Spaces:
Sleeping
Sleeping
Profile Management Testing Guide
Complete guide for testing the hierarchical profile management system.
π― Test Scenarios
Scenario 1: Platform Admin Manages Field Agent Profiles
Actors:
- Lewis Kamau (Platform Admin) -
lewis.kamau421@gmail.com - Lesley Wanjiru (Field Agent) -
lesley@example.com - Irene (Field Agent) -
irene@example.com(if invited)
Flow:
- Lewis logs in as platform admin
- Lewis finds Lesley's user account
- Lewis views Lesley's profile and completion status
- Lewis updates Lesley's:
- Basic info (emergency contacts)
- Health info (blood type, allergies)
- PPE sizes (shirt, helmet, shoes)
- Lewis validates Lesley's profile is complete
- All changes are logged in audit trail
π Prerequisites
1. Lesley Must Accept Invitation First
# Run invitation acceptance test
node tests/integration/test_accept_invitation.js <invitation_token>
This creates Lesley's user account and returns her user_id.
2. Get Lesley's User ID
After acceptance, note the user_id from the response:
{
"user": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"email": "lesley@example.com",
"full_name": "Lesley Wanjiru"
}
}
π§ͺ Running the Tests
Test 1: Admin Authentication
node tests/integration/test_admin_edit_profiles.js
This test:
- β Logs in as Lewis (platform admin)
- β Finds Lesley's account
- β Shows available profile endpoints
- β Demonstrates the workflow
Test 2: Manual Profile Management
Once you have Lesley's user_id, use these curl commands:
Get Lesley's Complete Profile
curl -X GET https://kamau1-swiftops-backend.hf.space/api/v1/profile/{user_id} \
-H "Authorization: Bearer {admin_token}"
Check Edit Permissions
curl -X GET https://kamau1-swiftops-backend.hf.space/api/v1/profile/{user_id}/permissions \
-H "Authorization: Bearer {admin_token}"
Expected response:
{
"can_edit_basic_info": true,
"can_edit_health_info": true,
"can_edit_ppe_sizes": true,
"can_edit_location": true,
"can_edit_financial_accounts": true,
"can_upload_documents": true,
"can_edit_role": true,
"can_edit_status": true,
"can_assign_assets": true
}
Update Basic Info
curl -X PUT https://kamau1-swiftops-backend.hf.space/api/v1/profile/{user_id}/basic \
-H "Authorization: Bearer {admin_token}" \
-H "Content-Type: application/json" \
-d '{
"emergency_contact_name": "Jane Wanjiru",
"emergency_contact_phone": "+254723456789",
"phone_alternate": "+254798765432"
}'
Update Health Info
curl -X PUT https://kamau1-swiftops-backend.hf.space/api/v1/profile/{user_id}/health \
-H "Authorization: Bearer {admin_token}" \
-H "Content-Type: application/json" \
-d '{
"blood_type": "O+",
"allergies": "None",
"chronic_conditions": "None",
"medications": "None",
"last_medical_check": "2024-01-15",
"medical_notes": "Fit for field work"
}'
Update PPE Sizes
curl -X PUT https://kamau1-swiftops-backend.hf.space/api/v1/profile/{user_id}/ppe \
-H "Authorization: Bearer {admin_token}" \
-H "Content-Type: application/json" \
-d '{
"height": "165cm",
"weight": "60kg",
"shirt_size": "M",
"pants_size": "30",
"shoe_size": "38",
"helmet_size": "M",
"glove_size": "M",
"vest_size": "M"
}'
Validate Profile Completion
curl -X GET https://kamau1-swiftops-backend.hf.space/api/v1/profile/{user_id}/validation \
-H "Authorization: Bearer {admin_token}"
Expected response:
{
"is_valid": true,
"missing_fields": [],
"invalid_fields": {},
"warnings": []
}
π Verification Steps
1. Check Profile Completion
curl -X GET https://kamau1-swiftops-backend.hf.space/api/v1/profile/{user_id} \
-H "Authorization: Bearer {admin_token}"
Look for:
{
"completion_status": {
"basic_info": true,
"health_info": true,
"ppe_sizes": true,
"financial_accounts": false,
"documents": false,
"location": true,
"completion_percentage": 67
}
}
2. Verify Audit Logs
Check database:
SELECT
action,
description,
user_email,
changes,
created_at
FROM audit_logs
WHERE entity_type = 'user'
AND entity_id = '{user_id}'
ORDER BY created_at DESC
LIMIT 10;
Expected logs:
update- User updated their basic profileupdate- Manager updated user's health informationupdate- Manager updated user's PPE sizes
π Test Different Permission Levels
Test 1: Platform Admin (Lewis)
β Can edit ALL fields for ANY user
# Lewis can edit Lesley's profile
PUT /api/v1/profile/{lesley_id}/basic
PUT /api/v1/profile/{lesley_id}/health
PUT /api/v1/profile/{lesley_id}/ppe
Test 2: Field Agent (Lesley) - Self Edit
β Can edit OWN profile (limited fields)
# Lesley can edit her own profile
PUT /api/v1/profile/me/basic # Only phone_alternate, display_name
PUT /api/v1/profile/me/health # All fields
PUT /api/v1/profile/me/ppe # All fields
Test 3: Field Agent (Lesley) - Edit Others
β CANNOT edit other users' profiles
# Lesley CANNOT edit Irene's profile
PUT /api/v1/profile/{irene_id}/basic # 403 Forbidden
Test 4: Project Manager - Edit Team Members
β Can edit field agents in their projects
# Manager can edit their team's profiles
PUT /api/v1/profile/{field_agent_id}/basic
PUT /api/v1/profile/{field_agent_id}/ppe
π Expected Results
Profile Completion Progression
Initial State (After Invitation Acceptance):
{
"completion_percentage": 17,
"basic_info": true, // Name, phone from invitation
"health_info": false,
"ppe_sizes": false,
"financial_accounts": false,
"documents": false,
"location": false
}
After Admin Updates:
{
"completion_percentage": 67,
"basic_info": true, // β
Emergency contacts added
"health_info": true, // β
Blood type, allergies added
"ppe_sizes": true, // β
All sizes added
"financial_accounts": false, // β³ Lesley needs to add
"documents": false, // β³ Lesley needs to upload
"location": true // β
From invitation
}
Fully Complete:
{
"completion_percentage": 100,
"basic_info": true,
"health_info": true,
"ppe_sizes": true,
"financial_accounts": true, // β
Lesley added payout details
"documents": true, // β
Lesley uploaded ID
"location": true
}
π Troubleshooting
Issue: "User not found"
Solution: Ensure Lesley accepted the invitation first
node tests/integration/test_accept_invitation.js <token>
Issue: "403 Forbidden"
Solution: Check you're using admin token, not field agent token
# Get fresh admin token
node tests/integration/test_admin_edit_profiles.js
Issue: "422 Validation Error"
Solution: Check field formats:
- Phone: Must start with
+(e.g.,+254712345678) - Blood type: Must be one of: A+, A-, B+, B-, AB+, AB-, O+, O-
- Sizes: Must be: XS, S, M, L, XL, XXL, XXXL
Issue: Cannot find user_id
Solution: Implement user search endpoint
# Add to src/app/api/v1/users.py
@router.get("/users")
async def search_users(
email: Optional[str] = None,
current_user: User = Depends(get_current_active_user),
db: Session = Depends(get_db)
):
query = db.query(User).filter(User.deleted_at == None)
if email:
query = query.filter(User.email == email)
return query.all()
π― Success Criteria
β Admin can login successfully β Admin can find field agent's account β Admin can view field agent's profile β Admin can check edit permissions (all should be true) β Admin can update basic info β Admin can update health info β Admin can update PPE sizes β Profile completion percentage increases β Profile validation shows no errors β All changes appear in audit logs β Field agent can see updated profile when they login
π Next Steps
After completing profile management tests:
- Financial Accounts - Test adding payout details
- Document Upload - Test uploading ID, license
- Asset Assignment - Test assigning equipment to field agents
- Project Creation - Create projects and assign team members
- Ticket Management - Create and assign tickets to field agents
π Related Tests
test_invitation_flow.js- Create and send invitationstest_accept_invitation.js- Accept invitation and create accounttest_auth_api.js- Basic authentication teststest_profile_management.py- Python unit tests for profile service
π Documentation
docs/agent/PROFILE_MANAGEMENT_IMPLEMENTATION.md- Implementation detailssrc/app/schemas/profile.py- Profile schemas and validationsrc/app/services/profile_service.py- Business logic and permissionssrc/app/api/v1/profile.py- API endpoints