Test Cases: Permissions

Module	CORE-02	URD	Permissions URD

1. Coverage Summary

Area	URD reqs	Test cases	Covered
Fixed Roles (ROLE)	9	13	✅
Custom Roles (CROLE)	8	6	✅
Permission Catalog (PERM)	5	5	✅
Grant / Revoke (GRANT)	7	6	✅
Effective Permissions & Scope (EFF)	4	4	✅

Casbin RBAC with per-merchant domains is enabled on this branch — filtering and grant resolution are exercised against the live enforcer, not a mock.

2. Test Cases

TC-<AREA>-NNN lines up with URD-<AREA>-NNN. Priority = P1 (critical) / P2 (major) / P3 (minor).

TC ID	URD ref	Scenario	Steps	Expected	P
TC-ROLE-001	URD-ROLE-001	Eight fixed roles seeded	1. Initialize system 2. List roles	Super Admin, Admin, Operator, Owner, Cashier, Employee, Customer, Guest all exist	P1
TC-ROLE-002	URD-ROLE-003	Priorities set correctly	1. Inspect role priorities	999 / 900 / 600 / 500 / 110 / 100 / 10 / 1 respectively	P1
TC-ROLE-003	URD-ROLE-004	Super Admin bypass	1. Sign in as Super Admin 2. List all merchants	All merchants returned, no filtering	P1
TC-ROLE-004	URD-ROLE-004	Admin / Operator bypass	1. Sign in as Admin (then Operator) 2. List merchants	All merchants returned, filtering skipped	P1
TC-ROLE-005	URD-ROLE-005	Owner sees own org only	1. Owner of Org A (M1,M2) lists merchants; Org B has M3,M4	Only M1, M2 returned	P1
TC-ROLE-006	URD-ROLE-006	Employee sees assigned merchant	1. Employee assigned M1 only lists merchants	Only M1 returned	P1
TC-ROLE-007	URD-ROLE-006	Cashier mirrors Employee scope	1. Cashier assigned M1 lists merchants	Only M1 returned (same as Employee)	P1
TC-ROLE-008	URD-ROLE-007	Count is filtered	1. Owner with 2 merchants counts merchants	Count = 2	P1
TC-ROLE-009	URD-ROLE-008	Foreign ID access denied	1. Owner of Org A requests Org B's M3 by ID	Access denied	P1
TC-ROLE-010	URD-ROLE-008	User filter cannot widen scope	1. Owner passes a filter to include Org B	Filter ignored; only own data returned	P1
TC-ROLE-011	URD-ROLE-002	System role immutable	1. Try to delete Super Admin role	Rejected	P1
TC-ROLE-012	URD-ROLE-002	System priority immutable	1. Try to change Admin priority 900→500	Rejected	P2
TC-ROLE-013	URD-ROLE-009	HQ-owner expansion	1. Owner at organizer HQ lists merchants	Every sibling merchant of the organizer returned	P2
TC-CROLE-001	URD-CROLE-001	Create custom role	1. Admin/Owner creates role with name + priority	Role created, type CUSTOM	P1
TC-CROLE-002	URD-CROLE-002	Identifier auto-generated & unique	1. Create two roles same priority+name in one scope	Second rejected (collision)	P2
TC-CROLE-003	URD-CROLE-003	Priority guard on create	1. Owner creates role with priority ≥ own	Rejected (privilege escalation)	P1
TC-CROLE-004	URD-CROLE-004	Scope link created	1. Create role scoped to an org/merchant	Scope membership recorded	P2
TC-CROLE-005	URD-CROLE-006	Delete blocked when users assigned	1. Delete custom role that has users	Blocked — unassign first	P1
TC-CROLE-006	URD-CROLE-007	Delete cascade	1. Delete custom role with no users	Role + grants + scope links soft-deleted	P1
TC-PERM-001	URD-PERM-001	Create permission	1. Admin creates permission with code/action/scope/subject	Permission created	P1
TC-PERM-002	URD-PERM-002	Code uniqueness	1. Create permission with an existing code	Rejected	P1
TC-PERM-003	URD-PERM-003	i18n name/description	1. Inspect a permission	Name & description carry en + vi	P2
TC-PERM-004	URD-PERM-004	Update permission	1. Admin updates a permission's name	Updated; code stays immutable	P2
TC-PERM-005	URD-PERM-005	Delete blocked with active grants	1. Delete a permission granted to a role	Blocked	P1
TC-GRANT-001	URD-GRANT-001	Grant permissions to role	1. Admin grants [P1,P2] to role	Grants created, count returned	P1
TC-GRANT-002	URD-GRANT-002	Revoke permissions from role	1. Admin revokes a permission	Grant removed	P1
TC-GRANT-003	URD-GRANT-003	Idempotent grant	1. Grant an already-granted permission	Skipped, skip count returned	P2
TC-GRANT-004	URD-GRANT-004	Grant / revoke roles to users	1. Admin assigns then removes a role	User gains then loses the role on next sign-in	P1
TC-GRANT-005	URD-GRANT-005	Privilege-escalation guard	1. Actor grants on a role ≥ own priority	Rejected	P1
TC-GRANT-006	URD-GRANT-006, URD-GRANT-007	View role / user assignments	1. List a role's permissions, users, and a user's roles	Correct lists returned	P2
TC-EFF-001	URD-EFF-001	Effective = direct ∪ inherited	1. User has role grants + a direct grant 2. Query effective	Union returned, deduplicated	P1
TC-EFF-002	URD-EFF-002	Mode filter	1. Query with mode=direct, then mode=inherit	Only direct, then only inherited	P2
TC-EFF-003	URD-EFF-003	List user orgs & merchants	1. Query a user's organizers and merchants	Correct memberships returned	P2
TC-EFF-004	URD-EFF-004	Grant resolves in active domain	1. Grant in Merchant_A 2. Act under Merchant_B header	Grant does not apply in B	P1

3. Traceability

Every Must requirement maps to ≥1 test case.

URD requirement	Test case(s)	Status
URD-ROLE-001	TC-ROLE-001	✅ Covered
URD-ROLE-002	TC-ROLE-011, TC-ROLE-012	✅ Covered
URD-ROLE-003	TC-ROLE-002	✅ Covered
URD-ROLE-004	TC-ROLE-003, TC-ROLE-004	✅ Covered
URD-ROLE-005	TC-ROLE-005	✅ Covered
URD-ROLE-006	TC-ROLE-006, TC-ROLE-007	✅ Covered
URD-ROLE-007	TC-ROLE-008	✅ Covered
URD-ROLE-008	TC-ROLE-009, TC-ROLE-010	✅ Covered
URD-ROLE-009	TC-ROLE-013	✅ Covered
URD-CROLE-001	TC-CROLE-001	✅ Covered
URD-CROLE-002	TC-CROLE-002	✅ Covered
URD-CROLE-003	TC-CROLE-003	✅ Covered
URD-CROLE-004	TC-CROLE-004	✅ Covered
URD-CROLE-005	TC-CROLE-001 (update path)	✅ Covered
URD-CROLE-006	TC-CROLE-005	✅ Covered
URD-CROLE-007	TC-CROLE-006	✅ Covered
URD-CROLE-008	TC-CROLE-003, TC-CROLE-004	✅ Covered
URD-PERM-001	TC-PERM-001	✅ Covered
URD-PERM-002	TC-PERM-002	✅ Covered
URD-PERM-003	TC-PERM-003	✅ Covered
URD-PERM-004	TC-PERM-004	✅ Covered
URD-PERM-005	TC-PERM-005	✅ Covered
URD-GRANT-001	TC-GRANT-001	✅ Covered
URD-GRANT-002	TC-GRANT-002	✅ Covered
URD-GRANT-003	TC-GRANT-003	✅ Covered
URD-GRANT-004	TC-GRANT-004	✅ Covered
URD-GRANT-005	TC-GRANT-005	✅ Covered
URD-GRANT-006	TC-GRANT-006	✅ Covered
URD-GRANT-007	TC-GRANT-006	✅ Covered
URD-EFF-001	TC-EFF-001	✅ Covered
URD-EFF-002	TC-EFF-002	✅ Covered
URD-EFF-003	TC-EFF-003	✅ Covered
URD-EFF-004	TC-EFF-004	✅ Covered