Agenda SaaS — Roteiro de Testes QA
Data: 2026-04-16
Fase: S1-S10 — MVP Completo
Ambiente: https://api.agenda.digitalface.dev.br | https://agenda.digitalface.dev.br
1. Health Check
| # |
Teste |
Endpoint |
Esperado |
Status |
| 1.1 |
API responde |
GET https://api.agenda.digitalface.dev.br/health |
{"status":"ok","service":"Agenda"} |
|
| 1.2 |
Frontend acessivel |
GET https://agenda.digitalface.dev.br |
Pagina carrega (pode ser placeholder) |
|
| 1.3 |
TLS valido (API) |
Certificado HTTPS valido |
Let's Encrypt, sem warnings |
|
| 1.4 |
TLS valido (Frontend) |
Certificado HTTPS valido |
Let's Encrypt, sem warnings |
|
| 1.5 |
Docs Swagger |
GET https://api.agenda.digitalface.dev.br/docs |
Swagger UI carrega (env=development) |
|
2. Auth — Registro
| # |
Teste |
Metodo |
Esperado |
Status |
| 2.1 |
Registro valido |
POST /api/v1/auth/register |
201 + access_token + refresh_token |
|
| 2.2 |
Email duplicado |
POST /api/v1/auth/register (mesmo email) |
400 "Email already registered" |
|
| 2.3 |
Slug duplicado |
POST /api/v1/auth/register (mesmo slug) |
400 "Organization slug already taken" |
|
| 2.4 |
Email invalido |
POST com email="invalido" |
422 validation error |
|
| 2.5 |
Campos obrigatorios faltando |
POST sem org_name |
422 validation error |
|
Payload de teste (2.1):
{
"org_name": "Barbearia QA",
"org_slug": "barbearia-qa",
"name": "QA Tester",
"email": "qa@teste.com",
"password": "senha123",
"phone": "82999998888"
}
3. Auth — Login
| # |
Teste |
Metodo |
Esperado |
Status |
| 3.1 |
Login valido |
POST /api/v1/auth/login |
200 + tokens |
|
| 3.2 |
Senha errada |
POST /api/v1/auth/login |
401 "Invalid credentials" |
|
| 3.3 |
Email inexistente |
POST /api/v1/auth/login |
401 "Invalid credentials" |
|
Payload de teste (3.1):
{
"email": "qa@teste.com",
"password": "senha123"
}
4. Auth — Token Refresh
| # |
Teste |
Metodo |
Esperado |
Status |
| 4.1 |
Refresh valido |
POST /api/v1/auth/refresh |
200 + novos tokens |
|
| 4.2 |
Refresh token invalido |
POST com token="lixo" |
401 "Invalid refresh token" |
|
| 4.3 |
Access token como refresh |
POST com access_token |
401 "Invalid refresh token" |
|
Payload de teste (4.1):
{
"refresh_token": "<usar refresh_token do login>"
}
5. Auth — Me (perfil do usuario)
| # |
Teste |
Metodo |
Esperado |
Status |
| 5.1 |
Me com token valido |
GET /api/v1/auth/me + Bearer |
200 + dados do usuario |
|
| 5.2 |
Me sem token |
GET /api/v1/auth/me |
401/403 Unauthorized |
|
| 5.3 |
Me com token expirado |
GET /api/v1/auth/me + token velho |
401 |
|
| 5.4 |
Campos retornados |
Verificar response body |
id, org_id, name, email, role, phone, avatar_url, is_active |
|
| 5.5 |
Role correto |
Apos registro |
role = "owner" |
|
6. Banco de Dados
| # |
Teste |
Como verificar |
Esperado |
Status |
| 6.1 |
12 tabelas criadas |
docker exec agenda_db psql -U agenda -c "\dt" |
organizations, users, services, professionals, professional_services, schedule_rules, schedule_exceptions, clients, appointments, payments, integrations, integration_webhook_logs, alembic_version |
|
| 6.2 |
Org criada apos registro |
SELECT * FROM organizations; |
Registro da org com slug, plan=free |
|
| 6.3 |
User criado apos registro |
SELECT * FROM users; |
User com role=owner, org_id correto |
|
| 6.4 |
UUID como PK |
Verificar formato dos IDs |
UUIDs validos (formato xxxxxxxx-xxxx-...) |
|
| 6.5 |
Timestamps automaticos |
created_at preenchido |
Sim, server_default=now() |
|
7. Docker / Infra
| # |
Teste |
Como verificar |
Esperado |
Status |
| 7.1 |
6 containers rodando |
docker ps \| grep agenda |
agenda_backend, agenda_frontend, agenda_db, agenda_redis, agenda_celery, agenda_celery_beat |
|
| 7.2 |
DB healthy |
docker inspect agenda_db --format='{{.State.Health.Status}}' |
healthy |
|
| 7.3 |
Redis healthy |
docker inspect agenda_redis --format='{{.State.Health.Status}}' |
healthy |
|
| 7.4 |
Backend logs limpos |
docker logs agenda_backend --tail 20 |
Sem errors, uvicorn started |
|
| 7.5 |
Celery conectado |
docker logs agenda_celery --tail 10 |
Connected to redis, ready |
|
| 7.6 |
Traefik routing |
Ambos dominios resolvem |
TLS + routing OK |
|
8. CORS
| # |
Teste |
Como verificar |
Esperado |
Status |
| 8.1 |
Preflight OPTIONS |
curl -I -X OPTIONS https://api.agenda.digitalface.dev.br/health -H "Origin: https://agenda.digitalface.dev.br" |
Access-Control-Allow-Origin presente |
|
9. Fluxo Completo E2E
Execute na ordem:
- Registrar org "Salao Teste" com slug "salao-teste"
- Login com credenciais criadas
- Guardar access_token e refresh_token
- GET /me com access_token — validar dados
- Refresh token — validar novos tokens funcionam
- GET /me com novo access_token — validar ainda funciona
- Acessar https://agenda.digitalface.dev.br — frontend carrega
Ferramentas Sugeridas
- curl ou httpie pra testar endpoints
- Postman/Insomnia pra fluxo completo
- Browser pra validar TLS + frontend
- psql via docker exec pra validar DB
Como executar via curl
# 1. Register
curl -s -X POST https://api.agenda.digitalface.dev.br/api/v1/auth/register \
-H "Content-Type: application/json" \
-d '{"org_name":"Salao QA","org_slug":"salao-qa","name":"QA","email":"qa@test.com","password":"test123"}' | python3 -m json.tool
# 2. Login
curl -s -X POST https://api.agenda.digitalface.dev.br/api/v1/auth/login \
-H "Content-Type: application/json" \
-d '{"email":"qa@test.com","password":"test123"}' | python3 -m json.tool
# 3. Me (substituir TOKEN)
curl -s https://api.agenda.digitalface.dev.br/api/v1/auth/me \
-H "Authorization: Bearer TOKEN" | python3 -m json.tool
# 4. Refresh (substituir REFRESH_TOKEN)
curl -s -X POST https://api.agenda.digitalface.dev.br/api/v1/auth/refresh \
-H "Content-Type: application/json" \
-d '{"refresh_token":"REFRESH_TOKEN"}' | python3 -m json.tool
10. Frontend — Paginas (S3-S10)
| # |
Pagina |
URL |
Verificar |
Status |
| 10.1 |
Landing page |
https://agenda.digitalface.dev.br |
Hero, features, planos, CTAs funcionam |
|
| 10.2 |
Login |
https://agenda.digitalface.dev.br/login |
Form valida, login funciona, redirect /dashboard |
|
| 10.3 |
Signup |
https://agenda.digitalface.dev.br/signup |
Cria org+user, gera slug, redirect /dashboard |
|
| 10.4 |
Dashboard |
/dashboard |
KPI cards carregam, proximos agendamentos listam |
|
| 10.5 |
Servicos |
/services |
CRUD completo: criar, editar, deletar, reordenar |
|
| 10.6 |
Profissionais |
/professionals |
CRUD completo: criar, editar, deletar, associar servicos |
|
| 10.7 |
Horarios |
/schedule |
Selecionar profissional, ver/editar regras semanais, breaks |
|
| 10.8 |
Clientes |
/clients |
Busca, criar, editar, ver historico de agendamentos |
|
| 10.9 |
Calendario |
/calendar |
Ver dia/semana, criar agendamento (stepper completo), status transitions |
|
| 10.10 |
Relatorios |
/reports |
Graficos receita, no-show, servicos populares, clientes inativos |
|
| 10.11 |
Financeiro |
/financeiro |
Extrato mensal, registrar pagamento, cards resumo |
|
| 10.12 |
Configuracoes |
/settings |
Editar org, configurar agendamento, conectar integracoes |
|
| 10.13 |
Booking publico |
/book/{slug} |
Stepper: servico->profissional->horario->dados->confirmacao |
|
| 10.14 |
LGPD banner |
Qualquer pagina |
Banner aparece, "Aceitar" persiste no localStorage |
|
| 10.15 |
PWA |
Adicionar a tela inicial |
manifest.json carrega, icones existem |
|
11. Fluxo E2E Completo (Apos Login)
- Dashboard: verificar KPIs zerados (org nova)
- Servicos: criar "Corte Masculino" (30min, R$45, cor vermelha)
- Servicos: criar "Barba" (20min, R$25, cor azul)
- Profissionais: criar "Carlos Barbeiro"
- Profissionais: associar servicos "Corte" e "Barba" ao Carlos
- Horarios: selecionar Carlos, criar regras seg-sab 08:00-18:00, break 12:00-13:00
- Clientes: criar "Joao Silva" (82999998888)
- Calendario: agendar Corte com Carlos pra Joao amanha as 10:00
- Calendario: verificar agendamento aparece na timeline
- Calendario: confirmar agendamento
- Calendario: concluir agendamento
- Financeiro: registrar pagamento R$45 PIX pra Joao
- Clientes: verificar total_appointments=1, total_spent=45
- Dashboard: verificar KPIs atualizados
- Relatorios: verificar servico popular = Corte
- Booking publico: abrir /book/{slug}, agendar como cliente externo
- Calendario: verificar novo agendamento apareceu (source=web)
12. API Endpoints Completos
| Grupo |
Count |
Prefix |
| Auth |
4 |
/api/v1/auth/ |
| Organization |
3 |
/api/v1/organization/ |
| Services |
5 |
/api/v1/services/ |
| Professionals |
6 |
/api/v1/professionals/ |
| Schedule Rules |
5 |
/api/v1/schedule-rules/ |
| Schedule Exceptions |
4 |
/api/v1/schedule-exceptions/ |
| Availability |
1 |
/api/v1/availability/ |
| Appointments |
9 |
/api/v1/appointments/ |
| Clients |
5 |
/api/v1/clients/ |
| Payments |
4 |
/api/v1/payments/ |
| Reports |
5 |
/api/v1/reports/ |
| Public Booking |
5 |
/api/v1/public/book/ |
| Integrations |
5 |
/api/v1/integrations/ |
| Loyalty |
3 |
/api/v1/loyalty/ |
| Health |
1 |
/health |
| Total |
~65 |
|