Integration and widget tests for user management screen

epic-admin-portal-user-management-task-014 — Write integration tests and widget tests covering: paginated list rendering, filter combination correctness against Supabase RLS views, role assignment flow, activation/deactivation toggle with confirmation, invitation submission, multi-chapter affiliation display without duplicate user rows, and navigation to user profile. Use flutter_test with mocked Supabase responses.

high priority high complexity testing pending testing specialist Tier 7

Acceptance Criteria

Widget test suite covers ≥80% of the UserAccountManagementScreen widget tree (measured by flutter_test coverage)

Paginated list rendering: test renders first page of 20 users, scrolls to bottom, triggers next-page fetch, renders 40 users without duplicates

Filter combination test: applying role=Coordinator AND status=Active returns only rows matching both conditions from the mocked Supabase response

Role assignment test: selecting a new role from the role dropdown triggers the correct BLoC event and calls UserManagementService.updateUserRole with correct args

Activation/deactivation toggle test: tapping toggle opens confirmation dialog; confirming calls UserManagementService.setUserStatus; cancelling leaves status unchanged

Invitation submission test: valid email + role → submit → success banner shown, form reset; server error → inline error shown, form not reset

Multi-chapter affiliation test: a user belonging to 3 chapters appears exactly once in the list, with all 3 chapter names displayed in the row

Navigation test: tapping a user row triggers navigation to the profile screen with the correct userId argument

All tests use mocked Supabase responses (no real network calls) via a MockSupabaseClient or equivalent

All tests pass in CI (no flaky async timing issues) with a maximum test run time of 3 minutes for the full suite

Each test is independently runnable (no shared mutable state between tests)

Technical Requirements

frameworks

flutter_test

mocktail or mockito

BLoC test (bloc_test package)

integration_test package

apis

MockUserManagementService (mock of UserManagementService interface)

MockSupabaseClient (mock of Supabase client used in service layer)

data models

UserProfile

UserRole

UserStatus

UserInvitation

Organisation

ChapterAffiliation

performance requirements

Full widget test suite completes in under 3 minutes in CI

Each individual test completes in under 10 seconds

security requirements

No real Supabase credentials or API keys present in test files or test fixtures

Mock data must not include real PII — use synthetic names and fake email addresses

ui components

UserAccountManagementScreen (system under test)

Finders for: user row, filter chips, role dropdown, toggle button, invite form fields, submit button, success/error banners

Execution Context

Execution Tier

Tier 7

Tier 7 - 84 tasks

Can start after Tier 6 completes

View Full Execution Plan

Implementation Notes

Structure tests to mirror the BLoC state machine: each test should start from a known BLoC state (e.g., UserManagementLoaded with a seeded user list), pump the widget, perform an interaction, and assert the resulting state and rendered UI. Use `BlocProvider.value` to inject pre-configured BLoC instances rather than relying on the widget's internal BLoC creation. For multi-chapter affiliation deduplication tests, create a fixture with 3 UserProfile objects sharing the same userId but different chapterIds — verify the list renders 1 row with 3 chapter badges. For pagination tests, use a ScrollController and `tester.drag()` to simulate scroll-to-bottom, then verify the BLoC received a FetchNextPageEvent.

For confirmation dialogs (toggle), use `find.byType(AlertDialog)` and tap the confirm/cancel buttons explicitly. Separate test fixtures into a `test/fixtures/` directory (e.g., user_fixtures.dart) and share them across widget and integration tests to avoid duplicating mock data. Add a `// ARRANGE / ACT / ASSERT` comment structure to every test for readability.

Testing Requirements

Use flutter_test for widget tests and integration_test for end-to-end screen flows. Use bloc_test's `blocTest()` for BLoC unit tests covering each event/state transition. Use mocktail for mocking UserManagementService and SupabaseClient. Organise tests in groups: (1) Widget rendering group — initial state, loading state, empty state, error state; (2) Filter group — single filter, combined filters, filter reset; (3) Role assignment group — happy path, permission denied path; (4) Toggle group — confirm flow, cancel flow, optimistic UI rollback on failure; (5) Invite group — validation, success, server error; (6) Multi-chapter group — deduplication rendering; (7) Navigation group — row tap, deep link.

Run widget tests with `flutter test test/screens/user_management/` and integration tests with `flutter test integration_test/user_management_test.dart`. Aim for zero flaky tests — use `tester.pumpAndSettle()` carefully and prefer explicit `tester.pump(Duration)` for async operations with known durations.

Component

User Account Management Screen

ui high

Dependencies (2)

Profile and optimise the screen for organisations with hundreds to thousands of users. Implement list virtualisation, debounced filter application, query result caching with appropriate invalidation, and measure scroll performance. Ensure initial load and filter operations complete within acceptable time thresholds. epic-admin-portal-user-management-task-012 Audit the entire User Account Management Screen against WCAG 2.2 AA requirements. Verify screen reader semantics for user rows, filter controls, toggle buttons, and the invitation form. Ensure all interactive elements have sufficient touch targets, adequate colour contrast for role and status badges, and logical focus order throughout the screen. epic-admin-portal-user-management-task-013

Epic Risks (3)

medium impact medium prob technical

Displaying NHF users with membership in up to 5 local chapters in a flat list view without duplicating entries requires a non-trivial aggregation query. Incorrect query design could result in duplicated user rows or missing chapter affiliations, confusing admins and causing incorrect role assignments.

Mitigation & Contingency

Mitigation: Design the user list query to GROUP BY user_id and aggregate chapter affiliations as an array field. Use AdminRepository's typed models to surface this aggregated structure to the UI. Validate with a test dataset containing users in 5 chapters.

Contingency: If aggregation query complexity proves too high for real-time filtering, implement a separate multi-chapter affiliation fetch triggered only when a specific user row is expanded, reducing query complexity for the base list.

medium impact medium prob technical

Composable multi-dimensional filters (role + chapter + status + certification state) applied server-side against an org with 2,000+ users may produce slow queries, particularly when filtering by certification state requires joining an additional table.

Mitigation & Contingency

Mitigation: Ensure the relevant filter columns (role, status, chapter_id, certification_expiry) are indexed in Supabase. Use cursor-based pagination rather than OFFSET to maintain consistent performance at high page numbers. Profile filter query combinations against a large dataset during development.

Contingency: If multi-filter performance degrades in production, introduce a denormalised search index table updated on user status changes, allowing the list query to filter from a single table.

medium impact medium prob integration

Deactivating a user account that has ongoing activity assignments, open expense claims, or active chapter affiliations may leave orphaned records or break downstream workflows if the deactivation does not trigger correct cascade handling.

Mitigation & Contingency

Mitigation: Define and document the expected state of each dependent record type on user deactivation before implementing the toggle. Implement deactivation as a UserManagementService operation that checks for and warns about open dependencies before persisting. Write integration tests covering each dependency type.

Contingency: If orphaned record issues are discovered post-launch, provide an admin-accessible reconciliation view that surfaces users with inconsistent dependency states and allows manual resolution without requiring a code deploy.

Quick Links

All Tasks Execution Plan