aKinderWellness Testing and Quality analysis

The system allows creation of an Admin user without assigning any role. When the role field is not provided in the request, the user is still successfully created with "role": null.
This leads to creation of incomplete user records and may impact role-based access control (RBAC) functionality.

Steps to Reproduce

1. Send a POST request to: https://api.akinderwellness.com:4001/api/admin/add-admin
2. In request body, provide:

• email
• password

3. Do not include the role field
4. Send the request

Actual Result
User is created successfully
API response:

{
    "success": true,
    "message": "Registered successfully",
    "res": {
        "userType": "Admin",
        "webToken": [],
        "fcmToken": [],
        "notification_weekly_report": false,
        "notification_password_change": false,
        "notification_all_activies": false,
        "notification_new_request": false,
        "notification_new_referral": false,
        "notification_new_message": false,
        "language": "en",
        "If_Deleted": false,
        "_id": "69bb9197190f06f44b128cb0",
        "email": "arbtestemailtemp@gmail.com",
        "role": null,
        "createdBy": "603c4a2f9644be25e93e1089",
        "password": "$2a$10$BK1d/hK.JPKiyUDmqDyYO.YQAA.CJkj4set4R8QYt4XCPefhgNBSC",
        "secondary_password": null,
        "createdAt": "2026-03-19T06:03:03.946Z",
        "__v": 0
    }
}

Expected Result

• System should not allow user creation without a role
• API should return validation error such as: "Role is required" or System should assign a default role automatically