Skip to main content

Integration Tests

This directory contains integration tests for the SBM CRM API using Jest and Supertest.

Directory Structure

tests/integration/
├── api/
│   └── auth/
│       ├── auth.test.ts              # Authentication endpoints
│       ├── consent.test.ts            # Consent management endpoints
│       ├── service.test.ts            # Service/API key management endpoints
│       ├── staff.test.ts              # Staff CRUD operations
│       ├── staffAction.test.ts        # Staff action endpoints (login, password reset)
│       └── wechatMember.test.ts       # WeChat member management endpoints
├── userflow/
│   └── index.test.ts                  # Comprehensive 155-step API test suite
├── example.test.ts                    # Basic health check and example tests
├── jest.config.js                     # Jest configuration
├── jest.setup.ts                      # Test setup and token initialization
└── package.json                       # Test dependencies

Setup

  1. Install dependencies:
cd tests/integration
npm install
  1. Configure environment variables:
    • Create a .env file in the root directory (or in tests/integration/)
    • Set the following required variables:
    # API Configuration
    API_URL=http://localhost:4000

    # Staff Credentials (for staff API tests)
    STAFF_EMAIL=test@example.com
    STAFF_PASSWORD=password123

    # WeChat Authentication (for user API tests)
    WECHAT_AUTH_CODE=your-wechat-auth-code

Running Tests

# Run all tests
npm test

# Run tests in watch mode
npm run test:watch

# Run tests with coverage
npm run test:coverage

# Run a single test file (with bail on first failure)
npm run test:one

# Run a single test file in watch mode
npm run test:one:watch

# Run only the comprehensive userflow test
npm test -- userflow/index.test.ts

# Run tests matching a pattern
npm test -- --testNamePattern="Step 1"

Environment Variables

The test setup will automatically load environment variables from:

  1. ../.env (root directory)
  2. ../.env.local (root directory)
  3. ./.env (test directory)
  4. ./.env.local (test directory)

The first file found will be used, with later files overriding earlier ones.

Required Environment Variables

  • API_URL or API_ENDPOINT: Base API URL (e.g., http://localhost:4000)
  • STAFF_EMAIL: Staff email for authentication
  • STAFF_PASSWORD: Staff password for authentication
  • WECHAT_AUTH_CODE: WeChat authorization code for user authentication

Token Management

The test suite includes automatic token management via jest.setup.ts:

  • Automatic Token Initialization: Tokens are automatically obtained before tests run
  • Token Persistence: Tokens are saved to .test-tokens.json and reused across test runs
  • Token Validation: Tokens are validated before use; expired tokens trigger automatic re-authentication
  • Exported Tokens: Tests can import USER_ACCESS_TOKEN and STAFF_ACCESS_TOKEN from jest.setup.ts

Available API URLs

The setup exports the following API base URLs:

  • API_URL: Base API URL
  • AUTH_API_URL: ${API_URL}/auth/api - Authentication API
  • POINT_API_URL: ${API_URL}/point/api - Points API

Additional API URLs are defined in test files:

  • NOTIFICATION_API_URL: ${API_URL}/notification/api - Notification API
  • REWARD_API_URL: ${API_URL}/reward/api - Reward API
  • CLUSTER_API_URL: ${API_URL}/cluster/api - Cluster API (tiers, badges, interests)

Test Files

API Tests (api/auth/)

  • auth.test.ts - Authentication endpoints (check access token, get new access token)
  • consent.test.ts - Consent management endpoints
  • service.test.ts - Service/API key management endpoints
  • staff.test.ts - Staff CRUD operations
  • staffAction.test.ts - Staff action endpoints (login, password reset)
  • wechatMember.test.ts - WeChat member management endpoints

User Flow Tests (userflow/)

  • index.test.ts - Comprehensive end-to-end API test suite with 155 test steps covering all major APIs:

    Receipt Verification and Point Award Flow (Steps 1-7):

    • Step 1: Get initial user point balance
    • Step 2: Upload receipt for verification
    • Step 2.1: Verify receipt processing notification
    • Step 3: Get point shop rule for approval
    • Step 4: Get staff member ID for review
    • Step 5: Approve receipt and award points
    • Step 5.1: Verify point received notification
    • Step 6: Verify user points increased
    • Step 7: Verify point notification received

    Reward API Tests (Steps 8-13):

    • Step 8: Get all rewards
    • Step 9: Get specific reward by ID
    • Step 10: Get all reward catalogs
    • Step 11: Get specific reward catalog
    • Step 12: Check if user can redeem catalog
    • Step 13: Get user's reward codes

    Notification API Tests (Steps 14-18):

    • Step 14: Get recent notifications
    • Step 15: Get unread notification count
    • Step 16: Create custom notification
    • Step 17: Get specific notification
    • Step 18: Mark notification as read

    Cluster API Tests (Steps 19-27):

    • Step 19: Get all tiers
    • Step 20: Get specific tier
    • Step 21: Get user's tier projection
    • Step 22: Get tier projection history
    • Step 23: Get all badges
    • Step 24: Get specific badge
    • Step 25: Get badge progress for user
    • Step 26: Get user interests
    • Step 27: Get all interest settings

    Auth API Tests (Steps 28-31, 45-48):

    • Step 28: Get authenticated member info
    • Step 29: Get member QR code
    • Step 30: Get current consent
    • Step 31: Get member consent acceptance
    • Step 45: Get authenticated staff info
    • Step 46: Get all staff members
    • Step 47: Get all members
    • Step 48: Get all consents

    Point API Tests (Steps 32-40):

    • Step 32: Get user point transaction history
    • Step 33: Get daily point summary
    • Step 34: Get user's receipt verifications
    • Step 35: Get receipt verification stats
    • Step 36: Get point shop rules
    • Step 37: Get default point rule
    • Step 38: Get point event rules
    • Step 39: Get point request tickets
    • Step 40: Get specific point request ticket

    Notification Mail API Tests (Steps 41-44):

    • Step 41: Get mail templates
    • Step 42: Get specific mail template
    • Step 43: Get mail senders
    • Step 44: Get mail actions

    Additional Tests (Steps 49-50):

    • Step 49: Check access token session
    • Step 50: Get point balance for specific member

    Staff CRUD Operations (Steps 51-55):

    • Step 51: Get specific staff member by ID
    • Step 52: Create a new staff member
    • Step 53: Update staff member
    • Step 54: Request password reset for staff
    • Step 55: Request password reset by email

    Service/API Key Management (Steps 56-57):

    • Step 56: Get API keys for current staff
    • Step 57: Generate new API key

    Member CRUD Operations (Steps 58-65):

    • Step 58: Get specific member by ID
    • Step 59: Get multiple members by IDs (bulk)
    • Step 60: Create member directly (staff)
    • Step 61: Update member (staff)
    • Step 62: Update member directly (staff)
    • Step 63: Set member active status
    • Step 64: Get daily member summary
    • Step 65: Sync WeChat member info

    Consent Management CRUD (Steps 66-70):

    • Step 66: Get specific consent by ID
    • Step 67: Create new consent version
    • Step 68: Update consent content
    • Step 69: Get all member consent acceptances
    • Step 70: Get consent acceptance for specific member

    Additional Staff Operations (Steps 71-75):

    • Step 71: Revoke API key
    • Step 72: Delete staff member (soft delete)
    • Step 73: Accept current consent for member
    • Step 74: Get new access token using refresh token
    • Step 75: Get point transaction history (staff view)

    Staff CRUD - Reward API (Steps 76-85):

    • Step 76: Create a new reward (staff)
    • Step 77: Update reward (staff)
    • Step 78: Increase reward stock (staff)
    • Step 79: Set reward active status (staff)
    • Step 80: Create reward catalog (staff)
    • Step 81: Update reward catalog (staff)
    • Step 82: Set catalog active status (staff)
    • Step 83: Get all reward codes (staff)
    • Step 84: Get specific reward code (staff)
    • Step 85: Delete reward (staff)

    Staff CRUD - Notification API (Steps 86-95):

    • Step 86: Create mail template (staff)
    • Step 87: Update mail template (staff)
    • Step 88: Create mail sender (staff)
    • Step 89: Update mail sender (staff)
    • Step 90: Update notification (staff)
    • Step 91: Delete notification (staff)
    • Step 92: Delete mail template (staff)
    • Step 93: Delete mail sender (staff)
    • Step 94: Get mail template content (staff)
    • Step 95: Get specific mail action (staff)

    Staff CRUD - Cluster API (Steps 96-105):

    • Step 96: Create a new tier (staff)
    • Step 97: Update tier (staff)
    • Step 98: Set tier active status (staff)
    • Step 99: Get tier member count (staff)
    • Step 100: Create a new badge (staff)
    • Step 101: Update badge (staff)
    • Step 102: Set badge active status (staff)
    • Step 103: Create interest setting (staff)
    • Step 104: Update interest setting (staff)
    • Step 105: Delete tier (staff)

    Staff CRUD - Point API (Steps 106-110):

    • Step 106: Create point shop rule (staff)
    • Step 107: Update point shop rule (staff)
    • Step 108: Create point event rule (staff)
    • Step 109: Update point event rule (staff)
    • Step 110: Set shop rule active status (staff)

    Customer Action Tests (Steps 111-125):

    • Step 111: Redeem reward catalog (customer)
    • Step 112: Check reward code validity (customer)
    • Step 113: Mark reward code as used (customer)
    • Step 114: Earn points for member (staff)
    • Step 115: Spend points for member (staff)
    • Step 116: Create point earn request (staff)
    • Step 117: Assign tier to member (staff)
    • Step 118: Simulate badge unlock scenario - Multiple purchases to trigger badge progress naturally
    • Step 119: Ensure all badge progress for user (customer)
    • Step 120: Submit member interests (customer)
    • Step 121: Simulate tier upgrade scenario - Accumulate points to trigger tier upgrade naturally
    • Step 122: Get yearly tier summary (staff)
    • Step 123: Review point request ticket (staff)
    • Step 124: Get member counts for all tiers (staff)
    • Step 125: Mark all notifications as read (customer)

    Missing Endpoints Tests (Steps 126-155):

    • Step 126: Decrease reward stock (staff)
    • Step 127: Delete reward catalog (staff)
    • Step 128: Delete badge (staff)
    • Step 129: Delete interest setting (staff)
    • Step 130: Set interest active status (staff)
    • Step 131: Get multiple tiers by IDs (bulk query)
    • Step 132: Get tier by level
    • Step 133: Delete point shop rule (staff)
    • Step 134: Delete point event rule (staff)
    • Step 135: Set event rule active status (staff)
    • Step 136: Update default conversion rate (staff)
    • Step 137: Create point spend request (staff)
    • Step 138: Get specific receipt verification transaction
    • Step 139: Create point received notification (staff)
    • Step 140: Create badge unlocked notification (staff)
    • Step 141: Create tier upgrade notification (staff)
    • Step 142: Send email using template (staff)
    • Step 143: Publish consent version (staff)
    • Step 144: Get access token using API key (staff)
    • Step 145: Get specific badge member progress by ID
    • Step 146: Create receipt processing notification (staff)
    • Step 147: Create receipt error notification (staff)
    • Step 148: Create badge progress notification (staff)
    • Step 149: Create promotion notification (staff)
    • Step 150: Create news notification (staff)
    • Step 151: Auto verify receipt (staff)
    • Step 152: Change receipt verification status (staff)
    • Step 153: Get all badge member progress (admin)
    • Step 154: Get badge progress for specific member (staff)
    • Step 155: Get tier projection history for specific member (staff)

    This comprehensive test suite validates the complete API ecosystem including:

    • Point management and transactions
    • Reward system (rewards, catalogs, codes)
    • Notification system (in-app and email)
    • Tier and badge management
    • Member and staff management
    • Consent management
    • Authentication and authorization

Example Tests

  • example.test.ts - Basic health check and example tests

Writing Tests

Create test files with the pattern *.test.ts or *.spec.ts. Example:

import request from 'supertest';
import { AUTH_API_URL, STAFF_ACCESS_TOKEN } from '../jest.setup';

describe('My API Tests', () => {
  it('should test an endpoint', async () => {
    const response = await request(AUTH_API_URL)
      .get('/staffs/me')
      .set('Authorization', `Bearer ${STAFF_ACCESS_TOKEN}`)
      .expect(200);
    
    expect(response.body).toHaveProperty('data');
  });
});

Waiting for Token Initialization

For tests that need to ensure tokens are initialized before running:

import { tokensInitialized, USER_ACCESS_TOKEN } from '../jest.setup';

describe('My Tests', () => {
  it('should wait for tokens', async () => {
    await tokensInitialized;
    // Now USER_ACCESS_TOKEN is guaranteed to be available
    // ... your test code
  });
});

Test Structure

Step Dependencies

The userflow test (userflow/index.test.ts) uses a sequential step dependency pattern where each step depends on the previous step passing. This ensures:

  • Tests run in a logical order
  • Data created in earlier steps is available for later steps
  • Failures are caught early and prevent cascading test failures
  • Clear test execution flow

Test Coverage

The comprehensive test suite covers:

  • Point Service: Balance, transactions, history, receipt verification, point rules, request tickets
  • Reward Service: Rewards, reward catalogs, reward codes, redemption flows
  • Notification Service: In-app notifications, mail templates, mail senders, mail actions
  • Cluster Service: Tiers, tier projections, badges, badge progress, interests
  • Auth Service: Member management, staff management, consent management, authentication

API Coverage Summary

ServiceEndpoints TestedTest StepsMissing Endpoints
Point27+ endpointsSteps 1-7, 32-40, 50, 75, 106-110, 114-116, 123, 133-138, 151-152All major endpoints covered
Reward17+ endpointsSteps 8-13, 76-85, 111-113, 126-127All major endpoints covered
Notification25+ endpointsSteps 14-18, 41-44, 86-95, 125, 139-142, 146-15010+ endpoints (mail actions bulk/preview, SSE, etc.)
Cluster30+ endpointsSteps 19-27, 96-105, 117-122, 124, 128-132, 145, 153-155All major endpoints covered
Auth (Member)12+ endpointsSteps 28-31, 45, 47, 58-65, 73-
Auth (Staff)8+ endpointsSteps 45-46, 51-55, 722 endpoints (check-session, reset-password)
Auth (Service Keys)4+ endpointsSteps 56-57, 71, 144All major endpoints covered
Auth (Consent)7+ endpointsSteps 30-31, 48, 66-70, 1431 endpoint (rollback)
Auth (Token)2+ endpointsSteps 49, 74-

Total Coverage: ~155 endpoints tested out of ~160+ documented endpoints (~97% coverage)

API Endpoint Coverage Details

Point API Coverage

Tested Endpoints:

  • ✅ GET /balance/me
  • ✅ GET /balance/:memberId
  • ✅ POST /earn
  • ✅ POST /spend
  • ✅ GET /history
  • ✅ GET /history/me
  • ✅ GET /summary/daily
  • ✅ POST /request/earn
  • ✅ GET /request
  • ✅ GET /request/:id
  • ✅ PATCH /request/:id/review
  • ✅ POST /receipt/verify/me
  • ✅ GET /receipt/verify/me
  • ✅ GET /receipt/verify
  • ✅ GET /receipt/verify/stats
  • ✅ POST /receipt/verify/:id/manual
  • ✅ GET /point-rules/shop
  • ✅ GET /point-rules/shop/default
  • ✅ GET /point-rules/shop/:id
  • ✅ POST /point-rules/shop
  • ✅ PUT /point-rules/shop/:id
  • ✅ PATCH /point-rules/shop/:id/set-active
  • ✅ GET /point-rules/event
  • ✅ GET /point-rules/event/:id
  • ✅ POST /point-rules/event
  • ✅ PUT /point-rules/event/:id

Missing Endpoints:

  • ❌ GET /receipt/verify/:id (✅ Step 138)
  • ❌ POST /receipt/verify/:id (auto verification) (✅ Step 151)
  • ❌ PUT /receipt/verify/:id/manual (change status) (✅ Step 152)
  • ❌ DELETE /point-rules/shop/:id (✅ Step 133)
  • ❌ DELETE /point-rules/event/:id (✅ Step 134)
  • ❌ PATCH /point-rules/event/:id/set-active (✅ Step 135)
  • ❌ PUT /point-rules/shop/default (✅ Step 136)
  • ❌ POST /request/spend (✅ Step 137)

Reward API Coverage

Tested Endpoints:

  • ✅ GET /rewards
  • ✅ GET /rewards/:id
  • ✅ POST /rewards
  • ✅ PUT /rewards/:id
  • ✅ POST /rewards/:id/increase-stock
  • ✅ PATCH /rewards/:id/set-active
  • ✅ DELETE /rewards/:id
  • ✅ GET /reward-catalogs
  • ✅ GET /reward-catalogs/:id
  • ✅ GET /reward-catalogs/:id/can-redeem
  • ✅ POST /reward-catalogs
  • ✅ PUT /reward-catalogs/:id
  • ✅ PATCH /reward-catalogs/:id/set-active
  • ✅ POST /reward-catalogs/:id/redeem
  • ✅ GET /reward-codes
  • ✅ GET /reward-codes/me
  • ✅ GET /reward-codes/:id
  • ✅ POST /reward-codes/check
  • ✅ POST /reward-codes/:id/use

Missing Endpoints:

  • ❌ POST /rewards/:id/decrease-stock (✅ Step 126)
  • ❌ DELETE /reward-catalogs/:id (✅ Step 127)

Notification API Coverage

Tested Endpoints:

  • ✅ POST /in-apps
  • ✅ GET /in-apps
  • ✅ GET /in-apps/:id
  • ✅ GET /in-apps/me
  • ✅ GET /in-apps/me/recent
  • ✅ GET /in-apps/me/unread-count
  • ✅ PUT /in-apps/:id
  • ✅ PATCH /in-apps/:id/read
  • ✅ PATCH /in-apps/me/read-all
  • ✅ DELETE /in-apps/:id
  • ✅ GET /mail-templates
  • ✅ GET /mail-templates/:id
  • ✅ GET /mail-templates/:id/content
  • ✅ POST /mail-templates
  • ✅ PUT /mail-templates/:id
  • ✅ DELETE /mail-templates/:id
  • ✅ GET /mail-senders
  • ✅ GET /mail-senders/:id
  • ✅ POST /mail-senders
  • ✅ PUT /mail-senders/:id
  • ✅ DELETE /mail-senders/:id
  • ✅ GET /mail-actions
  • ✅ GET /mail-actions/:id

Missing Endpoints:

  • ❌ POST /in-apps/points/received (✅ Step 139)
  • ❌ POST /in-apps/points/receipt-error (✅ Step 147)
  • ❌ POST /in-apps/points/receipt-processing (✅ Step 146)
  • ❌ POST /in-apps/points/nearly-expire
  • ❌ POST /in-apps/points/expired
  • ❌ POST /in-apps/tier/upgraded-enhanced (✅ Step 141)
  • ❌ POST /in-apps/tier/adjusted
  • ❌ POST /in-apps/tier/renewal-reminder
  • ❌ POST /in-apps/badge/unlocked (✅ Step 140)
  • ❌ POST /in-apps/badge/progress (✅ Step 148)
  • ❌ POST /in-apps/promotion/create (✅ Step 149)
  • ❌ POST /in-apps/news/create (✅ Step 150)
  • ❌ GET /in-apps/me/events (SSE stream)
  • ❌ POST /mail-actions (✅ Step 142)
  • ❌ POST /mail-actions/bulk
  • ❌ POST /mail-actions/preview
  • ❌ POST /mail-actions/send-to-all-subscribers
  • ❌ POST /mail-actions/validate-emails
  • ❌ POST /mail-actions/resend/:id

Cluster API Coverage

Tested Endpoints:

  • ✅ GET /tiers
  • ✅ GET /tiers/:id
  • ✅ POST /tiers
  • ✅ PUT /tiers/:id
  • ✅ PATCH /tiers/:id/set-active
  • ✅ GET /tiers/:id/members/count
  • ✅ GET /tiers/members/counts
  • ✅ POST /tiers/assign
  • ✅ DELETE /tiers/:id
  • ✅ GET /tier-projections/me
  • ✅ GET /tier-projections/:memberId
  • ✅ GET /tier-projections
  • ✅ PUT /tier-projections/:memberId
  • ✅ GET /tier-projections/history/me
  • ✅ GET /tier-projections/history/:memberId
  • ✅ GET /tier-projections/summary/yearly
  • ✅ GET /badges
  • ✅ GET /badges/:id
  • ✅ POST /badges
  • ✅ PUT /badges/:id
  • ✅ PATCH /badges/:id/set-active
  • ✅ GET /badge-member-progress/members/me
  • ✅ POST /badge-member-progress/progress
  • ✅ POST /badge-member-progress/ensure-all/me
  • ✅ GET /interests/me
  • ✅ GET /interests/settings
  • ✅ GET /interests/settings/:id
  • ✅ POST /interests/settings
  • ✅ PUT /interests/settings/:id
  • ✅ POST /interests

Missing Endpoints:

  • ❌ POST /tiers/bulk (✅ Step 131)
  • ❌ GET /tiers/level/:level (✅ Step 132)
  • ❌ DELETE /badges/:id (✅ Step 128)
  • ❌ DELETE /interests/settings/:id (✅ Step 129)
  • ❌ PATCH /interests/settings/:id/set-active (✅ Step 130)
  • ❌ GET /badge-member-progress/:id (✅ Step 145)
  • ❌ GET /badge-member-progress (✅ Step 153)
  • ❌ GET /badge-member-progress/members/:memberId (✅ Step 154)
  • ❌ POST /badge-member-progress/ensure-all/:memberId
  • ❌ POST /interests/:memberId
  • ❌ GET /tier-projections/history/:memberId (✅ Step 155)

Auth API Coverage

Tested Endpoints:

  • ✅ GET /check-access-token-session
  • ✅ POST /get-new-access-token
  • ✅ POST /staffs/login
  • ✅ GET /staffs/me
  • ✅ GET /staffs
  • ✅ GET /staffs/:id
  • ✅ POST /staffs
  • ✅ PUT /staffs/:id
  • ✅ DELETE /staffs/:id
  • ✅ POST /staffs/request-reset-password
  • ✅ POST /staffs/request-reset-password-by-email
  • ✅ GET /services/me
  • ✅ POST /services/generate-api-key
  • ✅ DELETE /services/revoke/:id
  • ✅ POST /members/wechat/login
  • ✅ GET /members/me
  • ✅ PUT /members/me
  • ✅ GET /members/me/qr-code
  • ✅ GET /members
  • ✅ POST /members/bulk
  • ✅ GET /members/:id
  • ✅ POST /members/direct
  • ✅ PUT /members/:memberId
  • ✅ PUT /members/:memberId/direct
  • ✅ PATCH /members/:memberId/set-active
  • ✅ GET /members/summary/daily
  • ✅ POST /members/wechat/sync/:memberId
  • ✅ GET /consents/current
  • ✅ GET /consents
  • ✅ GET /consents/:id
  • ✅ POST /consents
  • ✅ PUT /consents/:id
  • ✅ POST /consents/members/accept-current
  • ✅ GET /consents/members/me
  • ✅ GET /consents/members/:id
  • ✅ GET /consents/members

Missing Endpoints:

  • ❌ GET /staffs/check-session/:sessionId
  • ❌ POST /staffs/reset-password/:sessionId
  • ❌ POST /services/get-access-token (✅ Step 144)
  • ❌ PATCH /consents/publish (✅ Step 143)
  • ❌ PATCH /consents/rollback

Missing API Endpoints (Not Yet Tested)

The following API endpoints are documented but not yet included in the test suite. These can be added as future test steps:

Notification API - Specialized Endpoints

  • POST /in-apps/points/received - Create point received notification (specialized)
  • POST /in-apps/points/receipt-error - Create receipt error notification
  • POST /in-apps/points/receipt-processing - Create receipt processing notification
  • POST /in-apps/points/nearly-expire - Create point nearly expire notification
  • POST /in-apps/points/expired - Create point expired notification
  • POST /in-apps/tier/upgraded-enhanced - Create tier upgrade notification
  • POST /in-apps/tier/adjusted - Create tier adjusted notification
  • POST /in-apps/tier/renewal-reminder - Create tier renewal reminder notification
  • POST /in-apps/badge/unlocked - Create badge unlocked notification
  • POST /in-apps/badge/progress - Create badge progress notification
  • POST /in-apps/promotion/create - Create promotion notification
  • POST /in-apps/news/create - Create news notification
  • GET /in-apps/me/events - Server-Sent Events (SSE) stream for real-time notifications

Notification API - Mail Actions

  • POST /mail-actions - Send email using template
  • POST /mail-actions/bulk - Send bulk emails using template
  • POST /mail-actions/preview - Preview email without sending
  • POST /mail-actions/send-to-all-subscribers - Send email to all subscribers
  • POST /mail-actions/validate-emails - Validate emails against whitelist
  • POST /mail-actions/resend/:id - Resend a previously sent email

Reward API

  • POST /rewards/:id/decrease-stock - Decrease reward stock (staff)
  • DELETE /reward-catalogs/:id - Delete reward catalog (staff)

Cluster API

  • POST /tiers/bulk - Get multiple tiers by IDs (bulk query)
  • GET /tiers/level/:level - Get tier by level
  • DELETE /badges/:id - Delete badge (staff)
  • DELETE /interests/settings/:id - Delete interest setting (staff)
  • PATCH /interests/settings/:id/set-active - Set interest active status (staff)
  • GET /badge-member-progress/:id - Get specific badge member progress by ID
  • GET /badge-member-progress - Get all badge member progress (admin)
  • GET /badge-member-progress/members/:memberId - Get badge progress for specific member
  • POST /badge-member-progress/ensure-all/:memberId - Ensure all badge progress for specific member (staff)
  • POST /interests/:memberId - Submit member interests for specific member (admin)

Point API

  • GET /receipt/verify/:id - Get specific receipt verification transaction
  • POST /receipt/verify/:id - Verify receipt automatically (auto verification)
  • PUT /receipt/verify/:id/manual - Change status of receipt verification manually
  • DELETE /point-rules/shop/:id - Delete point shop rule (staff)
  • DELETE /point-rules/event/:id - Delete point event rule (staff)
  • PATCH /point-rules/event/:id/set-active - Set event rule active status (staff)
  • PUT /point-rules/shop/default - Update default conversion rate (staff)
  • POST /request/spend - Create point spend request (staff)

Auth API

  • GET /staffs/check-session/:sessionId - Check if reset password session is valid
  • POST /staffs/reset-password/:sessionId - Reset password using session ID
  • POST /services/get-access-token - Get access token using API key
  • PATCH /consents/publish - Publish (set as current) a consent version
  • PATCH /consents/rollback - Rollback to previous consent version

Notes

  • Tests use automatic token management - you don't need to manually obtain tokens
  • Tokens are cached in .test-tokens.json to speed up subsequent test runs
  • The test suite supports both user and staff authentication flows
  • Userflow tests demonstrate complete end-to-end scenarios with multiple API calls
  • The 155-step test suite provides comprehensive coverage of all major API endpoints including full CRUD operations for staff and customer action flows
  • Some steps are marked as "SKIPABLE" and will gracefully skip if required data is not available
  • Tests include proper error handling and informative console logging for debugging
  • Note: The "Missing API Endpoints" section above lists documented APIs that are not yet covered in the test suite - these can be added as additional test steps in the future
  • Simulation Approach: Steps 118 and 121 use realistic scenario simulation instead of direct API calls:
    • Badge Unlock (Step 118): Simulates multiple customer purchases by earning points with purchase amounts, which naturally triggers badge progress updates for purchase-related badges
    • Tier Upgrade (Step 121): Simulates point accumulation through multiple transactions, which naturally triggers tier projection updates when tier requirements are met