#!/bin/bash # Test User Management System # This script tests the complete user management functionality BASE_URL="http://localhost:5000" COOKIE_FILE="/tmp/admin_cookies.txt" echo "==========================================" echo "Sky Art Shop - User Management Test" echo "==========================================" echo "" # Step 1: Login as Master Admin echo "1. Testing Master Admin Login..." curl -s -c "$COOKIE_FILE" -X POST "$BASE_URL/admin/login" \ -d "email=admin@skyartshop.com" \ -d "password=Admin123!" \ -L | grep -q "Dashboard" && echo "✓ Master Admin login successful" || echo "✗ Master Admin login failed" echo "" # Step 2: Access User Management Page echo "2. Testing User Management Access..." curl -s -b "$COOKIE_FILE" "$BASE_URL/admin/users" | grep -q "User Management" && echo "✓ User Management page accessible" || echo "✗ User Management page access failed" echo "" # Step 3: Test Create User Page echo "3. Testing Create User Page..." curl -s -b "$COOKIE_FILE" "$BASE_URL/admin/users/create" | grep -q "Create New User" && echo "✓ Create User page accessible" || echo "✗ Create User page access failed" echo "" # Step 4: Test Role Permissions echo "4. Checking Role Permissions..." PGPASSWORD='SkyArt2025Pass!' psql -h localhost -U skyartapp -d skyartshop -t -c "SELECT DISTINCT role FROM adminusers;" | while read role; do if [ -n "$role" ]; then echo " - Role: $role" fi done echo "" # Step 5: Verify Database Structure echo "5. Verifying Database Structure..." PGPASSWORD='SkyArt2025Pass!' psql -h localhost -U skyartapp -d skyartshop -t -c "SELECT column_name FROM information_schema.columns WHERE table_name = 'adminusers' AND column_name IN ('passwordneverexpires', 'passwordexpiresat');" | grep -q "passwordneverexpires" && echo "✓ Password expiration fields exist" || echo "✗ Password expiration fields missing" echo "" # Step 6: Display Current Users echo "6. Current Users in System:" PGPASSWORD='SkyArt2025Pass!' psql -h localhost -U skyartapp -d skyartshop -c "SELECT email, name, role, isactive, passwordneverexpires FROM adminusers;" echo "" echo "==========================================" echo "Test Summary" echo "==========================================" echo "" echo "Master Admin Credentials:" echo " Email: admin@skyartshop.com" echo " Password: Admin123!" echo "" echo "Access URLs:" echo " Admin Panel: $BASE_URL/admin" echo " User Management: $BASE_URL/admin/users" echo " Create User: $BASE_URL/admin/users/create" echo "" echo "Available Roles:" echo " - MasterAdmin (Full system access + user management)" echo " - Admin (Full access except user management)" echo " - Cashier (Orders, payments, customers)" echo " - Accountant (Reports, finances, view-only)" echo "" echo "Features:" echo " ✓ Role-based permissions" echo " ✓ Password never expires option" echo " ✓ User activation/deactivation" echo " ✓ Secure PBKDF2 password hashing" echo " ✓ Last login tracking" echo " ✓ Master Admin protection (cannot be deleted)" echo ""