This comprehensive checklist covers all major pages and functions in the Labitory application. Use this to ensure everything is working correctly after changes or deployment.
- Standard login with email/password works
- Azure SSO login works (
/auth/azure/login/) - User registration form works (
/register/) - Email verification after registration
- Password reset request works (
/password-reset/) - Password reset via email token works
- Account lockout after failed attempts
- Login redirects to intended page after authentication
- 2FA setup page works (
/2fa/setup/) - QR code generation for authenticator apps
- 2FA verification during login (
/2fa/verify/) - Backup codes generation (
/2fa/backup-codes/) - Backup codes download (
/2fa/download-codes/) - 2FA status page (
/2fa/status/) - 2FA disable functionality (
/2fa/disable/) - 2FA regenerate backup codes
- Profile view page (
/profile/) - Profiling works
- Theme preference (light/dark mode) switching
- [x Avatar upload functionality
- Department/college selection
- Calendar view loads correctly (
/) - Dashboard view works (
/dashboard/) - About page displays (
/about/) - About page editing (admin) (
/about/edit/) - Navigation menu works across all user roles
- Responsive design on mobile/tablet
- Dark mode toggle functionality
- Resources list page (
/resources/) - Resource detail page (
/resources/<id>/) - Resource availability calendar view
- Resource images display correctly
- Resource access requirements shown
- Request resource access form (
/resources/<id>/request-access/) - Access request status tracking
- Training requirements display
- Risk assessment requirements
- Report resource issue form (
/resources/<id>/report-issue/) - Issue tracking page (
/issues/<id>/) - My reported issues page (
/my-issues/) - Issues dashboard for admins (
/lab-admin/issues/)
- Create booking form (
/booking/create/) - Booking detail view (
/booking/<id>/) - Edit booking form (
/booking/<id>/edit/) - Cancel booking (
/booking/<id>/cancel/) - Delete booking (
/booking/<id>/delete/) - Duplicate booking (
/booking/<id>/duplicate/)
- Recurring booking creation (
/booking/<id>/recurring/) - Cancel recurring series (
/booking/<id>/cancel-series/) - My bookings page (
/my-bookings/) - Bulk booking operations (
/bookings/bulk/) - Booking conflict detection
- Calendar invitation download
- Templates list page (
/templates/) - Create template (
/templates/create/) - Edit template (
/templates/<id>/edit/) - Delete template (
/templates/<id>/delete/) - Create booking from template (
/templates/create-booking/) - Save booking as template (
/booking/<id>/save-template/)
- Booking check-in (
/booking/<id>/checkin/) - Booking check-out (
/booking/<id>/checkout/) - Check-in status view (
/checkin-status/) - Resource check-in status (
/resource/<id>/checkin-status/) - Usage analytics view (
/usage-analytics/)
- Approval dashboard (
/approval/) - Access requests list (
/approval/access-requests/) - Access request detail (
/approval/access-requests/<id>/) - Approve access request (
/approval/access-requests/<id>/approve/) - Reject access request (
/approval/access-requests/<id>/reject/)
- Risk assessments list (
/risk-assessments/) - Risk assessment detail (
/risk-assessments/<id>/) - Start risk assessment (
/risk-assessments/<id>/start/) - Submit risk assessment (
/risk-assessments/<id>/submit/) - Create risk assessment (
/risk-assessments/create/)
- Training dashboard (
/training/) - Training courses list (
/training/courses/) - Course detail page (
/training/courses/<id>/) - Course enrollment (
/training/courses/<id>/enroll/) - My training page (
/training/my-training/) - Training management (
/training/manage/)
- Manage resource training (
/resources/<id>/manage/) - Assign responsible person (
/resources/<id>/assign-responsible/) - Training requirements (
/resources/<id>/training-requirements/)
- Lab admin dashboard (
/lab-admin/) - [ Approval statistics (
/lab-admin/statistics/) - Booking management (
/lab-admin/manage/)
- Users list (
/lab-admin/users/) - User detail view (
/lab-admin/users/<id>/) - Edit user (
/lab-admin/users/<id>/edit/) - Delete user (
/lab-admin/users/<id>/delete/) - Toggle user status (
/lab-admin/users/<id>/toggle/) - Add new user (
/lab-admin/users/add/) - Bulk import users (
/lab-admin/users/bulk-import/) - Bulk user actions (
/lab-admin/users/bulk-action/) - Export users (
/lab-admin/users/export/)
- Resources management (
/lab-admin/resources/) - Add new resource (
/lab-admin/resources/add/) - Bulk import resources (
/lab-admin/resources/bulk-import/) - Edit resource (
/lab-admin/resources/<id>/edit/) - Resource checklist (
/lab-admin/resources/<id>/checklist/) - Delete resource (
/lab-admin/resources/<id>/delete/) - Close resource (
/lab-admin/resources/<id>/close/) - Open resource (
/lab-admin/resources/<id>/open/)
- Lab admin training view (
/lab-admin/training/) - Training requirements management
- Training course management
- User training completion tracking
- Approval rules management (
/lab-admin/approval-rules/) - Toggle approval rules (
/lab-admin/approval-rules/<id>/toggle/)
- Maintenance dashboard (
/lab-admin/maintenance/) - Add maintenance (
/lab-admin/maintenance/add/) - View maintenance (
/lab-admin/maintenance/<id>/) - Edit maintenance (
/lab-admin/maintenance/<id>/edit/) - Delete maintenance (
/lab-admin/maintenance/<id>/delete/)
- Inductions management (
/lab-admin/inductions/) - Risk assessments management (
/lab-admin/risk-assessments/)
- Billing dashboard (
/lab-admin/billing/) - Billing analytics (
/lab-admin/billing/analytics/)
- Billing periods list (
/lab-admin/billing/periods/) - Create billing period (
/lab-admin/billing/periods/create/) - Billing period detail (
/lab-admin/billing/periods/<id>/) - Close billing period (
/lab-admin/billing/periods/<id>/close/)
- Billing rates management (
/lab-admin/billing/rates/) - Create billing rate (
/lab-admin/billing/rates/create/) - Edit billing rate (
/lab-admin/billing/rates/<id>/edit/) - Delete billing rate (
/lab-admin/billing/rates/<id>/delete/)
- Billing records list (
/lab-admin/billing/records/) - Confirm billing records (
/lab-admin/billing/records/confirm/) - User billing history (
/lab-admin/billing/users/<id>/) - Department billing (
/lab-admin/billing/departments/<id>/) - Export billing data (
/lab-admin/billing/export/)
- Site admin dashboard (
/site-admin/) - Health check page (
/site-admin/health-check/)
- Site admin users list (
/site-admin/users/) - Delete user (
/site-admin/users/<id>/delete/)
- System config page (
/site-admin/config/) - Lab settings (
/site-admin/lab-settings/) - Branding configuration (
/site-admin/branding/)
- Email configuration (
/site-admin/email-config/) - Create email config (
/site-admin/email-config/create/) - Edit email config (
/site-admin/email-config/edit/<id>/) - Test email (
/site-admin/test-email/) - SMS configuration (
/site-admin/sms-config/) - Create SMS config (
/site-admin/sms-config/create/) - Edit SMS config (
/site-admin/sms-config/edit/<id>/)
- Backup management (
/site-admin/backup/) - Create backup (AJAX)
- Backup status (AJAX)
- Download backup
- Restore backup
- Backup automation (
/site-admin/backup/automation/)
- Security dashboard (
/site-admin/security/) - API tokens management (
/site-admin/security/api-tokens/) - Revoke API tokens
- Security events (
/site-admin/security/events/) - Enhanced audit logs (
/site-admin/security/audit-enhanced/) - GDPR management (
/site-admin/security/gdpr/) - Export user data
- Academic hierarchy (
/site-admin/academic-hierarchy/) - Faculties management (
/site-admin/faculties/) - Create faculty (
/site-admin/faculties/create/) - Edit faculty (
/site-admin/faculties/<id>/edit/) - Delete faculty (
/site-admin/faculties/<id>/delete/) - Colleges management (
/site-admin/colleges/) - Create college (
/site-admin/colleges/create/) - Edit college (
/site-admin/colleges/<id>/edit/) - Delete college (
/site-admin/colleges/<id>/delete/) - Departments management (
/site-admin/departments/) - Create department (
/site-admin/departments/create/) - Edit department (
/site-admin/departments/<id>/edit/) - Delete department (
/site-admin/departments/<id>/delete/)
- Audit logs (
/site-admin/audit/) - System updates (
/site-admin/updates/)
- Calendar export (
/calendar/export/) - Personal calendar feed (
/calendar/feed/<token>/) - Public calendar feed (
/calendar/public/<token>/) - Resource calendar export (
/calendar/resource/<id>/export/) - Calendar sync settings (
/calendar/sync-settings/)
- Google Calendar auth (
/calendar/google/auth/) - Google Calendar callback (
/calendar/google/callback/) - Google Calendar settings (
/calendar/google/settings/) - Google Calendar sync (
/calendar/google/sync/) - Google Calendar disconnect (
/calendar/google/disconnect/)
- Notifications list (
/notifications/) - Notification preferences (
/notifications/preferences/) - Email notifications delivery
- SMS notifications delivery
- Push notifications (if enabled)
- Emergency notifications
- Email template management
- Email template preview
- Template variable substitution
- Waiting list view (
/waiting-list/) - Join waiting list (
/waiting-list/join/<resource_id>/) - Leave waiting list (
/waiting-list/leave/<entry_id>/) - Respond to availability (
/waiting-list/respond/<notification_id>/) - Automatic notifications when slots available
- Time-limited availability responses
- Group management view (
/groups/) - Group detail view (
/groups/<group_name>/) - Add user to group (
/groups/<group_name>/add-user/) - Group permissions and access control
- JWT token obtain (
/api/v1/auth/token/) - JWT token refresh (
/api/v1/auth/token/refresh/) - Token revocation (
/api/v1/auth/token/revoke/) - List user tokens (
/api/v1/auth/tokens/) - Token info (
/api/v1/auth/token/info/)
- Users API (
/api/v1/users/) - Resources API (
/api/v1/resources/) - Bookings API (
/api/v1/bookings/) - Approval rules API (
/api/v1/approval-rules/) - Maintenance API (
/api/v1/maintenance/) - Waiting list API (
/api/v1/waiting-list/)
- API authentication required
- Role-based access control
- Rate limiting (if implemented)
- CORS handling for frontend apps
- Load colleges AJAX (
/ajax/load-colleges/) - Load departments AJAX (
/ajax/load-departments/) - Create checklist item AJAX (
/ajax/checklist-item/create/) - Real-time calendar updates
- Dynamic form validation
- Avatar image upload
- Resource image upload
- Risk assessment file upload
- Maintenance document upload
- CSV bulk import files
- Role-based page access (student/technician/sysadmin)
- Resource-level permissions
- Group-based access control
- API endpoint authorization
- CSRF protection on forms
- XSS prevention
- SQL injection protection
- File upload validation
- Session security
- Calendar view on mobile
- Booking forms on mobile
- Navigation menu on mobile
- Touch interactions
- Mobile-optimized layouts
- 404 error page
- 500 error page
- Permission denied pages
- Maintenance mode (if applicable)
- User-friendly error messages
- Health check endpoint (
/health/) - Readiness check (
/health/ready/) - Liveness check (
/health/live/)
Date Tested: ___________
Tested By: ___________
Version: ___________
Environment: [ ] Development [ ] Staging [ ] Production
Issues Found: Use this space to note any issues discovered during testing
Additional Comments: Any additional observations or recommendations