Skip to main content

Testing Overview

OdontologyApp currently relies on manual testing during development. This guide outlines the testing strategy and recommendations for implementing automated tests in the future.

Current Testing Approach

Manual Testing

Before deploying any changes, perform thorough manual testing:
1

Type Checking

Run the type checker to catch type errors:
npm run check
This uses svelte-check to validate TypeScript/JSDoc types throughout the application.
2

Development Testing

Test in the development environment:
npm run dev
  • Navigate through all modified pages
  • Test all user roles (admin, doctor, secretary)
  • Verify database operations
  • Check form validation
  • Test error handling
3

Production Build Testing

Build and test the production version:
npm run build
npm run preview
Ensure the production build:
  • Builds without errors
  • Runs correctly in preview mode
  • All features work as expected

Testing Checklist

Use this checklist when testing changes:

Authentication & Authorization

Patient Management

Appointment Scheduling

Medical Records

Administration

Database Operations

UI/UX

Browser Testing

Test the application in multiple browsers:
  • Chrome - Primary development browser
  • Firefox - Test compatibility
  • Safari - Test on macOS/iOS
  • Edge - Test on Windows
Check for:
  • Visual consistency
  • JavaScript functionality
  • CSS rendering
  • Form behavior

Database Testing

Test Database Setup

For testing, consider using a separate test database: 
# Create test database
mysql -u root -p -e "CREATE DATABASE ontology_db_test;"

# Import schema
mysql -u root -p ontology_db_test < database.sql
Update your .env or create .env.test: 
DB_HOST=localhost
DB_USER=root
DB_PASS=your_password
DB_NAME=ontology_db_test

Test Data

Create test data for different scenarios: 
-- Test user accounts
INSERT INTO branches (name, address) VALUES ('Test Branch', 'Test Address');

INSERT INTO users (name, username, email, password, role, branch_id)
VALUES 
  ('Admin Test', 'admin', '[email protected]', '$2a$10$...', 'admin', 1),
  ('Doctor Test', 'doctor', '[email protected]', '$2a$10$...', 'doctor', 1),
  ('Secretary Test', 'secretary', '[email protected]', '$2a$10$...', 'secretary', 1);

-- Test patients
INSERT INTO patients (medrecno, first_name, last_name, cedula, branch_id)
VALUES 
  (1001, 'Test', 'Patient', '001-0000000-0', 1);

Unit Testing

For future implementation, consider testing: Utilities and Pure Functions 
// Example: Test permission checking
import { hasPermission, PERMISSIONS } from '$lib/permissions';

test('admin has all permissions', () => {
  expect(hasPermission('admin', PERMISSIONS.VIEW_PATIENTS)).toBe(true);
  expect(hasPermission('admin', PERMISSIONS.MANAGE_USERS)).toBe(true);
});

test('secretary cannot manage users', () => {
  expect(hasPermission('secretary', PERMISSIONS.MANAGE_USERS)).toBe(false);
});
Validation Schemas 
// Example: Test Zod schemas
import { patientSchema } from '$lib/schemas';

test('patient schema validates required fields', () => {
  const invalidPatient = { first_name: 'John' }; // missing last_name
  expect(() => patientSchema.parse(invalidPatient)).toThrow();
  
  const validPatient = { 
    first_name: 'John', 
    last_name: 'Doe',
    medrecno: 1001 
  };
  expect(() => patientSchema.parse(validPatient)).not.toThrow();
});

Integration Testing

Recommended tools:
  • Vitest - Fast unit testing framework
  • Playwright - End-to-end testing
  • Testing Library - Component testing
Example integration test structure: 
// tests/api/patients.test.js
import { expect, test } from 'vitest';
import { pool } from '$lib/server/db';

test('GET /api/patients returns patient list', async () => {
  // Setup
  const response = await fetch('http://localhost:5173/api/patients');
  const data = await response.json();
  
  // Assert
  expect(response.status).toBe(200);
  expect(Array.isArray(data.patients)).toBe(true);
});

test('POST /api/patients creates new patient', async () => {
  const newPatient = {
    first_name: 'Test',
    last_name: 'Patient',
    medrecno: 9999,
    cedula: '999-9999999-9'
  };
  
  const response = await fetch('http://localhost:5173/api/patients', {
    method: 'POST',
    headers: { 'Content-Type': 'application/json' },
    body: JSON.stringify(newPatient)
  });
  
  expect(response.status).toBe(201);
  
  // Cleanup
  await pool.query('DELETE FROM patients WHERE medrecno = ?', [9999]);
});

End-to-End Testing

Example Playwright test: 
// tests/e2e/login.spec.js
import { test, expect } from '@playwright/test';

test('user can log in', async ({ page }) => {
  await page.goto('http://localhost:5173/login');
  
  await page.fill('input[name="username"]', 'admin');
  await page.fill('input[name="password"]', 'admin123');
  await page.click('button[type="submit"]');
  
  await expect(page).toHaveURL('http://localhost:5173/dashboard');
  await expect(page.locator('h1')).toContainText('Dashboard');
});

test('invalid credentials show error', async ({ page }) => {
  await page.goto('http://localhost:5173/login');
  
  await page.fill('input[name="username"]', 'invalid');
  await page.fill('input[name="password"]', 'wrong');
  await page.click('button[type="submit"]');
  
  await expect(page.locator('.error-message')).toBeVisible();
});

Setting Up Automated Tests

To implement automated testing:
1

Install Testing Dependencies

npm install -D vitest @testing-library/svelte @playwright/test
2

Configure Vitest

Add to vite.config.js:
import { defineConfig } from 'vite';
import { svelte } from '@sveltejs/vite-plugin-svelte';

export default defineConfig({
  plugins: [svelte()],
  test: {
    include: ['tests/**/*.test.js'],
    globals: true,
    environment: 'jsdom'
  }
});
3

Add Test Scripts

Update package.json:
{
  "scripts": {
    "test": "vitest",
    "test:ui": "vitest --ui",
    "test:e2e": "playwright test"
  }
}
4

Create Test Files

Organize tests in a tests/ directory:
tests/
├── unit/
│   ├── permissions.test.js
│   └── schemas.test.js
├── integration/
│   ├── api/
│   │   ├── patients.test.js
│   │   └── appointments.test.js
└── e2e/
    ├── login.spec.js
    └── patient-management.spec.js

Performance Testing

Monitor application performance:
  • Database Query Performance: Use EXPLAIN to analyze slow queries
  • Page Load Time: Use browser DevTools Network tab
  • Bundle Size: Check build output size after npm run build
  • Lighthouse Scores: Run Chrome Lighthouse for performance metrics
# Build and check bundle size
npm run build
du -sh build/*

Security Testing

  • Verify all queries use parameterized statements
  • Test inputs with SQL injection payloads
  • Use tools like SQLMap for automated testing
  • Test password hashing (bcrypt)
  • Verify session management
  • Test logout functionality
  • Check for session fixation vulnerabilities
  • Verify permission checks on all routes
  • Test role-based access control
  • Attempt to access restricted resources
  • Check for privilege escalation
  • Test all forms with invalid data
  • Check XSS prevention
  • Verify file upload restrictions
  • Test rate limiting (if implemented)

Continuous Integration

For CI/CD pipelines, run: 
# Type checking
npm run check

# Build verification
npm run build

# Run tests (when implemented)
npm test

# E2E tests (when implemented)
npm run test:e2e

Next Steps

Deployment

Learn how to deploy to production

Contributing

Contribute to the project

Architecture

Understand the system design

API Reference

Explore the API endpoints

Build docs developers (and LLMs) love

Get started for freeTalk to us