375 — should check when user have Invoice basic permission¶
Description¶
Verifies that an employee with the "Invoice basic" user role can see all organization invoices (read-only) but cannot use any row actions, and that Additional Items remains personal-scope.
Preconditions¶
- A signed-in owner who will create the role, plus an invited employee who will receive it.
- Seed data: bank account, client, expenses (owner + employee), 4 invoice drafts/issued invoices across two clients, billable rates, expense templates and one project + task + time record per client.
Steps¶
- As the owner, go to Roles → User roles and add a new user role with the test title, toggle "Invoice basic" on, then save. Expected: the new role appears in the user roles list.
- Assign the new role to the invited employee via API and reset the session.
- Sign in as the employee and open Additional Items. Expected: the page shows the "Additional items", "Flat rates", "Templates" tabs and only the employee's own additional item is listed (1 row).
- Navigate to Finance → Invoices. Expected: the Finance area shows only "Billing statements" and "Invoices" tabs and all 4 organization invoices are visible.
- Inspect the row actions on the invoice list. Expected: the row-action button is not visible on any invoice (0 of 4).
- Open the invoice numbered
YYYY-0001. Expected: the invoice detail opens in read-only state.
Related¶
- Spec:
playwright/tests/integration/permissions.spec.ts(line 341)