!res.ok) throw new Error(data.error ?? 'Failed to save steps');
+	return data.steps;
+}
+
+export async function deleteTestCase(id) {
+	const res = await fetch(`${API_BASE}/test-cases/${id}`, {
+		method: 'DELETE',
+		headers: authHeaders()
+	});
+	if (!res.ok) throw new Error('Failed to delete test case');
+}
+
+// ── Test Runs ────────────────────────────────────────────────────────────────
+
+export async function fetchRuns({ page = 1, limit = REPO_PAGE_SIZE, sortBy, sortOrder } = {}) {
+	const params = new URLSearchParams({ page, limit });
+	if (sortBy) params.set('sortBy', sortBy);
+	if (sortOrder) params.set('sortOrder', sortOrder);
+	const res = await fetch(`${API_BASE}/test-runs?${params}`, { headers: authHeaders() });
+	if (!res.ok) throw new Error('Failed to fetch test runs');
+	return res.json(); // { runs, total }
+}
+
+export async function fetchRun(id) {
+	const res = await fetch(`${API_BASE}/test-runs/${id}`, { headers: authHeaders() });
+	if (!res.ok) throw new Error('Test run not found');
+	const data = await res.json();
+	return data.run;
+}
+
+export async function createRun({ title, caseIds }) {
+	const res = await fetch(`${API_BASE}/test-runs`, {
+		method: 'POST',
+		headers: authHeaders(),
+		body: JSON.stringify({ title, caseIds })
+	});
+	const data = await res.json();
+	if (!res.ok) throw new Error(data.error ?? 'Failed to create test run');
+	return data.run;
+}
+
+export async function updateRun(id, { title, status, caseIds }) {
+	const res = await fetch(`${API_BASE}/test-runs/${id}`, {
+		method: 'PUT',
+		headers: authHeaders(),
+		body: JSON.stringify({ title, status, caseIds })
+	});
+	const data = await res.json();
+	if (!res.ok) throw new Error(data.error ?? 'Failed to update test run');
+	return data.run;
+}
+
+export async function duplicateRun(id) {
+	const res = await fetch(`${API_BASE}/test-runs/${id}/duplicate`, {
+		method: 'POST',
+		headers: authHeaders()
+	});
+	const data = await res.json();
+	if (!res.ok) throw new Error(data.error ?? 'Failed to duplicate run');
+	return data.run;
+}
+
+export async function deleteRun(id) {
+	const res = await fetch(`${API_BASE}/test-runs/${id}`, {
+		method: 'DELETE',
+		headers: authHeaders()
+	});
+	if (!res.ok) throw new Error('Failed to delete test run');
+}
+
+export async function recordEntryResult(entryId, { status, notes }) {
+	const res = await fetch(`${API_BASE}/test-runs/entries/${entryId}/result`, {
+		method: 'POST',
+		headers: authHeaders(),
+		body: JSON.stringify({ status, notes })
+	});
+	const data = await res.json();
+	if (!res.ok) throw new Error(data.error ?? 'Failed to record result');
+	return data.entry;
+}
+
+export async function assignEntry(entryId, userId) {
+	const res = await fetch(`${API_BASE}/test-runs/entries/${entryId}/assign`, {
+		method: 'PUT',
+		headers: authHeaders(),
+		body: JSON.stringify({ userId: userId ?? null })
+	});
+	const data = await res.json();
+	if (!res.ok) throw new Error(data.error ?? 'Failed to assign entry');
+	return data.entry;
+}
+
+export async function fetchMembers() {
+	const res = await fetch(`${API_BASE}/users/members`, { headers: authHeaders() });
+	if (!res.ok) throw new Error('Failed to fetch members');
+	const data = await res.json();
+	return data.users;
+}
+
+// ── Prefixes ─────────────────────────────────────────────────────────────────
+
+export async function fetchPrefixes() {
+	const res = await fetch(`${API_BASE}/settings/test-prefixes`, { headers: authHeaders() });
+	if (!res.ok) throw new Error('Failed to fetch prefixes');
+	return res.json();
+}
+
+export async function savePrefixes({ testCasePrefix, testSuitePrefix }) {
+	const res = await fetch(`${API_BASE}/settings/test-prefixes`, {
+		method: 'POST',
+		headers: authHeaders(),
+		body: JSON.stringify({ testCasePrefix, testSuitePrefix })
+	});
+	return res.json();
+}
+
+export async function migratePrefixes({ testCasePrefix, testSuitePrefix }) {
+	const res = await fetch(`${API_BASE}/settings/test-prefixes/migrate`, {
+		method: 'POST',
+		headers: authHeaders(),
+		body: JSON.stringify({ testCasePrefix, testSuitePrefix })
+	});
+	return res.json();
+}