Developer
0a9588abb7
- Add pagination support to findAll (page, limit query params) - Add findByTemplateId method to service - Add GET /by-template/:templateId endpoint to controller - Service already includes CRUD for QuestionBank and QuestionBankItem
1.8 KiB
1.8 KiB
Admin Feature Verification Test Cases
1. User Management Access Control
- Non-admin users should NOT see the "User Management" menu item
- Admin users should see the "User Management" menu item
- Non-admin users attempting to access user management should get a permission error
- Admin users should be able to access user management successfully
2. Admin User Password Modification
- Admin users should see a "Change Password" button for each user in the user list
- Clicking the button should open a password change modal
- Admin users should be able to submit new passwords for other users
- The password change should persist in the backend
- Non-admin users should not have access to this functionality
3. Knowledge Base Upload Restrictions
- Non-admin users should NOT see the "Upload File" button in Knowledge Base View
- Admin users should see the "Upload File" button in Knowledge Base View
- Non-admin users attempting to upload directly via API should get a permission error
- Admin users should be able to upload files successfully
4. Knowledge Group Upload Restrictions
- Non-admin users should NOT see the "Add File" or "Import Folder" buttons in Knowledge Group View
- Admin users should see the "Add File" and "Import Folder" buttons in Knowledge Group View
- Non-admin users attempting to upload via API should get a permission error
- Admin users should be able to upload files to knowledge groups successfully
5. Backend Security
- Upload endpoints (POST /upload and POST /upload/text) should require AdminGuard
- Import task endpoint (POST /import-tasks) should require AdminGuard
- User update endpoint (PUT /users/:id) should accept password changes from admins
- All existing functionality should remain operational for authorized users