Name of Feature: User Analytics
Link to the related user story and pull request(s)
Manual Testing
Detailed instructions on how to use and user test your new feature
- Download the
.env file from the shared google drive, and add it to the root directory.
- Run
./nodebb setup
- Run
npm install
- Run
./nodebb dev
- Log in as admin using username=
admin and password=password123!. 
- Go to the Admin Tab from the Homepage
- Select the users subtab under the Dashboards primary tab. Within this tab, there should be a UserActivity table with 4 fields per user that joined
- Select the User Activity link to expand the table.
- Verify that there are 5 fields per user in this view.
Automated Tests
Link/description of where your added automated tests can be found
Description of what is being tested and why you believe the tests are sufficient for covering the changes that you have made
What is being tested
-
User activity tracking accuracy: These tests validate that the /api/admin/dashboard/user-activity endpoint accurately reflects changes in user post counts when a new topic or post is created. The test first records a user’s initial postCount, creates a new post, and then re-queries the endpoint to confirm that the count increments by exactly one. This ensures the correctness of the server’s aggregation logic for user activity statistics.
-
Handling of inactive users:A separate test confirms that newly created users with no recorded actions (posts, shares, or uploads) are handled gracefully by the system. It verifies that all activity-related fields (postCount, shareCount, and uploadCount) are numeric and default to zero when no data exists. This guarantees consistent API responses and prevents null or undefined values in the dashboard data.
-
Dashboard accessibility and rendering:Multiple tests ensure that the User Activity Dashboard loads correctly for admin users through both standard and parameterized requests. These verify that the rendered HTML includes expected table headers such as “Number of Posts,” “Number of Shares,” and “Number of Uploads.” Additionally, queries with time range parameters (e.g., ?units=days&until=&count=) confirm that date filtering logic functions properly.
-
Authorization and security checks:One test explicitly validates access control by ensuring that non-admin users receive a 403 Forbidden response when attempting to load the /admin/dashboard/user-activity page. This ensures that sensitive administrative data remains inaccessible to regular users.
These tests collectively ensure the functional accuracy, robustness, and access control of the entire Admin Dashboard system. The increment test confirms that user activity metrics update precisely when new posts are created, validating the backend logic that powers the dashboard’s reporting accuracy. The zero-activity test demonstrates that the API handles edge cases gracefully by returning well-typed, predictable data even for users with no recorded activity. Access control is verified through the 403 test, which ensures that only administrators can access analytics data, effectively preventing unauthorized access. Additionally, by testing both standard and parameterized dashboard endpoints, the suite guarantees the reliability of the analytics pages under various query conditions, helping prevent regressions in future updates. The inclusion of multiple dashboard routes—such as logins, users, topics, searches, and user-activity—provides comprehensive coverage, confirming that all admin-facing analytics interfaces load correctly and display essential data components. Together, these tests validate the integrity, usability, and security of the Admin Dashboard’s user activity and analytics features, ensuring administrators receive accurate, complete, and protected insights into user behavior.
Name of Feature: User Analytics
Link to the related user story and pull request(s)
Manual Testing
Detailed instructions on how to use and user test your new feature
.envfile from the shared google drive, and add it to the root directory../nodebb setupnpm install./nodebb devadminand password=password123!.Automated Tests
Link/description of where your added automated tests can be found
Description of what is being tested and why you believe the tests are sufficient for covering the changes that you have made
What is being tested
User activity tracking accuracy: These tests validate that the /api/admin/dashboard/user-activity endpoint accurately reflects changes in user post counts when a new topic or post is created. The test first records a user’s initial postCount, creates a new post, and then re-queries the endpoint to confirm that the count increments by exactly one. This ensures the correctness of the server’s aggregation logic for user activity statistics.
Handling of inactive users:A separate test confirms that newly created users with no recorded actions (posts, shares, or uploads) are handled gracefully by the system. It verifies that all activity-related fields (postCount, shareCount, and uploadCount) are numeric and default to zero when no data exists. This guarantees consistent API responses and prevents null or undefined values in the dashboard data.
Dashboard accessibility and rendering:Multiple tests ensure that the User Activity Dashboard loads correctly for admin users through both standard and parameterized requests. These verify that the rendered HTML includes expected table headers such as “Number of Posts,” “Number of Shares,” and “Number of Uploads.” Additionally, queries with time range parameters (e.g., ?units=days&until=&count=) confirm that date filtering logic functions properly.
Authorization and security checks:One test explicitly validates access control by ensuring that non-admin users receive a 403 Forbidden response when attempting to load the /admin/dashboard/user-activity page. This ensures that sensitive administrative data remains inaccessible to regular users.
These tests collectively ensure the functional accuracy, robustness, and access control of the entire Admin Dashboard system. The increment test confirms that user activity metrics update precisely when new posts are created, validating the backend logic that powers the dashboard’s reporting accuracy. The zero-activity test demonstrates that the API handles edge cases gracefully by returning well-typed, predictable data even for users with no recorded activity. Access control is verified through the 403 test, which ensures that only administrators can access analytics data, effectively preventing unauthorized access. Additionally, by testing both standard and parameterized dashboard endpoints, the suite guarantees the reliability of the analytics pages under various query conditions, helping prevent regressions in future updates. The inclusion of multiple dashboard routes—such as logins, users, topics, searches, and user-activity—provides comprehensive coverage, confirming that all admin-facing analytics interfaces load correctly and display essential data components. Together, these tests validate the integrity, usability, and security of the Admin Dashboard’s user activity and analytics features, ensuring administrators receive accurate, complete, and protected insights into user behavior.