tests/custom-idproperty-relationships.test.js:850:        assert(error.message.includes('not found') || error.message.includes('404'))
tests/curl.test.js:265:      // Test 404 error
tests/curl.test.js:266:      const result404 = await executeCurl(['-s', '-w', '\\n%{http_code}', '-H', 'Accept: application/vnd.api+json', `http://localhost:${TEST_PORT}/api/countries/999999`])
tests/curl.test.js:268:      assert.equal(result404.exitCode, 0, 'CURL should exit successfully')
tests/curl.test.js:270:      const lines = result404.stdout.trim().split('\n')
tests/curl.test.js:274:      assert.equal(httpCode, '404', 'Should return 404 status')
tests/curl.test.js:278:      assert.equal(response.errors[0].status, '404')
tests/ownership-optout.test.js:32:describe('Ownership opt-out (ownerField:false / ownership:false)', () => {
tests/ownership-optout.test.js:57:    // Query without auth (ownership disabled -> no filtering)
tests/ownership-optout.test.js:63:  it('ownership:false - allows create+query without user_id column present', async () => {
tests/ownership-optout.test.js:64:    await createPublicItem('public_items_ownership', 'Gamma', 1)
tests/ownership-optout.test.js:65:    await createPublicItem('public_items_ownership', 'Delta', 2)
tests/ownership-optout.test.js:67:    const resultAuth = await api.resources.public_items_ownership.query({ simplified: false }, { auth: { userId: 99 } })
tests/ownership-optout.test.js:71:    const resultNoAuth = await api.resources.public_items_ownership.query({ simplified: false })
tests/cors.test.js:525:      assert.equal(response.status, 403)
tests/cors.test.js:552:      assert.equal(response.status, 404)
tests/multihome.test.js:43:      'multihome_projects',
tests/multihome.test.js:44:      'multihome_tasks',
tests/multihome.test.js:45:      'multihome_users',
tests/multihome.test.js:46:      'multihome_system_settings'
tests/multihome.test.js:51:    it('should automatically set tenant_id on new records', async () => {
tests/multihome.test.js:52:      // Create a project for tenant A
tests/multihome.test.js:55:        description: 'A project for tenant A'
tests/multihome.test.js:58:      // Create with tenant context
tests/multihome.test.js:63:        auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:71:        description: 'A project for tenant A',
tests/multihome.test.js:72:        tenant_id: 'tenant-a' // Should be automatically set
tests/multihome.test.js:76:    it('should filter queries by tenant_id', async () => {
tests/multihome.test.js:77:      // Create projects for different tenants
tests/multihome.test.js:84:        auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:93:        auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:102:        auth: { multihome_id: 'tenant-b' }
tests/multihome.test.js:105:      // Query as tenant A - should only see tenant A's projects
tests/multihome.test.js:109:        auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:116:      // Query as tenant B - should only see tenant B's projects
tests/multihome.test.js:120:        auth: { multihome_id: 'tenant-b' }
tests/multihome.test.js:128:    it('should prevent access to other tenant records', async () => {
tests/multihome.test.js:129:      // Create a project for tenant A
tests/multihome.test.js:136:        auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:139:      // Try to access as tenant B - should fail
tests/multihome.test.js:146:            auth: { multihome_id: 'tenant-b' }
tests/multihome.test.js:152:        'Should not be able to access other tenant data'
tests/multihome.test.js:156:    it('should prevent updating tenant_id to different value', async () => {
tests/multihome.test.js:157:      // Create a project for tenant A
tests/multihome.test.js:164:        auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:167:      // Try to update with different tenant_id - should fail
tests/multihome.test.js:178:                  tenant_id: 'tenant-b' // Trying to change tenant
tests/multihome.test.js:184:            auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:192:        'Should not be able to change tenant_id'
tests/multihome.test.js:198:    it('should maintain tenant isolation for related records', async () => {
tests/multihome.test.js:199:      // Create projects for different tenants
tests/multihome.test.js:206:        auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:215:        auth: { multihome_id: 'tenant-b' }
tests/multihome.test.js:218:      // Create task for tenant A project
tests/multihome.test.js:230:        auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:233:      // Try to create task for tenant B project as tenant A - should fail
tests/multihome.test.js:247:            auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:251:          // Should fail because project belongs to different tenant
tests/multihome.test.js:254:        'Should not be able to link to other tenant resources'
tests/multihome.test.js:257:      // Query with includes - should only see own tenant data
tests/multihome.test.js:265:        auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:271:      assert.equal(projectWithTasks.included[0].attributes.tenant_id, 'tenant-a')
tests/multihome.test.js:276:    it('should allow access to excluded resources without tenant context', async () => {
tests/multihome.test.js:277:      // Create system setting without tenant context
tests/multihome.test.js:288:      assert(!setting.data.attributes.tenant_id, 'Should not have tenant_id')
tests/multihome.test.js:290:      // Query without tenant context should work
tests/multihome.test.js:297:      // Should be accessible by any tenant
tests/multihome.test.js:302:        auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:310:    it('should require tenant context when requireAuth is true', async () => {
tests/multihome.test.js:311:      // Try to create without tenant context - should fail
tests/multihome.test.js:322:          return err.message.includes('multihome context')
tests/multihome.test.js:324:        'Should require tenant context when requireAuth is true'
tests/multihome.test.js:328:    it('should validate resources have tenant field when allowMissing is false', async () => {
tests/multihome.test.js:330:      // if a resource was missing the tenant field. Since our test resources
tests/multihome.test.js:331:      // all have tenant_id (except excluded ones), we can verify the
tests/multihome.test.js:333:      assert.equal(api.vars.multihome.field, 'tenant_id')
tests/multihome.test.js:334:      assert.equal(api.vars.multihome.allowMissing, false)
tests/multihome.test.js:335:      assert(api.vars.multihome.excludeResources.includes('system_settings'))
tests/multihome.test.js:340:    it('should apply tenant filter to filtered queries', async () => {
tests/multihome.test.js:341:      // Create users for different tenants
tests/multihome.test.js:344:          email: 'admin@tenant-a.com',
tests/multihome.test.js:350:        auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:355:          email: 'user@tenant-a.com',
tests/multihome.test.js:361:        auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:366:          email: 'admin@tenant-b.com',
tests/multihome.test.js:372:        auth: { multihome_id: 'tenant-b' }
tests/multihome.test.js:375:      // Query for admins as tenant A - should only see tenant A admin
tests/multihome.test.js:382:        auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:385:      assert.equal(adminsA.data.length, 1, 'Should only see tenant A admin')
tests/multihome.test.js:386:      assert.equal(adminsA.data[0].attributes.email, 'admin@tenant-a.com')
tests/multihome.test.js:388:      // Query for all users as tenant B - should only see tenant B users
tests/multihome.test.js:392:        auth: { multihome_id: 'tenant-b' }
tests/multihome.test.js:395:      assert.equal(usersB.data.length, 1, 'Should only see tenant B users')
tests/multihome.test.js:396:      assert.equal(usersB.data[0].attributes.email, 'admin@tenant-b.com')
tests/multihome.test.js:399:    it('should apply tenant filter with sorting and pagination', async () => {
tests/multihome.test.js:400:      // Create multiple projects for tenant A
tests/multihome.test.js:409:          auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:413:      // Create projects for tenant B
tests/multihome.test.js:421:          auth: { multihome_id: 'tenant-b' }
tests/multihome.test.js:425:      // Query with pagination as tenant A
tests/multihome.test.js:433:        auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:448:        auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:452:      assert(page2.data.every(p => p.attributes.tenant_id === 'tenant-a'))
tests/multihome.test.js:457:    it('should provide clear error when no tenant context available', async () => {
tests/multihome.test.js:465:          return err.message.includes('No multihome context available')
tests/multihome.test.js:471:    it('should handle missing tenant field gracefully for excluded resources', async () => {
tests/multihome.test.js:472:      // system_settings is excluded and doesn't have tenant_id field
tests/multihome.test.js:480:        auth: { multihome_id: 'tenant-a' } // Should be ignored for excluded resources
tests/multihome.test.js:484:      assert(!result.data.attributes.tenant_id, 'Excluded resource should not have tenant_id')
tests/multihome.test.js:489:    it('should prevent bypassing tenant filter with malicious IDs', async () => {
tests/multihome.test.js:490:      // Create a project for tenant A
tests/multihome.test.js:497:        auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:500:      // Try various bypass attempts as tenant B
tests/multihome.test.js:514:              auth: { multihome_id: 'tenant-b' }
tests/multihome.test.js:528:      // Create data for tenant A
tests/multihome.test.js:535:        auth: { multihome_id: 'tenant-a' }
tests/multihome.test.js:538:      // Attempt access as tenant B
tests/multihome.test.js:544:          auth: { multihome_id: 'tenant-b' }
tests/rest-api-access.test.js:86:      assert.equal(error.statusCode, 403)
tests/rest-api-access.test.js:92:  it('auto assigns ownership when creating a project', async () => {
tests/rest-api-access.test.js:127:  it('filters query results by ownership for non-admin users', async () => {
tests/rest-api-access.test.js:147:  it('allows admin roles to bypass ownership filtering', async () => {
tests/rest-api-access.test.js:177:      assert.equal(error.statusCode, 403)
tests/rest-api-access.test.js:183:  it('enforces helper ownership checks', () => {
tests/rest-api-access.test.js:193:      assert.equal(error.statusCode, 403)
