QA Testing Plan: E-Signatures

This document covers QA test cases for the E-Signatures business app located at /business/apps/esignatures. The app supports creating signature requests with document and signer references, tracking request statuses (pending, signed, declined, cancelled, expired), and managing sent/received tabs.

Routes Under Test

Route	Purpose
/business/apps/esignatures	List view with Sent/Received tabs
/business/apps/esignatures/new	Create signature request form (superforms + createRequestSchema)
/business/apps/esignatures/[id]	Request detail with cancel action

Form Actions Reference

Route	Action	Method	Key Fields
/business/apps/esignatures/new	create	POST	document_id, signer_id, message (optional), expires_at (optional)
/business/apps/esignatures/[id]	cancel	POST	(none — uses route param id)

---

1. List View and Tabs

Test ID	Description	Preconditions	Steps	Expected Result	Priority
ESIG-001	List page loads with sent and received requests	User is logged in with existing requests	1. Navigate to /business/apps/esignatures	Page renders with Sent tab active by default. Both sentRequests and receivedRequests data are loaded.	P0
ESIG-002	Sent tab displays correct count	User has sent requests	1. View the Sent tab	Tab label shows “Sent ({count})” matching actual sent requests count.	P1
ESIG-003	Received tab displays correct count	User has received requests	1. Click “Received” tab	Tab label shows “Received ({count})” matching actual received requests count.	P1
ESIG-004	Switch between Sent and Received tabs	User is logged in	1. Click “Received” tab 2. Click “Sent” tab	Tab content toggles correctly. Active tab has primary styling.	P0
ESIG-005	Sent request links navigate to detail	User has sent requests	1. Click a request in the Sent list	Navigates to /business/apps/esignatures/{id}.	P1
ESIG-006	Received request links navigate to sign page	User has received requests	1. Click a request in the Received list	Navigates to /sign/{id}.	P1
ESIG-007	Empty state for sent requests	User has no sent requests	1. View Sent tab	Empty state “No signature requests sent yet.” is shown with CTA “Send your first request”.	P1
ESIG-008	Empty state for received requests	User has no received requests	1. View Received tab	Empty state “No signature requests received.” is shown.	P1
ESIG-009	Unauthenticated user gets empty arrays	User is not logged in	1. Navigate to /business/apps/esignatures	Page loads with empty sentRequests and receivedRequests. No crash.	P1
ESIG-010	Status badges render correct variants	Requests with various statuses exist	1. View request list	signed = default, pending = secondary, declined/cancelled/expired = destructive, other = outline.	P2
ESIG-011	Message preview shown for received requests	Received request has a message field	1. View Received tab	Message text is shown in italics beneath the request info.	P2

2. Create Signature Request

Test ID	Description	Preconditions	Steps	Expected Result	Priority
ESIG-020	Create request with required fields	User is logged in, has valid document and signer IDs	1. Navigate to /business/apps/esignatures/new 2. Fill document_id and signer_id 3. Submit	Request is created. User is redirected to /business/apps/esignatures/{new_id}.	P0
ESIG-021	Create request with optional message	User is logged in	1. Fill required fields + message 2. Submit	Request is created with message persisted.	P1
ESIG-022	Create request with optional expires_at	User is logged in	1. Fill required fields + expires_at 2. Submit	Request is created with expiration date persisted.	P1
ESIG-023	Validation: empty document_id rejected	User is logged in	1. Leave document_id blank 2. Submit	Form returns 400 with error “Document is required”.	P0
ESIG-024	Validation: empty signer_id rejected	User is logged in	1. Leave signer_id blank 2. Submit	Form returns 400 with error “Signer is required”.	P0
ESIG-025	Server error returns message to form	User is logged in, service throws	1. Trigger server error during creation	Form returns 500 with error message via sveltekit-superforms message.	P1
ESIG-026	Unauthenticated create returns 401	User is not logged in	1. POST to ?/create	Returns 401 fail.	P0

3. Request Detail and Cancellation

Test ID	Description	Preconditions	Steps	Expected Result	Priority
ESIG-030	Load request detail page	User is logged in, request exists	1. Navigate to /business/apps/esignatures/{id}	Request detail data loads successfully.	P0
ESIG-031	404 for non-existent request	User is logged in	1. Navigate to /business/apps/esignatures/{invalid_id}	404 error “Signature request not found” is returned.	P0
ESIG-032	Cancel a pending request	User is logged in, request is pending	1. Submit the cancel action	Request is cancelled. User is redirected to /business/apps/esignatures.	P0
ESIG-033	Cancel action requires authentication	User is not logged in	1. POST to ?/cancel	Returns 401 fail.	P1
ESIG-034	Cancel action handles server error	User is logged in, service throws	1. Trigger server error during cancellation	Returns 500 with error message.	P1

4. Signing Flow (Signer Perspective)

Test ID	Description	Preconditions	Steps	Expected Result	Priority
ESIG-040	Signer can view received request detail	User is a signer on a request	1. Navigate to /sign/{id} from received tab	Signing page loads with document details.	P0
ESIG-041	Signer completes signing	User is on the signing page	1. Complete the signing action	Request status updates to “signed”. Audit trail is created.	P0
ESIG-042	Signer declines request	User is on the signing page	1. Decline the signature request	Request status updates to “declined”.	P1
ESIG-043	Expired request cannot be signed	Request has passed expires_at	1. Attempt to sign an expired request	Action is blocked. Status shows “expired”.	P1