> ## Documentation Index
> Fetch the complete documentation index at: https://docs-terra.withunify.org/llms.txt
> Use this file to discover all available pages before exploring further.

# QA Quick Reference

**Main Test Scripts:** See `QA_TEST_SCRIPTS.md`
**Environment:** the active QA deployment URL

***

## Quick Start Checklist

### Before You Begin

* [ ] Get test account credentials (admin + regular user)
* [ ] Access to test email account
* [ ] Browser: Chrome, Firefox, or Safari (latest)
* [ ] Mobile device or browser dev tools for responsive testing
* [ ] Optional: Airtable account, Plaid sandbox credentials
* [ ] Optional: webhook.site for webhook testing

### Test Data to Prepare

* [ ] Small PDF file (\< 5MB) for file uploads
* [ ] Large file (> 10MB) for size limit testing
* [ ] Test image files (PNG, JPG)
* [ ] Invalid files (.exe, .php) for security testing

***

## 3-Day Testing Plan at a Glance

### Day 1 (6-8 hours) - Core Functionality

**Must complete these critical tests:**

1. ✅ TS-001: User Authentication
2. ✅ TS-002: Create and Publish Form
3. ✅ TS-003: Submit Public Form (Anonymous)
4. ✅ TS-004: View Submissions in Admin
5. ✅ TS-005: Form Status Management
6. ✅ TS-006: Multiple Field Types
7. ✅ TS-007: Form Validation
8. ✅ TS-008: Form Share Links
9. ✅ TS-009: Draft Submissions
10. ✅ TS-010: Email Notifications

**Goal:** Verify basic form creation → publish → submit → view workflow

***

### Day 2 (6-8 hours) - Advanced Features

**Focus on settings and integrations:**
11\. ✅ TS-011: Conditional Logic
12\. ✅ TS-012: Workspaces/Folders
13\. ✅ TS-013: Team Management
14\. ✅ TS-014: Form Versioning
15\. ✅ TS-015: Import/Export
16\. ⚠️ TS-016: Airtable Integration (skip if no account)
17\. ⚠️ TS-017: Plaid Integration (skip if not configured)
18\. ✅ TS-018: Webhooks
19\. ✅ TS-019: Portal Applications
20\. ✅ TS-020: Submission Status Management
21\. ✅ TS-021: Analytics/Insights
22\. ✅ TS-022: Mobile Responsive

**Goal:** Test all settings pages and integrations

***

### Day 3 (6-8 hours) - Edge Cases & Security

**Critical security and edge case testing:**
23\. ✅ TS-023: Concurrent Editing
24\. ✅ TS-024: Permission/Access Control (CRITICAL)
25\. ✅ TS-025: Form Deletion/Archival
26\. ✅ TS-026: Large Form Submission
27\. ✅ TS-027: File Upload Security (CRITICAL)
28\. ✅ TS-028: Form Scheduling
29\. ✅ TS-029: Response Capacity
30\. ✅ TS-030: XSS Prevention (CRITICAL)
31\. ✅ TS-031: Session Timeout
32\. ✅ TS-032: Form Duplication
33\. ✅ TS-033: Multi-language
34\. ✅ TS-034: Email Deliverability
35\. ✅ TS-035: Draft Auto-Save
36\. ✅ TS-036: Submission Export
37\. ✅ TS-037: Applicant Profile/Vault
38\. ✅ TS-038: Audit Log
39\. ✅ TS-039: Error Handling
40\. ✅ TS-040: Performance

**Goal:** Ensure security, test edge cases, verify error handling

***

## Critical Tests (Cannot Skip)

These tests MUST pass before production:

1. **TS-001: Authentication** - Users can log in
2. **TS-002: Create/Publish Form** - Core workflow works
3. **TS-003: Public Submission** - Forms can be submitted
4. **TS-024: Access Control** - Non-admins can't access admin features
5. **TS-027: File Security** - File uploads are validated
6. **TS-030: XSS Prevention** - No script injection possible

***

## Common Test Accounts

Document your test credentials here:

**Admin Account:**

* Email: \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_
* Password: \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_

**Regular User Account:**

* Email: \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_
* Password: \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_

**Test Email for Notifications:**

* Email: \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_

***

## Feature Coverage Map

### Authentication & Users

* Login/Logout (TS-001)
* Session persistence (TS-031)
* Role-based access (TS-024)
* Team management (TS-013)

### Form Creation

* Basic form builder (TS-002)
* Field types (TS-006)
* Conditional logic (TS-011)
* Form duplication (TS-032)

### Form Settings

* Details/status (TS-005)
* Share links (TS-008)
* Notifications (TS-010, TS-034)
* Webhooks (TS-018)
* Translations (TS-033)
* Versioning (TS-014)
* Analytics (TS-021)
* Import/Export (TS-015, TS-036)

### Form Submissions

* Public anonymous (TS-003)
* Validation (TS-007)
* File uploads (TS-006, TS-027)
* Draft submissions (TS-009)
* View in admin (TS-004)
* Status management (TS-020)
* Export data (TS-036)

### Portal (Authenticated)

* Application workflow (TS-019)
* Draft auto-save (TS-035)
* Profile/Vault (TS-037)

### Integrations

* Airtable sync (TS-016)
* Plaid verification (TS-017)
* Webhooks (TS-018)

### Organization

* Workspaces (TS-012)
* Team members (TS-013)
* Audit logs (TS-038)

### Advanced

* Scheduling (TS-028)
* Capacity limits (TS-029)
* Concurrent editing (TS-023)
* Mobile responsive (TS-022)

### Security

* Access control (TS-024)
* XSS prevention (TS-030)
* File validation (TS-027)
* Session timeout (TS-031)

***

## Bug Severity Guidelines

### Critical (Blocks Production)

* Authentication broken
* Cannot create/publish forms
* Cannot submit forms
* Data loss or corruption
* Security vulnerabilities (XSS, unauthorized access)
* System crashes

### High (Should fix before release)

* Features don't work as expected
* Incorrect data displayed
* Email notifications not sending
* Integrations failing
* Poor error handling

### Medium (Should fix soon)

* UI/UX issues
* Minor validation problems
* Performance issues
* Non-critical features broken

### Low (Nice to have)

* Cosmetic issues
* Minor text/label errors
* Enhancement suggestions

***

## Testing Tips

### General

* **Use incognito/private windows** for testing public forms and different user sessions
* **Take screenshots** of every bug immediately
* **Record submission IDs** when testing - makes bugs easier to debug
* **Test in different browsers** (Chrome, Firefox, Safari) if you have time
* **Clear cache** if you see stale data

### Form Testing

* Create test forms with prefix "QA" so they're easy to identify and delete
* Test both simple (3-5 fields) and complex (20+ fields) forms
* Test every field type at least once
* Always test required field validation

### Submission Testing

* Keep a spreadsheet of test submissions for reference
* Use consistent test data (e.g., "Test User", "[test@example.com](mailto:test@example.com)") for easy identification
* Test edge cases: empty submissions, maximum character limits, special characters

### Admin Testing

* Test with both admin and non-admin accounts
* Verify non-admins cannot access admin routes
* Test team member roles: Owner, Editor, Viewer

### Integration Testing

* **Skip Airtable/Plaid tests** if you don't have accounts - mark as "SKIP"
* Use webhook.site for webhook testing (free, no account needed)
* Test notification emails - check spam folder

***

## Known Limitations / Out of Scope

The following are NOT in scope for this QA round:

* Agency multi-tenant features (unless specifically requested)
* SMS notifications (unless Twilio configured)
* Payment integrations
* Custom code execution (TS-016 mentions but may not be active)
* Extensive load testing (just basic performance - TS-040)

***

## Reporting Bugs

### What to Include

1. **Test Script #** (e.g., TS-003)
2. **Clear title** (e.g., "Form submission fails with file upload")
3. **Steps to reproduce** (numbered list)
4. **Expected vs Actual** result
5. **Screenshot or video**
6. **Browser and device** info
7. **Submission/Form ID** if applicable

### Where to Report

* Use Bug Report Template in `QA_TEST_SCRIPTS.md`
* Create GitHub issue (if you have repo access)
* Share in Slack/email with dev team

### Bug Report Example

```
BUG-001: Form validation not showing for required fields

Test Script: TS-007 (Form Validation)
Date: 2024-01-15
Severity: High
Browser: Chrome 120 on macOS

Steps to Reproduce:
1. Visit form /f/qa-test-1
2. Leave "First Name" field empty
3. Click Submit

Expected: Error message "This field is required"
Actual: Form submits without validation error

Screenshot: [attach]
Form ID: abc-123
```

***

## End-of-Day Checklist

At the end of each day:

* [ ] Update test completion count in daily summary
* [ ] Document all bugs found
* [ ] Note any blockers for tomorrow
* [ ] Flag critical issues immediately to dev team
* [ ] Save all screenshots to organized folder
* [ ] Update pass/fail status for each test

***

## Final Report Checklist

After 3 days, prepare final report:

* [ ] Total tests executed (target: 35-40 out of 40)
* [ ] Pass rate percentage
* [ ] Bug summary (Critical/High/Medium/Low counts)
* [ ] Recommendation: Ready for production? Yes/No
* [ ] List any blockers or areas not tested
* [ ] Provide prioritized bug fix list

***

## Quick Command Reference

### Accessing Different Environments

* **QA deployment:** the active QA deployment URL
* **Local (if running):** localhost:3000

### Key URLs to Test

* `/` - Dashboard
* `/forms` - Forms list
* `/forms/[id]/edit` - Form builder
* `/forms/[id]/settings` - Form settings
* `/forms/[id]/submissions` - Submissions list
* `/f/[slug]` - Public form
* `/portal` - Applicant portal
* `/portal/applications/[id]` - Application detail
* `/settings` - Organization settings
* `/applicants` - Applicants list

### Browser Dev Tools

* **F12** or **Cmd+Opt+I** - Open dev tools
* **Cmd+Shift+M** - Toggle mobile view
* **Application tab** - View cookies/storage
* **Network tab** - Monitor API calls
* **Console tab** - Check for JavaScript errors

***

## Questions During Testing?

If you encounter:

* **Unclear requirements** - Flag and continue, note in bug report
* **Environment issues** - Check with dev team (credentials, integrations)
* **Test blockers** - Document and move to next test
* **Assumed functionality** - Document assumption, test anyway

**Contact:**

* Dev team: \[Slack channel / Email]
* Questions: \[Contact person]

***

## Success Criteria

QA is successful if:

* ✅ All Critical tests pass
* ✅ All High priority tests pass (or bugs documented)
* ✅ No Critical or High security issues
* ✅ Core workflow (create → publish → submit → view) works flawlessly
* ✅ 80%+ overall pass rate
* ✅ All bugs clearly documented with repro steps

***

**Ready to start?** Begin with Day 1, TS-001 in the main test scripts document.

Good luck! 🚀
