Add comprehensive test coverage across models, policies, and controllers

.gitignore

@@ -50,4 +50,19 @@ yarn-debug.log*
 *~
 
 # Claude
-.claude/
+# Personal Claude Code settings
+.claude/settings.local.json
+.claude/CLAUDE.local.md
+
+# Sensitive data and generated files within skills
+.claude/skills/*/.venv/
+.claude/skills/*/venv/
+.claude/skills/*/node_modules/
+.claude/skills/*/data/
+.claude/skills/*/auth_info.json
+.claude/skills/*/__pycache__/
+
+# Logs and temporary files
+.claude/logs/
+.claude/tmp/
+.claude/*.log

CLAUDE.md

@@ -74,10 +74,19 @@ bin/rails dbconsole           # Database console
 - Monitor at `/madmin/sidekiq` in development
 
 ### Testing Strategy
-- Minitest for all tests (models, controllers, integration)
+- Minitest for all tests (models, controllers, integration, policies)
 - WebMock for stubbing external HTTP requests
-- Parallel test execution supported
-- API integration tests for all endpoints
+- Parallel test execution supported (10 workers by default)
+- Comprehensive test coverage across all layers:
+  - **Model tests**: test/models/ - Validations, associations, callbacks, state machines
+  - **Policy tests**: test/policies/ - Authorization rules for all user roles
+  - **Controller tests**: test/controllers/ - API endpoints, authentication, authorization
+  - **Integration tests**: test/integration/ - End-to-end user flows
+- Test helpers:
+  - `json_response` for parsing JSON API responses
+  - `create_new_auth_token` for generating auth headers (Devise Token Auth)
+  - Fixtures in test/fixtures/ and seed data in db/fixtures/test/
+- Run tests: `bin/rails test` (205 tests, 402 assertions)
 
 ### Development Server Configuration
 - Server binds to specific IP: `192.168.1.21:3000` (not localhost)
@@ -98,14 +107,55 @@ bin/rails dbconsole           # Database console
 - Web server: `bin/render-start.sh`
 - Background workers: `bin/render-start-sidekiq.sh`
 
+## Code Quality Checks Before Committing
+
+**IMPORTANT**: Always run these checks and fix all errors before committing code:
+
+### 1. Lint Errors (RuboCop)
+```bash
+bin/rubocop
+```
+- Fix all RuboCop offenses before committing
+- Run `bin/rubocop -a` to auto-correct safe offenses
+- Review and manually fix remaining issues
+
+### 2. Security Scan (Brakeman)
+```bash
+bin/brakeman
+```
+- Fix all security vulnerabilities before committing
+- Review warnings and address potential security issues
+- Never commit code with security vulnerabilities
+
+### 3. Run Tests
+```bash
+bin/rails test
+```
+- Ensure all tests pass before committing
+- Add tests for new features or bug fixes
+
+### Pre-Commit Checklist
+- [ ] `bin/rubocop` - No lint errors
+- [ ] `bin/brakeman` - No security issues
+- [ ] `bin/rails test` - All tests passing
+- [ ] Code reviewed for quality and security
+
 ## Common Development Tasks
 
 ### Creating New API Endpoints
 1. Add route in `config/routes.rb` under appropriate namespace
 2. Create controller inheriting from `Api::V1::BaseController`
-3. Add Pundit policy in `app/policies/`
+3. Add Pundit policy in `app/policies/` with authorization rules
 4. Create serializer in `app/serializers/`
-5. Write integration tests in `test/integration/`
+5. Write controller tests in `test/controllers/` testing all actions and edge cases
+
+### Writing Tests
+- **Model tests**: Test validations, associations, callbacks, scopes, and business logic
+- **Policy tests**: Test authorization for all roles (admin, managers, members, guest)
+- **Controller tests**: Test CRUD operations, authentication requirements, authorization checks
+- Use `ActsAsTenant.with_tenant(@account)` when testing multi-tenant models
+- Fixtures are loaded automatically from test/fixtures/*.yml
+- Test data seeds loaded from db/fixtures/test/*.rb in setup hook
 
 ### Working with Multi-tenancy
 - All models should include `acts_as_tenant :account`

Gemfile

@@ -4,7 +4,7 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" }
 ruby file: ".ruby-version"
 
 # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
-gem "rails", "7.1.5.1"
+gem "rails", "~> 7.2.3"
 
 gem "propshaft", "~> 1.0"
 
@@ -78,6 +78,9 @@ group :development, :test do
 
   gem "mailbin"
 
+  # Constrain minitest to 5.x for Rails 7.2 compatibility
+  gem "minitest", "~> 5.0"
+
   # Optional debugging tools
   # gem "byebug", platforms: [:mri, :mingw, :x64_mingw]
   # gem "pry-rails"