This document outlines all possible test cases for the Laravel-based SES Dashboard application, covering authentication, authorization, email tracking, webhooks, multi-user/multi-project functionality, and administrative features.
- Login with valid credentials (admin user)
- Login with valid credentials (regular user)
- Login with invalid email
- Login with invalid password
- Login with empty credentials
- Login attempt with disabled/deleted user account
- Logout functionality
- Session persistence after login
- Session expiry handling
- Redirect to intended page after login
- Admin access to admin-only routes
- Regular user blocked from admin routes
- Unauthenticated user redirected to login
- User accessing their own profile
- User trying to access another user's data
- Admin can view all users list
- Admin can create new admin user
- Admin can create new regular user
- Admin can edit user details (name, email)
- Admin can change user password
- Admin can change user role (admin/user)
- Admin can delete regular user
- Admin cannot delete user ID=1 (protected user)
- Admin cannot change role of user ID=1
- Regular user cannot access user management
- Create user with duplicate email fails
- Create user with invalid email format fails
- Create user with weak password fails
- Update user with existing email fails
- Password confirmation mismatch fails
- Required fields validation (name, email, role)
- Admin can assign projects to regular users
- Admin users automatically access all projects
- User deletion removes all project assignments
- Project assignment sync on user role change
- Admin can view all projects
- Admin can create new project
- Admin can edit project details
- Admin can delete project
- Admin can assign users to projects
- Admin can remove users from projects
- Regular user cannot access project management
- Project tokens are unique and secure
- Project deletion removes all associated emails
- Project deletion removes user assignments
- Webhook URLs are properly generated
- Create project with duplicate name
- Create project with empty name fails
- Assign non-existent users to project fails
- Admin sees all projects data
- Regular user sees only assigned projects data
- User with no projects sees appropriate message
- Project dropdown shows only accessible projects
- API requests validate project access
- Admin can view emails from all projects
- Regular user can view only assigned project emails
- Project filtering respects user permissions
- Email details API validates project access
- Admin can export from all projects
- Regular user can export only assigned projects
- Export with invalid project ID returns 403
- Export respects project filtering
- Dashboard displays correct email counters
- Chart data reflects actual email events
- Date range filtering works correctly
- Project filtering updates dashboard data
- Timezone handling for chart data
- API returns correct data structure
- API validates project access
- API handles invalid date ranges
- API handles missing parameters gracefully
- API performance with large datasets
- API endpoints require authentication
- API respects project access permissions
- API prevents data leakage between projects
- Activity page displays email list
- Pagination works correctly
- Search functionality (email, subject)
- Date range filtering
- Event type filtering
- Project filtering
- Sorting by various columns
- List API returns paginated results
- List API validates project access
- Search API handles special characters
- Filter API handles empty results
- API performance with large datasets
- Email details modal shows correct data
- Details API validates email access
- Details API returns 404 for non-existent emails
- Event history displays correctly
- CSV export with all projects (admin)
- CSV export with assigned projects (regular user)
- CSV export with specific project
- CSV export with search filters
- CSV export with date range filters
- CSV export with event type filters
- CSV export handles empty results
- CSV export handles special characters
- CSV export handles NULL values
- Excel export with all projects (admin)
- Excel export with assigned projects (regular user)
- Excel export with specific project
- Excel export with search filters
- Excel export with date range filters
- Excel export with event type filters
- Excel export handles empty results
- Excel export handles special characters
- Excel export handles NULL values
- Excel export handles array data (destinations)
- Export validates project access
- Export returns 403 for unauthorized projects
- Export respects user project assignments
- Webhook handles SNS subscription confirmation
- Webhook validates SNS message structure
- Webhook confirms subscription automatically
- Webhook processes Send events
- Webhook processes Delivery events
- Webhook processes Bounce events
- Webhook processes Complaint events
- Webhook processes Open events
- Webhook processes Click events
- Webhook processes Reject events
- Webhook processes Rendering Failure events
- Webhook validates project token
- Webhook rejects invalid tokens
- Webhook validates project exists
- Webhook logs debug information
- Webhook creates Email records correctly
- Webhook creates EmailEvent records correctly
- Webhook handles duplicate events
- Webhook handles malformed JSON
- Webhook handles missing required fields
- Webhook updates email counters (opens, clicks)
- Send test email with valid data
- Send test email with invalid recipient
- Send test email with empty subject
- Send test email with empty message
- Send test email with configuration set
- Test email validation rules
- Mail sent through SES successfully
- Mail headers include tracking data
- Mail uses correct configuration set
- Mail sender validation
- User-Project many-to-many relationship
- Project-Email one-to-many relationship
- Email-EmailEvent one-to-many relationship
- User role constants and methods
- Project token generation
- Foreign key constraints work correctly
- Unique constraints prevent duplicates
- Required field constraints
- Data type constraints
- Email destination JSON handling
- Timestamp formatting
- Role validation
- getAccessibleProjects() returns correct projects for admin
- getAccessibleProjects() returns assigned projects for user
- getAccessibleProjectIds() returns correct IDs
- hasAccessToProjectId() validates access correctly
- Service handles users with no projects
- Factory creates CSV writer correctly
- Factory creates Excel writer correctly
- Factory handles invalid format gracefully
- Admin users pass through middleware
- Regular users are blocked
- Unauthenticated users are redirected
- Middleware preserves intended URL
- Admin can perform all project actions
- Regular user cannot perform project actions
- Policy validation for each CRUD operation
- Admin can manage all users except user ID=1 deletion
- Regular user cannot manage users
- User ID=1 protection in delete policy
- User creation validation
- User update validation
- Project creation validation
- Email sending validation
- Search and filter validation
- 404 errors for non-existent resources
- 403 errors for unauthorized access
- 422 errors for validation failures
- 500 errors handled gracefully
- Forms include CSRF tokens
- API endpoints validate CSRF tokens
- Invalid CSRF tokens rejected
- Search parameters sanitized
- Filter parameters sanitized
- User input properly escaped
- User input properly escaped in views
- JSON responses properly encoded
- File download headers secure
- Large dataset query performance
- Pagination performance
- Export performance with large datasets
- Dashboard API performance
- Export memory usage with large datasets
- Streaming response efficiency
- Database query optimization
- Complete user registration and project assignment flow
- End-to-end email tracking workflow
- Complete webhook processing workflow
- Multi-user project collaboration workflow
- User deletion impact on projects and emails
- Project deletion impact on users and emails
- Role changes impact on permissions
- Dashboard project selector updates data
- Activity project selector updates data
- Export button respects project selection
- Real-time UI updates
- Dashboard API integration
- Activity list API integration
- Email details API integration
- Database connection handling
- AWS SES configuration validation
- Mail driver configuration
- Cache configuration
- Debug mode behavior
- Logging configuration
- Error page rendering
- Database transaction handling
- Data consistency after operations
- Rollback functionality
- Authentication & Authorization Tests
- Project Access Control Tests
- Webhook Processing Tests
- User & Project Management Tests
- Email Tracking & Dashboard Tests
- Activity Management Tests
- Export Functionality Tests
- Security Tests
- Performance Tests
- Integration Tests
- Configuration Tests
- Error Handling Tests
- Multiple user accounts (admin and regular users)
- Multiple projects with different user assignments
- Sample email records with various statuses
- Sample email events for each event type
- Large datasets for performance testing
- Edge case data (NULL values, special characters)
- Isolated test database
- Mock AWS SES integration
- Test webhook endpoints
- Sample configuration files
- Use Laravel's built-in testing features (TestCase, DatabaseTransactions, etc.)
- Create factories for all models to generate test data
- Use feature tests for HTTP endpoints and unit tests for individual methods
- Mock external services (AWS SES) for reliable testing
- Implement continuous integration to run tests automatically
- Create separate test suites for different test categories
- Use database transactions to keep tests isolated
- Test with realistic data volumes to catch performance issues