Master cross-cutting platform features including user management, permissions, lookup tables, email sub-system, system defaults, and audits that form the foundation for every module in the system
Global Functionality is the shared platform layer underlying all ABC modules. Without it, every module would need its own user management, its own permission system, its own email engine—creating inconsistency, duplicated effort, and security gaps. Instead, Global Functionality centralizes these concerns.
What it delivers: (1) Single user directory and authentication—one login grants access to all authorized modules; (2) Role-based permission matrix—L0/L1/L2/L3 levels across 15 modules ensure consistent security; (3) Configurable lookup tables—chapters customize dropdown values without touching code; (4) Email platform—20+ templates per module, dynamic personalization, non-prod safety; (5) System defaults—three-tier hierarchy (National→Chapter→User) lets chapters override National settings; (6) Audit trails—every record change tracked with who/when/why for compliance and troubleshooting.
Business value: (1) Operational consistency—same permission model, email process, and audit trail everywhere; (2) Time to market—new modules inherit user/permission/email infrastructure, reducing build time; (3) Security—centralized permission enforcement, password policy, masquerade audit; (4) Governance—complete audit history enables compliance audits and data discrepancy resolution; (5) Flexibility—lookup tables and defaults adapt to chapter needs without code changes.
1. Chapter Staff Users — Create, clone, browse, edit, delete user accounts. Set active/inactive status, enable password reset, masquerade as user (National/Super User only), and manage user permissions. Triggered operations: password reset email, account creation notification.
2. Permission Groups — 15 modules × 4 permission levels (L0=Restricted, L1=View, L2=Edit, L3=Admin). Super User flag grants all L3 permissions globally. Controls navigation visibility, action availability (create/edit/delete), and report access across all modules.
3. Lookup Tables — Configurable code/label tables defining dropdown values. Examples: Chapter dropdown, Department codes, Status values. Migrated from legacy Access system. Support table-level locking (National prevents chapter edits), system-level locking (protect critical codes), and approval workflows (chapter requests National to modify).
4. Email Sub-System — 20+ templates per module. Supports dynamic variables ({firstname}, {company}, etc.) for personalization. Non-production safety (recipient swapping, subject prefix, warning banners). SMS support on select templates. Chapter-level customization of templates and sender information.
5. System Defaults — 3-tier hierarchy: National sets baseline, Chapter overrides National, User preference overrides Chapter. 14+ configurable settings (colors, date formats, default event type, etc.). Color indicators show override status: orange=different from parent, green=same as parent.
6. Audits & Change History — Record-level change panels show field-by-field deltas with timestamps and user attribution. System event logs capture API calls, imports, chapter modifications, errors. Audit reports enable bulk identification and remediation of data discrepancies.
Scope: 6 Confluence pages documenting design, 55+ line items covering feature behavior, 100+ Jira tickets (bugs, enhancements, documentation).
Primary Stakeholders:
Dependent Modules: All 15 ABC modules depend on Global Functionality for user management, permission enforcement, email, defaults, and audit trails. Changes to Global Functionality can cascade across all modules.
Understand that Global Functionality is foundational—every other module depends on it working correctly. Permission bugs, email failures, or audit trail gaps affect the entire system. QA should verify that user management is intuitive, permission matrix is consistent, and audit trails are accurate. Test across different user roles (Chapter Staff, National, Super User) to ensure role-appropriate access and visibility.
Create User: Navigate to System Admin → Users. Click "New User". Enter Last Name (required), First Name (required), Email (required, validated). System generates temporary password, sends password reset email to user. User logs in, sets permanent password (10 char min, 3 of 4 types: lower/upper/number/special). Status defaults to Active.
Clone User: Click "Clone" on existing user row. System copies user's permissions and defaults to new user. Staff updates name/email, confirms. Useful for onboarding replacements (staff departs, new hire clones their profile, inactivates old account).
Browse Users: Users list shows Last Name, First Name, Email, Status (Active/Inactive), Last Login, Created Date. Filter by Status or search by name. Click user row to view details.
Edit User: Click user row to open edit modal. Update Last Name, First Name, Email, Status. Confirm changes. If changing to Inactive, confirmation prompt: "Deactivate user? They will not be able to log in." If changing to Active, confirmation: "This will re-enable their login."
Delete User: Click "Delete" button (available only if user has zero record history—no transactions, events created, etc.). Confirmation required: "Permanently delete user? This cannot be undone." Once deleted, user is removed from system entirely.
Masquerade: Click "Login As" on user row (L3 Users and National only). Opens new tab with vivid banner: "[You are logged in as: FirstName LastName]". Staff can test user's permissions, debug issues, perform actions on user's behalf. All actions logged to audit trail with masquerader attribution. Click "Exit Masquerade" to return to own account.
Password Reset: Click "Reset Password" on user row. System sends password reset email immediately. User clicks link, sets new password. If user forgot password, they can self-serve via login screen "Forgot Password" link.
Permission Matrix: 15 modules (Events, Membership & Dues, Contacts, etc.) × 4 permission levels = 60 permission settings per user.
Permission Levels:
Super User Flag: When enabled, automatically sets all 15 modules to L3 (Admin). Useful for National staff and system admins. Overrides individual module settings.
Assign Permissions: Click user row, scroll to "Permission Groups" section. For each of 15 modules, toggle permission level (L0/L1/L2/L3). If Super User flag is enabled, individual module settings are greyed out. Save changes. Navigation is updated immediately for next login.
Permission Enforcement: System checks permission on every action. Attempt to access restricted module shows 403 Forbidden. Attempt to edit without L2+ shows "Permission Denied" message. Buttons for create/edit/delete are hidden from L0/L1 users.
Browse Lookup Tables: Navigate to System Admin → Lookup Tables. Table shows all configurable code/label tables (Chapter, Department, Status, etc.). Filter by table name or search. Click table to manage codes.
Edit Lookup Table (Unlocked): If table is unlocked, staff can edit codes directly. Edit-in-place: click code row, change label or add new code, hit Enter. System saves immediately. Column indicator shows "Unlocked" in green. All changes logged to audit trail.
Locked Table (National Lock): If National has locked entire table, chapter sees "Locked by National" banner. No edits allowed. Staff must contact National via Zoho email workflow to request unlock or modification.
System Lock (Individual Code): Critical codes (e.g., "Chapter Default Code") have system lock enabled. Even in unlocked table, these codes cannot be edited/deleted. "Lock" indicator shows next to code. Explicit unlock action required (National only) to modify.
Approval Required Workflow: Some tables are configured to require approval. When chapter edits a code, system sends Zoho email to National: "Chapter X requests modification to [table name]: [code] [change details]". National reviews, approves/denies in Zoho. Upon approval, change is applied to system. Chapter receives confirmation email.
Export/Backup: Staff can export lookup table as CSV for backup. Click "Export" button on table header. Download contains all codes and labels. Import feature available to bulk-load codes (admin only).
Browse Email Templates: Navigate to System Admin → Email Templates. Templates are grouped by module. Filter by module or search by template name (e.g., "Password Reset", "Invoice Due"). Each template shows Subject, From address, and preview of body.
Edit Email Template: Click template to open editor. Fields: Subject (required), Body (rich text or HTML), Reply-To address (optional), From address (defaults to chapter sender, override available), CC/BCC (optional, support dynamic variables). Dynamic variables available: {firstname}, {lastname}, {company}, {email}, {chapter}, etc. Insert via button picker or manual {{variable}} syntax. Save changes. All edits logged to audit trail.
Preview Email: Click "Preview" to see rendered template with sample data substituted. Shows how {firstname} and other variables will appear to recipient. Verify formatting, hyperlinks, signature.
Test Email: Click "Send Test" to email rendered template to current user's inbox. Useful for verifying formatting before deploying to production.
Non-Production Email Handling: In non-prod environment (Staging, QA), all emails have: (1) Subject prefix "[TEST] " added automatically, (2) Recipient swapped to system test email address (staff configures this per chapter in settings), (3) Warning banner in email body: "This is a test email. Do not respond." Prevents accidental customer contact during testing.
SMS Support: Select templates (password reset, appointment reminder, invoice due) support SMS delivery. Enable SMS toggle in template editor. SMS body is shorter, uses subset of variables. Select to deliver via Email, SMS, or Both.
Capability Control: Email template access requires L3 permission in Global Functionality module. Chapter staff with L2 can request National to modify templates.
Default Hierarchy: User preference → Chapter default → National default. System searches in that order. First non-null value wins. Example: If user sets "Default Date Format" to MM/DD/YYYY, that is used. If user hasn't set it, chapter's default is used. If chapter hasn't set it, National default is used.
14+ Configurable Settings:
Configure National Defaults: National staff (Super User) navigate to System Admin → Defaults. Tab: "National". Configure each setting. Save. These become the fallback for all chapters.
Configure Chapter Defaults: Chapter staff navigate to Settings → Defaults. Tab: "Chapter". Configure each setting that differs from National. Color indicator: orange = overridden from National, green = same as National. Chapter staff can also see "National Baseline" for reference.
Configure User Preferences: User navigates to My Settings → Preferences. Tab: "Personal". Configure personal overrides (e.g., "I prefer 24-hour time format"). All other settings cascade from chapter/national.
Reset to Parent: At any level (chapter or user), click "Reset to Parent" on a setting to clear override and inherit from parent level. Changes effective on next login.
Record Change History: On any record (contact, event, invoice, etc.), click "History" or "Audit Trail" button (usually top-right). Fly-out panel appears showing timeline of all changes. Each entry shows: timestamp, user who made change, field name, old value → new value. If user masqueraded, shows "[Masquerader] on behalf of [User]". Entries are immutable—cannot be edited or deleted.
Change History Filtering: Filter by date range, user, field name. Search for specific value. Export history as CSV.
System Event Logs: Navigate to System Admin → Event Logs. Log entries capture: API calls (with request/response), bulk imports (file name, row count), chapter modifications (who did what), system errors (stack trace). Filter by event type, date range, user, status (success/error). Useful for troubleshooting failed imports or identifying unauthorized changes.
Audit Reports: Navigate to System Admin → Audit Reports. Pre-built reports identify data discrepancies: (1) Accounts with no valid billing address, (2) Invoices with missing line items, (3) Contacts with duplicate email addresses, (4) Users with stale passwords (90+ days). Click report to view results as table. Table supports inline editing (edit-in-place) for bulk remediation. Save bulk changes, system logs remediation action to event log.
Permission for Audits: Change history visible to any user who can view a record. System event logs and audit reports require L3 (Admin) permission in Global Functionality. National staff can see global event logs; chapter staff see only their own chapter's events.
Test end-to-end workflows for each subsystem. Create a user, assign permissions, verify navigation updates. Edit a lookup table, verify change is logged. Send test email, verify template variables are substituted and non-prod handling is applied. Set chapter default, user preference, verify cascade order. View record change history, verify all field changes are captured accurately. Test masquerade flow, verify vivid banner appears and actions are logged.
One of four access tiers per module: L0 (Restricted/no access), L1 (View), L2 (Edit), L3 (Admin). Controls visibility and action availability.
Flag setting all 15 module permissions to L3 (Admin) globally. Grants National and system admin staff full platform access without per-module configuration.
Login as another user (L3 only). Opens new tab with vivid banner showing masquerade status. All actions logged with masquerader attribution. Used for testing and support.
Configurable code/label table defining dropdown values. Migrated from legacy Access system. Examples: Chapter codes, Department codes, Status values. Supports locking and approval workflows.
National prevents chapter from editing entire lookup table. Chapter sees "Locked" indicator, cannot modify codes. Must request National unlock via Zoho workflow.
Protection for individual critical codes (e.g., "Default Code") even in unlocked table. Requires National unlock action before modification.
Workflow where chapter modifications trigger Zoho email to National for review. Upon National approval, change is applied to system. Chapter receives confirmation.
Fly-out panel on record showing all field-level changes: who changed it, when, from old value to new value. Immutable audit trail.
Pre-built report identifying data discrepancies. Results displayed in table with inline edit-in-place capability for bulk remediation.
Log of API calls, imports, chapter modifications, and system errors. Requires L3 permission to access. Useful for troubleshooting and identifying unauthorized changes.
User preference → Chapter default → National default. System searches in that order. First non-null value is used for system behavior.
Tokenized field in email template ({firstname}, {company}, etc.) that is substituted with actual value when email is sent. Enables personalization.
In staging/QA, emails automatically: add "[TEST]" subject prefix, swap recipient to test address, include warning banner. Prevents accidental customer contact during testing.
JavaScript-based inline editing in tables (DataTables). Click cell, edit, press Enter, save immediately. Key client requirement for adoption. Used in lookup tables and audit report remediation.
Duplicate existing user's profile (name, email, permissions, defaults) to create new account. Useful for onboarding replacements.
Minimum 10 characters, requiring 3 of 4 types: lowercase, uppercase, numeric, special character. Applied to all user password resets.
Familiarize yourself with these terms before testing. They appear frequently in documentation and test scenarios. Permission levels control everything in Global Functionality—ensure you understand the difference between L0/L1/L2/L3 before writing test cases.
CRUD Operations: Create user with valid inputs (name, email). Verify password reset email is sent. Clone user, verify permissions copied. Edit user name/email/status. Verify changes persisted. Delete user with no history, verify removed from system.
Validation: Attempt create without Last Name—expect validation error. Attempt create with invalid email format—expect error. Duplicate email—expect error. Password reset with non-existent user—expect graceful failure.
Session & Authentication: Create new user, log in with temporary password, forced password reset flow. Verify new password meets policy (10 char, 3 of 4 types). Login with invalid password—expect locked after 3 attempts. Password reset via "Forgot Password"—verify email sent and reset link works.
Masquerade: Log in as L3 user, click "Login As" on another user. Verify vivid banner shows on new tab. Perform action (e.g., edit record), verify audit log attributes action to masquerader. Exit masquerade, verify return to original account.
Status Changes: Inactivate active user, verify login fails. Reactivate, verify login succeeds. Test confirmation prompts on status changes.
Permission Matrix (15 modules × 4 levels): For each module, create test users at L0, L1, L2, L3. Verify: (1) L0 user—module not in navigation, direct URL access returns 403; (2) L1 user—module visible, can view/search, Create/Edit/Delete buttons hidden; (3) L2 user—can create new records, edit own records, delete own records if no history; (4) L3 user—full access, all buttons visible, can edit any record, access admin screens.
Super User Flag: Create user with Super User enabled. Verify all 15 modules show L3 automatically. Individual module settings are greyed out. Disable Super User flag, verify individual module settings now editable.
Navigation Visibility: Test that permission changes immediately affect next login. User logs in with L1 Events, permission changed to L0 while logged in. On next login, Events module should be hidden.
Cross-Module Permissions: Verify permission in one module doesn't grant access to other modules. User with L3 Events but L0 Contacts should not see Contacts navigation.
Boundary Conditions: L2 user tries to delete record with history—expect error. L1 user tries to create record—expect permission denied. L0 user tries to access module via direct URL—expect 403.
Edit-in-Place (Unlocked Table): Open unlocked lookup table. Click code row, edit label, press Enter. Verify save occurs immediately, no page reload. Verify change appears in dropdown menus across system. Add new code, verify saved and available in dropdowns.
National Lock: Lock entire table from National. Chapter staff should see "Locked" banner, edit button disabled. Chapter staff attempts edit—expect error "Table is locked by National".
System Lock (Individual Code): Lock critical code within table. Chapter staff sees lock indicator next to code, cannot edit. Attempt edit—expect error "This code is system-locked".
Approval Workflow: Configure table for approval workflow. Chapter staff edits code. Verify Zoho email sent to National. National approves via Zoho. Verify change applied to system, chapter receives confirmation email. National denies approval, verify change not applied, chapter receives denial notification.
Export/Import: Export lookup table as CSV. Modify CSV locally, import back. Verify bulk codes loaded. Malformed CSV—expect import error with line numbers.
Template Customization: Edit email template, change subject, body, reply-to, from address. Save. Send test email. Verify received email matches edited template.
Dynamic Variable Substitution: Edit template to include {firstname}, {company}, {chapter}. Send test email. Verify variables replaced with actual values for user/account.
Non-Prod Handling: In QA environment, send email. Verify: (1) Subject has "[TEST]" prefix, (2) Recipient is test address (not original), (3) Body contains warning banner "This is a test email".
SMS Support: For SMS-enabled template, toggle SMS delivery on. Send test. Verify SMS received with shortened body (no HTML, variables substituted). Verify email not sent (or both sent if "Both" option selected).
Permission Control: L2 user attempts to edit template—expect "Permission Denied". L3 user can edit templates.
Preview & Test: Open template, click Preview, verify sample data rendered correctly. Click "Send Test", verify email arrives quickly.
3-Tier Hierarchy Cascade: Set National date format to MM/DD/YYYY. Chapter staff doesn't override, user doesn't set preference. Verify user sees MM/DD/YYYY. Chapter staff sets Chapter default to DD/MM/YYYY. Verify user now sees DD/MM/YYYY. User sets personal preference to MM/DD/YYYY. Verify user sees MM/DD/YYYY (personal wins). User resets to parent, verify cascade back to Chapter DD/MM/YYYY.
Color Indicators: Configure National default, Chapter override National. In chapter settings, verify green indicator on National value, orange indicator on Chapter override. Change Chapter back to match National, verify both green.
Missing Levels: If chapter hasn't set default and user hasn't set preference, system uses National. If National hasn't set it either, system uses hardcoded fallback (verify value in documentation).
Defaults Applied Correctly: Set time zone default to Pacific. Verify system displays all timestamps in Pacific. Change user preference to Eastern. Verify user sees times in Eastern. Other users unaffected.
Reset Functionality: Set Chapter default to custom value. Click "Reset to Parent". Verify reset to National default. User preference reset similarly.
Record Change History: Create record with initial data. Edit multiple fields (name, email, status, etc.). Click History panel. Verify all changes appear with: timestamp, user, field name, old value → new value. Verify order is chronological. Masquerade as user and edit, verify audit shows "[Masquerader] on behalf of [User]".
Change History Filtering: History with 50+ changes. Filter by date range (e.g., last week). Verify only changes in date range shown. Filter by field name (e.g., "Email"). Verify only email changes shown. Search for specific value. Verify matches found.
History Export: Click "Export History" to CSV. Open CSV locally, verify all changes present, format readable.
System Event Log: Perform bulk import, API call, chapter modification. Navigate to System Admin → Event Logs. Verify events logged with: timestamp, event type, user, status (success/error), details. Filter by event type, date, user. Search for specific event.
Audit Reports: Run pre-built report (e.g., "Accounts with no valid address"). Verify results displayed. Click report result row to view full record. Click "Edit in Place" on result, modify value, save. Verify bulk edit recorded to event log as audit action.
Permission Navigation: Create user with permissions in Events (L2) and Contacts (L0). Verify navigation shows Events module, hides Contacts. Create user with Super User. Verify all 15 modules visible in navigation.
Defaults Apply System-Wide: Set system default time zone to Pacific. Create event, verify event times display in Pacific. Create contact, verify contact interaction timestamps in Pacific.
Lookup Tables Used in All Modules: Create custom lookup table "Chapter Type". Edit value in Global Functionality → Lookup Tables. Verify dropdown in Contacts module reflects change. Verify dropdown in Events module reflects change.
Email System Across Modules: Customize email template for Events module ("Event Reminder"). Verify email sent from Events module uses customized template. Create new module that sends email (if available), verify it uses Global email system with same templates/variables.
Global Functionality is foundational—test it thoroughly in isolation before testing module integrations. Create a test matrix for permissions (15 modules × 4 levels × key actions = 240+ test cases). Test the cascade order for defaults multiple times to ensure accuracy. Verify audit trails are complete and immutable. Test permission changes affect navigation on next login, not immediately. Cross-module testing is critical—permission/email/default bugs can break many modules simultaneously.
L0=Restricted (no access, module hidden), L1=View (search/filter/view only), L2=Edit (create/edit own), L3=Admin (full access). Super User flag sets all to L3. Verify enforcement on every action: button visibility, error messages, URL-direct access.
Last Name, First Name, Email all required. System generates temporary password and sends password reset email immediately. User receives email, clicks link, sets permanent password. Verify all three fields validated before save.
User can only be deleted if they have zero record history (no transactions, events created, etc.). If history exists, Delete button is disabled and user must be inactivated instead. QA: Create user, assign record, attempt delete—expect error. Inactivate instead.
Only Active users can log in. Inactive users receive error "Your account is inactive. Contact administrator." Confirmation required when toggling status. QA: Inactivate user, attempt login—expect error. Reactivate, attempt login—expect success.
Only L3 users and National staff can masquerade. Opens new tab with vivid "[You are logged in as: FirstName LastName]" banner. All actions logged to audit trail with masquerader attribution. QA: L1 user attempts masquerade—expect disabled button. L3 user attempts—expect success with banner.
Minimum 10 characters, requiring 3 of 4 types: lowercase, uppercase, numeric, special character. Applied on user creation, password reset, and self-service password change. QA: Test valid (MyPassword123!), invalid (password, Password123 [no special], Password! [no number]).
Click History button on record to see fly-out panel showing field-level changes: what, when, who. Immutable—cannot edit or delete entries. Masquerade shows "[Masquerader] on behalf of [User]". QA: Create record, edit 3 fields, view history—verify all 3 changes captured accurately.
Audit reports display results in table. Click row to view record. Click edit button on cell to enable inline editing (edit-in-place). Press Enter to save, Escape to cancel. System logs bulk edit actions to event log. QA: Run audit report, use edit-in-place to fix 5 rows, verify all saved and logged.
National manages master lookup tables. Chapters inherit National tables, can customize if not locked. When new code added to National table, chapters automatically inherit. QA: National adds code to lookup table, verify appears in chapter's dropdown. National locks table, chapter cannot edit.
National can lock entire table preventing chapter edits, or lock individual critical codes (system lock). Chapter sees lock indicator, cannot modify. Attempt edit returns error "Table/Code is locked by National". QA: Lock table from National, chapter attempts edit—expect error.
Table configured for approval: Chapter modifies code, system sends Zoho email to National for review. National approves/denies. Approved changes applied to system, chapter receives confirmation. Denied changes not applied. QA: Configure approval workflow, chapter edits, verify Zoho email sent and approval triggers system change.
Critical codes (e.g., "Default Code") have system lock even in unlocked table. Cannot be modified or deleted without explicit National unlock action. QA: Identify system-locked code, attempt edit—expect error. National unlocks, attempt edit—expect success.
National defines baseline template. Each chapter can customize subject, body, reply-to, from address (within chapter limits). Customizations override National baseline for that chapter only. QA: National customizes template, chapter overrides with different subject. Verify chapter sees customized version, other chapters see National version.
Email templates support {firstname}, {lastname}, {company}, {email}, {chapter}, etc. System substitutes actual value when email sent. Variables not found are left blank or show error. QA: Template has {firstname}. Send email. Verify firstname substituted correctly. Test undefined variable—verify graceful handling (blank or error message).
In QA/Staging, all emails automatically: (1) Add "[TEST]" subject prefix, (2) Swap recipient to configured test address, (3) Include warning banner in body. Prevents accidental customer contact during testing. QA: Send email in QA environment. Verify subject prefix, recipient swap, banner present.
Some templates (password reset, appointment reminder, invoice due) support SMS. Editor toggle enables SMS delivery. Body shortened for SMS (no HTML). Variables substituted. User can choose Email, SMS, or Both. QA: Enable SMS on template, send test. Verify SMS received with shortened body.
User preference → Chapter default → National default. System searches in that order, uses first non-null value. QA: National sets time zone to Pacific. Chapter overrides to Eastern. User overrides to Mountain. Verify user sees Mountain. Verify other users see Eastern. Reset user to parent, verify Eastern (chapter level).
In settings, color indicator shows whether default differs from parent. Orange = value overridden (different from parent), Green = value same as parent, Neutral = no value set (inherited). QA: Set chapter default matching National—expect green. Change chapter default—expect orange. Reset to parent—expect green.
Some defaults are National-only (time zone), others available at all three levels (colors, formats). Verify in documentation which defaults are configurable at each level. QA: Attempt to set National-only default at chapter level—expect disabled/readonly field.
Email template editor provides fields: Subject (required), Body (rich text), Reply-To (optional), From (optional, defaults to chapter sender), CC (optional, supports dynamic variables), BCC (optional, supports dynamic variables). All fields validated for length. QA: Test very long subject—verify truncation or validation. Test special characters in From address—verify validation.
These 20 rules are critical—build test cases around each one. Permission levels are enforced on EVERY action, so test them thoroughly. Test the 3-tier defaults cascade exhaustively (User→Chapter→National in multiple scenarios). Email templates with dynamic variables need careful testing to ensure no data leakage or broken formatting. Test lookup table locking/approval workflows end-to-end, including Zoho email integration.
Setup: National creates new chapter in system. Chapter staff hired and assigned L2/L3 permissions for key modules.
Expected Behavior: (1) Chapter automatically inherits National lookup tables, (2) Chapter inherits National default values, (3) Chapter receives all email templates from National, (4) Chapter staff creates first users, assigns permissions, (5) Chapter staff customizes lookup tables (if not locked), overrides defaults (if available), customizes email templates (if L3).
Test Focus: Verify inheritance of lookup tables, defaults, and email templates. Test customization boundaries (what chapter can and cannot customize). Verify new users can be created with correct permissions.
Setup: Senior staff member with L3 permissions in Events, Contacts, and custom defaults departing. New hire replaces them.
Expected Behavior: (1) Click "Clone" on departing staff member's account. (2) System creates new user with copied permissions and defaults. (3) Staff updates name/email to new hire. (4) Inactivate departing staff member (cannot delete due to history). (5) New hire logs in with inherited permissions, no re-configuration needed.
Test Focus: Verify clone copies all permissions correctly (all 15 modules × their levels). Verify defaults cloned (personal overrides copied). Verify new user inherits all settings. Verify old user inactivation prevents login.
Setup: Chapter manager reviews user permissions to identify over-provisioned accounts (users with L3 who should only have L2).
Expected Behavior: (1) Navigate to System Admin → Users. (2) Click "View Permissions" modal to see all 15 modules × levels for each user. (3) Identify users with unnecessary L3 permissions. (4) Edit permission, downgrade from L3 to L2. (5) Save. (6) User receives no notification, but next login sees navigation updated and restricted actions disabled.
Test Focus: Verify permissions modal displays all 15 modules clearly. Verify downgrade takes effect on next login (not immediately). Test that downgrade doesn't grant accidental access to other modules.
Setup: Chapter needs to customize "Event Type" lookup table to add new code "Virtual Hybrid" not present in National baseline.
Expected Behavior: (1) If table is unlocked, click in lookup table, edit-in-place, add new code. Save immediately. (2) If table is locked, chapter sees lock banner, attempts edit, receives error. (3) Chapter contacts National via Zoho (if approval workflow enabled). (4) National reviews, approves. (5) Change applied. (6) New code immediately available in Event Type dropdown system-wide.
Test Focus: Test both locked and unlocked table scenarios. Test edit-in-place saves immediately without page reload. If approval workflow, verify Zoho email sent and approval triggers system change. Verify new code appears in dropdowns.
Setup: Chapter staff wants to customize "Dues Invoice Email" template: update subject line, add chapter logo, personalize with {firstname}.
Expected Behavior: (1) Navigate to System Admin → Email Templates. Filter to "Dues Invoice Email". (2) Click to edit. (3) Update Subject: "Invoice for {firstname}" (was generic). (4) Update Body: add chapter logo HTML, verify formatting. (5) Click Preview: verify sample data substituted, formatting correct. (6) Click "Send Test": receive test email with "[TEST]" subject prefix and warning banner. (7) Verify formatting, spelling, variables. (8) Save template. (9) Next actual invoice sent uses new template.
Test Focus: Verify edit, preview, and test send workflows. Test variable substitution with various data. Test non-prod email handling (prefix, recipient swap, banner). Verify saved template used for subsequent emails.
Setup: National sets default date format to MM/DD/YYYY. Chapter customizes to DD/MM/YYYY. User sets personal preference to MM/DD/YYYY. Three staff members with different override combinations.
Expected Behavior: (1) User with personal override sees MM/DD/YYYY. (2) User without personal override, from chapter with override, sees DD/MM/YYYY. (3) User without personal override, from chapter without override, sees MM/DD/YYYY (National). (4) Chapter changes override—all users in chapter see new format (unless they have personal override). (5) User resets personal preference—sees Chapter default. (6) National changes baseline—all chapters/users without overrides see new value.
Test Focus: Test cascade order exhaustively with multiple users and settings. Verify changes at one level don't affect other levels. Verify reset functionality works correctly. Test date formatting actually changes throughout system (reports, event display, etc.).
Setup: System admin suspects unauthorized changes to key records. Needs to review who changed what and when.
Expected Behavior: (1) Navigate to affected record, click History panel. (2) See all field changes, timestamps, users, old values → new values. (3) If masquerade detected, see "[Masquerader] on behalf of [User]" attribution. (4) Filter history by date range, user, field name. (5) Export history to CSV for documentation. (6) If incident appears to be API-based, navigate to System Admin → Event Logs. (7) Filter by event type (API), date range, user. (8) Identify suspicious API calls with timestamps and details. (9) Report findings to security team.
Test Focus: Verify history panel captures all changes accurately. Test filtering and export. Test system event logs capture API calls with enough detail for investigation. Verify masquerade attribution appears. Test audit trail immutability (cannot edit/delete history).
These scenarios cover common real-world use cases and edge cases. Test each scenario end-to-end, not just isolated features. Scenario 6 (defaults cascade) is particularly complex—test it multiple times with different combinations. Scenario 7 (security investigation) is critical for audit compliance—ensure audit trails are complete and queryable. Test permission changes in isolation and in combinations to catch edge cases.
Run these checklists after every code change to Global Functionality. User CRUD regression is foundational—if users can't be created/managed, the entire system breaks. Permission enforcement regression is critical—permission bugs propagate across all modules. Defaults cascade is complex, so test it multiple times. Audit trail regression is essential for compliance—ensure every change is logged accurately and immutably.
Create Test Users: For each permission level (L0, L1, L2, L3), create at least one test user in each major module (Events, Contacts, Membership & Dues, etc.). Example:
This creates 4+ users per module × 15 modules = 60+ test accounts for comprehensive permission matrix testing.
Create Test Lookup Tables:
This mix of states allows testing locked/unlocked/approval scenarios.
Standard Email Templates: System pre-configured with 20+ templates per module:
Test Setup: Configure chapter to customize 2-3 templates (change subject, add chapter name, update reply-to). Configure SMS on 2 templates. Test non-prod email handling (recipient swap, [TEST] prefix, warning banner) on all templates.
National Defaults (Master):
Chapter Overrides: Create test chapter with following overrides to National:
User Preferences: Create test user with following personal overrides:
This setup allows testing the full cascade order: User→Chapter→National.
Create Test Records with History:
Masquerade Records: Log in as L3 user, masquerade as L2 user, edit a record. Verify history shows "[Masquerader] on behalf of [L2 User]".
This setup allows testing: history filtering, history export, masquerade attribution, change accuracy.
Non-Production Email Settings: Configure QA/Staging environment:
API Test User: Create read-only API key for automated tests (if API testing in scope). Configure with L1 permissions (view only). Separate API key for bulk import testing with L3 permissions.
Performance Baseline: Document response times for key operations (user creation, permission change, lookup table edit, email send) in QA environment. Use as regression baseline after changes.
Invest time upfront creating comprehensive test data and user accounts. The 60+ test user accounts for permission matrix testing will save significant time later. The mixed-state lookup tables (unlocked/locked/approval) allow testing diverse scenarios. Records with change history enable audit trail testing. Careful environment configuration (email swapping, test mailbox) prevents accidental customer contact during testing while enabling email verification.