gbanyan/usher-manage-stack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
gbanyan
2025-11-20 23:21:05 +08:00
commit 13bc6db529
378 changed files with 54527 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

386
docs/API_ROUTES.md Normal file
View File

@@ -0,0 +1,386 @@
# API Routes Documentation
## Taiwan NPO Membership Management System
**Last Updated:** 2025-11-20
This document provides a complete routing table for the application.
---
## Route Legend
**Middleware:**
- `auth` - Requires authentication
- `admin` - Requires admin role/permission (via EnsureUserIsAdmin)
- `verified` - Requires email verification
- `paid` - Requires active paid membership (via CheckPaidMembership)
**HTTP Methods:**
- `GET` - Retrieve resource
- `POST` - Create resource
- `PATCH` - Update resource
- `DELETE` - Delete resource
---
## 1. Public Routes
| Method | URI | Name | Controller@Method | Middleware | Description |
|--------|-----|------|-------------------|------------|-------------|
| GET | `/` | - | Closure | - | Welcome page |
| GET | `/register/member` | register.member | PublicMemberRegistrationController@create | - | Public member registration form |
| POST | `/register/member` | register.member.store | PublicMemberRegistrationController@store | - | Process public registration |
---
## 2. Authentication Routes
Provided by Laravel Breeze (`routes/auth.php`):
| Method | URI | Name | Description |
|--------|-----|------|-------------|
| GET | `/login` | login | Login form |
| POST | `/login` | - | Process login |
| POST | `/logout` | logout | Logout |
| GET | `/register` | register | Registration form (default Laravel) |
| POST | `/register` | - | Process registration |
| GET | `/forgot-password` | password.request | Password reset request |
| POST | `/forgot-password` | password.email | Send reset email |
| GET | `/reset-password/{token}` | password.reset | Password reset form |
| POST | `/reset-password` | password.update | Update password |
| GET | `/verify-email` | verification.notice | Email verification notice |
| GET | `/verify-email/{id}/{hash}` | verification.verify | Verify email |
| POST | `/email/verification-notification` | verification.send | Resend verification |
---
## 3. Authenticated Member Routes
**Middleware:** `auth`
| Method | URI | Name | Controller@Method | Description |
|--------|-----|------|-------------------|-------------|
| GET | `/dashboard` | dashboard | Closure | Default dashboard |
| GET | `/my-membership` | member.dashboard | MemberDashboardController@show | Member dashboard |
| GET | `/member/submit-payment` | member.payments.create | MemberPaymentController@create | Payment submission form |
| POST | `/member/payments` | member.payments.store | MemberPaymentController@store | Submit payment |
| GET | `/profile` | profile.edit | ProfileController@edit | Edit profile |
| PATCH | `/profile` | profile.update | ProfileController@update | Update profile |
| DELETE | `/profile` | profile.destroy | ProfileController@destroy | Delete account |
---
## 4. Admin Routes
**Middleware:** `auth`, `admin`
**Prefix:** `/admin`
**Name Prefix:** `admin.`
### 4.1 Dashboard
| Method | URI | Name | Controller@Method | Description |
|--------|-----|------|-------------------|-------------|
| GET | `/admin/dashboard` | admin.dashboard | AdminDashboardController@index | Admin dashboard |
---
### 4.2 Member Management
| Method | URI | Name | Controller@Method | Required Permission | Description |
|--------|-----|------|-------------------|-------------------|-------------|
| GET | `/admin/members` | admin.members.index | AdminMemberController@index | - | List members |
| GET | `/admin/members/create` | admin.members.create | AdminMemberController@create | - | Create form |
| POST | `/admin/members` | admin.members.store | AdminMemberController@store | - | Store member |
| GET | `/admin/members/{member}` | admin.members.show | AdminMemberController@show | - | Show member |
| GET | `/admin/members/{member}/edit` | admin.members.edit | AdminMemberController@edit | - | Edit form |
| PATCH | `/admin/members/{member}` | admin.members.update | AdminMemberController@update | - | Update member |
| PATCH | `/admin/members/{member}/roles` | admin.members.roles.update | AdminMemberController@updateRoles | - | Update member roles |
| GET | `/admin/members/{member}/activate` | admin.members.activate | AdminMemberController@showActivate | activate_memberships | Activation form |
| POST | `/admin/members/{member}/activate` | admin.members.activate.store | AdminMemberController@activate | activate_memberships | Activate membership |
| GET | `/admin/members/import` | admin.members.import-form | AdminMemberController@importForm | - | Import form |
| POST | `/admin/members/import` | admin.members.import | AdminMemberController@import | - | Import CSV |
| GET | `/admin/members/export` | admin.members.export | AdminMemberController@export | - | Export CSV |
---
### 4.3 Payment Management (Admin)
| Method | URI | Name | Controller@Method | Description |
|--------|-----|------|-------------------|-------------|
| GET | `/admin/members/{member}/payments/create` | admin.members.payments.create | AdminPaymentController@create | Create payment form |
| POST | `/admin/members/{member}/payments` | admin.members.payments.store | AdminPaymentController@store | Store payment |
| GET | `/admin/members/{member}/payments/{payment}/edit` | admin.members.payments.edit | AdminPaymentController@edit | Edit payment form |
| PATCH | `/admin/members/{member}/payments/{payment}` | admin.members.payments.update | AdminPaymentController@update | Update payment |
| DELETE | `/admin/members/{member}/payments/{payment}` | admin.members.payments.destroy | AdminPaymentController@destroy | Delete payment |
| GET | `/admin/members/{member}/payments/{payment}/receipt` | admin.members.payments.receipt | AdminPaymentController@receipt | Download receipt |
---
### 4.4 Payment Verification
| Method | URI | Name | Controller@Method | Required Permission | Description |
|--------|-----|------|-------------------|-------------------|-------------|
| GET | `/admin/payment-verifications` | admin.payment-verifications.index | PaymentVerificationController@index | view_payment_verifications | Dashboard |
| GET | `/admin/payment-verifications/{payment}` | admin.payment-verifications.show | PaymentVerificationController@show | view_payment_verifications | Payment details |
| POST | `/admin/payment-verifications/{payment}/approve-cashier` | admin.payment-verifications.approve-cashier | PaymentVerificationController@approveByCashier | verify_payments_cashier | Tier 1 approval |
| POST | `/admin/payment-verifications/{payment}/approve-accountant` | admin.payment-verifications.approve-accountant | PaymentVerificationController@approveByAccountant | verify_payments_accountant | Tier 2 approval |
| POST | `/admin/payment-verifications/{payment}/approve-chair` | admin.payment-verifications.approve-chair | PaymentVerificationController@approveByChair | verify_payments_chair | Tier 3 approval |
| POST | `/admin/payment-verifications/{payment}/reject` | admin.payment-verifications.reject | PaymentVerificationController@reject | verify_payments_* | Reject payment |
| GET | `/admin/payment-verifications/{payment}/receipt` | admin.payment-verifications.download-receipt | PaymentVerificationController@downloadReceipt | view_payment_verifications | Download receipt |
---
### 4.5 Finance Documents
| Method | URI | Name | Controller@Method | Description |
|--------|-----|------|-------------------|-------------|
| GET | `/admin/finance-documents` | admin.finance.index | FinanceDocumentController@index | List documents |
| GET | `/admin/finance-documents/create` | admin.finance.create | FinanceDocumentController@create | Create form |
| POST | `/admin/finance-documents` | admin.finance.store | FinanceDocumentController@store | Store document |
| GET | `/admin/finance-documents/{financeDocument}` | admin.finance.show | FinanceDocumentController@show | Show document |
| POST | `/admin/finance-documents/{financeDocument}/approve` | admin.finance.approve | FinanceDocumentController@approve | Approve (multi-tier) |
| POST | `/admin/finance-documents/{financeDocument}/reject` | admin.finance.reject | FinanceDocumentController@reject | Reject |
| GET | `/admin/finance-documents/{financeDocument}/download` | admin.finance.download | FinanceDocumentController@download | Download attachment |
---
### 4.6 Issue Tracking
| Method | URI | Name | Controller@Method | Description |
|--------|-----|------|-------------------|-------------|
| GET | `/admin/issues` | admin.issues.index | IssueController@index | List issues |
| GET | `/admin/issues/create` | admin.issues.create | IssueController@create | Create form |
| POST | `/admin/issues` | admin.issues.store | IssueController@store | Store issue |
| GET | `/admin/issues/{issue}` | admin.issues.show | IssueController@show | Show issue |
| GET | `/admin/issues/{issue}/edit` | admin.issues.edit | IssueController@edit | Edit form |
| PATCH | `/admin/issues/{issue}` | admin.issues.update | IssueController@update | Update issue |
| DELETE | `/admin/issues/{issue}` | admin.issues.destroy | IssueController@destroy | Delete issue |
| POST | `/admin/issues/{issue}/assign` | admin.issues.assign | IssueController@assign | Assign user |
| PATCH | `/admin/issues/{issue}/status` | admin.issues.update-status | IssueController@updateStatus | Update status |
| POST | `/admin/issues/{issue}/comments` | admin.issues.comments.store | IssueController@addComment | Add comment |
| POST | `/admin/issues/{issue}/attachments` | admin.issues.attachments.store | IssueController@uploadAttachment | Upload file |
| GET | `/admin/issues/attachments/{attachment}/download` | admin.issues.attachments.download | IssueController@downloadAttachment | Download file |
| DELETE | `/admin/issues/attachments/{attachment}` | admin.issues.attachments.destroy | IssueController@deleteAttachment | Delete file |
| POST | `/admin/issues/{issue}/time-logs` | admin.issues.time-logs.store | IssueController@logTime | Log time |
| POST | `/admin/issues/{issue}/watchers` | admin.issues.watchers.store | IssueController@addWatcher | Add watcher |
| DELETE | `/admin/issues/{issue}/watchers` | admin.issues.watchers.destroy | IssueController@removeWatcher | Remove watcher |
---
### 4.7 Issue Labels
| Method | URI | Name | Controller@Method | Description |
|--------|-----|------|-------------------|-------------|
| GET | `/admin/issue-labels` | admin.issue-labels.index | IssueLabelController@index | List labels |
| GET | `/admin/issue-labels/create` | admin.issue-labels.create | IssueLabelController@create | Create form |
| POST | `/admin/issue-labels` | admin.issue-labels.store | IssueLabelController@store | Store label |
| GET | `/admin/issue-labels/{issueLabel}/edit` | admin.issue-labels.edit | IssueLabelController@edit | Edit form |
| PATCH | `/admin/issue-labels/{issueLabel}` | admin.issue-labels.update | IssueLabelController@update | Update label |
| DELETE | `/admin/issue-labels/{issueLabel}` | admin.issue-labels.destroy | IssueLabelController@destroy | Delete label |
---
### 4.8 Issue Reports
| Method | URI | Name | Controller@Method | Description |
|--------|-----|------|-------------------|-------------|
| GET | `/admin/issue-reports` | admin.issue-reports.index | IssueReportsController@index | View reports |
---
### 4.9 Budget Management
| Method | URI | Name | Controller@Method | Description |
|--------|-----|------|-------------------|-------------|
| GET | `/admin/budgets` | admin.budgets.index | BudgetController@index | List budgets |
| GET | `/admin/budgets/create` | admin.budgets.create | BudgetController@create | Create form |
| POST | `/admin/budgets` | admin.budgets.store | BudgetController@store | Store budget |
| GET | `/admin/budgets/{budget}` | admin.budgets.show | BudgetController@show | Show budget |
| GET | `/admin/budgets/{budget}/edit` | admin.budgets.edit | BudgetController@edit | Edit form |
| PATCH | `/admin/budgets/{budget}` | admin.budgets.update | BudgetController@update | Update budget |
| POST | `/admin/budgets/{budget}/submit` | admin.budgets.submit | BudgetController@submit | Submit for approval |
| POST | `/admin/budgets/{budget}/approve` | admin.budgets.approve | BudgetController@approve | Approve budget |
| POST | `/admin/budgets/{budget}/activate` | admin.budgets.activate | BudgetController@activate | Activate budget |
| POST | `/admin/budgets/{budget}/close` | admin.budgets.close | BudgetController@close | Close budget |
| DELETE | `/admin/budgets/{budget}` | admin.budgets.destroy | BudgetController@destroy | Delete budget |
---
### 4.10 Transaction Management
| Method | URI | Name | Controller@Method | Description |
|--------|-----|------|-------------------|-------------|
| GET | `/admin/transactions` | admin.transactions.index | TransactionController@index | List transactions |
| GET | `/admin/transactions/create` | admin.transactions.create | TransactionController@create | Create form |
| POST | `/admin/transactions` | admin.transactions.store | TransactionController@store | Store transaction |
| GET | `/admin/transactions/{transaction}` | admin.transactions.show | TransactionController@show | Show transaction |
| GET | `/admin/transactions/{transaction}/edit` | admin.transactions.edit | TransactionController@edit | Edit form |
| PATCH | `/admin/transactions/{transaction}` | admin.transactions.update | TransactionController@update | Update transaction |
| DELETE | `/admin/transactions/{transaction}` | admin.transactions.destroy | TransactionController@destroy | Delete transaction |
---
### 4.11 Roles & Permissions
| Method | URI | Name | Controller@Method | Description |
|--------|-----|------|-------------------|-------------|
| GET | `/admin/roles` | admin.roles.index | AdminRoleController@index | List roles |
| GET | `/admin/roles/create` | admin.roles.create | AdminRoleController@create | Create form |
| POST | `/admin/roles` | admin.roles.store | AdminRoleController@store | Store role |
| GET | `/admin/roles/{role}` | admin.roles.show | AdminRoleController@show | Show role |
| GET | `/admin/roles/{role}/edit` | admin.roles.edit | AdminRoleController@edit | Edit form |
| PATCH | `/admin/roles/{role}` | admin.roles.update | AdminRoleController@update | Update role |
| POST | `/admin/roles/{role}/assign-users` | admin.roles.assign-users | AdminRoleController@assignUsers | Assign users |
| DELETE | `/admin/roles/{role}/users/{user}` | admin.roles.remove-user | AdminRoleController@removeUser | Remove user |
---
### 4.12 Audit Logs
| Method | URI | Name | Controller@Method | Description |
|--------|-----|------|-------------------|-------------|
| GET | `/admin/audit-logs` | admin.audit.index | AdminAuditLogController@index | List audit logs |
| GET | `/admin/audit-logs/export` | admin.audit.export | AdminAuditLogController@export | Export CSV |
---
## 5. Route Count Summary
| Category | Routes | Middleware |
|----------|--------|------------|
| Public | 3 | None |
| Auth (Breeze) | ~12 | Varies |
| Member | 7 | auth |
| Admin Dashboard | 1 | auth, admin |
| Admin Members | 12 | auth, admin |
| Admin Payments | 6 | auth, admin |
| Payment Verification | 7 | auth, admin, permission-based |
| Finance Documents | 7 | auth, admin |
| Issues | 16 | auth, admin |
| Issue Labels | 6 | auth, admin |
| Issue Reports | 1 | auth, admin |
| Budgets | 11 | auth, admin |
| Transactions | 7 | auth, admin |
| Roles | 8 | auth, admin |
| Audit Logs | 2 | auth, admin |
| **TOTAL** | **~106+** | - |
---
## 6. Permission Requirements
### Payment Verification Permissions
| Permission | Description | Can Perform |
|------------|-------------|-------------|
| `verify_payments_cashier` | Tier 1 approval | Approve as cashier |
| `verify_payments_accountant` | Tier 2 approval | Approve as accountant |
| `verify_payments_chair` | Tier 3 approval | Approve as chair |
| `activate_memberships` | Membership activation | Activate members |
| `view_payment_verifications` | View dashboard | Access verification dashboard |
### Default Role Permissions
| Role | Has Permissions |
|------|----------------|
| admin | All permissions (automatic) |
| payment_cashier | verify_payments_cashier, view_payment_verifications |
| payment_accountant | verify_payments_accountant, view_payment_verifications |
| payment_chair | verify_payments_chair, view_payment_verifications |
| membership_manager | activate_memberships, view_payment_verifications |
---
## 7. Request/Response Examples
### 7.1 POST /member/payments (Submit Payment)
**Request:**
```http
POST /member/payments HTTP/1.1
Content-Type: multipart/form-data
amount=1000
paid_at=2025-11-20
payment_method=bank_transfer
reference=ATM123456
receipt=[FILE]
notes=Annual membership fee
```
**Response (Success):**
```http
HTTP/1.1 302 Found
Location: /my-membership
Session: status="Payment submitted successfully!"
```
---
### 7.2 POST /admin/payment-verifications/{id}/approve-cashier
**Request:**
```http
POST /admin/payment-verifications/123/approve-cashier HTTP/1.1
Content-Type: application/x-www-form-urlencoded
notes=Receipt verified
```
**Response (Success):**
```http
HTTP/1.1 302 Found
Location: /admin/payment-verifications
Session: status="Payment approved by cashier."
```
**Response (Error - No Permission):**
```http
HTTP/1.1 403 Forbidden
```
---
### 7.3 GET /admin/issues (With Filters)
**Request:**
```http
GET /admin/issues?status=open&priority=urgent&search=login HTTP/1.1
```
**Response:**
```http
HTTP/1.1 200 OK
Content-Type: text/html
[Rendered Blade view with filtered issues]
```
---
## 8. CSRF Protection
All POST, PATCH, PUT, DELETE requests require CSRF token:
```html
<form method="POST" action="/admin/members">
@csrf
<!-- form fields -->
</form>
```
Or via JavaScript:
```javascript
fetch('/admin/members', {
method: 'POST',
headers: {
'X-CSRF-TOKEN': document.querySelector('meta[name="csrf-token"]').content,
'Content-Type': 'application/json',
},
body: JSON.stringify(data)
})
```
---
**End of API Routes Documentation**

933
docs/FEATURE_MATRIX.md Normal file
View File

@@ -0,0 +1,933 @@
# Feature Matrix
## Taiwan NPO Membership Management System
**Last Updated:** 2025-11-20
This document provides a comprehensive feature-by-feature breakdown of the system, implementation status, and related files.
---
## Feature Status Legend
- ✅ **Complete** - Fully implemented and tested
- 🟡 **Partial** - Partially implemented
- ❌ **Not Started** - Planned but not yet implemented
- 🔄 **In Progress** - Currently being developed
---
## 1. Member Management
### 1.1 Public Member Registration
**Status:** ✅ Complete
**Description:** Allow public users to self-register as members through a public form.
**Features:**
- Full registration form with personal details
- Address information
- Emergency contact
- Terms acceptance
- Auto-login after registration
- Welcome email
**Related Files:**
- Controller: `app/Http/Controllers/PublicMemberRegistrationController.php`
- View: `resources/views/register/member.blade.php`
- Model: `app/Models/Member.php`, `app/Models/User.php`
- Route: `GET/POST /register/member`
- Email: `app/Mail/MemberRegistrationWelcomeMail.php`
**Validation Rules:**
- full_name: required, string, max 255
- email: required, unique in users AND members
- password: required, confirmed, strong
- phone, national_id, address: optional
- terms_accepted: required, accepted
---
### 1.2 Admin Member Creation
**Status:** ✅ Complete
**Description:** Admins can manually create member records.
**Features:**
- Create member with or without user account
- Import members via CSV
- Export members to CSV/Excel
- Bulk member operations
**Related Files:**
- Controller: `app/Http/Controllers/AdminMemberController.php`
- Views: `resources/views/admin/members/{create,edit,index,show}.blade.php`
- Route: `POST /admin/members`
---
### 1.3 Member Profile Management
**Status:** ✅ Complete
**Description:** View and edit member information.
**Features:**
- View member details
- Edit personal information
- Update membership type
- View payment history
- View membership status
**Related Files:**
- Controller: `app/Http/Controllers/AdminMemberController.php`
- Views: `resources/views/admin/members/{show,edit}.blade.php`
- Route: `GET/PATCH /admin/members/{id}`
---
### 1.4 Member Search & Filtering
**Status:** ✅ Complete
**Description:** Search and filter members by various criteria.
**Features:**
- Search by name, email, phone
- Search by national ID (via hash)
- Filter by membership status
- Filter by payment status
- Filter by date range
- Paginated results
**Related Files:**
- Controller: `app/Http/Controllers/AdminMemberController.php` (index method)
- View: `resources/views/admin/members/index.blade.php`
---
### 1.5 National ID Encryption
**Status:** ✅ Complete
**Description:** Securely store and search national IDs.
**Features:**
- AES-256 encryption for storage
- SHA256 hash for searching
- Automatic encryption/decryption via accessors/mutators
- Never expose plain text in logs or responses
**Related Files:**
- Model: `app/Models/Member.php` (getNationalIdAttribute, setNationalIdAttribute)
- Migration: `database/migrations/*_create_members_table.php`
---
## 2. Payment Verification System
### 2.1 Member Payment Submission
**Status:** ✅ Complete
**Description:** Members can submit payment proof for verification.
**Features:**
- Upload receipt (JPG, PNG, PDF, max 10MB)
- Specify payment method (bank transfer, convenience store, cash, credit card)
- Specify amount, date, reference
- Add optional notes
- Receipt stored in private storage
- Submission confirmation email
**Related Files:**
- Controller: `app/Http/Controllers/MemberPaymentController.php`
- View: `resources/views/member/submit-payment.blade.php`
- Model: `app/Models/MembershipPayment.php`
- Route: `GET/POST /member/submit-payment`
- Email: `app/Mail/PaymentSubmittedMail.php`
---
### 2.2 Three-Tier Payment Verification
**Status:** ✅ Complete
**Description:** 3-tier approval workflow for payment verification.
**Workflow:**
1. **Tier 1 (Cashier):** Verify receipt legitimacy
2. **Tier 2 (Accountant):** Verify financial details
3. **Tier 3 (Chair):** Final approval
**Features:**
- Sequential approval (must go Tier 1 → 2 → 3)
- Permission-based access control
- Can reject at any tier with reason
- Email notifications at each stage
- Automatic membership activation on Tier 3 approval
- Audit logging for each action
**Related Files:**
- Controller: `app/Http/Controllers/PaymentVerificationController.php`
- Views: `resources/views/admin/payment-verifications/{index,show}.blade.php`
- Model: `app/Models/MembershipPayment.php`
- Routes:
- `POST /admin/payment-verifications/{payment}/approve-cashier`
- `POST /admin/payment-verifications/{payment}/approve-accountant`
- `POST /admin/payment-verifications/{payment}/approve-chair`
- `POST /admin/payment-verifications/{payment}/reject`
- Emails:
- `app/Mail/PaymentApprovedByCashierMail.php`
- `app/Mail/PaymentApprovedByAccountantMail.php`
- `app/Mail/PaymentFullyApprovedMail.php`
- `app/Mail/PaymentRejectedMail.php`
---
### 2.3 Payment Verification Dashboard
**Status:** ✅ Complete
**Description:** Centralized dashboard for payment verification queue.
**Features:**
- Tabbed interface (All, Cashier Queue, Accountant Queue, Chair Queue, Approved, Rejected)
- Queue counts with badges
- Search by member name, email, reference
- Permission-based tab visibility
- Pagination
- Status badges with color coding
**Related Files:**
- Controller: `app/Http/Controllers/PaymentVerificationController.php` (index method)
- View: `resources/views/admin/payment-verifications/index.blade.php`
- Route: `GET /admin/payment-verifications`
---
### 2.4 Automatic Membership Activation
**Status:** ✅ Complete
**Description:** Automatically activate membership when payment fully approved.
**Features:**
- Triggered on Tier 3 (Chair) approval
- Sets member.membership_status = 'active'
- Sets membership_started_at = today
- Sets membership_expires_at = today + 1 year (or lifetime)
- Sends activation email to member
- Notifies membership managers
- Audits activation event
**Related Files:**
- Controller: `app/Http/Controllers/PaymentVerificationController.php` (approveByChair method)
- Email: `app/Mail/MembershipActivatedMail.php`
---
### 2.5 Payment Rejection Handling
**Status:** ✅ Complete
**Description:** Reject payments with reason at any approval tier.
**Features:**
- Rejection reason required
- Rejection email with reason sent to member
- Member can resubmit
- Audit logging
**Related Files:**
- Controller: `app/Http/Controllers/PaymentVerificationController.php` (reject method)
- Email: `app/Mail/PaymentRejectedMail.php`
---
### 2.6 Receipt Download
**Status:** ✅ Complete
**Description:** Download payment receipt files securely.
**Features:**
- Authentication required
- Permission checking
- Serves from private storage
- Original filename preserved
**Related Files:**
- Controller: `app/Http/Controllers/PaymentVerificationController.php` (downloadReceipt method)
- Route: `GET /admin/payment-verifications/{payment}/receipt`
---
## 3. Issue Tracking System
### 3.1 Issue Creation & Management
**Status:** ✅ Complete
**Description:** Create and manage work items, tasks, and support requests.
**Features:**
- Auto-generated issue number (ISS-YYYY-NNN)
- Issue types: work_item, project_task, maintenance, member_request
- Priority levels: low, medium, high, urgent
- Status workflow: new → assigned → in_progress → review → closed
- Due date tracking
- Estimated vs actual hours
- Sub-task support (parent_issue_id)
**Related Files:**
- Controller: `app/Http/Controllers/IssueController.php`
- Model: `app/Models/Issue.php`
- Views: `resources/views/admin/issues/{index,create,edit,show}.blade.php`
- Routes: Standard CRUD routes under `/admin/issues`
---
### 3.2 Issue Assignment & Workflow
**Status:** ✅ Complete
**Description:** Assign issues to users and manage status transitions.
**Features:**
- Assign to user
- Update status with validation (can't skip statuses)
- Reviewer assignment
- Reopen closed issues
- Assignment notification email
**Related Files:**
- Controller: `app/Http/Controllers/IssueController.php` (assign, updateStatus methods)
- Email: `app/Mail/IssueAssignedMail.php`
- Route: `POST /admin/issues/{issue}/assign`, `PATCH /admin/issues/{issue}/status`
---
### 3.3 Issue Comments
**Status:** ✅ Complete
**Description:** Add comments to issues for collaboration.
**Features:**
- Add comments
- Internal vs external comments (is_internal flag hides from members)
- Comment notifications to watchers
- Timestamps
**Related Files:**
- Controller: `app/Http/Controllers/IssueController.php` (addComment method)
- Model: `app/Models/IssueComment.php`
- Email: `app/Mail/IssueCommentedMail.php`
- Route: `POST /admin/issues/{issue}/comments`
---
### 3.4 Issue Attachments
**Status:** ✅ Complete
**Description:** Upload and manage file attachments on issues.
**Features:**
- Upload files to issues
- Download attachments
- Delete attachments
- File metadata tracking (size, mime type)
**Related Files:**
- Controller: `app/Http/Controllers/IssueController.php` (uploadAttachment, downloadAttachment, deleteAttachment methods)
- Model: `app/Models/IssueAttachment.php`
- Routes:
- `POST /admin/issues/{issue}/attachments`
- `GET /admin/issues/attachments/{attachment}/download`
- `DELETE /admin/issues/attachments/{attachment}`
---
### 3.5 Time Logging
**Status:** ✅ Complete
**Description:** Log time spent on issues.
**Features:**
- Log hours worked
- Specify work date
- Optional description
- Automatic summation of total hours
- Compare to estimated hours
**Related Files:**
- Controller: `app/Http/Controllers/IssueController.php` (logTime method)
- Model: `app/Models/IssueTimeLog.php`, `app/Models/Issue.php` (getTotalTimeLoggedAttribute)
- Route: `POST /admin/issues/{issue}/time-logs`
---
### 3.6 Issue Watchers
**Status:** ✅ Complete
**Description:** Users can watch issues for notifications.
**Features:**
- Add watchers to issue
- Remove watchers
- Watchers receive email on status changes and comments
**Related Files:**
- Controller: `app/Http/Controllers/IssueController.php` (addWatcher, removeWatcher methods)
- Model: `app/Models/Issue.php` (watchers relationship)
- Routes:
- `POST /admin/issues/{issue}/watchers`
- `DELETE /admin/issues/{issue}/watchers`
---
### 3.7 Issue Labels
**Status:** ✅ Complete
**Description:** Categorize issues with color-coded labels.
**Features:**
- Create/edit/delete labels
- Assign multiple labels to issues
- Filter issues by label
- Color customization
**Related Files:**
- Controller: `app/Http/Controllers/IssueLabelController.php`
- Model: `app/Models/IssueLabel.php`
- Views: `resources/views/admin/issue-labels/{index,create,edit}.blade.php`
- Routes: Standard CRUD routes under `/admin/issue-labels`
- Seeder: `database/seeders/IssueLabelSeeder.php`
---
### 3.8 Issue Relationships
**Status:** ✅ Complete
**Description:** Link related issues.
**Features:**
- Relationship types: blocks, is_blocked_by, relates_to, duplicates, is_duplicated_by
- Bidirectional linking
- View related issues
**Related Files:**
- Model: `app/Models/IssueRelationship.php`, `app/Models/Issue.php` (relationships)
- Migration: `database/migrations/*_create_issues_table.php`
---
### 3.9 Issue Reports & Analytics
**Status:** ✅ Complete
**Description:** Generate reports and analytics on issue data.
**Features:**
- Status distribution
- Priority distribution
- Workload analysis
- Overdue issues report
**Related Files:**
- Controller: `app/Http/Controllers/IssueReportsController.php`
- Route: `GET /admin/issue-reports`
---
### 3.10 Overdue Detection
**Status:** ✅ Complete
**Description:** Automatically detect and flag overdue issues.
**Features:**
- Overdue calculation (due_date < today AND status != closed)
- Days until due calculation
- Overdue scope for filtering
- Email reminders (scheduled)
**Related Files:**
- Model: `app/Models/Issue.php` (getIsOverdueAttribute, getDaysUntilDueAttribute, overdue scope)
- Email: `app/Mail/IssueOverdueMail.php`, `app/Mail/IssueDueSoonMail.php`
---
## 4. Budget Management
### 4.1 Budget Creation & Management
**Status:** ✅ Complete
**Description:** Create and manage annual/quarterly/monthly budgets.
**Features:**
- Fiscal year selection
- Period type (annual, quarterly, monthly)
- Period date range
- Budget workflow: draft → submitted → approved → active → closed
- Notes support
**Related Files:**
- Controller: `app/Http/Controllers/BudgetController.php`
- Model: `app/Models/Budget.php`
- Views: `resources/views/admin/budgets/{index,create,edit,show}.blade.php`
- Routes: Standard CRUD routes under `/admin/budgets`
---
### 4.2 Budget Items
**Status:** ✅ Complete
**Description:** Line items within budgets linked to chart of accounts.
**Features:**
- Link to chart of account
- Set budgeted amount
- Track actual amount (auto-updated from transactions)
- Calculate variance (actual - budgeted)
- Calculate utilization percentage
- Over-budget detection
**Related Files:**
- Model: `app/Models/BudgetItem.php`
- Migration: `database/migrations/*_create_budgets_table.php`
---
### 4.3 Budget Workflow
**Status:** ✅ Complete
**Description:** Manage budget lifecycle states.
**Features:**
- Submit for approval (draft → submitted)
- Approve budget (submitted → approved)
- Activate budget (approved → active)
- Close budget (active → closed)
- Permission-based actions
**Related Files:**
- Controller: `app/Http/Controllers/BudgetController.php` (submit, approve, activate, close methods)
- Routes:
- `POST /admin/budgets/{budget}/submit`
- `POST /admin/budgets/{budget}/approve`
- `POST /admin/budgets/{budget}/activate`
- `POST /admin/budgets/{budget}/close`
---
### 4.4 Budget Variance Analysis
**Status:** ✅ Complete
**Description:** Calculate and display budget vs actual variances.
**Features:**
- Total budgeted income/expense
- Total actual income/expense
- Variance calculation
- Variance percentage
- Remaining budget
- Over-budget alerts
**Related Files:**
- Model: `app/Models/BudgetItem.php` (variance methods), `app/Models/Budget.php` (total methods)
---
## 5. Financial Management
### 5.1 Chart of Accounts
**Status:** ✅ Complete
**Description:** Hierarchical chart of accounts for financial tracking.
**Features:**
- Account types: income, expense, asset, liability, net_asset
- Hierarchical parent-child structure
- Account code system
- Chinese and English names
- Category grouping
- Active/inactive status
- Display order
**Related Files:**
- Model: `app/Models/ChartOfAccount.php`
- Migration: `database/migrations/*_create_chart_of_accounts_table.php`
- Seeder: `database/seeders/ChartOfAccountSeeder.php`
---
### 5.2 Transaction Management
**Status:** ✅ Complete
**Description:** Record and track financial transactions.
**Features:**
- Transaction types: income, expense
- Link to chart of account (required)
- Link to budget item (optional)
- Link to finance document or membership payment (optional)
- Transaction date
- Amount
- Description and reference number
- Notes
- Search and filter
**Related Files:**
- Controller: `app/Http/Controllers/TransactionController.php`
- Model: `app/Models/Transaction.php`
- Views: `resources/views/admin/transactions/{index,create,edit,show}.blade.php`
- Routes: Standard CRUD routes under `/admin/transactions`
---
### 5.3 Finance Document Approval
**Status:** ✅ Complete
**Description:** 3-tier approval workflow for finance documents.
**Features:**
- Submit documents with attachments
- 3-tier approval (cashier → accountant → chair)
- Rejection with reason
- Email notifications
- File attachment support
- Same workflow as payment verification
**Related Files:**
- Controller: `app/Http/Controllers/FinanceDocumentController.php`
- Model: `app/Models/FinanceDocument.php`
- Views: `resources/views/admin/finance-documents/{index,create,show}.blade.php`
- Routes:
- `POST /admin/finance-documents`
- `POST /admin/finance-documents/{document}/approve`
- `POST /admin/finance-documents/{document}/reject`
- Emails: `app/Mail/FinanceDocument*.php` (5 mailables)
---
### 5.4 Financial Reports
**Status:** ✅ Complete
**Description:** Generate and store financial reports.
**Features:**
- Report generation
- Report data stored as JSON
- Historical snapshots
- Multiple report types
**Related Files:**
- Model: `app/Models/FinancialReport.php`
- Migration: `database/migrations/*_create_budgets_table.php`
---
## 6. Security & Authorization
### 6.1 Role-Based Access Control
**Status:** ✅ Complete
**Description:** Spatie Permission-based authorization.
**Features:**
- Multiple roles: admin, staff, cashier, accountant, chair
- Granular permissions
- Role assignment via UI
- Permission inheritance
**Related Files:**
- Seeders: `database/seeders/RoleSeeder.php`, `database/seeders/PaymentVerificationRolesSeeder.php`
- Controller: `app/Http/Controllers/AdminRoleController.php`
- Views: `resources/views/admin/roles/{index,create,edit,show}.blade.php`
- Package: Spatie Laravel Permission
---
### 6.2 Admin Middleware
**Status:** ✅ Complete
**Description:** Protect admin routes.
**Features:**
- Check is_admin flag OR admin role
- Return 403 if unauthorized
- Applied to /admin route group
**Related Files:**
- Middleware: `app/Http/Middleware/EnsureUserIsAdmin.php`
- Route: Applied to `/admin` group in `routes/web.php`
---
### 6.3 Paid Membership Middleware
**Status:** ✅ Complete
**Description:** Verify active paid membership for member-only resources.
**Features:**
- Check authentication
- Check member record exists
- Check hasPaidMembership() (active status + future expiry)
- Redirect with error if not eligible
**Related Files:**
- Middleware: `app/Http/Middleware/CheckPaidMembership.php`
---
### 6.4 Audit Logging
**Status:** ✅ Complete
**Description:** Complete audit trail for all significant actions.
**Features:**
- Log all CRUD operations
- Log workflow transitions
- Store user, action, object type/id, metadata
- Queryable and exportable
- CSV export
**Related Files:**
- Model: `app/Models/AuditLog.php`
- Support: `app/Support/AuditLogger.php`
- Controller: `app/Http/Controllers/AdminAuditLogController.php`
- Views: `resources/views/admin/audit-logs/index.blade.php`
- Routes: `GET /admin/audit-logs`, `GET /admin/audit-logs/export`
---
## 7. Email Notifications
### 7.1 Membership Emails
**Status:** ✅ Complete
**Email Count:** 8 mailables
| Email | Trigger |
|-------|---------|
| MemberRegistrationWelcomeMail | Self-registration |
| PaymentSubmittedMail | Payment submission (2 variants: member + cashier) |
| PaymentApprovedByCashierMail | Tier 1 approval |
| PaymentApprovedByAccountantMail | Tier 2 approval |
| PaymentFullyApprovedMail | Tier 3 approval |
| PaymentRejectedMail | Payment rejection |
| MembershipActivatedMail | Membership activation |
| MembershipExpiryReminderMail | Expiry reminder |
**Related Files:**
- Mailables: `app/Mail/Member*.php`, `app/Mail/Payment*.php`, `app/Mail/Membership*.php`
- Templates: `resources/views/emails/members/*`, `resources/views/emails/payments/*`
---
### 7.2 Finance Emails
**Status:** ✅ Complete
**Email Count:** 5 mailables
| Email | Trigger |
|-------|---------|
| FinanceDocumentSubmitted | Document submitted |
| FinanceDocumentApprovedByCashier | Tier 1 approval |
| FinanceDocumentApprovedByAccountant | Tier 2 approval |
| FinanceDocumentFullyApproved | Tier 3 approval |
| FinanceDocumentRejected | Document rejection |
**Related Files:**
- Mailables: `app/Mail/FinanceDocument*.php`
- Templates: `resources/views/emails/finance-documents/*`
---
### 7.3 Issue Emails
**Status:** ✅ Complete
**Email Count:** 6 mailables
| Email | Trigger |
|-------|---------|
| IssueAssignedMail | Issue assignment |
| IssueStatusChangedMail | Status change |
| IssueCommentedMail | New comment |
| IssueDueSoonMail | Due date approaching |
| IssueOverdueMail | Past due date |
| IssueClosedMail | Issue closed |
**Related Files:**
- Mailables: `app/Mail/Issue*.php`
- Templates: `resources/views/emails/issues/*`
---
### 7.4 Queue Integration
**Status:** ✅ Complete
**Features:**
- All emails implement ShouldQueue
- Async delivery via queue workers
- Failed jobs table for retry
- Database/Redis queue driver support
**Configuration:**
- Queue connection in `.env` (QUEUE_CONNECTION)
---
## 8. User Interface
### 8.1 Member Dashboard
**Status:** ✅ Complete
**Description:** Member-facing dashboard for viewing membership status and submitting payments.
**Features:**
- Membership status display with badges
- Membership type and expiry date
- Payment history with verification status
- Submit payment button (if eligible)
- Pending payment alert
- Dark mode support
**Related Files:**
- Controller: `app/Http/Controllers/MemberDashboardController.php`
- View: `resources/views/member/dashboard.blade.php`
- Route: `GET /my-membership`
---
### 8.2 Admin Dashboard
**Status:** ✅ Complete
**Description:** Admin dashboard with overview statistics.
**Features:**
- Key metrics
- Recent activity
- Quick links
**Related Files:**
- Controller: `app/Http/Controllers/AdminDashboardController.php`
- Route: `GET /admin/dashboard`
---
### 8.3 Responsive Design
**Status:** ✅ Complete
**Description:** Mobile-friendly responsive design.
**Features:**
- Tailwind CSS utility classes
- Responsive grid layouts
- Mobile-friendly tables
- Dark mode support
**Related Files:**
- All Blade templates in `resources/views/`
- Tailwind config: `tailwind.config.js`
---
### 8.4 Dark Mode
**Status:** ✅ Complete
**Description:** Dark mode support across all views.
**Features:**
- Dark mode toggle
- Consistent dark color scheme
- All views support dark mode
**Related Files:**
- All Blade templates use `dark:*` utility classes
---
## 9. Data Import/Export
### 9.1 Member Import (CSV)
**Status:** ✅ Complete
**Description:** Bulk import members from CSV.
**Related Files:**
- Controller: `app/Http/Controllers/AdminMemberController.php` (import, importForm methods)
- Routes: `GET/POST /admin/members/import`
---
### 9.2 Member Export (CSV)
**Status:** ✅ Complete
**Description:** Export member list to CSV/Excel.
**Related Files:**
- Controller: `app/Http/Controllers/AdminMemberController.php` (export method)
- Route: `GET /admin/members/export`
---
### 9.3 Audit Log Export
**Status:** ✅ Complete
**Description:** Export audit logs to CSV.
**Related Files:**
- Controller: `app/Http/Controllers/AdminAuditLogController.php` (export method)
- Route: `GET /admin/audit-logs/export`
---
## 10. Custom Fields & Extensions
### 10.1 Custom Fields (Polymorphic)
**Status:** ✅ Complete
**Description:** Attach custom fields to any model.
**Features:**
- Field types: text, select, checkbox, date
- JSON storage for values
- Required/optional fields
- Currently used for Issues
**Related Files:**
- Model: `app/Models/CustomField.php`, `app/Models/CustomFieldValue.php`
- Migration: `database/migrations/*_create_issues_table.php`
---
## Summary Statistics
### Implementation Status
| Status | Count | Percentage |
|--------|-------|------------|
| ✅ Complete | 52 | 100% |
| 🟡 Partial | 0 | 0% |
| 🔄 In Progress | 0 | 0% |
| ❌ Not Started | 0 | 0% |
### Feature Categories
| Category | Features | Status |
|----------|----------|--------|
| Member Management | 5 | ✅ Complete |
| Payment Verification | 6 | ✅ Complete |
| Issue Tracking | 10 | ✅ Complete |
| Budget Management | 4 | ✅ Complete |
| Financial Management | 4 | ✅ Complete |
| Security & Authorization | 4 | ✅ Complete |
| Email Notifications | 4 | ✅ Complete |
| User Interface | 4 | ✅ Complete |
| Data Import/Export | 3 | ✅ Complete |
| Custom Fields | 1 | ✅ Complete |
### Code Metrics
| Metric | Count |
|--------|-------|
| Controllers | 14 |
| Models | 20+ |
| Mailables | 19 |
| Migrations | 25+ |
| Seeders | 4 |
| Middleware | 2 |
| Views (Blade) | 50+ |
| Routes | 100+ |
---
**End of Feature Matrix**

1122
docs/SYSTEM_SPECIFICATION.md Normal file
View File

File diff suppressed because it is too large Load Diff

543
docs/TEST_PLAN.md Normal file
View File

@@ -0,0 +1,543 @@
# Test Plan
## Taiwan NPO Membership Management System
**Last Updated:** 2025-11-20
**Laravel Version:** 11
**Testing Framework:** PHPUnit 10.x
---
## Table of Contents
1. [Testing Strategy](#1-testing-strategy)
2. [Test Environment Setup](#2-test-environment-setup)
3. [Test Coverage Matrix](#3-test-coverage-matrix)
4. [Unit Tests](#4-unit-tests)
5. [Feature Tests](#5-feature-tests)
6. [Running Tests](#6-running-tests)
7. [Test Data](#7-test-data)
8. [Expected Results](#8-expected-results)
---
## 1. Testing Strategy
### 1.1 Testing Pyramid
```
/\
/ \
/ E2E\ (Future)
/______\
/ \
/ Feature \
/____________\
/ \
/ Unit Tests \
/__________________\
```
**Current Focus:**
- ✅ **Unit Tests** - Test individual model methods and business logic
- ✅ **Feature Tests** - Test complete HTTP request/response cycles
- 🟡 **E2E Tests** - Browser tests with Dusk (future enhancement)
### 1.2 Test Types
| Test Type | Purpose | Tools | Coverage Target |
|-----------|---------|-------|-----------------|
| Unit | Test model methods, calculations, business logic | PHPUnit | 80%+ |
| Feature | Test controllers, workflows, integrations | PHPUnit, RefreshDatabase | 70%+ |
| Email | Test email content and delivery | PHPUnit, Mail::fake() | 100% |
| Authorization | Test permissions and middleware | PHPUnit | 100% |
| Database | Test relationships and migrations | PHPUnit, DatabaseMigrations | 100% |
### 1.3 Testing Principles
1. **Isolation:** Each test is independent
2. **Repeatability:** Tests produce same results every time
3. **Speed:** Unit tests < 100ms, Feature tests < 500ms
4. **Clarity:** Clear test names describing what is tested
5. **Coverage:** All critical paths tested
---
## 2. Test Environment Setup
### 2.1 Test Database Configuration
**File:** `phpunit.xml`
```xml
<env name="APP_ENV" value="testing"/>
<env name="DB_CONNECTION" value="sqlite"/>
<env name="DB_DATABASE" value=":memory:"/>
<env name="QUEUE_CONNECTION" value="sync"/>
<env name="MAIL_MAILER" value="array"/>
<env name="CACHE_DRIVER" value="array"/>
<env name="SESSION_DRIVER" value="array"/>
```
### 2.2 Test Traits Used
- `RefreshDatabase` - Migrates and seeds database for each test
- `WithFaker` - Provides Faker instance for generating test data
- `WithoutMiddleware` - Disables middleware (use sparingly)
### 2.3 Setup Commands
```bash
# Install dependencies
composer install
# Copy environment file
cp .env.example .env.testing
# Generate application key
php artisan key:generate --env=testing
# Run migrations
php artisan migrate --env=testing
# Run seeders
php artisan db:seed --env=testing
# Run tests
php artisan test
```
---
## 3. Test Coverage Matrix
### 3.1 Model Coverage
| Model | Unit Test File | Tests | Priority |
|-------|----------------|-------|----------|
| Member | tests/Unit/MemberTest.php | 15 | High |
| MembershipPayment | tests/Unit/MembershipPaymentTest.php | 12 | High |
| Issue | tests/Unit/IssueTest.php | 18 | High |
| Budget | tests/Unit/BudgetTest.php | 10 | Medium |
| BudgetItem | tests/Unit/BudgetTest.php | 8 | Medium |
| FinanceDocument | tests/Unit/FinanceDocumentTest.php | 8 | Medium |
| Transaction | tests/Unit/TransactionTest.php | 6 | Low |
### 3.2 Feature Coverage
| Feature | Feature Test File | Tests | Priority |
|---------|-------------------|-------|----------|
| Member Registration | tests/Feature/MemberRegistrationTest.php | 8 | High |
| Payment Verification | tests/Feature/PaymentVerificationTest.php | 15 | High |
| Finance Documents | tests/Feature/FinanceDocumentTest.php | 10 | High |
| Issue Tracking | tests/Feature/IssueTrackingTest.php | 20 | High |
| Budget Management | tests/Feature/BudgetManagementTest.php | 12 | Medium |
| Authorization | tests/Feature/AuthorizationTest.php | 15 | High |
| Emails | tests/Feature/EmailTest.php | 19 | High |
### 3.3 Coverage Goals
| Category | Target | Current |
|----------|--------|---------|
| Overall Code Coverage | 75% | TBD |
| Model Coverage | 85% | TBD |
| Controller Coverage | 70% | TBD |
| Critical Paths | 100% | TBD |
---
## 4. Unit Tests
### 4.1 MemberTest.php
**File:** `tests/Unit/MemberTest.php`
**Tests:**
1. ✅ Member has required fillable fields
2. ✅ Member belongs to user
3. ✅ Member has many payments
4. ✅ hasPaidMembership() returns true when active with future expiry
5. ✅ hasPaidMembership() returns false when pending
6. ✅ hasPaidMembership() returns false when expired
7. ✅ canSubmitPayment() returns true when pending and no pending payment
8. ✅ canSubmitPayment() returns false when already has pending payment
9. ✅ getPendingPayment() returns pending payment
10. ✅ National ID encryption works
11. ✅ National ID hashing works for search
12. ✅ Status check methods work (isPending, isActive, isExpired, isSuspended)
13. ✅ Status label returns correct Chinese text
14. ✅ Type label returns correct Chinese text
15. ✅ Status badge returns correct CSS class
---
### 4.2 MembershipPaymentTest.php
**File:** `tests/Unit/MembershipPaymentTest.php`
**Tests:**
1. ✅ Payment belongs to member
2. ✅ Payment belongs to submittedBy user
3. ✅ Payment has verifier relationships (cashier, accountant, chair)
4. ✅ Status check methods work (isPending, isApprovedByCashier, etc.)
5. ✅ canBeApprovedByCashier() validates correctly
6. ✅ canBeApprovedByAccountant() validates correctly
7. ✅ canBeApprovedByChair() validates correctly
8. ✅ Status label returns Chinese text
9. ✅ Payment method label returns Chinese text
10. ✅ Receipt file cleanup on deletion
11. ✅ Workflow validation prevents skipping tiers
12. ✅ Rejection tracking works
---
### 4.3 IssueTest.php
**File:** `tests/Unit/IssueTest.php`
**Tests:**
1. ✅ Issue number auto-generation (ISS-YYYY-NNN)
2. ✅ Issue belongs to creator, assignee, reviewer
3. ✅ Issue has many comments, attachments, time logs
4. ✅ Issue has many labels (many-to-many)
5. ✅ Issue has many watchers (many-to-many)
6. ✅ Status check methods work
7. ✅ Workflow validation methods work
8. ✅ Progress percentage calculation
9. ✅ Overdue detection works
10. ✅ Days until due calculation
11. ✅ Total time logged calculation
12. ✅ Status label returns correct text
13. ✅ Priority label returns correct text
14. ✅ Badge color methods work
15. ✅ Scopes work (open, closed, overdue, byStatus, byPriority)
16. ✅ Parent-child relationships work
17. ✅ Can't skip workflow statuses
18. ✅ Can reopen closed issues
---
### 4.4 BudgetTest.php
**File:** `tests/Unit/BudgetTest.php`
**Tests:**
1. ✅ Budget belongs to createdBy and approvedBy
2. ✅ Budget has many budget items
3. ✅ Status check methods work
4. ✅ Workflow validation methods work
5. ✅ Total budgeted income calculation
6. ✅ Total budgeted expense calculation
7. ✅ Total actual income calculation
8. ✅ Total actual expense calculation
9. ✅ Budget item variance calculation
10. ✅ Budget item over-budget detection
---
## 5. Feature Tests
### 5.1 MemberRegistrationTest.php
**File:** `tests/Feature/MemberRegistrationTest.php`
**Tests:**
1. ✅ Public registration form is accessible
2. ✅ Can register with valid data
3. ✅ User and Member records created
4. ✅ User is auto-logged in
5. ✅ Welcome email is sent
6. ✅ Validation fails with invalid email
7. ✅ Validation fails with duplicate email
8. ✅ Password confirmation required
---
### 5.2 PaymentVerificationTest.php
**File:** `tests/Feature/PaymentVerificationTest.php`
**Tests:**
1. ✅ Member can submit payment with receipt
2. ✅ Receipt is stored in private storage
3. ✅ Payment starts with pending status
4. ✅ Submission emails sent to member and cashiers
5. ✅ Cashier can approve (Tier 1)
6. ✅ Cashier approval sends email to accountants
7. ✅ Accountant can approve (Tier 2)
8. ✅ Accountant approval sends email to chairs
9. ✅ Chair can approve (Tier 3)
10. ✅ Chair approval activates membership automatically
11. ✅ Activation email sent to member
12. ✅ Cannot skip tiers (accountant can't approve pending)
13. ✅ Can reject at any tier with reason
14. ✅ Rejection email sent with reason
15. ✅ Dashboard shows correct queues based on permissions
---
### 5.3 FinanceDocumentTest.php
**File:** `tests/Feature/FinanceDocumentTest.php`
**Tests:**
1. ✅ Can create finance document
2. ✅ Can attach file to document
3. ✅ 3-tier approval workflow works
4. ✅ Rejection workflow works
5. ✅ Emails sent at each stage
6. ✅ Cannot skip approval tiers
7. ✅ Can download attachment
8. ✅ Audit log created for each action
9. ✅ Permissions enforced
10. ✅ Validation rules work
---
### 5.4 IssueTrackingTest.php
**File:** `tests/Feature/IssueTrackingTest.php`
**Tests:**
1. ✅ Can create issue
2. ✅ Issue number auto-generated
3. ✅ Can assign issue to user
4. ✅ Assignment email sent
5. ✅ Can update status
6. ✅ Status change email sent
7. ✅ Can add comments
8. ✅ Comment email sent
9. ✅ Can upload attachments
10. ✅ Can download attachments
11. ✅ Can delete attachments
12. ✅ Can log time
13. ✅ Total time calculated correctly
14. ✅ Can add watchers
15. ✅ Watchers receive notifications
16. ✅ Can add labels
17. ✅ Can filter by labels
18. ✅ Can create sub-tasks
19. ✅ Workflow validation works
20. ✅ Overdue detection works
---
### 5.5 BudgetManagementTest.php
**File:** `tests/Feature/BudgetManagementTest.php`
**Tests:**
1. ✅ Can create budget
2. ✅ Can add budget items
3. ✅ Can submit for approval
4. ✅ Can approve budget
5. ✅ Can activate budget
6. ✅ Can close budget
7. ✅ Workflow validation works
8. ✅ Transactions update actual amounts
9. ✅ Variance calculations work
10. ✅ Can link transactions to budget items
11. ✅ Over-budget alerts work
12. ✅ Permissions enforced
---
### 5.6 AuthorizationTest.php
**File:** `tests/Feature/AuthorizationTest.php`
**Tests:**
1. ✅ Admin middleware works
2. ✅ Paid membership middleware works
3. ✅ Cashier permission enforced
4. ✅ Accountant permission enforced
5. ✅ Chair permission enforced
6. ✅ Membership manager permission enforced
7. ✅ Unauthorized users get 403
8. ✅ Role assignment works
9. ✅ Permission inheritance works
10. ✅ Admin role has all permissions
11. ✅ Members cannot access admin routes
12. ✅ Unpaid members cannot access paid resources
13. ✅ Suspended members redirected
14. ✅ Expired members redirected
15. ✅ Guest users redirected to login
---
### 5.7 EmailTest.php
**File:** `tests/Feature/EmailTest.php`
**Tests:**
1. ✅ MemberRegistrationWelcomeMail content
2. ✅ PaymentSubmittedMail (member variant)
3. ✅ PaymentSubmittedMail (cashier variant)
4. ✅ PaymentApprovedByCashierMail
5. ✅ PaymentApprovedByAccountantMail
6. ✅ PaymentFullyApprovedMail
7. ✅ PaymentRejectedMail
8. ✅ MembershipActivatedMail
9. ✅ FinanceDocumentSubmitted
10. ✅ FinanceDocumentApproved*
11. ✅ FinanceDocumentRejected
12. ✅ IssueAssignedMail
13. ✅ IssueStatusChangedMail
14. ✅ IssueCommentedMail
15. ✅ IssueDueSoonMail
16. ✅ IssueOverdueMail
17. ✅ IssueClosedMail
18. ✅ All emails queued correctly
19. ✅ Email recipients correct
---
## 6. Running Tests
### 6.1 Run All Tests
```bash
php artisan test
```
### 6.2 Run Specific Test Suite
```bash
# Unit tests only
php artisan test --testsuite=Unit
# Feature tests only
php artisan test --testsuite=Feature
# Specific test file
php artisan test tests/Unit/MemberTest.php
# Specific test method
php artisan test --filter=test_member_can_submit_payment
```
### 6.3 Run with Coverage
```bash
php artisan test --coverage
# Minimum coverage threshold
php artisan test --coverage --min=75
```
### 6.4 Parallel Testing
```bash
php artisan test --parallel
```
---
## 7. Test Data
### 7.1 TestDataSeeder.php
**File:** `database/seeders/TestDataSeeder.php`
Creates comprehensive test data:
- 5 test users with different roles
- 20 members in various states (pending, active, expired, suspended)
- 30 payments at different approval stages
- 15 issues with various statuses
- 5 budgets with items
- 10 finance documents
- Sample transactions
### 7.2 Using Test Data
```bash
# Seed test data
php artisan db:seed --class=TestDataSeeder --env=testing
# Reset and seed
php artisan migrate:fresh --seed --class=TestDataSeeder --env=testing
```
---
## 8. Expected Results
### 8.1 Success Criteria
All tests pass with:
- ✅ No failures
- ✅ No errors
- ✅ No warnings
- ✅ Coverage > 75%
### 8.2 Test Execution Time
| Test Suite | Expected Time | Acceptable Max |
|------------|---------------|----------------|
| Unit Tests | < 5 seconds | 10 seconds |
| Feature Tests | < 30 seconds | 60 seconds |
| All Tests | < 40 seconds | 90 seconds |
### 8.3 CI/CD Integration
Tests should run automatically on:
- Every commit (via GitHub Actions)
- Every pull request
- Before deployment
**Sample GitHub Actions:**
```yaml
name: Tests
on: [push, pull_request]
jobs:
tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Install Dependencies
run: composer install
- name: Run Tests
run: php artisan test --coverage --min=75
```
---
## 9. Testing Checklist
Before marking feature as complete:
- [ ] Unit tests written for all model methods
- [ ] Feature tests written for all controller actions
- [ ] Email tests verify content and recipients
- [ ] Authorization tests verify permissions
- [ ] All tests pass
- [ ] Coverage meets minimum threshold (75%)
- [ ] No skipped or incomplete tests
- [ ] Test data seeder updated
- [ ] Documentation updated
- [ ] Edge cases tested
- [ ] Error conditions tested
---
## 10. Test Maintenance
### 10.1 When to Update Tests
- Feature changes
- Bug fixes
- New requirements
- Security updates
### 10.2 Refactoring Tests
Keep tests DRY (Don't Repeat Yourself):
- Use setUp() for common initialization
- Create test helper methods
- Use factories for model creation
- Share fixtures across tests
---
**End of Test Plan**