TESTLAB: Internal Testing Database
Security-hardened internal testing database for engineering teams. Manages test plans, test cases with forking, test runs, issues, and compliance archives with full RBAC and audit logging.
A production-grade internal tool for tracking every test that touches an aircraft.
13 data models | 4 roles | Full audit trail | MVP
Figure 1. Dashboard showing active test plans, failure rate trends, open issues, and compliance tests pending sign-off.
01. Why This Exists
When you are building and testing drones, you end up with a mess of spreadsheets, shared documents, and Slack messages trying to track what was tested, what passed, what broke, and what needs retesting. None of that scales, and none of it gives you a proper audit trail when you need to prove compliance.
TESTLAB is a purpose-built internal tool that replaces all of that. It is a structured database where engineering teams can create test plans, write test cases, log test runs with environment data, track issues back to specific runs, and archive everything into immutable compliance records when a testing cycle is complete.
The goal was simple: one place where every test that touches an aircraft gets recorded, tracked, and locked down properly.
02. What It Does
Test Plans and Cases
Create structured test plans with milestones and target dates. Each plan contains test cases with typed parameters, pass criteria, and step-by-step procedures. Cases can be functional, regression, flight, compliance, maintenance, or experimental.
Test Case Forking
Need to re-run a test with different parameters? Fork it. The system tracks a full fork tree up to 5 levels deep, with mandatory fork reasons and full traceability back to the original canonical test case.
Test Runs and Data
Log runs against any test case with environment tags (lab, field, simulation, bench), measured values, flight data, weather conditions, location, and file attachments. Every run is tied to a specific component and logged by a specific user.
Issues and Tracking
Issues are linked directly to test runs and components. Severity levels (critical, high, medium, low), status tracking, assignee management, and resolution notes keep everything accountable and traceable.
Compliance Archives
When every test case in a plan reaches CONCLUDED or WAIVED status, the entire plan can be archived into an immutable compliance record. Archives capture the full snapshot: title, category, outcome, summary, and detailed findings. Once created, archives cannot be modified or deleted. They are permanent records.
Figure 2. Test cases list with type filters, component mapping, run counts, status indicators, and fork tracking.
03. Security and Access Control
This is not a public app. It is an internal tool that handles engineering records, so security was not an afterthought.
Role-Based Access
- ADMIN Full access, user management, session revocation
- QA Full test access, create archives, conclude tests
- ENGINEER Log runs, create/update own issues, read tests
- MANAGER Read-only access across the entire system
04. Tech Stack
- Framework Next.js 14 (App Router, TypeScript)
- Database PostgreSQL 15 via Docker (localhost only)
- ORM Prisma (13 models, 11 enums)
- Auth NextAuth.js (credentials, JWT, role-based)
- Validation Zod schemas on every API route
- Styling TailwindCSS
- Charts Recharts
05. Current Status
The MVP is functional. You can create test plans, write test cases, fork them, log runs with full environment data, track issues, conclude plans, and generate immutable compliance archives. The RBAC system is live, audit logging captures everything, and the security layer is production-grade.
Phase 2 Roadmap
- GitHub webhook integration: auto-create test plans on PR/release events
- GitHub Status API: push test outcomes to commit status checks
- Email notifications for overdue tests and critical issues
- PDF export for archive documents
- Two-factor authentication
- SSO / SAML integration