Add test cases

[dan-tang-ssd]

This PR is not yet ready for review. It is submitted for status update purpose.

[dan-tang-ssd]

I got some questions when I adding test cases:

1. After login, user will be redirected to institution page. As institution page is not accessible for all user (e.g. institutional member). Should we redirect user to a new page that shows all accessible menu items of that user?

2. We have a "dashboard" route which redirects to institution page. Considering we have institution, portfolio, initiative dashboards. Should we use another wording to avoid possible confusion? e.g. Main menu page, etc

3. Each institution is separated. We need to choose a way for selecting an institution in various features. (Portfolio CRUD panel, Institution / Portfolio / Initiative dashboard, etc) Should we centralise institution selection to a new feature, e.g. "Select Institution"?

[dan-tang-ssd]

Each institution is separated. We need to choose a way for selecting an institution in various features. (Portfolio CRUD panel, Institution / Portfolio / Initiative dashboard, etc) Should we centralise institution selection to a new feature, e.g. "Select Institution"?

I think this is a good idea. The Laravel Jetstream starter kit has a "teams" feature, where the "current team" is stored as a session variable, and you have that 'selected team' across the whole application. (info here). Maybe we could do something like that, where:

* for users linked to only 1 instutition, that institution is always selected.

* for users with access to multiple institutions, there is a drop-down in the top menu, where they can select the institution. Then the various pages automatically reflect the chosen institution.

How does that sound?

It sounds great. I will take a look on Laravel Jetstream starter kit and add the "feature" that we need.

For this PR

The test cases so far look good for read-access to different pages, and the "list" operation for the crud panels, though we'll need to also check what content is shown for some pages, e.g. the project crud panel - we should confirm that only the projects from the user's institution(s) are shown.

Thinking about what else we need:

* We need test cases to ensure that the ability to edit/update/delete is given to correct users. (This should cover not just loading the forms, but also the submission routes).

* We'll need to test that the various crud operations actually work. (We can copy the suite of CRUD tests from the Stats4SD main site and adapt).

* We should add tests related to the sending of invites + user registration flow.

* We should test the functionality of the project reviews (e.g., that a project is given the correct score in different scenarios)

Can we also split up the tests into sensibly named files (e.g. 1 file for the Role access testing, and 1 file for the menu items testing) rather than them all being in "ExamplePestTest"?

Yes, I will add more test cases as you advised. And split different tests into different files.

[dan-tang-ssd]

After working on drafting test cases a few days, may be it is a situation time to pause and review.

I am thinking whether we need a more concrete and comprehensive design, do program development, perform testing in front end, and then draft test cases.

For example, we should have system-level role "Site Admin" and "Site Manager", but "Institutional Admin", "Institutional Assessor" and "Institutional Member" should be institutional-level roles instead of system-level roles. Because one user can belong to two institutions with two different institutional roles. E.g. User is institutional admin for Institution A. But the same user is institutional member for Institution B.

We need different permission to the same user when different institution is selected. In my current test cases, it is not fulfilled as institutional users are system-level roles...

Another thing is I would like to list out all possible features that we need test cases. I have read through the functional specification document, list out all functional requirement and put them into an excel file. AEC_Function_List_20230420.xlsx

In "Functions" sheet, it shows a grid for different permissions and different roles. Hopefully we can draft test cases by referring to it.

---

TODO:

• Revise main menu to show appropriate menu items

• Apply Laravel Jetstream for team selection mechanism

• Revise institutional-level roles, how to get permissions for institutional-level roles?

• Apply Laravel backpack revisions feature to keep history of change for roject assessment

• Apply site-season concept to allow multiple assessment of the same project

• Add additional assessment dimensions for project assessment

• Maybe we can standardise the way on below items. Same way for one project, one portfolio, one institution, ALL projects, or just a list of project IDs

  • Get summarised data for dashboard visualisation in any level
  • Develop dashboard visualisation
  • Get summarised report data for PDF file generation
  • Develop PDF report
  • Get micro data for excel file extraction
  • Develop data extraction program

---

Some questions:

• User registration is no longer opened to public, only the invited person will receive email invitation. In this case, is reCAPTCHA tool still necessary?
• How to remove all personal data from the system as per GDPR requirements? (Overwrite personal data with dummy value? Or permanently remove related records?)
• How to remove all data for an institution (Soft-delete? Force-delete? Is it limited to database records only? Do we need to take care telescope logs, Laravel log files and invitation email sent?)

[dan-tang-ssd]

Removed old permission 27 Added new permissions 34 - 40 Revised seeder file

Latest function list excel file: AEC_Function_List_20230421_03.xlsx

[dan-tang-ssd]

Let me summarised my changes:

1. Revised permissions (see latest excel file, permissions without placeholders are highlighted in YELLOW)

2. Added select institution function for site admin, site manager (currently using GET, to be revised to use POST)

3. Added auto set default institution for institutional admin, assessor, member

4. Admin User Invites CRUD, create view, Role selection box, show Site Admin, Site Manager only

5. Institution Members CRUD, create view, Role selection box, show Institutional Admin, Institutional Assessor, Institutional Member only

6. Institution Members CRUD, Portfolios CRUD, Initiatives CRUD, show details for selected institution. Returns error 400 bad request if no institution selected yet

7. Need a way to load database tables and initial records before running PHP unit test (if mysql cannot import database dump file in Windows OS, use migration files + seeder files as an alternative)

[dan-tang-ssd]

This PR so far resolved issues #35, #36, #37

[dan-tang-ssd]

Oh... latest excel file here: AEC_Function_List_20230427_01.xlsx

[dave-mills]

This branch is the target for #46. I would like to merge this back into dev as soon as #46 is complete and merged in here. Then we can start next week with a single "dev" branch and build out new branches for the remaining features + tests / reviews.

[dave-mills]

Merging now, so we can continue from the unified dev branch with the remaining features + tests.