18 KiB
18 KiB
End-to-End Testing Scenarios - Approval Workflow System
Overview
Dokumentasi ini berisi skenario testing end-to-end lengkap untuk sistem approval workflow, mulai dari pembuatan client baru hingga pembuatan artikel dengan proses approval yang dinamis.
Base Configuration
# Base URL
BASE_URL="http://localhost:8800/api"
# Headers
AUTH_HEADER="Authorization: Bearer YOUR_JWT_TOKEN"
CLIENT_HEADER="X-Client-Key: YOUR_CLIENT_KEY"
CONTENT_TYPE="Content-Type: application/json"
🏢 Scenario 1: Complete Client Setup to Article Creation
Step 1: Create New Client
curl -X POST "${BASE_URL}/clients" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"name": "Test Media Company",
"is_active": true
}'
Expected Response:
{
"success": true,
"messages": ["Client created successfully"],
"data": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"name": "Test Media Company",
"is_active": true,
"created_at": "2024-01-15T10:00:00Z"
}
}
Step 2: Create User Levels
# Create user levels for approval workflow
curl -X POST "${BASE_URL}/user-levels" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"name": "Editor",
"alias_name": "ED",
"level_number": 1,
"is_approval_active": true
}'
curl -X POST "${BASE_URL}/user-levels" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"name": "Senior Editor",
"alias_name": "SED",
"level_number": 2,
"is_approval_active": true
}'
curl -X POST "${BASE_URL}/user-levels" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"name": "Editor in Chief",
"alias_name": "EIC",
"level_number": 3,
"is_approval_active": true
}'
Step 3: Create Approval Workflow
curl -X POST "${BASE_URL}/approval-workflows" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"name": "Standard 3-Level Editorial Review",
"description": "Complete editorial workflow with 3 approval levels",
"is_default": true,
"is_active": true,
"requires_approval": true,
"auto_publish": false,
"client_id": "550e8400-e29b-41d4-a716-446655440000"
}'
Step 4: Create Workflow Steps
# Step 1: Editor Review
curl -X POST "${BASE_URL}/approval-workflow-steps" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"workflow_id": 1,
"step_order": 1,
"step_name": "Editor Review",
"required_user_level_id": 1,
"can_skip": false,
"auto_approve_after_hours": 24,
"client_id": "550e8400-e29b-41d4-a716-446655440000"
}'
# Step 2: Senior Editor Review
curl -X POST "${BASE_URL}/approval-workflow-steps" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"workflow_id": 1,
"step_order": 2,
"step_name": "Senior Editor Review",
"required_user_level_id": 2,
"can_skip": false,
"auto_approve_after_hours": 48,
"client_id": "550e8400-e29b-41d4-a716-446655440000"
}'
# Step 3: Editor in Chief
curl -X POST "${BASE_URL}/approval-workflow-steps" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"workflow_id": 1,
"step_order": 3,
"step_name": "Editor in Chief Approval",
"required_user_level_id": 3,
"can_skip": false,
"auto_approve_after_hours": 72,
"client_id": "550e8400-e29b-41d4-a716-446655440000"
}'
Step 5: Configure Client Approval Settings
curl -X POST "${BASE_URL}/client-approval-settings" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"client_id": "550e8400-e29b-41d4-a716-446655440000",
"requires_approval": true,
"default_workflow_id": 1,
"auto_publish_articles": false,
"approval_exempt_users": [],
"approval_exempt_roles": [],
"approval_exempt_categories": [],
"require_approval_for": ["article", "news", "review"],
"skip_approval_for": ["announcement", "update"],
"is_active": true
}'
Step 6: Create Article Category
curl -X POST "${BASE_URL}/article-categories" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"title": "Technology News",
"description": "Latest technology news and updates",
"slug": "technology-news",
"status_id": 1,
"is_publish": true,
"client_id": "550e8400-e29b-41d4-a716-446655440000"
}'
Step 7: Create Article
curl -X POST "${BASE_URL}/articles" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"title": "Revolutionary AI Technology Breakthrough",
"slug": "revolutionary-ai-technology-breakthrough",
"description": "A comprehensive look at the latest AI breakthrough that could change everything",
"html_description": "<p>A comprehensive look at the latest AI breakthrough that could change everything</p>",
"category_id": 1,
"type_id": 1,
"tags": "AI, Technology, Innovation, Breakthrough",
"created_by_id": 1,
"status_id": 1,
"is_draft": false,
"client_id": "550e8400-e29b-41d4-a716-446655440000"
}'
Expected Response:
{
"success": true,
"messages": ["Article created successfully"],
"data": {
"id": 1,
"title": "Revolutionary AI Technology Breakthrough",
"status_id": 1,
"is_draft": false,
"approval_required": true,
"workflow_id": 1,
"created_at": "2024-01-15T10:30:00Z"
}
}
📝 Scenario 2: Complete Approval Process
Step 1: Submit Article for Approval
curl -X POST "${BASE_URL}/articles/1/submit-approval" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"workflow_id": 1,
"message": "Article ready for editorial review process"
}'
Expected Response:
{
"success": true,
"messages": ["Article submitted for approval successfully"],
"data": {
"id": 1,
"article_id": 1,
"workflow_id": 1,
"current_step": 1,
"status_id": 1,
"submitted_at": "2024-01-15T10:35:00Z"
}
}
Step 2: Check Approval Status
curl -X GET "${BASE_URL}/articles/1/approval-status" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}"
Expected Response:
{
"success": true,
"messages": ["Approval status retrieved successfully"],
"data": {
"article_id": 1,
"current_status": "pending_approval",
"current_step": 1,
"total_steps": 3,
"workflow_name": "Standard 3-Level Editorial Review",
"current_step_name": "Editor Review",
"next_step_name": "Senior Editor Review",
"waiting_since": "2024-01-15T10:35:00Z"
}
}
Step 3: Editor Approves (Step 1)
curl -X POST "${BASE_URL}/articles/1/approve" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"message": "Content quality meets editorial standards, approved for next level"
}'
Expected Response:
{
"success": true,
"messages": ["Article approved successfully"],
"data": {
"current_step": 2,
"status": "moved_to_next_level",
"next_approver_level": 2,
"approved_at": "2024-01-15T11:00:00Z"
}
}
Step 4: Senior Editor Approves (Step 2)
curl -X POST "${BASE_URL}/articles/1/approve" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"message": "Excellent content quality and structure, ready for final approval"
}'
Expected Response:
{
"success": true,
"messages": ["Article approved successfully"],
"data": {
"current_step": 3,
"status": "moved_to_next_level",
"next_approver_level": 3,
"approved_at": "2024-01-15T12:00:00Z"
}
}
Step 5: Editor in Chief Approves (Step 3 - Final)
curl -X POST "${BASE_URL}/articles/1/approve" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"message": "Final approval granted, content ready for publication"
}'
Expected Response:
{
"success": true,
"messages": ["Article approved and published successfully"],
"data": {
"status": "approved",
"article_status": "published",
"is_publish": true,
"published_at": "2024-01-15T13:00:00Z",
"completion_date": "2024-01-15T13:00:00Z"
}
}
❌ Scenario 3: Article Rejection and Revision
Step 1: Submit Another Article
curl -X POST "${BASE_URL}/articles" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"title": "Product Review: New Smartphone",
"slug": "product-review-new-smartphone",
"description": "Comprehensive review of the latest smartphone",
"html_description": "<p>Comprehensive review of the latest smartphone</p>",
"category_id": 1,
"type_id": 1,
"tags": "Review, Smartphone, Technology",
"created_by_id": 1,
"status_id": 1,
"is_draft": false,
"client_id": "550e8400-e29b-41d4-a716-446655440000"
}'
Step 2: Submit for Approval
curl -X POST "${BASE_URL}/articles/2/submit-approval" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"workflow_id": 1,
"message": "Product review ready for approval"
}'
Step 3: Editor Approves (Step 1)
curl -X POST "${BASE_URL}/articles/2/approve" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"message": "Initial review passed, good structure"
}'
Step 4: Senior Editor Rejects (Step 2)
curl -X POST "${BASE_URL}/articles/2/reject" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"message": "Insufficient technical details and benchmark comparisons needed"
}'
Expected Response:
{
"success": true,
"messages": ["Article rejected successfully"],
"data": {
"status": "rejected",
"article_status": "draft",
"rejection_reason": "Insufficient technical details and benchmark comparisons needed",
"rejected_at": "2024-01-15T14:00:00Z"
}
}
Step 5: Request Revision
curl -X POST "${BASE_URL}/articles/2/request-revision" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"message": "Please add detailed technical specifications, benchmark comparisons, and more comprehensive testing results"
}'
Expected Response:
{
"success": true,
"messages": ["Revision requested successfully"],
"data": {
"status": "revision_requested",
"revision_message": "Please add detailed technical specifications, benchmark comparisons, and more comprehensive testing results",
"requested_at": "2024-01-15T14:15:00Z"
}
}
Step 6: Resubmit After Revision
curl -X POST "${BASE_URL}/articles/2/resubmit" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"message": "Article revised with additional technical details and benchmark comparisons"
}'
Expected Response:
{
"success": true,
"messages": ["Article resubmitted successfully"],
"data": {
"status": "pending_approval",
"current_step": 1,
"resubmitted_at": "2024-01-15T15:00:00Z"
}
}
⚡ Scenario 4: Dynamic Approval Toggle
Step 1: Check Current Settings
curl -X GET "${BASE_URL}/client-approval-settings" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}"
Step 2: Disable Approval System
curl -X PUT "${BASE_URL}/client-approval-settings/1" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"requires_approval": false,
"auto_publish_articles": true,
"reason": "Breaking news mode - immediate publishing required"
}'
Expected Response:
{
"success": true,
"messages": ["Approval settings updated successfully"],
"data": {
"requires_approval": false,
"auto_publish_articles": true,
"updated_at": "2024-01-15T16:00:00Z"
}
}
Step 3: Create Article (Should Auto-Publish)
curl -X POST "${BASE_URL}/articles" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"title": "BREAKING: Major Tech Acquisition",
"slug": "breaking-major-tech-acquisition",
"description": "Breaking news about major technology acquisition",
"html_description": "<p>Breaking news about major technology acquisition</p>",
"category_id": 1,
"type_id": 1,
"tags": "Breaking, News, Acquisition, Technology",
"created_by_id": 1,
"status_id": 1,
"is_draft": false,
"client_id": "550e8400-e29b-41d4-a716-446655440000"
}'
Expected Response:
{
"success": true,
"messages": ["Article created and published successfully"],
"data": {
"id": 3,
"title": "BREAKING: Major Tech Acquisition",
"status": "published",
"is_publish": true,
"published_at": "2024-01-15T16:05:00Z",
"approval_bypassed": true,
"bypass_reason": "approval_disabled"
}
}
Step 4: Re-enable Approval System
curl -X PUT "${BASE_URL}/client-approval-settings/1" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"requires_approval": true,
"auto_publish_articles": false,
"default_workflow_id": 1,
"reason": "Returning to normal approval process"
}'
📊 Scenario 5: Approval Dashboard and Monitoring
Step 1: Get Pending Approvals
curl -X GET "${BASE_URL}/approvals/pending?page=1&limit=10" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}"
Step 2: Get My Approval Queue
curl -X GET "${BASE_URL}/approvals/my-queue?page=1&limit=10" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}"
Step 3: Get Approval History for Article
curl -X GET "${BASE_URL}/articles/1/approval-history" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}"
Step 4: Get My Approval Statistics
curl -X GET "${BASE_URL}/approvals/my-stats" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}"
🔧 Scenario 6: Workflow Management
Step 1: Get All Workflows
curl -X GET "${BASE_URL}/approval-workflows?page=1&limit=10" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}"
Step 2: Get Workflow by ID
curl -X GET "${BASE_URL}/approval-workflows/1" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}"
Step 3: Update Workflow
curl -X PUT "${BASE_URL}/approval-workflows/1" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"name": "Updated 3-Level Editorial Review",
"description": "Updated workflow with improved efficiency",
"is_active": true
}'
Step 4: Add New Workflow Step
curl -X POST "${BASE_URL}/approval-workflow-steps" \
-H "${AUTH_HEADER}" \
-H "${CLIENT_HEADER}" \
-H "${CONTENT_TYPE}" \
-d '{
"workflow_id": 1,
"step_order": 2,
"step_name": "Legal Review",
"required_user_level_id": 4,
"can_skip": true,
"auto_approve_after_hours": 24,
"client_id": "550e8400-e29b-41d4-a716-446655440000"
}'
🧪 Test Data Setup Script
#!/bin/bash
# Set environment variables
BASE_URL="http://localhost:8800/api"
AUTH_HEADER="Authorization: Bearer YOUR_JWT_TOKEN"
CLIENT_HEADER="X-Client-Key: YOUR_CLIENT_KEY"
CONTENT_TYPE="Content-Type: application/json"
# Function to make API calls
make_request() {
local method=$1
local endpoint=$2
local data=$3
if [ -n "$data" ]; then
curl -X "$method" "${BASE_URL}${endpoint}" \
-H "$AUTH_HEADER" \
-H "$CLIENT_HEADER" \
-H "$CONTENT_TYPE" \
-d "$data"
else
curl -X "$method" "${BASE_URL}${endpoint}" \
-H "$AUTH_HEADER" \
-H "$CLIENT_HEADER"
fi
}
echo "Setting up test data..."
# 1. Create client
echo "Creating client..."
make_request "POST" "/clients" '{
"name": "Test Media Company",
"is_active": true
}'
# 2. Create user levels
echo "Creating user levels..."
make_request "POST" "/user-levels" '{
"name": "Editor",
"alias_name": "ED",
"level_number": 1,
"is_approval_active": true
}'
make_request "POST" "/user-levels" '{
"name": "Senior Editor",
"alias_name": "SED",
"level_number": 2,
"is_approval_active": true
}'
make_request "POST" "/user-levels" '{
"name": "Editor in Chief",
"alias_name": "EIC",
"level_number": 3,
"is_approval_active": true
}'
# 3. Create approval workflow
echo "Creating approval workflow..."
make_request "POST" "/approval-workflows" '{
"name": "Standard 3-Level Editorial Review",
"description": "Complete editorial workflow with 3 approval levels",
"is_default": true,
"is_active": true,
"requires_approval": true,
"auto_publish": false
}'
echo "Test data setup completed!"
📋 Test Validation Checklist
✅ Functional Testing
- Client creation and configuration
- User level management
- Approval workflow creation and modification
- Article creation and submission
- Complete approval process flow
- Article rejection and revision process
- Dynamic approval toggle functionality
- Approval dashboard and monitoring
- Multi-step workflow progression
- Auto-publish functionality
✅ Error Handling
- Invalid client key handling
- Invalid JWT token handling
- Missing required fields validation
- Workflow step validation
- User permission validation
- Article status validation
✅ Performance Testing
- Response time < 500ms for all endpoints
- Concurrent approval processing
- Large dataset pagination
- Database query optimization
✅ Security Testing
- Client isolation
- User authorization
- Data validation and sanitization
- SQL injection prevention
🚀 Running the Tests
Prerequisites
- Ensure the backend server is running on
http://localhost:8800 - Obtain valid JWT token for authentication
- Set up client key for multi-tenant support
- Database should be clean and ready for testing
Execution Steps
- Run the test data setup script
- Execute each scenario sequentially
- Validate responses against expected outputs
- Check database state after each scenario
- Clean up test data after completion
Monitoring
- Monitor server logs during testing
- Check database performance metrics
- Validate all audit trails are created
- Ensure proper error handling and logging
This documentation provides comprehensive end-to-end testing scenarios for the approval workflow system. Each scenario includes detailed curl commands and expected responses for complete testing coverage.