{"info":{"_postman_id":"acfbaa05-e0fc-4793-8cca-831b7050f16c","name":"API integration testing Assignment","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","toc":[],"description":"<html><head></head><body></body></html>","owner":"54454509","collectionId":"acfbaa05-e0fc-4793-8cca-831b7050f16c","publishedId":"2sBXqQGJ7o","public":true,"customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"},"publishDate":"2026-05-14T14:12:14.000Z"},"item":[{"name":"Admin Login","item":[{"name":"admin_login wrong password","event":[{"listen":"prerequest","script":{"id":"36f03d4a-729b-47bc-b94b-62d00030a387","exec":["var url = \"http://localhost:5000\";\r","pm.collectionVariables.set(\"base_url\",url);\r","\r","var key =\"ROADTOSDET\";\r","pm.collectionVariables.set(\"secret_key\",key);"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"test","script":{"id":"2e7b496d-dae7-4ce4-8a8f-126002083fc8","exec":["var json_data = pm.response.json();","var jsonData = json_data;","pm.test(\"Can not login with wrong password\",","function()","{","    pm.expect(json_data.message).to.contains(\"Password incorrect\");","}",")",""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"2b266039-0106-492e-951c-02cb70761cc8","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\r\n  \"email\": \"admin@dmoney.com\",\r\n  \"password\": \"1278\"\r\n}","options":{"raw":{"language":"json"}}},"url":"/user/login","urlObject":{"path":["user","login"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"2b266039-0106-492e-951c-02cb70761cc8"},{"name":"admin_login","event":[{"listen":"prerequest","script":{"exec":["var url = \"http://localhost:5000\";\r","pm.collectionVariables.set(\"base_url\",url);\r","\r","var key =\"ROADTOSDET\";\r","pm.collectionVariables.set(\"secret_key\",key);"],"type":"text/javascript","packages":{},"requests":{},"id":"36f03d4a-729b-47bc-b94b-62d00030a387"}},{"listen":"test","script":{"exec":["var json_data = pm.response.json();","var jsonData = json_data;","var token = json_data.token;","pm.collectionVariables.set(\"admin_token\",token);","pm.test(\"The User Can Log In Successfully\",","function()","{","    pm.expect(json_data.message).to.contains(\"Login successful\");","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 200', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response indicates success', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    const ok = jsonData.status === true || jsonData.success === true || msg.includes('success') || jsonData.token || jsonData.data && (jsonData.data.token || jsonData.data.access_token);","    pm.expect(Boolean(ok)).to.be.true;","})","","pm.test('[Positive] Token exists and is non-empty string; saved to admin_token', function () {","    const token = jsonData.token || jsonData.access_token || jsonData.data && (jsonData.data.token || jsonData.data.access_token);","    if (token) {","        pm.expect(token).to.be.a('string').and.not.empty;","        pm.environment.set('admin_token', token);","    }","})","","pm.test('[Negative] Status code is not 400', function () {","    pm.expect(pm.response.code).to.not.equal(400);","})","","pm.test('[Negative] Status code is not 401 Unauthorized', function () {","    pm.expect(pm.response.code).to.not.equal(401);","})","","pm.test('[Negative] Status code is not 500 Server Error', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] message field is a string', function () {","    pm.expect(jsonData).to.have.property('message');","    pm.expect(jsonData.message).to.be.a('string').and.not.empty;","})","","pm.test('[Data Integrity] Password is NOT exposed in response', function () {","    const body = pm.response.text().toLowerCase();","    pm.expect(body).to.not.include('\"password\"');","})","","pm.test('[Schema] Token (if present) has JWT shape (3 dot-separated segments)', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    if (token) {","        pm.expect(token).to.be.a('string').and.not.empty;","        const parts = token.split('.');","        pm.expect(parts.length, 'JWT should have 3 segments').to.equal(3);","    }","})","","pm.test('[Negative] Status code is not 422 Unprocessable Entity', function () {","    pm.expect(pm.response.code).to.not.equal(422);","})","","pm.test('[Negative] Status code is not 403 Forbidden', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})","","pm.test('[Edge] Saved admin_token to collection variable', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    if (token) {","        pm.collectionVariables.set('admin_token', token);","        pm.expect(pm.collectionVariables.get('admin_token')).to.equal(token);","    }","})"],"type":"text/javascript","packages":{},"requests":{},"id":"2e7b496d-dae7-4ce4-8a8f-126002083fc8"}}],"id":"fa94d8b1-4984-4c55-a43c-e48196215a38","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\r\n  \"email\": \"admin@dmoney.com\",\r\n  \"password\": \"1234\"\r\n}","options":{"raw":{"language":"json"}}},"url":"/user/login","urlObject":{"path":["user","login"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"fa94d8b1-4984-4c55-a43c-e48196215a38"}],"id":"9711d815-f2e8-4e3f-8c3a-1f4a673f199f","_postman_id":"9711d815-f2e8-4e3f-8c3a-1f4a673f199f","description":""},{"name":"User Creation","item":[{"name":"customer1_creation Without Token","event":[{"listen":"prerequest","script":{"id":"6140deb1-3512-4f7d-aba9-f950d4933d34","exec":["var random_num = _.random(10000000,99999999);\r","pm.collectionVariables.set(\"random_id\", random_num);\r",""],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"test","script":{"id":"e4a4bae6-a489-4fc0-8539-2495eda0f425","exec":["var json_data = pm.response.json();\r","pm.test(\"Can not create without Token\",\r","function()\r","{\r","    pm.expect(json_data.message).to.contains(\"No Token Found!\");\r","}\r",")"],"type":"text/javascript","packages":{},"requests":{}}}],"id":"06c257cc-796e-47c9-a2bb-834e0b93af06","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","value":"application/json","type":"text"},{"key":"X-AUTH-SECRET-KEY","value":"","type":"text"}],"body":{"mode":"raw","raw":"{\r\n  \"name\": \"Alex Stamm\",\r\n  \"email\": \"rakibfr28+@gmail.com\",\r\n  \"password\": \"12345\",\r\n  \"phone_number\": \"018\",\r\n  \"nid\": \"91\",\r\n  \"role\": \"Customer\"\r\n}"},"url":"/user/create","urlObject":{"path":["user","create"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"06c257cc-796e-47c9-a2bb-834e0b93af06"},{"name":"customer1_creation","event":[{"listen":"prerequest","script":{"id":"6140deb1-3512-4f7d-aba9-f950d4933d34","exec":["var random_num = _.random(10000000,99999999);\r","pm.collectionVariables.set(\"random_id\", random_num);"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"test","script":{"id":"e4a4bae6-a489-4fc0-8539-2495eda0f425","exec":["var json_data = pm.response.json();","var jsonData = json_data;","pm.test(\"Customer-1 Creation has been Successful\",","function()","{","    pm.expect(json_data.message).to.contains(\"User created\");","}",")","","","var id = json_data.user.id;","var email = json_data.user.email;","var phn = json_data.user.phone_number;","","pm.collectionVariables.set(\"customer1_id\", id);","pm.collectionVariables.set(\"customer1_email\", email);","pm.collectionVariables.set(\"customer1_phn\", phn);","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 201', function () {","    pm.expect([","        201","    ]).to.include(pm.response.code);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response contains user id; saved to customer1_id', function () {","    const id = jsonData.id || jsonData._id || jsonData.data && (jsonData.data.id || jsonData.data._id || jsonData.data.user && (jsonData.data.user.id || jsonData.data.user._id));","    if (id) {","        pm.expect(id).to.exist;","        pm.environment.set('customer1_id', id);","    }","})","","pm.test('[Positive] Message indicates user created successfully', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    if (msg)","        pm.expect(msg).to.satisfy(m => m.includes('success') || m.includes('created') || m.includes('registered'));","})","","pm.test('[Negative] Status code is not 400', function () {","    pm.expect(pm.response.code).to.not.equal(400);","})","","pm.test('[Negative] Status code is not 409 Conflict (duplicate)', function () {","    pm.expect(pm.response.code).to.not.equal(409);","})","","pm.test('[Negative] Status code is not 500 Server Error', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain duplicate error', function () {","    const msg = (jsonData.message || jsonData.error || '').toString().toLowerCase();","    pm.expect(msg).to.not.include('duplicate');","})","","// === Added Major Tests ===","pm.test('[Schema] Response has user object with required fields', function () {","    pm.expect(jsonData).to.have.property('user');","    pm.expect(jsonData.user).to.be.an('object');","    pm.expect(jsonData.user).to.have.property('id');","    pm.expect(jsonData.user).to.have.property('email');","    pm.expect(jsonData.user).to.have.property('phone_number');","})","","pm.test('[Data Integrity] user.id is non-null and non-empty', function () {","    const id = jsonData.user && jsonData.user.id;","    pm.expect(id, 'user.id should not be null/undefined').to.not.be.oneOf([null, undefined, '']);","})","","pm.test('[Data Integrity] user.email is a valid email format', function () {","    const email = jsonData.user && jsonData.user.email;","    pm.expect(email).to.be.a('string');","    pm.expect(email).to.match(/^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/);","})","","pm.test('[Data Integrity] user.phone_number is a non-empty string', function () {","    const phn = jsonData.user && jsonData.user.phone_number;","    pm.expect(phn).to.be.a('string').and.not.empty;","})","","pm.test('[Edge] user.role equals expected role (Customer)', function () {","    const role = jsonData.user && jsonData.user.role;","    if (role !== undefined) {","        pm.expect(role).to.equal('Customer');","    }","})","","pm.test('[Data Integrity] Password is NOT exposed in response', function () {","    const body = pm.response.text().toLowerCase();","    pm.expect(body).to.not.include('\"password\"');","})","","pm.test('[Edge] Newly created user defaults to inactive status (if returned)', function () {","    const status = jsonData.user && jsonData.user.status;","    if (status !== undefined) {","        pm.expect(String(status).toLowerCase()).to.not.equal('active');","    }","})","","pm.test('[Negative] Status code is not 422 Unprocessable Entity', function () {","    pm.expect(pm.response.code).to.not.equal(422);","})","","pm.test('[Negative] Status code is not 403 Forbidden', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})","","pm.test('[Edge] Persist user id to collection variable customer1_id', function () {","    const id = jsonData.user && jsonData.user.id;","    if (id !== undefined && id !== null) {","        pm.collectionVariables.set('customer1_id', id);","        pm.expect(pm.collectionVariables.get('customer1_id').toString()).to.equal(id.toString());","    }","})"],"type":"text/javascript","packages":{},"requests":{}}}],"id":"0815b998-924a-47de-a1b5-f92e502a4298","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","value":"application/json","type":"text"},{"key":"Authorization","value":"Bearer ","type":"text"},{"key":"X-AUTH-SECRET-KEY","value":"","type":"text"}],"body":{"mode":"raw","raw":"{\r\n  \"name\": \"Meghan Treutel\",\r\n  \"email\": \"rakibfr28+@gmail.com\",\r\n  \"password\": \"12345\",\r\n  \"phone_number\": \"018\",\r\n  \"nid\": \"91\",\r\n  \"role\": \"Customer\"\r\n}"},"url":"/user/create","urlObject":{"path":["user","create"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"0815b998-924a-47de-a1b5-f92e502a4298"},{"name":"customer2_self_creation with wrong email format","event":[{"listen":"prerequest","script":{"id":"806fe52b-9949-4a78-ace8-c166b4646813","exec":["var random_num = _.random(10000000,99999999);\r","pm.collectionVariables.set(\"random_id\", random_num);"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"test","script":{"id":"5ebf965e-d752-47f3-838e-b60c462374de","exec":["var json_data = pm.response.json();\r","pm.test(\"Can not create without Valid Email\",\r","function()\r","{\r","    pm.expect(json_data.message).to.contains(\"\\\"email\\\" must be a valid email\");\r","}\r",")"],"type":"text/javascript","packages":{},"requests":{}}}],"id":"54eb93e3-7bb9-42e9-9f89-fe8e1797bf91","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\r\n  \"name\": \"Erin Carroll\",\r\n  \"email\": \"rakibfr28+@gmailcom\",\r\n  \"password\": \"12345\",\r\n  \"phone_number\": \"018\",\r\n  \"nid\": \"91\",\r\n  \"role\": \"Customer\"\r\n}"},"url":"/user/register","urlObject":{"path":["user","register"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"54eb93e3-7bb9-42e9-9f89-fe8e1797bf91"},{"name":"customer2_self_creation","event":[{"listen":"prerequest","script":{"id":"806fe52b-9949-4a78-ace8-c166b4646813","exec":["var random_num = _.random(10000000,99999999);\r","pm.collectionVariables.set(\"random_id\", random_num);"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"test","script":{"id":"5ebf965e-d752-47f3-838e-b60c462374de","exec":["var json_data = pm.response.json();","var jsonData = json_data;","pm.test(\"Customer-2 Creation has been Successful\",","function()","{","    pm.expect(json_data.message).to.contains(\"Registration successful\");","}",")","","var id = json_data.user.id;","var email = json_data.user.email;","var phn = json_data.user.phone_number;","","pm.collectionVariables.set(\"customer2_id\", id);","pm.collectionVariables.set(\"customer2_email\", email);","pm.collectionVariables.set(\"customer2_phn\", phn);","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 201', function () {","    pm.expect([","        201","    ]).to.include(pm.response.code);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response contains user id; saved to customer2_id', function () {","    const id = jsonData.id || jsonData._id || jsonData.data && (jsonData.data.id || jsonData.data._id || jsonData.data.user && (jsonData.data.user.id || jsonData.data.user._id));","    if (id) {","        pm.expect(id).to.exist;","        pm.environment.set('customer2_id', id);","    }","})","","pm.test('[Positive] Message indicates registration success', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    if (msg)","        pm.expect(msg).to.satisfy(m => m.includes('success') || m.includes('registered') || m.includes('created'));","})","","pm.test('[Negative] Status code is not 400', function () {","    pm.expect(pm.response.code).to.not.equal(400);","})","","pm.test('[Negative] Status code is not 409 Conflict', function () {","    pm.expect(pm.response.code).to.not.equal(409);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] Response has user object with required fields', function () {","    pm.expect(jsonData).to.have.property('user');","    pm.expect(jsonData.user).to.be.an('object');","    pm.expect(jsonData.user).to.have.property('id');","    pm.expect(jsonData.user).to.have.property('email');","    pm.expect(jsonData.user).to.have.property('phone_number');","})","","pm.test('[Data Integrity] user.id is non-null and non-empty', function () {","    const id = jsonData.user && jsonData.user.id;","    pm.expect(id, 'user.id should not be null/undefined').to.not.be.oneOf([null, undefined, '']);","})","","pm.test('[Data Integrity] user.email is a valid email format', function () {","    const email = jsonData.user && jsonData.user.email;","    pm.expect(email).to.be.a('string');","    pm.expect(email).to.match(/^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/);","})","","pm.test('[Data Integrity] user.phone_number is a non-empty string', function () {","    const phn = jsonData.user && jsonData.user.phone_number;","    pm.expect(phn).to.be.a('string').and.not.empty;","})","","pm.test('[Edge] user.role equals expected role (Customer)', function () {","    const role = jsonData.user && jsonData.user.role;","    if (role !== undefined) {","        pm.expect(role).to.equal('Customer');","    }","})","","pm.test('[Data Integrity] Password is NOT exposed in response', function () {","    const body = pm.response.text().toLowerCase();","    pm.expect(body).to.not.include('\"password\"');","})","","pm.test('[Edge] Newly created user defaults to inactive status (if returned)', function () {","    const status = jsonData.user && jsonData.user.status;","    if (status !== undefined) {","        pm.expect(String(status).toLowerCase()).to.not.equal('active');","    }","})","","pm.test('[Negative] Status code is not 422 Unprocessable Entity', function () {","    pm.expect(pm.response.code).to.not.equal(422);","})","","pm.test('[Negative] Status code is not 403 Forbidden', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})","","pm.test('[Edge] Persist user id to collection variable customer2_id', function () {","    const id = jsonData.user && jsonData.user.id;","    if (id !== undefined && id !== null) {","        pm.collectionVariables.set('customer2_id', id);","        pm.expect(pm.collectionVariables.get('customer2_id').toString()).to.equal(id.toString());","    }","})"],"type":"text/javascript","packages":{},"requests":{}}}],"id":"e67a0c40-ba9b-4360-86df-7656b3fca96a","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\r\n  \"name\": \"Troy Greenholt\",\r\n  \"email\": \"rakibfr28+@gmail.com\",\r\n  \"password\": \"12345\",\r\n  \"phone_number\": \"018\",\r\n  \"nid\": \"91\",\r\n  \"role\": \"Customer\"\r\n}"},"url":"/user/register","urlObject":{"path":["user","register"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"e67a0c40-ba9b-4360-86df-7656b3fca96a"},{"name":"customer3_self_creation","event":[{"listen":"prerequest","script":{"id":"806fe52b-9949-4a78-ace8-c166b4646813","exec":["var random_num = _.random(10000000,99999999);\r","pm.collectionVariables.set(\"random_id\", random_num);"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"test","script":{"id":"5ebf965e-d752-47f3-838e-b60c462374de","exec":["var json_data = pm.response.json();","var jsonData = json_data;","pm.test(\"Customer-3 Creation has been Successful\",","function()","{","    pm.expect(json_data.message).to.contains(\"Registration successful\");","}",")","","var id = json_data.user.id;","var email = json_data.user.email;","var phn = json_data.user.phone_number;","","pm.collectionVariables.set(\"customer3_id\", id);","pm.collectionVariables.set(\"customer3_email\", email);","pm.collectionVariables.set(\"customer3_phn\", phn);",""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"9da94316-4b6b-4b2a-86ed-14092286ade5","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\r\n  \"name\": \"Rudolph Kuvalis\",\r\n  \"email\": \"rakibfr28+@gmail.com\",\r\n  \"password\": \"12345\",\r\n  \"phone_number\": \"018\",\r\n  \"nid\": \"91\",\r\n  \"role\": \"Customer\"\r\n}"},"url":"/user/register","urlObject":{"path":["user","register"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"9da94316-4b6b-4b2a-86ed-14092286ade5"},{"name":"agent_creation","event":[{"listen":"prerequest","script":{"id":"99089513-bd2b-499d-b6a6-7cd8ac813e8c","exec":["var random_num = _.random(10000000,99999999);\r","pm.collectionVariables.set(\"random_id\", random_num);"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"test","script":{"id":"baeecf7a-80fc-4f4c-9b71-712f79e1f552","exec":["var json_data = pm.response.json();","var jsonData = json_data;","pm.test(\"Agent Creation has been Successful\",","function()","{","    pm.expect(json_data.message).to.contains(\"User created\");","}",")","","var id = json_data.user.id;","var email = json_data.user.email;","var phn = json_data.user.phone_number;","","pm.collectionVariables.set(\"agent_id\", id);","pm.collectionVariables.set(\"agent_email\", email);","pm.collectionVariables.set(\"agent_phn\", phn);","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 200 or 201', function () {","    pm.expect([","        201","    ]).to.include(pm.response.code);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response contains user id; saved to agent_id', function () {","    const id = jsonData.id || jsonData._id || jsonData.data && (jsonData.data.id || jsonData.data._id || jsonData.data.user && (jsonData.data.user.id || jsonData.data.user._id));","    if (id) {","        pm.expect(id).to.exist;","        pm.environment.set('agent_id', id);","    }","})","","pm.test('[Positive] Message indicates user created successfully', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    if (msg)","        pm.expect(msg).to.satisfy(m => m.includes('success') || m.includes('created') || m.includes('registered'));","})","","pm.test('[Negative] Status code is not 400', function () {","    pm.expect(pm.response.code).to.not.equal(400);","})","","pm.test('[Negative] Status code is not 409 Conflict (duplicate)', function () {","    pm.expect(pm.response.code).to.not.equal(409);","})","","pm.test('[Negative] Status code is not 500 Server Error', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain duplicate error', function () {","    const msg = (jsonData.message || jsonData.error || '').toString().toLowerCase();","    pm.expect(msg).to.not.include('duplicate');","})","","// === Added Major Tests ===","pm.test('[Schema] Response has user object with required fields', function () {","    pm.expect(jsonData).to.have.property('user');","    pm.expect(jsonData.user).to.be.an('object');","    pm.expect(jsonData.user).to.have.property('id');","    pm.expect(jsonData.user).to.have.property('email');","    pm.expect(jsonData.user).to.have.property('phone_number');","})","","pm.test('[Data Integrity] user.id is non-null and non-empty', function () {","    const id = jsonData.user && jsonData.user.id;","    pm.expect(id, 'user.id should not be null/undefined').to.not.be.oneOf([null, undefined, '']);","})","","pm.test('[Data Integrity] user.email is a valid email format', function () {","    const email = jsonData.user && jsonData.user.email;","    pm.expect(email).to.be.a('string');","    pm.expect(email).to.match(/^[^\\s@]+@[^\\s@]+\\.[^\\s@]+$/);","})","","pm.test('[Data Integrity] user.phone_number is a non-empty string', function () {","    const phn = jsonData.user && jsonData.user.phone_number;","    pm.expect(phn).to.be.a('string').and.not.empty;","})","","pm.test('[Edge] user.role equals expected role (Agent)', function () {","    const role = jsonData.user && jsonData.user.role;","    if (role !== undefined) {","        pm.expect(role).to.equal('Agent');","    }","})","","pm.test('[Data Integrity] Password is NOT exposed in response', function () {","    const body = pm.response.text().toLowerCase();","    pm.expect(body).to.not.include('\"password\"');","})","","pm.test('[Edge] Newly created user defaults to inactive status (if returned)', function () {","    const status = jsonData.user && jsonData.user.status;","    if (status !== undefined) {","        pm.expect(String(status).toLowerCase()).to.not.equal('active');","    }","})","","pm.test('[Negative] Status code is not 422 Unprocessable Entity', function () {","    pm.expect(pm.response.code).to.not.equal(422);","})","","pm.test('[Negative] Status code is not 403 Forbidden', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})","","pm.test('[Edge] Persist user id to collection variable agent_id', function () {","    const id = jsonData.user && jsonData.user.id;","    if (id !== undefined && id !== null) {","        pm.collectionVariables.set('agent_id', id);","        pm.expect(pm.collectionVariables.get('agent_id').toString()).to.equal(id.toString());","    }","})"],"type":"text/javascript","packages":{},"requests":{}}}],"id":"1426fe3e-eea5-4f9d-9aeb-e4515c3f9dec","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","value":"application/json","type":"text"},{"key":"Authorization","value":"Bearer ","type":"text"},{"key":"X-AUTH-SECRET-KEY","value":"","type":"text"}],"body":{"mode":"raw","raw":"{\r\n  \"name\": \"Wesley Ledner\",\r\n  \"email\": \"rakibfr28+@gmail.com\",\r\n  \"password\": \"12345\",\r\n  \"phone_number\": \"018\",\r\n  \"nid\": \"91\",\r\n  \"role\": \"Agent\"\r\n}"},"url":"/user/create","urlObject":{"path":["user","create"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"1426fe3e-eea5-4f9d-9aeb-e4515c3f9dec"}],"id":"e3f572b1-3ebf-4a17-8056-319e55f8f3ea","_postman_id":"e3f572b1-3ebf-4a17-8056-319e55f8f3ea","description":""},{"name":"User Activation","item":[{"name":"activate_agent","event":[{"listen":"test","script":{"id":"5097c841-3757-4f74-b261-5cd5e1f8b546","exec":["var json_data = pm.response.json();","var jsonData = json_data;","pm.test(\"Agent Activation has been Successful\",","function()","{","    pm.expect(json_data.message).to.contains(\"User updated successfully\");","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 200', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response indicates user activated/updated', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    if (msg)","        pm.expect(msg).to.satisfy(m => m.includes('success') || m.includes('activat') || m.includes('updat'));","})","","pm.test('[Negative] Status code is not 404 Not Found', function () {","    pm.expect(pm.response.code).to.not.equal(404);","})","","pm.test('[Negative] Status code is not 400', function () {","    pm.expect(pm.response.code).to.not.equal(400);","})","","pm.test('[Negative] Status code is not 500', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] message field is a string', function () {","    pm.expect(jsonData).to.have.property('message');","    pm.expect(jsonData.message).to.be.a('string').and.not.empty;","})","","pm.test('[Data Integrity] If user object returned, status is active', function () {","    const user = jsonData.user || jsonData.data || null;","    if (user && user.status !== undefined) {","        pm.expect(String(user.status).toLowerCase()).to.equal('active');","    }","})","","pm.test('[Edge] Updated user id matches the requested id (agent_id)', function () {","    const expected = pm.collectionVariables.get('agent_id');","    const id = (jsonData.user && jsonData.user.id) || (jsonData.data && jsonData.data.id);","    if (id !== undefined && expected) {","        pm.expect(id.toString()).to.equal(expected.toString());","    }","})","","pm.test('[Edge] Status code is exactly 200 (not 201)', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Negative] Status code is not 422', function () {","    pm.expect(pm.response.code).to.not.equal(422);","})","","pm.test('[Negative] Status code is not 403 Forbidden (admin token authorized)', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})","","pm.test('[Data Integrity] Password is NOT exposed in response', function () {","    const body = pm.response.text().toLowerCase();","    pm.expect(body).to.not.include('\"password\"');","})"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"25b4c6f0-05c7-4b5b-be9a-b3634850589b","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"6e57302d-fb84-4341-b025-304c8f25434e","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"PATCH","header":[{"key":"Content-Type","value":"application/json","type":"text"},{"key":"Authorization","value":"Bearer ","type":"text"},{"key":"X-AUTH-SECRET-KEY","value":"","type":"text"}],"body":{"mode":"raw","raw":"{\r\n    \"status\": \"active\"\r\n}","options":{"raw":{"language":"json"}}},"url":"/user/update/","urlObject":{"path":["user","update",""],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"6e57302d-fb84-4341-b025-304c8f25434e"},{"name":"activate_customer1","event":[{"listen":"test","script":{"id":"5023e647-dda8-45f3-8eae-539cda1b7e53","exec":["var json_data = pm.response.json();","var jsonData = json_data;","pm.test(\"Customer-1 Activation has been Successful\",","function()","{","    pm.expect(json_data.message).to.contains(\"User updated successfully\");","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 200', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response indicates user activated/updated', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    if (msg)","        pm.expect(msg).to.satisfy(m => m.includes('success') || m.includes('activat') || m.includes('updat'));","})","","pm.test('[Negative] Status code is not 404 Not Found', function () {","    pm.expect(pm.response.code).to.not.equal(404);","})","","pm.test('[Negative] Status code is not 400', function () {","    pm.expect(pm.response.code).to.not.equal(400);","})","","pm.test('[Negative] Status code is not 500', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] message field is a string', function () {","    pm.expect(jsonData).to.have.property('message');","    pm.expect(jsonData.message).to.be.a('string').and.not.empty;","})","","pm.test('[Data Integrity] If user object returned, status is active', function () {","    const user = jsonData.user || jsonData.data || null;","    if (user && user.status !== undefined) {","        pm.expect(String(user.status).toLowerCase()).to.equal('active');","    }","})","","pm.test('[Edge] Updated user id matches the requested id (customer1_id)', function () {","    const expected = pm.collectionVariables.get('customer1_id');","    const id = (jsonData.user && jsonData.user.id) || (jsonData.data && jsonData.data.id);","    if (id !== undefined && expected) {","        pm.expect(id.toString()).to.equal(expected.toString());","    }","})","","pm.test('[Edge] Status code is exactly 200 (not 201)', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Negative] Status code is not 422', function () {","    pm.expect(pm.response.code).to.not.equal(422);","})","","pm.test('[Negative] Status code is not 403 Forbidden (admin token authorized)', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})","","pm.test('[Data Integrity] Password is NOT exposed in response', function () {","    const body = pm.response.text().toLowerCase();","    pm.expect(body).to.not.include('\"password\"');","})"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"92c1b069-6602-4ded-9ac5-ba2503fa89bd","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"8395a39c-d476-4dcc-87ef-2a6d2f639692","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"PATCH","header":[{"key":"Content-Type","value":"application/json","type":"text"},{"key":"Authorization","value":"Bearer ","type":"text"},{"key":"X-AUTH-SECRET-KEY","value":"","type":"text"}],"body":{"mode":"raw","raw":"{\r\n    \"status\": \"active\"\r\n}","options":{"raw":{"language":"json"}}},"url":"/user/update/","urlObject":{"path":["user","update",""],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"8395a39c-d476-4dcc-87ef-2a6d2f639692"},{"name":"activate_customer2","event":[{"listen":"test","script":{"id":"10fa7e04-bb76-4d32-abf9-29988c5c7cba","exec":["var json_data = pm.response.json();","var jsonData = json_data;","pm.test(\"Customer-2 Activation has been Successful\",","function()","{","    pm.expect(json_data.message).to.contains(\"User updated successfully\");","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 200', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response indicates user activated/updated', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    if (msg)","        pm.expect(msg).to.satisfy(m => m.includes('success') || m.includes('activat') || m.includes('updat'));","})","","pm.test('[Negative] Status code is not 404 Not Found', function () {","    pm.expect(pm.response.code).to.not.equal(404);","})","","pm.test('[Negative] Status code is not 400', function () {","    pm.expect(pm.response.code).to.not.equal(400);","})","","pm.test('[Negative] Status code is not 500', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] message field is a string', function () {","    pm.expect(jsonData).to.have.property('message');","    pm.expect(jsonData.message).to.be.a('string').and.not.empty;","})","","pm.test('[Data Integrity] If user object returned, status is active', function () {","    const user = jsonData.user || jsonData.data || null;","    if (user && user.status !== undefined) {","        pm.expect(String(user.status).toLowerCase()).to.equal('active');","    }","})","","pm.test('[Edge] Updated user id matches the requested id (customer2_id)', function () {","    const expected = pm.collectionVariables.get('customer2_id');","    const id = (jsonData.user && jsonData.user.id) || (jsonData.data && jsonData.data.id);","    if (id !== undefined && expected) {","        pm.expect(id.toString()).to.equal(expected.toString());","    }","})","","pm.test('[Edge] Status code is exactly 200 (not 201)', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Negative] Status code is not 422', function () {","    pm.expect(pm.response.code).to.not.equal(422);","})","","pm.test('[Negative] Status code is not 403 Forbidden (admin token authorized)', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})","","pm.test('[Data Integrity] Password is NOT exposed in response', function () {","    const body = pm.response.text().toLowerCase();","    pm.expect(body).to.not.include('\"password\"');","})"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"86b2b565-e819-407b-b96f-e805584bd6f2","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"7fc7e730-0614-4d51-8e2d-41a5d5e1b1ad","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"PATCH","header":[{"key":"Content-Type","value":"application/json","type":"text"},{"key":"Authorization","value":"Bearer ","type":"text"},{"key":"X-AUTH-SECRET-KEY","value":"","type":"text"}],"body":{"mode":"raw","raw":"{\r\n    \"status\": \"active\"\r\n}","options":{"raw":{"language":"json"}}},"url":"/user/update/","urlObject":{"path":["user","update",""],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"7fc7e730-0614-4d51-8e2d-41a5d5e1b1ad"}],"id":"cd9b20cb-9fab-44d3-ac5b-a97adb80c714","_postman_id":"cd9b20cb-9fab-44d3-ac5b-a97adb80c714","description":""},{"name":"System to Agent","item":[{"name":"system_login","event":[{"listen":"test","script":{"id":"1740d7d7-e03d-4a8a-a509-db59eed3fb6d","exec":["var json_data = pm.response.json();","var jsonData = json_data;","var token = json_data.token;","pm.collectionVariables.set(\"system_token\",token);","pm.test(\"SYSTEM LOGIN has been Successful\",","function()","{","    pm.expect(json_data.message).to.contains(\"Login successful\");","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 200', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response indicates success', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    const ok = jsonData.status === true || jsonData.success === true || msg.includes('success') || jsonData.token || jsonData.data && (jsonData.data.token || jsonData.data.access_token);","    pm.expect(Boolean(ok)).to.be.true;","})","","pm.test('[Positive] Token exists and is non-empty string; saved to system_token', function () {","    const token = jsonData.token || jsonData.access_token || jsonData.data && (jsonData.data.token || jsonData.data.access_token);","    if (token) {","        pm.expect(token).to.be.a('string').and.not.empty;","        pm.environment.set('system_token', token);","    }","})","","pm.test('[Negative] Status code is not 400', function () {","    pm.expect(pm.response.code).to.not.equal(400);","})","","pm.test('[Negative] Status code is not 401 Unauthorized', function () {","    pm.expect(pm.response.code).to.not.equal(401);","})","","pm.test('[Negative] Status code is not 500 Server Error', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] message field is a string', function () {","    pm.expect(jsonData).to.have.property('message');","    pm.expect(jsonData.message).to.be.a('string').and.not.empty;","})","","pm.test('[Data Integrity] Password is NOT exposed in response', function () {","    const body = pm.response.text().toLowerCase();","    pm.expect(body).to.not.include('\"password\"');","})","","pm.test('[Schema] Token (if present) has JWT shape (3 dot-separated segments)', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    if (token) {","        pm.expect(token).to.be.a('string').and.not.empty;","        const parts = token.split('.');","        pm.expect(parts.length, 'JWT should have 3 segments').to.equal(3);","    }","})","","pm.test('[Negative] Status code is not 422 Unprocessable Entity', function () {","    pm.expect(pm.response.code).to.not.equal(422);","})","","pm.test('[Negative] Status code is not 403 Forbidden', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})","","pm.test('[Edge] Saved system_token to collection variable', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    if (token) {","        pm.collectionVariables.set('system_token', token);","        pm.expect(pm.collectionVariables.get('system_token')).to.equal(token);","    }","})"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"e373ef00-4b02-4870-a250-9fd6cc1eaa2b","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"5e5f03c4-a974-4dc6-9550-18edd3200886","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"email\": \"SYSTEM\",\r\n  \"password\": \"1234\"\r\n}","options":{"raw":{"language":"json"}}},"url":"/user/login","urlObject":{"path":["user","login"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"5e5f03c4-a974-4dc6-9550-18edd3200886"},{"name":"system_to_agent_deposit","event":[{"listen":"test","script":{"id":"d5a75044-7048-4ff0-afed-15e050e68b6c","exec":["var json_data = pm.response.json();","var jsonData = json_data;","pm.test(\"SYSTEM deposit to Agent has been Successful\",","function()","{","    pm.expect(json_data.message).to.contains(\"SYSTEM deposit to Agent successful\");","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 201', function () {","    pm.expect(pm.response.code).to.equal(201);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response indicates transaction success', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    const ok = jsonData.status === true || jsonData.success === true || msg.includes('success') || jsonData.transactionId || jsonData.transaction_id || jsonData.amount || jsonData.data && (jsonData.data.transactionId || jsonData.data.amount);","    pm.expect(Boolean(ok)).to.be.true;","})","","pm.test('[Positive] Has transaction id or amount field', function () {","    const tx = jsonData.transactionId || jsonData.transaction_id || jsonData.txId || jsonData.data && (jsonData.data.transactionId || jsonData.data.transaction_id);","    const amt = jsonData.amount || jsonData.data && jsonData.data.amount;","    pm.expect(Boolean(tx || amt)).to.be.true;","})","","pm.test('[Negative] Status code is not 400 (insufficient balance)', function () {","    pm.expect(pm.response.code).to.not.equal(400);","})","","pm.test('[Negative] Status code is not 401 (token valid)', function () {","    pm.expect(pm.response.code).to.not.equal(401);","})","","pm.test('[Negative] Status code is not 500', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] message field is a string', function () {","    pm.expect(jsonData).to.have.property('message');","    pm.expect(jsonData.message).to.be.a('string').and.not.empty;","})","","pm.test('[Data Integrity] Transaction id (trnxId/transactionId) is non-null and non-empty', function () {","    const tx = jsonData.trnxId || jsonData.transactionId || jsonData.transaction_id || jsonData.txId || (jsonData.data && (jsonData.data.trnxId || jsonData.data.transactionId || jsonData.data.transaction_id));","    pm.expect(tx, 'Transaction id should not be null/undefined').to.not.be.oneOf([null, undefined, '']);","    if (tx) pm.expect(String(tx).length, 'Transaction id should be non-empty').to.be.above(0);","})","","pm.test('[Data Integrity] Response amount equals requested amount (5000) when present', function () {","    const amt = jsonData.amount !== undefined ? jsonData.amount : (jsonData.data && jsonData.data.amount);","    if (amt !== undefined && amt !== null) {","        pm.expect(Number(amt)).to.equal(5000);","    }","})","","pm.test('[Data Integrity] Amount (if returned) is numeric (number or numeric string)', function () {","    const amt = jsonData.amount !== undefined ? jsonData.amount : (jsonData.data && jsonData.data.amount);","    if (amt !== undefined && amt !== null) {","        pm.expect(isNaN(Number(amt)), 'amount should be numeric').to.equal(false);","    }","})","","pm.test('[Data Integrity] Balance fields (if returned) are numeric', function () {","    const candidates = ['balance', 'fromBalance', 'toBalance', 'from_balance', 'to_balance', 'sender_balance', 'receiver_balance'];","    candidates.forEach(k => {","        const v = jsonData[k] !== undefined ? jsonData[k] : (jsonData.data && jsonData.data[k]);","        if (v !== undefined && v !== null) {","            pm.expect(isNaN(Number(v)), k + ' should be numeric').to.equal(false);","        }","    });","})","","pm.test('[Edge] from_account in response (if returned) matches agent_phn', function () {","    const expected = pm.collectionVariables.get('agent_phn');","    const from = jsonData.from_account || jsonData.fromAccount || (jsonData.data && (jsonData.data.from_account || jsonData.data.fromAccount));","    if (from !== undefined && expected) {","        pm.expect(String(from)).to.equal(String(expected));","    }","})","","pm.test('[Edge] to_account in response (if returned) matches agent_phn', function () {","    const expected = pm.collectionVariables.get('agent_phn');","    const to = jsonData.to_account || jsonData.toAccount || (jsonData.data && (jsonData.data.to_account || jsonData.data.toAccount));","    if (to !== undefined && expected) {","        pm.expect(String(to)).to.equal(String(expected));","    }","})","","pm.test('[Edge] from_account and to_account must differ', function () {","    const from = jsonData.from_account || jsonData.fromAccount || (jsonData.data && (jsonData.data.from_account || jsonData.data.fromAccount));","    const to = jsonData.to_account || jsonData.toAccount || (jsonData.data && (jsonData.data.to_account || jsonData.data.toAccount));","    if (from && to) {","        pm.expect(String(from)).to.not.equal(String(to));","    }","})","","pm.test('[Data Integrity] Amount in response (if present) is strictly positive', function () {","    const amt = jsonData.amount !== undefined ? jsonData.amount : (jsonData.data && jsonData.data.amount);","    if (amt !== undefined && amt !== null) {","        pm.expect(Number(amt)).to.be.above(0);","    }","})","","pm.test('[Negative] Status code is not 404 (sender/receiver exists)', function () {","    pm.expect(pm.response.code).to.not.equal(404);","})","","pm.test('[Negative] Status code is not 422 (valid payload)', function () {","    pm.expect(pm.response.code).to.not.equal(422);","})","","pm.test('[Negative] Status code is not 409 (no conflict / duplicate)', function () {","    pm.expect(pm.response.code).to.not.equal(409);","})","","pm.test('[Schema] Response message mentions deposit success or contains transaction details', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    const tx = jsonData.trnxId || jsonData.transactionId || jsonData.transaction_id;","    pm.expect(msg.includes('success') || msg.includes('deposit') || Boolean(tx)).to.be.true;","})","","pm.test('[Data Integrity] Password is NOT exposed in response', function () {","    const body = pm.response.text().toLowerCase();","    pm.expect(body).to.not.include('\"password\"');","})"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"82c57acb-4232-467d-bdfe-ecebe03748a1","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"d8783004-6b55-48e0-9844-905878343e74","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"},{"key":"X-AUTH-SECRET-KEY","value":"","type":"text"},{"key":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\r\n  \"from_account\": \"SYSTEM\",\r\n  \"to_account\": \"\",\r\n  \"amount\": 5000\r\n}"},"url":"/transaction/deposit","urlObject":{"path":["transaction","deposit"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"d8783004-6b55-48e0-9844-905878343e74"},{"name":"system_to_NON-EXISTING_deposit","event":[{"listen":"test","script":{"id":"d5a75044-7048-4ff0-afed-15e050e68b6c","exec":["var json_data = pm.response.json();","var jsonData = json_data;","pm.test(\"Can not deposit to non-existing account\",","function()","{","    pm.expect(json_data.message).to.contains(\"To Account does not exist\");","}",")",""],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"82c57acb-4232-467d-bdfe-ecebe03748a1","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"0ce18190-e55c-4244-8179-cab71f8f9008","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"},{"key":"X-AUTH-SECRET-KEY","value":"","type":"text"},{"key":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\r\n  \"from_account\": \"SYSTEM\",\r\n  \"to_account\": \"+5\",\r\n  \"amount\": 5000\r\n}"},"url":"/transaction/deposit","urlObject":{"path":["transaction","deposit"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"0ce18190-e55c-4244-8179-cab71f8f9008"}],"id":"daf99512-39ed-43e1-9cba-71357ee6a3c6","_postman_id":"daf99512-39ed-43e1-9cba-71357ee6a3c6","description":""},{"name":"Agent Login","item":[{"name":"agent_primary_login","event":[{"listen":"test","script":{"id":"3f3108eb-7fef-42d9-a304-69783429563a","exec":["var json_data = pm.response.json();","var jsonData = json_data;","pm.test(\"OTP Sent Successfully\",","function()","{","    pm.expect(json_data.message).to.contains(\"OTP sent to your registered email address\");","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 200', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Token exists and is non-empty string; saved to agent_token', function () {","    const token = jsonData.token || jsonData.access_token || jsonData.data && (jsonData.data.token || jsonData.data.access_token);","    if (token) {","        pm.expect(token).to.be.a('string').and.not.empty;","        pm.environment.set('agent_token', token);","    }","})","","pm.test('[Negative] Status code is not 400', function () {","    pm.expect(pm.response.code).to.not.equal(400);","})","","pm.test('[Negative] Status code is not 401 Unauthorized', function () {","    pm.expect(pm.response.code).to.not.equal(401);","})","","pm.test('[Negative] Status code is not 500 Server Error', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] message field is a string', function () {","    pm.expect(jsonData).to.have.property('message');","    pm.expect(jsonData.message).to.be.a('string').and.not.empty;","})","","pm.test('[Data Integrity] Password is NOT exposed in response', function () {","    const body = pm.response.text().toLowerCase();","    pm.expect(body).to.not.include('\"password\"');","})","","pm.test('[Schema] Token (if present) has JWT shape (3 dot-separated segments)', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    if (token) {","        pm.expect(token).to.be.a('string').and.not.empty;","        const parts = token.split('.');","        pm.expect(parts.length, 'JWT should have 3 segments').to.equal(3);","    }","})","","pm.test('[Negative] Status code is not 422 Unprocessable Entity', function () {","    pm.expect(pm.response.code).to.not.equal(422);","})","","pm.test('[Negative] Status code is not 403 Forbidden', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})","","pm.test('[Edge] Saved agent_token to collection variable', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    if (token) {","        pm.collectionVariables.set('agent_token', token);","        pm.expect(pm.collectionVariables.get('agent_token')).to.equal(token);","    }","})"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"3598c21d-4a6a-4afe-b3fa-45fa8d5f91f8","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"afa0f80c-f899-4cb3-85fe-1846d074eca4","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"email\": \"\",\r\n  \"password\": \"12345\"\r\n}","options":{"raw":{"language":"json"}}},"url":"/user/login","urlObject":{"path":["user","login"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"afa0f80c-f899-4cb3-85fe-1846d074eca4"},{"name":"gmail_list","event":[{"listen":"test","script":{"id":"67ca69fa-4707-4e3a-8aaa-82016daca8ec","exec":["let json_data = pm.response.json();","var jsonData = json_data;","let latest_email_id = json_data.messages[0].id;","pm.collectionVariables.set(\"email_id\", latest_email_id);","pm.test(\"Got Gmail List Successfully\",","function()","{","    pm.response.to.have.status(200);","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 200', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response has \\'messages\\' array', function () {","    if (jsonData.messages !== undefined)","        pm.expect(jsonData.messages).to.be.an('array');","})","","pm.test('[Positive] Messages array has at least 1 item; saved first id to email_id', function () {","    if (Array.isArray(jsonData.messages) && jsonData.messages.length > 0) {","        pm.expect(jsonData.messages.length).to.be.above(0);","        const firstId = jsonData.messages[0].id;","        if (firstId)","            pm.environment.set('email_id', firstId);","    }","})","","pm.test('[Negative] Status code is not 401 Unauthorized', function () {","    pm.expect(pm.response.code).to.not.equal(401);","})","","pm.test('[Negative] Status code is not 403 Forbidden', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})","","pm.test('[Negative] Status code is not 500', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] messages is a non-empty array', function () {","    pm.expect(jsonData).to.have.property('messages');","    pm.expect(jsonData.messages).to.be.an('array').that.is.not.empty;","})","","pm.test('[Schema] Each message has id and threadId', function () {","    pm.expect(jsonData.messages[0]).to.have.property('id');","    if (jsonData.messages[0].threadId !== undefined) {","        pm.expect(jsonData.messages[0].threadId).to.be.a('string').and.not.empty;","    }","})","","pm.test('[Data Integrity] First message id is a non-empty string', function () {","    pm.expect(jsonData.messages[0].id).to.be.a('string').and.not.empty;","})","","pm.test('[Negative] Status code is not 429 Rate Limit', function () {","    pm.expect(pm.response.code).to.not.equal(429);","})"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"6d830de5-d154-4a04-9e4a-805ac7a2d036","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"ca07ba5d-1964-43dc-9e9e-fde7f12fb708","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"https://gmail.googleapis.com/gmail/v1/users/me/messages","urlObject":{"protocol":"https","path":["gmail","v1","users","me","messages"],"host":["gmail","googleapis","com"],"query":[],"variable":[]}},"response":[],"_postman_id":"ca07ba5d-1964-43dc-9e9e-fde7f12fb708"},{"name":"gmail_list without authorization","event":[{"listen":"test","script":{"id":"67ca69fa-4707-4e3a-8aaa-82016daca8ec","exec":["let json_data = pm.response.json();","var jsonData = json_data;","pm.test(\"Unauthorized access should fail\", function () {","    pm.response.to.have.status(401);","});"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"6d830de5-d154-4a04-9e4a-805ac7a2d036","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"7962be33-8a93-4632-9eae-893c6f60bd10","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer afhuhadfb","type":"text"}],"url":"https://gmail.googleapis.com/gmail/v1/users/me/messages","urlObject":{"protocol":"https","path":["gmail","v1","users","me","messages"],"host":["gmail","googleapis","com"],"query":[],"variable":[]}},"response":[],"_postman_id":"7962be33-8a93-4632-9eae-893c6f60bd10"},{"name":"read_email","event":[{"listen":"test","script":{"id":"ba259b8f-f492-4e40-bf5e-3538c5af6fb4","exec":["let json_data = pm.response.json();","var jsonData = json_data;","let snippet = json_data.snippet;","let otp = snippet.match(/(?<=is:\\s*)\\d{4}/)[0];","pm.collectionVariables.set(\"otp\", otp);","pm.test(\"OTP is Extracted Successfully\",","function()","{","    pm.expect(json_data.snippet).to.contains(\"Your One-Time Password (OTP) for DMoney login is:\");","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 200', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response has id field', function () {","    if (jsonData.id !== undefined)","        pm.expect(jsonData.id).to.exist;","})","","pm.test('[Positive] Response has payload or snippet', function () {","    if (jsonData.payload !== undefined || jsonData.snippet !== undefined) {","        pm.expect(jsonData.payload !== undefined || jsonData.snippet !== undefined).to.be.true;","    }","})","","pm.test('[Positive] Extract OTP from snippet/body and save to env \\'otp\\'', function () {","    let textBlob = '';","    if (jsonData.snippet)","        textBlob += jsonData.snippet + ' ';","    try {","        if (jsonData.payload && jsonData.payload.body && jsonData.payload.body.data) {","            const b64 = jsonData.payload.body.data.replace(/-/g, '+').replace(/_/g, '/');","            try {","                textBlob += atob(b64);","            } catch (e) {","            }","        }","        if (jsonData.payload && Array.isArray(jsonData.payload.parts)) {","            jsonData.payload.parts.forEach(p => {","                if (p.body && p.body.data) {","                    const b64 = p.body.data.replace(/-/g, '+').replace(/_/g, '/');","                    try {","                        textBlob += ' ' + atob(b64);","                    } catch (e) {","                    }","                }","            });","        }","    } catch (e) {","    }","    const match = textBlob.match(/\\b(\\d{4,6})\\b/);","    if (match) {","        pm.environment.set('otp', match[1]);","        pm.expect(match[1]).to.match(/^\\d{4,6}$/);","    }","})","","pm.test('[Negative] Status code is not 404 Not Found', function () {","    pm.expect(pm.response.code).to.not.equal(404);","})","","pm.test('[Negative] Status code is not 401', function () {","    pm.expect(pm.response.code).to.not.equal(401);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] Response id matches the requested email_id', function () {","    const expected = pm.collectionVariables.get('email_id');","    if (expected) {","        pm.expect(jsonData.id).to.equal(expected);","    }","})","","pm.test('[Data Integrity] Extracted OTP is exactly 4-6 digits', function () {","    const otp = pm.collectionVariables.get('otp');","    pm.expect(otp, 'OTP must be set').to.exist;","    pm.expect(String(otp)).to.match(/^\\d{4,6}$/);","})","","pm.test('[Edge] OTP is purely numeric (no leading/trailing whitespace)', function () {","    const otp = pm.collectionVariables.get('otp');","    if (otp) {","        pm.expect(String(otp).trim()).to.equal(String(otp));","        pm.expect(isNaN(Number(otp))).to.equal(false);","    }","})","","pm.test('[Schema] snippet (if present) is a string', function () {","    if (jsonData.snippet !== undefined) {","        pm.expect(jsonData.snippet).to.be.a('string');","    }","})","","pm.test('[Negative] Status code is not 429 Rate Limit', function () {","    pm.expect(pm.response.code).to.not.equal(429);","})"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"c3cc96ad-e925-4a86-916e-f5445c1b2743","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"aa0ec38c-44e4-4f57-9ddc-9e9b74c19022","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"https://gmail.googleapis.com/gmail/v1/users/me/messages/","urlObject":{"protocol":"https","path":["gmail","v1","users","me","messages",""],"host":["gmail","googleapis","com"],"query":[],"variable":[]}},"response":[],"_postman_id":"aa0ec38c-44e4-4f57-9ddc-9e9b74c19022"},{"name":"verify_otp","event":[{"listen":"test","script":{"id":"30d344c8-7de5-4cbb-ba92-df2a4214535c","exec":["var json_data = pm.response.json();","var jsonData = json_data;","var token = json_data.token;","pm.collectionVariables.set(\"agent_token\",token);","pm.test(\"The Agent Can Log In Successfully\",","function()","{","    pm.expect(json_data.message).to.contains(\"Login successful\");","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 200', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response contains success message or token', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    const token = jsonData.token || jsonData.access_token || jsonData.data && (jsonData.data.token || jsonData.data.access_token);","    pm.expect(Boolean(msg.includes('success') || token)).to.be.true;","    if (token)","        pm.environment.set('agent_token', token);","})","","pm.test('[Negative] Status code is not 400 (invalid OTP)', function () {","    pm.expect(pm.response.code).to.not.equal(400);","})","","pm.test('[Negative] Status code is not 401 (expired)', function () {","    pm.expect(pm.response.code).to.not.equal(401);","})","","pm.test('[Negative] Status code is not 500', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] message field is a string and indicates login success', function () {","    pm.expect(jsonData).to.have.property('message');","    pm.expect(jsonData.message).to.be.a('string');","    pm.expect(jsonData.message.toLowerCase()).to.include('login successful');","})","","pm.test('[Data Integrity] Token is non-null and non-empty string', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    pm.expect(token, 'Token should not be null/undefined').to.exist;","    pm.expect(token).to.be.a('string').and.not.empty;","})","","pm.test('[Schema] Token has JWT shape (3 dot-separated segments)', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    if (token) {","        pm.expect(token.split('.').length).to.equal(3);","    }","})","","pm.test('[Edge] Token saved to collection variable agent_token', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    if (token) {","        pm.collectionVariables.set('agent_token', token);","        pm.expect(pm.collectionVariables.get('agent_token')).to.equal(token);","    }","})","","pm.test('[Data Integrity] Password is NOT exposed in response', function () {","    const body = pm.response.text().toLowerCase();","    pm.expect(body).to.not.include('\"password\"');","})","","pm.test('[Negative] Status code is not 422 Unprocessable Entity', function () {","    pm.expect(pm.response.code).to.not.equal(422);","})","","pm.test('[Negative] Status code is not 403 Forbidden', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"03d5f0bb-6d5f-4da6-9209-606489544847","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"723df6cd-306b-4a2b-932a-969813ab03b8","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"identifier\": \"\",\r\n  \"otp\": \"\"\r\n}","options":{"raw":{"language":"json"}}},"url":"/user/verify-otp","urlObject":{"path":["user","verify-otp"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"723df6cd-306b-4a2b-932a-969813ab03b8"}],"id":"0ece7c95-3373-421e-a4dd-86f333cca8f0","_postman_id":"0ece7c95-3373-421e-a4dd-86f333cca8f0","description":""},{"name":"Agent to Customer Deposit","item":[{"name":"agent_customer_depo","event":[{"listen":"test","script":{"exec":["var json_data = pm.response.json();","var jsonData = json_data;","var token = json_data.token;","pm.test(\"The Agent Can Deposit Successfully\",","function()","{","    pm.expect(json_data.message).to.contains(\"Deposit successful\");","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 201', function () {","    pm.expect(pm.response.code).to.equal(201);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response indicates transaction success', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    const ok = jsonData.status === true || jsonData.success === true || msg.includes('success') || jsonData.transactionId || jsonData.transaction_id || jsonData.amount || jsonData.data && (jsonData.data.transactionId || jsonData.data.amount);","    pm.expect(Boolean(ok)).to.be.true;","})","","pm.test('[Positive] Has transaction id or amount field', function () {","    const tx = jsonData.transactionId || jsonData.transaction_id || jsonData.trnxId || jsonData.data && (jsonData.data.transactionId || jsonData.data.transaction_id);","    const amt = jsonData.amount || jsonData.data && jsonData.data.amount;","    pm.expect(Boolean(tx || amt)).to.be.true;","})","","pm.test('[Negative] Status code is not 400 (insufficient balance)', function () {","    pm.expect(pm.response.code).to.not.equal(400);","})","","pm.test('[Negative] Status code is not 401 (token valid)', function () {","    pm.expect(pm.response.code).to.not.equal(401);","})","","pm.test('[Negative] Status code is not 500', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] message field is a string', function () {","    pm.expect(jsonData).to.have.property('message');","    pm.expect(jsonData.message).to.be.a('string').and.not.empty;","})","","pm.test('[Data Integrity] Transaction id (trnxId/transactionId) is non-null and non-empty', function () {","    const tx = jsonData.trnxId || jsonData.transactionId || jsonData.transaction_id || jsonData.txId || (jsonData.data && (jsonData.data.trnxId || jsonData.data.transactionId || jsonData.data.transaction_id));","    pm.expect(tx, 'Transaction id should not be null/undefined').to.not.be.oneOf([null, undefined, '']);","    if (tx) pm.expect(String(tx).length, 'Transaction id should be non-empty').to.be.above(0);","})","","pm.test('[Data Integrity] Response amount equals requested amount (2000) when present', function () {","    const amt = jsonData.amount !== undefined ? jsonData.amount : (jsonData.data && jsonData.data.amount);","    if (amt !== undefined && amt !== null) {","        pm.expect(Number(amt)).to.equal(2000);","    }","})","","pm.test('[Data Integrity] Amount (if returned) is numeric (number or numeric string)', function () {","    const amt = jsonData.amount !== undefined ? jsonData.amount : (jsonData.data && jsonData.data.amount);","    if (amt !== undefined && amt !== null) {","        pm.expect(isNaN(Number(amt)), 'amount should be numeric').to.equal(false);","    }","})","","pm.test('[Data Integrity] Balance fields (if returned) are numeric', function () {","    const candidates = ['balance', 'fromBalance', 'toBalance', 'from_balance', 'to_balance', 'sender_balance', 'receiver_balance'];","    candidates.forEach(k => {","        const v = jsonData[k] !== undefined ? jsonData[k] : (jsonData.data && jsonData.data[k]);","        if (v !== undefined && v !== null) {","            pm.expect(isNaN(Number(v)), k + ' should be numeric').to.equal(false);","        }","    });","})","","pm.test('[Edge] from_account in response (if returned) matches agent_phn', function () {","    const expected = pm.collectionVariables.get('agent_phn');","    const from = jsonData.from_account || jsonData.fromAccount || (jsonData.data && (jsonData.data.from_account || jsonData.data.fromAccount));","    if (from !== undefined && expected) {","        pm.expect(String(from)).to.equal(String(expected));","    }","})","","pm.test('[Edge] to_account in response (if returned) matches customer1_phn', function () {","    const expected = pm.collectionVariables.get('customer1_phn');","    const to = jsonData.to_account || jsonData.toAccount || (jsonData.data && (jsonData.data.to_account || jsonData.data.toAccount));","    if (to !== undefined && expected) {","        pm.expect(String(to)).to.equal(String(expected));","    }","})","","pm.test('[Edge] from_account and to_account must differ', function () {","    const from = jsonData.from_account || jsonData.fromAccount || (jsonData.data && (jsonData.data.from_account || jsonData.data.fromAccount));","    const to = jsonData.to_account || jsonData.toAccount || (jsonData.data && (jsonData.data.to_account || jsonData.data.toAccount));","    if (from && to) {","        pm.expect(String(from)).to.not.equal(String(to));","    }","})","","pm.test('[Data Integrity] Amount in response (if present) is strictly positive', function () {","    const amt = jsonData.amount !== undefined ? jsonData.amount : (jsonData.data && jsonData.data.amount);","    if (amt !== undefined && amt !== null) {","        pm.expect(Number(amt)).to.be.above(0);","    }","})","","pm.test('[Negative] Status code is not 404 (sender/receiver exists)', function () {","    pm.expect(pm.response.code).to.not.equal(404);","})","","pm.test('[Negative] Status code is not 422 (valid payload)', function () {","    pm.expect(pm.response.code).to.not.equal(422);","})","","pm.test('[Negative] Status code is not 409 (no conflict / duplicate)', function () {","    pm.expect(pm.response.code).to.not.equal(409);","})","","pm.test('[Schema] Response message mentions deposit success or contains transaction details', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    const tx = jsonData.trnxId || jsonData.transactionId || jsonData.transaction_id;","    pm.expect(msg.includes('success') || msg.includes('deposit') || Boolean(tx)).to.be.true;","})","","pm.test('[Data Integrity] Password is NOT exposed in response', function () {","    const body = pm.response.text().toLowerCase();","    pm.expect(body).to.not.include('\"password\"');","})"],"type":"text/javascript","packages":{},"requests":{},"id":"414ede9c-ecaf-4813-abc1-aa8c75aaf489"}},{"listen":"prerequest","script":{"exec":[""],"type":"text/javascript","packages":{},"requests":{},"id":"04d416ab-7d7a-4cf1-93e7-aaccc6acc3ae"}}],"id":"7d531a5b-2b7e-439b-9a42-0d9db757ba40","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"},{"key":"X-AUTH-SECRET-KEY","value":"","type":"text"},{"key":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\r\n  \"from_account\": \"\",\r\n  \"to_account\": \"\",\r\n  \"amount\": 2000\r\n}"},"url":"/transaction/deposit","urlObject":{"path":["transaction","deposit"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"7d531a5b-2b7e-439b-9a42-0d9db757ba40"},{"name":"agent_customer_depo OUTSIDE LIMITATION","event":[{"listen":"test","script":{"id":"414ede9c-ecaf-4813-abc1-aa8c75aaf489","exec":["var json_data = pm.response.json();","var jsonData = json_data;","var token = json_data.token;","pm.test(\"The Agent Can not Deposit less than minimum or more than maximum limit\",","function()","{","    pm.expect(json_data.message).to.contains(\"Minimum deposit amount is 10 tk and maximum deposit amount is 10000 tk\");","}",")",""],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"04d416ab-7d7a-4cf1-93e7-aaccc6acc3ae","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"3b6b95e8-3a77-4607-aac1-3a53442ba914","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"},{"key":"X-AUTH-SECRET-KEY","value":"","type":"text"},{"key":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\r\n  \"from_account\": \"\",\r\n  \"to_account\": \"\",\r\n  \"amount\": 2000000000\r\n}"},"url":"/transaction/deposit","urlObject":{"path":["transaction","deposit"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"3b6b95e8-3a77-4607-aac1-3a53442ba914"},{"name":"agent_customer_depo to INACTIVE ACCOUNT","event":[{"listen":"test","script":{"id":"414ede9c-ecaf-4813-abc1-aa8c75aaf489","exec":["var json_data = pm.response.json();","var jsonData = json_data;","var token = json_data.token;","pm.test(\"Can not deposit to INACTIVE account\", ","function()","{","    pm.expect(json_data.message).to.contains(\"To account is not active. Please contact admin.\");","}",")",""],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"04d416ab-7d7a-4cf1-93e7-aaccc6acc3ae","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"74d2ad5e-2455-4bd1-9cd9-8f18f860b489","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"},{"key":"X-AUTH-SECRET-KEY","value":"","type":"text"},{"key":"Content-Type","value":"application/json","type":"text"}],"body":{"mode":"raw","raw":"{\r\n  \"from_account\": \"\",\r\n  \"to_account\": \"\",\r\n  \"amount\": 2000\r\n}"},"url":"/transaction/deposit","urlObject":{"path":["transaction","deposit"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"74d2ad5e-2455-4bd1-9cd9-8f18f860b489"}],"id":"49ce1e89-fedc-40de-9c68-bb45b7164843","_postman_id":"49ce1e89-fedc-40de-9c68-bb45b7164843","description":""},{"name":"Customer-1 Login","item":[{"name":"customer1_primary_login","event":[{"listen":"test","script":{"id":"67922a38-b690-4a5d-9f66-0163e7447333","exec":["var json_data = pm.response.json();","var jsonData = json_data;","pm.test(\"OTP Sent Successfully\",","function()","{","    pm.expect(json_data.message).to.contains(\"OTP sent to your registered email address\");","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 200', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response indicates success', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    const ok = jsonData.status === true ","            || jsonData.success === true ","            || msg.includes('success') ","            || msg.includes('otp sent')   // <-- added","            || jsonData.token ","            || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    pm.expect(Boolean(ok)).to.be.true;","})","","pm.test('[Positive] Token exists and is non-empty string; saved to customer1_token', function () {","    const token = jsonData.token || jsonData.access_token || jsonData.data && (jsonData.data.token || jsonData.data.access_token);","    if (token) {","        pm.expect(token).to.be.a('string').and.not.empty;","        pm.environment.set('customer1_token', token);","    }","})","","pm.test('[Negative] Status code is not 400', function () {","    pm.expect(pm.response.code).to.not.equal(400);","})","","pm.test('[Negative] Status code is not 401 Unauthorized', function () {","    pm.expect(pm.response.code).to.not.equal(401);","})","","pm.test('[Negative] Status code is not 500 Server Error', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] message field is a string', function () {","    pm.expect(jsonData).to.have.property('message');","    pm.expect(jsonData.message).to.be.a('string').and.not.empty;","})","","pm.test('[Data Integrity] Password is NOT exposed in response', function () {","    const body = pm.response.text().toLowerCase();","    pm.expect(body).to.not.include('\"password\"');","})","","pm.test('[Schema] Token (if present) has JWT shape (3 dot-separated segments)', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    if (token) {","        pm.expect(token).to.be.a('string').and.not.empty;","        const parts = token.split('.');","        pm.expect(parts.length, 'JWT should have 3 segments').to.equal(3);","    }","})","","pm.test('[Negative] Status code is not 422 Unprocessable Entity', function () {","    pm.expect(pm.response.code).to.not.equal(422);","})","","pm.test('[Negative] Status code is not 403 Forbidden', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})","","pm.test('[Edge] Saved customer1_token to collection variable', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    if (token) {","        pm.collectionVariables.set('customer1_token', token);","        pm.expect(pm.collectionVariables.get('customer1_token')).to.equal(token);","    }","})"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"83c10029-5700-4d7f-a2a7-27e25d947d32","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"c5108e1a-5486-45e8-9e43-ff55d913a6d6","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"email\": \"\",\r\n  \"password\": \"12345\"\r\n}","options":{"raw":{"language":"json"}}},"url":"/user/login","urlObject":{"path":["user","login"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"c5108e1a-5486-45e8-9e43-ff55d913a6d6"},{"name":"gmail_list","event":[{"listen":"test","script":{"id":"92f748a9-64fe-47e3-a0c9-8145bf1b499a","exec":["let json_data = pm.response.json();","var jsonData = json_data;","let latest_email_id = json_data.messages[0].id;","pm.collectionVariables.set(\"email_id\", latest_email_id);","pm.test(\"Got Gmail List Successfully\",","function()","{","    pm.response.to.have.status(200);","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 200', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response has \\'messages\\' array', function () {","    if (jsonData.messages !== undefined)","        pm.expect(jsonData.messages).to.be.an('array');","})","","pm.test('[Positive] Messages array has at least 1 item; saved first id to email_id', function () {","    if (Array.isArray(jsonData.messages) && jsonData.messages.length > 0) {","        pm.expect(jsonData.messages.length).to.be.above(0);","        const firstId = jsonData.messages[0].id;","        if (firstId)","            pm.environment.set('email_id', firstId);","    }","})","","pm.test('[Negative] Status code is not 401 Unauthorized', function () {","    pm.expect(pm.response.code).to.not.equal(401);","})","","pm.test('[Negative] Status code is not 403 Forbidden', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})","","pm.test('[Negative] Status code is not 500', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] messages is a non-empty array', function () {","    pm.expect(jsonData).to.have.property('messages');","    pm.expect(jsonData.messages).to.be.an('array').that.is.not.empty;","})","","pm.test('[Schema] Each message has id and threadId', function () {","    pm.expect(jsonData.messages[0]).to.have.property('id');","    if (jsonData.messages[0].threadId !== undefined) {","        pm.expect(jsonData.messages[0].threadId).to.be.a('string').and.not.empty;","    }","})","","pm.test('[Data Integrity] First message id is a non-empty string', function () {","    pm.expect(jsonData.messages[0].id).to.be.a('string').and.not.empty;","})","","pm.test('[Negative] Status code is not 429 Rate Limit', function () {","    pm.expect(pm.response.code).to.not.equal(429);","})"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"29d6843f-240f-4d8a-88b1-900c56f917c7","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"d76baf0b-875b-42f7-b2ef-b9ec3587703e","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"https://gmail.googleapis.com/gmail/v1/users/me/messages","urlObject":{"protocol":"https","path":["gmail","v1","users","me","messages"],"host":["gmail","googleapis","com"],"query":[],"variable":[]}},"response":[],"_postman_id":"d76baf0b-875b-42f7-b2ef-b9ec3587703e"},{"name":"read_email","event":[{"listen":"test","script":{"id":"a1ed679f-37bf-4736-bae8-7576e0787b55","exec":["let json_data = pm.response.json();","var jsonData = json_data;","let snippet = json_data.snippet;","let otp = snippet.match(/(?<=is:\\s*)\\d{4}/)[0];","pm.collectionVariables.set(\"otp\", otp);","pm.test(\"OTP is Extracted Successfully\",","function()","{","    pm.expect(json_data.snippet).to.contains(\"Your One-Time Password (OTP) for DMoney login is:\");","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 200', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response has id field', function () {","    if (jsonData.id !== undefined)","        pm.expect(jsonData.id).to.exist;","})","","pm.test('[Positive] Response has payload or snippet', function () {","    if (jsonData.payload !== undefined || jsonData.snippet !== undefined) {","        pm.expect(jsonData.payload !== undefined || jsonData.snippet !== undefined).to.be.true;","    }","})","","pm.test('[Positive] Extract OTP from snippet/body and save to env \\'otp\\'', function () {","    let textBlob = '';","    if (jsonData.snippet)","        textBlob += jsonData.snippet + ' ';","    try {","        if (jsonData.payload && jsonData.payload.body && jsonData.payload.body.data) {","            const b64 = jsonData.payload.body.data.replace(/-/g, '+').replace(/_/g, '/');","            try {","                textBlob += atob(b64);","            } catch (e) {","            }","        }","        if (jsonData.payload && Array.isArray(jsonData.payload.parts)) {","            jsonData.payload.parts.forEach(p => {","                if (p.body && p.body.data) {","                    const b64 = p.body.data.replace(/-/g, '+').replace(/_/g, '/');","                    try {","                        textBlob += ' ' + atob(b64);","                    } catch (e) {","                    }","                }","            });","        }","    } catch (e) {","    }","    const match = textBlob.match(/\\b(\\d{4,6})\\b/);","    if (match) {","        pm.environment.set('otp', match[1]);","        pm.expect(match[1]).to.match(/^\\d{4,6}$/);","    }","})","","pm.test('[Negative] Status code is not 404 Not Found', function () {","    pm.expect(pm.response.code).to.not.equal(404);","})","","pm.test('[Negative] Status code is not 401', function () {","    pm.expect(pm.response.code).to.not.equal(401);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] Response id matches the requested email_id', function () {","    const expected = pm.collectionVariables.get('email_id');","    if (expected) {","        pm.expect(jsonData.id).to.equal(expected);","    }","})","","pm.test('[Data Integrity] Extracted OTP is exactly 4-6 digits', function () {","    const otp = pm.collectionVariables.get('otp');","    pm.expect(otp, 'OTP must be set').to.exist;","    pm.expect(String(otp)).to.match(/^\\d{4,6}$/);","})","","pm.test('[Edge] OTP is purely numeric (no leading/trailing whitespace)', function () {","    const otp = pm.collectionVariables.get('otp');","    if (otp) {","        pm.expect(String(otp).trim()).to.equal(String(otp));","        pm.expect(isNaN(Number(otp))).to.equal(false);","    }","})","","pm.test('[Schema] snippet (if present) is a string', function () {","    if (jsonData.snippet !== undefined) {","        pm.expect(jsonData.snippet).to.be.a('string');","    }","})","","pm.test('[Negative] Status code is not 429 Rate Limit', function () {","    pm.expect(pm.response.code).to.not.equal(429);","})"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"c9c293a8-3845-4bae-ab37-2970dbad4cac","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"da4e59ba-a0ad-4222-8d9a-706c597716fc","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"https://gmail.googleapis.com/gmail/v1/users/me/messages/","urlObject":{"protocol":"https","path":["gmail","v1","users","me","messages",""],"host":["gmail","googleapis","com"],"query":[],"variable":[]}},"response":[],"_postman_id":"da4e59ba-a0ad-4222-8d9a-706c597716fc"},{"name":"verify_otp","event":[{"listen":"test","script":{"id":"298ec3b0-495d-4ccd-9cef-17f5e4e92f0f","exec":["var json_data = pm.response.json();","var jsonData = json_data;","var token = json_data.token;","pm.collectionVariables.set(\"customer1_token\",token);","pm.test(\"The Customer-1 Can Log In Successfully\",","function()","{","    pm.expect(json_data.message).to.contains(\"Login successful\");","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 200', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response contains success message or token', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    const token = jsonData.token || jsonData.access_token || jsonData.data && (jsonData.data.token || jsonData.data.access_token);","    pm.expect(Boolean(msg.includes('success') || token)).to.be.true;","    if (token)","        pm.environment.set('customer1_token', token);","})","","pm.test('[Negative] Status code is not 400 (invalid OTP)', function () {","    pm.expect(pm.response.code).to.not.equal(400);","})","","pm.test('[Negative] Status code is not 401 (expired)', function () {","    pm.expect(pm.response.code).to.not.equal(401);","})","","pm.test('[Negative] Status code is not 500', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] message field is a string and indicates login success', function () {","    pm.expect(jsonData).to.have.property('message');","    pm.expect(jsonData.message).to.be.a('string');","    pm.expect(jsonData.message.toLowerCase()).to.include('login successful');","})","","pm.test('[Data Integrity] Token is non-null and non-empty string', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    pm.expect(token, 'Token should not be null/undefined').to.exist;","    pm.expect(token).to.be.a('string').and.not.empty;","})","","pm.test('[Schema] Token has JWT shape (3 dot-separated segments)', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    if (token) {","        pm.expect(token.split('.').length).to.equal(3);","    }","})","","pm.test('[Edge] Token saved to collection variable customer1_token', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    if (token) {","        pm.collectionVariables.set('customer1_token', token);","        pm.expect(pm.collectionVariables.get('customer1_token')).to.equal(token);","    }","})","","pm.test('[Data Integrity] Password is NOT exposed in response', function () {","    const body = pm.response.text().toLowerCase();","    pm.expect(body).to.not.include('\"password\"');","})","","pm.test('[Negative] Status code is not 422 Unprocessable Entity', function () {","    pm.expect(pm.response.code).to.not.equal(422);","})","","pm.test('[Negative] Status code is not 403 Forbidden', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"f6207258-b572-4456-8614-ce329f25a1b4","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"3ef51731-787b-48fc-8647-c10cdc9aadbe","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"identifier\": \"\",\r\n  \"otp\": \"\"\r\n}","options":{"raw":{"language":"json"}}},"url":"/user/verify-otp","urlObject":{"path":["user","verify-otp"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"3ef51731-787b-48fc-8647-c10cdc9aadbe"},{"name":"send_money","event":[{"listen":"test","script":{"exec":["var json_data = pm.response.json();","var jsonData = json_data;","pm.test(\"Customer to Customer Send Money has been Successful\",","function()","{","    pm.expect(json_data.message).to.contains(\"Send money successful\");","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 201', function () {","    pm.expect(pm.response.code).to.equal(201);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Transaction successful with details', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    const ok = jsonData.status === true || jsonData.success === true || msg.includes('success') || jsonData.transactionId || jsonData.transaction_id || jsonData.amount || jsonData.data && (jsonData.data.transactionId || jsonData.data.amount);","    pm.expect(Boolean(ok)).to.be.true;","})","","pm.test('[Positive] Response has transaction details', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    const tx = jsonData.transactionId ","            || jsonData.transaction_id ","            || jsonData.txId ","            || (jsonData.data && (jsonData.data.transactionId || jsonData.data.transaction_id));","    const amt = jsonData.amount || (jsonData.data && jsonData.data.amount);","    const hasSuccessMsg = msg.includes('send money successful') || msg.includes('success');","    pm.expect(Boolean(tx || amt || jsonData.data || hasSuccessMsg)).to.be.true;","})","","pm.test('[Negative] Status code is not 400 (valid amount)', function () {","    pm.expect(pm.response.code).to.not.equal(400);","})","","pm.test('[Negative] Status code is not 401', function () {","    pm.expect(pm.response.code).to.not.equal(401);","})","","pm.test('[Negative] Status code is not 403 (sufficient balance)', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})","","pm.test('[Negative] Status code is not 500', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] message field is a string', function () {","    pm.expect(jsonData).to.have.property('message');","    pm.expect(jsonData.message).to.be.a('string').and.not.empty;","})","","pm.test('[Data Integrity] Transaction id (trnxId/transactionId) is non-null and non-empty', function () {","    const tx = jsonData.trnxId || jsonData.transactionId || jsonData.transaction_id || jsonData.txId || (jsonData.data && (jsonData.data.trnxId || jsonData.data.transactionId || jsonData.data.transaction_id));","    pm.expect(tx, 'Transaction id should not be null/undefined').to.not.be.oneOf([null, undefined, '']);","    if (tx) pm.expect(String(tx).length, 'Transaction id should be non-empty').to.be.above(0);","})","","pm.test('[Data Integrity] Response amount equals requested amount (1000) when present', function () {","    const amt = jsonData.amount !== undefined ? jsonData.amount : (jsonData.data && jsonData.data.amount);","    if (amt !== undefined && amt !== null) {","        pm.expect(Number(amt)).to.equal(1000);","    }","})","","pm.test('[Data Integrity] Amount (if returned) is numeric (number or numeric string)', function () {","    const amt = jsonData.amount !== undefined ? jsonData.amount : (jsonData.data && jsonData.data.amount);","    if (amt !== undefined && amt !== null) {","        pm.expect(isNaN(Number(amt)), 'amount should be numeric').to.equal(false);","    }","})","","pm.test('[Data Integrity] Balance fields (if returned) are numeric', function () {","    const candidates = ['balance', 'fromBalance', 'toBalance', 'from_balance', 'to_balance', 'sender_balance', 'receiver_balance'];","    candidates.forEach(k => {","        const v = jsonData[k] !== undefined ? jsonData[k] : (jsonData.data && jsonData.data[k]);","        if (v !== undefined && v !== null) {","            pm.expect(isNaN(Number(v)), k + ' should be numeric').to.equal(false);","        }","    });","})","","pm.test('[Edge] from_account in response (if returned) matches customer1_phn', function () {","    const expected = pm.collectionVariables.get('customer1_phn');","    const from = jsonData.from_account || jsonData.fromAccount || (jsonData.data && (jsonData.data.from_account || jsonData.data.fromAccount));","    if (from !== undefined && expected) {","        pm.expect(String(from)).to.equal(String(expected));","    }","})","","pm.test('[Edge] to_account in response (if returned) matches customer2_phn', function () {","    const expected = pm.collectionVariables.get('customer2_phn');","    const to = jsonData.to_account || jsonData.toAccount || (jsonData.data && (jsonData.data.to_account || jsonData.data.toAccount));","    if (to !== undefined && expected) {","        pm.expect(String(to)).to.equal(String(expected));","    }","})","","pm.test('[Edge] from_account and to_account must differ', function () {","    const from = jsonData.from_account || jsonData.fromAccount || (jsonData.data && (jsonData.data.from_account || jsonData.data.fromAccount));","    const to = jsonData.to_account || jsonData.toAccount || (jsonData.data && (jsonData.data.to_account || jsonData.data.toAccount));","    if (from && to) {","        pm.expect(String(from)).to.not.equal(String(to));","    }","})","","pm.test('[Data Integrity] Amount in response (if present) is strictly positive', function () {","    const amt = jsonData.amount !== undefined ? jsonData.amount : (jsonData.data && jsonData.data.amount);","    if (amt !== undefined && amt !== null) {","        pm.expect(Number(amt)).to.be.above(0);","    }","})","","pm.test('[Negative] Status code is not 404 (sender/receiver exists)', function () {","    pm.expect(pm.response.code).to.not.equal(404);","})","","pm.test('[Negative] Status code is not 422 (valid payload)', function () {","    pm.expect(pm.response.code).to.not.equal(422);","})","","pm.test('[Negative] Status code is not 409 (no conflict / duplicate)', function () {","    pm.expect(pm.response.code).to.not.equal(409);","})","","pm.test('[Schema] Response message mentions send money success or contains transaction details', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    const tx = jsonData.trnxId || jsonData.transactionId || jsonData.transaction_id;","    pm.expect(msg.includes('success') || msg.includes('send money') || Boolean(tx)).to.be.true;","})","","pm.test('[Data Integrity] Password is NOT exposed in response', function () {","    const body = pm.response.text().toLowerCase();","    pm.expect(body).to.not.include('\"password\"');","})"],"type":"text/javascript","packages":{},"requests":{},"id":"3a9a43c5-1161-49d9-a76d-4f582bb852dd"}},{"listen":"prerequest","script":{"exec":[""],"type":"text/javascript","packages":{},"requests":{},"id":"9f43268c-fb32-42be-80db-fe0abbcfe8f9"}}],"id":"2ad734d1-6fd2-484c-818e-5bed8badbf02","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","value":"application/json","type":"text"},{"key":"X-AUTH-SECRET-KEY","value":"","type":"text"},{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\r\n  \"from_account\": \"\",\r\n  \"to_account\": \"\",\r\n  \"amount\": 1000\r\n}","options":{"raw":{"language":"json"}}},"url":"/transaction/sendmoney","urlObject":{"path":["transaction","sendmoney"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"2ad734d1-6fd2-484c-818e-5bed8badbf02"}],"id":"bbf18353-56df-4b85-be5f-7d154500f1f2","_postman_id":"bbf18353-56df-4b85-be5f-7d154500f1f2","description":""},{"name":"Customer-2 Login","item":[{"name":"customer2_primary_login","event":[{"listen":"test","script":{"id":"90090d85-6e94-4752-9e03-e16ef96109cb","exec":["var json_data = pm.response.json();","var jsonData = json_data;","pm.test(\"OTP Sent Successfully\",","function()","{","    pm.expect(json_data.message).to.contains(\"OTP sent to your registered email address\");","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 200', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response indicates success', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    const ok = jsonData.status === true ","            || jsonData.success === true ","            || msg.includes('success') ","            || msg.includes('otp sent')   // <-- added","            || jsonData.token ","            || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    pm.expect(Boolean(ok)).to.be.true;","})","","pm.test('[Positive] Token exists and is non-empty string; saved to customer2_token', function () {","    const token = jsonData.token || jsonData.access_token || jsonData.data && (jsonData.data.token || jsonData.data.access_token);","    if (token) {","        pm.expect(token).to.be.a('string').and.not.empty;","        pm.environment.set('customer2_token', token);","    }","})","","pm.test('[Negative] Status code is not 400', function () {","    pm.expect(pm.response.code).to.not.equal(400);","})","","pm.test('[Negative] Status code is not 401 Unauthorized', function () {","    pm.expect(pm.response.code).to.not.equal(401);","})","","pm.test('[Negative] Status code is not 500 Server Error', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] message field is a string', function () {","    pm.expect(jsonData).to.have.property('message');","    pm.expect(jsonData.message).to.be.a('string').and.not.empty;","})","","pm.test('[Data Integrity] Password is NOT exposed in response', function () {","    const body = pm.response.text().toLowerCase();","    pm.expect(body).to.not.include('\"password\"');","})","","pm.test('[Schema] Token (if present) has JWT shape (3 dot-separated segments)', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    if (token) {","        pm.expect(token).to.be.a('string').and.not.empty;","        const parts = token.split('.');","        pm.expect(parts.length, 'JWT should have 3 segments').to.equal(3);","    }","})","","pm.test('[Negative] Status code is not 422 Unprocessable Entity', function () {","    pm.expect(pm.response.code).to.not.equal(422);","})","","pm.test('[Negative] Status code is not 403 Forbidden', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})","","pm.test('[Edge] Saved customer2_token to collection variable', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    if (token) {","        pm.collectionVariables.set('customer2_token', token);","        pm.expect(pm.collectionVariables.get('customer2_token')).to.equal(token);","    }","})"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"e3aa73ab-80c0-46ec-894d-cf23db3d5ae6","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"14a39fe3-cb5b-4a90-9087-6b95b7025591","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"email\": \"\",\r\n  \"password\": \"12345\"\r\n}","options":{"raw":{"language":"json"}}},"url":"/user/login","urlObject":{"path":["user","login"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"14a39fe3-cb5b-4a90-9087-6b95b7025591"},{"name":"gmail_list","event":[{"listen":"test","script":{"id":"e675728a-c17f-4630-9299-f35b7e540f9a","exec":["let json_data = pm.response.json();","var jsonData = json_data;","let latest_email_id = json_data.messages[0].id;","pm.collectionVariables.set(\"email_id\", latest_email_id);","pm.test(\"Got Gmail List Successfully\",","function()","{","    pm.response.to.have.status(200);","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 200', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response has \\'messages\\' array', function () {","    if (jsonData.messages !== undefined)","        pm.expect(jsonData.messages).to.be.an('array');","})","","pm.test('[Positive] Messages array has at least 1 item; saved first id to email_id', function () {","    if (Array.isArray(jsonData.messages) && jsonData.messages.length > 0) {","        pm.expect(jsonData.messages.length).to.be.above(0);","        const firstId = jsonData.messages[0].id;","        if (firstId)","            pm.environment.set('email_id', firstId);","    }","})","","pm.test('[Negative] Status code is not 401 Unauthorized', function () {","    pm.expect(pm.response.code).to.not.equal(401);","})","","pm.test('[Negative] Status code is not 403 Forbidden', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})","","pm.test('[Negative] Status code is not 500', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] messages is a non-empty array', function () {","    pm.expect(jsonData).to.have.property('messages');","    pm.expect(jsonData.messages).to.be.an('array').that.is.not.empty;","})","","pm.test('[Schema] Each message has id and threadId', function () {","    pm.expect(jsonData.messages[0]).to.have.property('id');","    if (jsonData.messages[0].threadId !== undefined) {","        pm.expect(jsonData.messages[0].threadId).to.be.a('string').and.not.empty;","    }","})","","pm.test('[Data Integrity] First message id is a non-empty string', function () {","    pm.expect(jsonData.messages[0].id).to.be.a('string').and.not.empty;","})","","pm.test('[Negative] Status code is not 429 Rate Limit', function () {","    pm.expect(pm.response.code).to.not.equal(429);","})"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"f516e7ed-5bba-457f-9d18-822b734699da","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"14b7aa30-386d-4697-b4e1-9efd57cf2c58","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"https://gmail.googleapis.com/gmail/v1/users/me/messages","urlObject":{"protocol":"https","path":["gmail","v1","users","me","messages"],"host":["gmail","googleapis","com"],"query":[],"variable":[]}},"response":[],"_postman_id":"14b7aa30-386d-4697-b4e1-9efd57cf2c58"},{"name":"read_email","event":[{"listen":"test","script":{"id":"f9673e62-9ed6-4f9e-9d27-0cb42c67c40e","exec":["let json_data = pm.response.json();","let jsonData = json_data;","let snippet = json_data.snippet;","let otp = snippet.match(/(?<=is:\\s*)\\d{4}/)[0];","pm.collectionVariables.set(\"otp\", otp);","pm.test(\"OTP is Extracted Successfully\",","function()","{","    pm.expect(json_data.snippet).to.contains(\"Your One-Time Password (OTP) for DMoney login is:\");","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 200', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response has id field', function () {","    pm.expect(jsonData.id).to.exist;","})","","pm.test('[Positive] Response has payload or snippet', function () {","    pm.expect(jsonData.payload !== undefined || jsonData.snippet !== undefined).to.be.true;","})","","pm.test('[Positive] Extract OTP from snippet/body and save to env \\'otp\\'', function () {","    let textBlob = '';","    if (jsonData.snippet)","        textBlob += jsonData.snippet + ' ';","    try {","        if (jsonData.payload && jsonData.payload.body && jsonData.payload.body.data) {","            const b64 = jsonData.payload.body.data.replace(/-/g, '+').replace(/_/g, '/');","            try {","                textBlob += atob(b64);","            } catch (e) {","            }","        }","        if (jsonData.payload && Array.isArray(jsonData.payload.parts)) {","            jsonData.payload.parts.forEach(p => {","                if (p.body && p.body.data) {","                    const b64 = p.body.data.replace(/-/g, '+').replace(/_/g, '/');","                    try {","                        textBlob += ' ' + atob(b64);","                    } catch (e) {","                    }","                }","            });","        }","    } catch (e) {","    }","    const match = textBlob.match(/\\b(\\d{4,6})\\b/);","    if (match) {","        pm.environment.set('otp', match[1]);","        pm.expect(match[1]).to.match(/^\\d{4,6}$/);","    } else {","        pm.expect.fail('No OTP found in snippet/body');","    }","})","","pm.test('[Negative] Status code is not 404 Not Found', function () {","    pm.expect(pm.response.code).to.not.equal(404);","})","","pm.test('[Negative] Status code is not 401', function () {","    pm.expect(pm.response.code).to.not.equal(401);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] Response id matches the requested email_id', function () {","    const expected = pm.collectionVariables.get('email_id');","    if (expected) {","        pm.expect(jsonData.id).to.equal(expected);","    }","})","","pm.test('[Data Integrity] Extracted OTP is exactly 4-6 digits', function () {","    const otp = pm.collectionVariables.get('otp');","    pm.expect(otp, 'OTP must be set').to.exist;","    pm.expect(String(otp)).to.match(/^\\d{4,6}$/);","})","","pm.test('[Edge] OTP is purely numeric (no leading/trailing whitespace)', function () {","    const otp = pm.collectionVariables.get('otp');","    if (otp) {","        pm.expect(String(otp).trim()).to.equal(String(otp));","        pm.expect(isNaN(Number(otp))).to.equal(false);","    }","})","","pm.test('[Schema] snippet (if present) is a string', function () {","    if (jsonData.snippet !== undefined) {","        pm.expect(jsonData.snippet).to.be.a('string');","    }","})","","pm.test('[Negative] Status code is not 429 Rate Limit', function () {","    pm.expect(pm.response.code).to.not.equal(429);","})"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"d19695e5-ce76-4f2b-8ceb-452bcf1ebbef","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"60890e40-30c1-4ae5-8e62-2312d99e28eb","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"https://gmail.googleapis.com/gmail/v1/users/me/messages/","urlObject":{"protocol":"https","path":["gmail","v1","users","me","messages",""],"host":["gmail","googleapis","com"],"query":[],"variable":[]}},"response":[],"_postman_id":"60890e40-30c1-4ae5-8e62-2312d99e28eb"},{"name":"verify_otp","event":[{"listen":"test","script":{"id":"9979f5c4-0836-4eb1-9ea4-2b6adc5b6229","exec":["var json_data = pm.response.json();","let jsonData = json_data;","var token = json_data.token;","pm.collectionVariables.set(\"customer2_token\",token);","pm.test(\"The Customer-2 Can Log In Successfully\",","function()","{","    pm.expect(json_data.message).to.contains(\"Login successful\");","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 200', function () {","    pm.expect(pm.response.code).to.equal(200);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Response contains success message or token', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    const token = jsonData.token || jsonData.access_token || jsonData.data && (jsonData.data.token || jsonData.data.access_token);","    pm.expect(Boolean(msg.includes('success') || token)).to.be.true;","    if (token)","        pm.environment.set('customer2_token', token);","})","","pm.test('[Negative] Status code is not 400 (invalid OTP)', function () {","    pm.expect(pm.response.code).to.not.equal(400);","})","","pm.test('[Negative] Status code is not 401 (expired)', function () {","    pm.expect(pm.response.code).to.not.equal(401);","})","","pm.test('[Negative] Status code is not 500', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] message field is a string and indicates login success', function () {","    pm.expect(jsonData).to.have.property('message');","    pm.expect(jsonData.message).to.be.a('string');","    pm.expect(jsonData.message.toLowerCase()).to.include('login successful');","})","","pm.test('[Data Integrity] Token is non-null and non-empty string', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    pm.expect(token, 'Token should not be null/undefined').to.exist;","    pm.expect(token).to.be.a('string').and.not.empty;","})","","pm.test('[Schema] Token has JWT shape (3 dot-separated segments)', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    if (token) {","        pm.expect(token.split('.').length).to.equal(3);","    }","})","","pm.test('[Edge] Token saved to collection variable customer2_token', function () {","    const token = jsonData.token || jsonData.access_token || (jsonData.data && (jsonData.data.token || jsonData.data.access_token));","    if (token) {","        pm.collectionVariables.set('customer2_token', token);","        pm.expect(pm.collectionVariables.get('customer2_token')).to.equal(token);","    }","})","","pm.test('[Data Integrity] Password is NOT exposed in response', function () {","    const body = pm.response.text().toLowerCase();","    pm.expect(body).to.not.include('\"password\"');","})","","pm.test('[Negative] Status code is not 422 Unprocessable Entity', function () {","    pm.expect(pm.response.code).to.not.equal(422);","})","","pm.test('[Negative] Status code is not 403 Forbidden', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"id":"b6e2f889-7797-4160-8168-89c982490987","exec":[""],"type":"text/javascript","packages":{},"requests":{}}}],"id":"75bca8b9-fac4-4309-a941-a58cd642caf6","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n  \"identifier\": \"\",\r\n  \"otp\": \"\"\r\n}","options":{"raw":{"language":"json"}}},"url":"/user/verify-otp","urlObject":{"path":["user","verify-otp"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"75bca8b9-fac4-4309-a941-a58cd642caf6"},{"name":"withdraw","event":[{"listen":"test","script":{"exec":["var json_data = pm.response.json();","let jsonData = json_data;","pm.test(\"Withdraw has been Successful\",","function()","{","    pm.expect(json_data.message).to.contains(\"Withdraw successful\");","}",")","","pm.test('Response time is less than 5000ms', function () {","    pm.expect(pm.response.responseTime).to.be.below(5000);","})","","pm.test('Response has body', function () {","    pm.expect(pm.response.text()).to.not.be.empty;","})","","pm.test('Content-Type is application/json', function () {","    const ct = pm.response.headers.get('Content-Type') || '';","    pm.expect(ct.toLowerCase()).to.include('application/json');","})","","pm.test('[Positive] Status code is 201', function () {","    pm.expect(pm.response.code).to.equal(201);","})","","pm.test('[Positive] Response is a valid JSON object', function () {","    pm.expect(jsonData).to.be.an('object');","})","","pm.test('[Positive] Withdrawal successful with transaction details', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    const ok = jsonData.status === true || jsonData.success === true || msg.includes('success') || jsonData.transactionId || jsonData.transaction_id || jsonData.amount || jsonData.data && (jsonData.data.transactionId || jsonData.data.amount);","    pm.expect(Boolean(ok)).to.be.true;","})","","pm.test('[Positive] Response has transaction details', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    const tx = jsonData.transactionId ","            || jsonData.transaction_id ","            || jsonData.txId ","            || (jsonData.data && (jsonData.data.transactionId || jsonData.data.transaction_id));","    const amt = jsonData.amount || (jsonData.data && jsonData.data.amount);","    const hasSuccessMsg = msg.includes('send money successful') || msg.includes('success');","    pm.expect(Boolean(tx || amt || jsonData.data || hasSuccessMsg)).to.be.true;","})","","pm.test('[Negative] Status code is not 400', function () {","    pm.expect(pm.response.code).to.not.equal(400);","})","","pm.test('[Negative] Status code is not 401', function () {","    pm.expect(pm.response.code).to.not.equal(401);","})","","pm.test('[Negative] Status code is not 403 (sufficient balance)', function () {","    pm.expect(pm.response.code).to.not.equal(403);","})","","pm.test('[Negative] Status code is not 500', function () {","    pm.expect(pm.response.code).to.not.equal(500);","})","","pm.test('[Negative] Response does not contain error field', function () {","    pm.expect(jsonData.error, 'error should not exist').to.be.undefined;","})","","// === Added Major Tests ===","pm.test('[Schema] message field is a string', function () {","    pm.expect(jsonData).to.have.property('message');","    pm.expect(jsonData.message).to.be.a('string').and.not.empty;","})","","pm.test('[Data Integrity] Transaction id (trnxId/transactionId) is non-null and non-empty', function () {","    const tx = jsonData.trnxId || jsonData.transactionId || jsonData.transaction_id || jsonData.txId || (jsonData.data && (jsonData.data.trnxId || jsonData.data.transactionId || jsonData.data.transaction_id));","    pm.expect(tx, 'Transaction id should not be null/undefined').to.not.be.oneOf([null, undefined, '']);","    if (tx) pm.expect(String(tx).length, 'Transaction id should be non-empty').to.be.above(0);","})","","pm.test('[Data Integrity] Response amount equals requested amount (500) when present', function () {","    const amt = jsonData.amount !== undefined ? jsonData.amount : (jsonData.data && jsonData.data.amount);","    if (amt !== undefined && amt !== null) {","        pm.expect(Number(amt)).to.equal(500);","    }","})","","pm.test('[Data Integrity] Amount (if returned) is numeric (number or numeric string)', function () {","    const amt = jsonData.amount !== undefined ? jsonData.amount : (jsonData.data && jsonData.data.amount);","    if (amt !== undefined && amt !== null) {","        pm.expect(isNaN(Number(amt)), 'amount should be numeric').to.equal(false);","    }","})","","pm.test('[Data Integrity] Balance fields (if returned) are numeric', function () {","    const candidates = ['balance', 'fromBalance', 'toBalance', 'from_balance', 'to_balance', 'sender_balance', 'receiver_balance'];","    candidates.forEach(k => {","        const v = jsonData[k] !== undefined ? jsonData[k] : (jsonData.data && jsonData.data[k]);","        if (v !== undefined && v !== null) {","            pm.expect(isNaN(Number(v)), k + ' should be numeric').to.equal(false);","        }","    });","})","","pm.test('[Edge] from_account in response (if returned) matches customer2_phn', function () {","    const expected = pm.collectionVariables.get('customer2_phn');","    const from = jsonData.from_account || jsonData.fromAccount || (jsonData.data && (jsonData.data.from_account || jsonData.data.fromAccount));","    if (from !== undefined && expected) {","        pm.expect(String(from)).to.equal(String(expected));","    }","})","","pm.test('[Edge] to_account in response (if returned) matches agent_phn', function () {","    const expected = pm.collectionVariables.get('agent_phn');","    const to = jsonData.to_account || jsonData.toAccount || (jsonData.data && (jsonData.data.to_account || jsonData.data.toAccount));","    if (to !== undefined && expected) {","        pm.expect(String(to)).to.equal(String(expected));","    }","})","","pm.test('[Edge] from_account and to_account must differ', function () {","    const from = jsonData.from_account || jsonData.fromAccount || (jsonData.data && (jsonData.data.from_account || jsonData.data.fromAccount));","    const to = jsonData.to_account || jsonData.toAccount || (jsonData.data && (jsonData.data.to_account || jsonData.data.toAccount));","    if (from && to) {","        pm.expect(String(from)).to.not.equal(String(to));","    }","})","","pm.test('[Data Integrity] Amount in response (if present) is strictly positive', function () {","    const amt = jsonData.amount !== undefined ? jsonData.amount : (jsonData.data && jsonData.data.amount);","    if (amt !== undefined && amt !== null) {","        pm.expect(Number(amt)).to.be.above(0);","    }","})","","pm.test('[Negative] Status code is not 404 (sender/receiver exists)', function () {","    pm.expect(pm.response.code).to.not.equal(404);","})","","pm.test('[Negative] Status code is not 422 (valid payload)', function () {","    pm.expect(pm.response.code).to.not.equal(422);","})","","pm.test('[Negative] Status code is not 409 (no conflict / duplicate)', function () {","    pm.expect(pm.response.code).to.not.equal(409);","})","","pm.test('[Schema] Response message mentions withdraw success or contains transaction details', function () {","    const msg = (jsonData.message || '').toString().toLowerCase();","    const tx = jsonData.trnxId || jsonData.transactionId || jsonData.transaction_id;","    pm.expect(msg.includes('success') || msg.includes('withdraw') || Boolean(tx)).to.be.true;","})","","pm.test('[Data Integrity] Password is NOT exposed in response', function () {","    const body = pm.response.text().toLowerCase();","    pm.expect(body).to.not.include('\"password\"');","})"],"type":"text/javascript","packages":{},"requests":{},"id":"da494c27-3552-478f-9e52-3a7d1a510298"}},{"listen":"prerequest","script":{"exec":[""],"type":"text/javascript","packages":{},"requests":{},"id":"3da4a9b7-4270-486f-acce-fcf4b78576a5"}}],"id":"d4eab4c5-b13f-4223-8b37-22a6e549265b","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Content-Type","value":"application/json","type":"text"},{"key":"Authorization","value":"Bearer ","type":"text"},{"key":"X-AUTH-SECRET-KEY","value":"","type":"text"}],"body":{"mode":"raw","raw":"{\r\n  \"from_account\": \"\",\r\n  \"to_account\": \"\",\r\n  \"amount\": 500\r\n}"},"url":"/transaction/withdraw","urlObject":{"path":["transaction","withdraw"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"d4eab4c5-b13f-4223-8b37-22a6e549265b"}],"id":"20fbe64f-b816-4ff6-89e5-8a31b92fce77","_postman_id":"20fbe64f-b816-4ff6-89e5-8a31b92fce77","description":""}],"event":[{"listen":"prerequest","script":{"id":"d06fdb6d-5966-4f73-a7e7-5a8d1d569017","type":"text/javascript","packages":{},"requests":{},"exec":[""]}},{"listen":"test","script":{"id":"abf3911d-09b7-4422-93d4-ea063d5890d3","type":"text/javascript","packages":{},"requests":{},"exec":[""]}}],"variable":[{"key":"base_url","value":""},{"key":"admin_token","value":""},{"key":"random_id","value":""},{"key":"agent_id","value":""},{"key":"agent_email","value":""},{"key":"agent_phn","value":""},{"key":"customer2_id","value":""},{"key":"customer2_email","value":""},{"key":"customer2_phn","value":""},{"key":"customer1_id","value":""},{"key":"customer1_email","value":""},{"key":"customer1_phn","value":""},{"key":"secret_key","value":""},{"key":"system_token","value":""},{"key":"gmail_token","value":""},{"key":"email_id","value":""},{"key":"otp","value":""},{"key":"agent_token","value":""},{"key":"customer1_token","value":""},{"key":"customer2_token","value":""},{"key":"customer3_id","value":""},{"key":"customer3_email","value":""},{"key":"customer3_phn","value":""}]}