Assessment Editor
Verified Role confirmed via live testing on 2026-03-16.
Role Summary
Section titled “Role Summary”| Property | Value |
|---|---|
| Username | assessment-editor |
| Purpose | Create and edit NCAP vehicle safety assessments |
| Scope | Draft and Re-Edit stages of the assessment workflow |
| Principle | Can author content but cannot approve, publish, or govern |
Sidebar Navigation
Section titled “Sidebar Navigation”The Editor currently sees 10 sidebar items — significantly more than the intended 4.
Dashboard └─ Overview (/admin/dashboard)Assessments (/admin/assessments)Protocols (/admin/protocols)Vehicles ├─ Makes (/admin/vehicles/makes) ├─ Manufacturers (/admin/vehicles/manufacturers) └─ Manufacturer Re... (/admin/manufacturer-requests)System Configuration ├─ Lookup Tables (/admin/admin/lookups) └─ Child Restraints (/admin/admin/crs)Website Manager └─ Media Library (/admin/content/media)Available Screens
Section titled “Available Screens”Dashboard (Overview)
Section titled “Dashboard (Overview)”- URL:
/admin/ - Stats cards: Total Vehicles (57), Assessments (58), Avg. Adult (5.0), Avg. Child (4.9), Makes (10)
- Quick Actions: New Assessment, Add Vehicle, Content Pages
- Assessment Summary: Counts by status — Draft, Re-Edit, Under Review, Approved, Published, Unpublished, Archived
- Additional sections: Star Rating Distribution, Recent Activity
- Read-only informational page
Assessments List
Section titled “Assessments List”- URL:
/admin/assessments - Action buttons: ”+ New Assessment” (green), “Export CSV” (outlined)
- Filters: Search text, Status dropdown, Adult rating, Child rating
- Columns: Vehicle, Year, Status, Adult rating, Child rating, Completion %, Actions
- Per-row actions: View (eye icon), Delete (trash icon)
- Statuses observed: Draft, Published, Under Review
Protocols
Section titled “Protocols”- URL:
/admin/protocols - Read-only — only a view (eye) icon per row, no create/edit/delete
- Columns: Code, Name (English), Name (Arabic), Status, Versions, Actions
- Data: 1 protocol — SAUDI_NCAP / Saudi NCAP / Active / 1 version
Vehicles > Makes (Card View)
Section titled “Vehicles > Makes (Card View)”- URL:
/admin/vehicles - Card grid with logo, English/Arabic name, model count per make
- ”+ Add Make” button available
- Makes include: Toyota, Honda, Nissan, Hyundai, Kia, GMC, Ford, BMW, Mercedes-Benz, Lexus
Vehicles > Makes (Table View)
Section titled “Vehicles > Makes (Table View)”- URL:
/admin/vehicles/makes - Title: “Manufacturers (Makes)” — confusing naming (see ISS-010)
- Columns: Logo, Name (Arabic), Name (English), Slug, Country, Status, Models, Actions
- Per-row actions: Edit (pencil), Delete (trash)
- Full CRUD available
Vehicles > Manufacturers
Section titled “Vehicles > Manufacturers”- URL:
/admin/vehicles/manufacturers - ”+ Add Manufacturer” button
- Columns: Name (Arabic), Name (English), Brands, Actions
- Per-row actions: Edit (pencil), Delete (trash)
- Full CRUD available
Vehicles > Manufacturer Test Requests
Section titled “Vehicles > Manufacturer Test Requests”- URL:
/admin/manufacturer-requests - Read-only — no create/edit/delete buttons
- Columns: Company (with contact), Vehicle, Status, Date
System Configuration > Lookup Tables
Section titled “System Configuration > Lookup Tables”- URL:
/admin/admin/lookups - Card grid with 4 categories: Body Types (9), Fuel Types (5), Drive Types (4), Transmission Types (4)
- View-only at top level; sub-pages may have edit capability
System Configuration > Child Restraints
Section titled “System Configuration > Child Restraints”- URL:
/admin/admin/crs - ”+ Add CRS” button, search field
- Columns: Brand, Name (EN), Name (AR), Category, Type, ISOFIX, Active, Actions
- Full CRUD available
Media Library
Section titled “Media Library”- URL:
/admin/content/media - Upload zone (drag & drop), accepted: JPG, PNG, WebP, SVG, PDF (max 100MB)
- Folder navigation, content type filters (All, Images, PDF Reports, Videos)
Restricted URLs
Section titled “Restricted URLs”| URL | Result |
|---|---|
/admin/users | Page Not Found |
/admin/monitoring | Page Not Found |
/admin/administration | Page Not Found |
All restricted URLs show “Page Not Found” instead of “Access Denied” (see ISS-006).
CAN / CANNOT Summary
Section titled “CAN / CANNOT Summary”CAN Do
Section titled “CAN Do”| Action | Screen |
|---|---|
| View dashboard with stats | Overview |
| Create new assessments | Assessments |
| View/open assessments | Assessments |
| Delete assessments (currently — bug) | Assessments |
| Export CSV | Assessments |
| Search/filter assessments | Assessments |
| View protocols (read-only) | Protocols |
| Add/edit/delete makes | Makes |
| Add/edit/delete manufacturers | Manufacturers |
| View test requests | Manufacturer Test Requests |
| View lookup tables | Lookup Tables |
| Add/edit/delete CRS | Child Restraints |
| Upload media | Media Library |
CANNOT Do
Section titled “CANNOT Do”| Action | Evidence |
|---|---|
| Access user management | /admin/users → Page Not Found |
| Access monitoring/audit logs | /admin/monitoring → Page Not Found |
| Create or edit protocols | No add/edit buttons |
| Manage content pages | No Pages link in sidebar |
| Approve/reject assessments | No approve/reject buttons |
| Publish/unpublish assessments | No publish actions |
Key Observations
Section titled “Key Observations”- Broader access than intended — Editor has Vehicles, System Config, and Media Library access that should be Super Admin-only
- Delete on all rows — Trash icon appears on Published assessments, not just own Drafts
- Two views for Makes — Card view (
/admin/vehicles) and table view (/admin/vehicles/makes) - Content Pages anomaly — Dashboard shows quick action card but no sidebar entry
- Sidebar truncation — “Manufacturer Representatives” shows as “Manufacturer Re…”