Testing experience in web application P2 special cases

Testing Experience in Web Application

Author: Vu Tran

Nov 2013

Part 2: Special Cases

T *Take care of quality

E *Eager for finding defect

S *Standardize software

T *Thought of logic

E *Enjoyable job

R *Raise of carefulness

1. Back button of browser.2. Access link by wrong way.3. Edit information or take action after losing permission.4. Take parallel actions.5. Special fields.6. Security cases.

Content

Back button of browser.2. Access link by wrong way.3. Edit information or take action after losing permission.4. Take parallel actions.5. Special fields.6. Security cases.

Content

Back button of browser (1)

ID: 1.1 Title: Use back button after logging in from login page

Description: When users go back to login page after had logged-in, the web app must be able to

handle and auto redirect to logged-in state page.

Steps:

1. Go to login page.

2. Input correct Username and Password, then login.

3. Log in successfully, go to logged-in state page. Click Back button of browser.

4. Verify what will happen

Expected Result:

- Should not display login page.

- Auto redirect to logged-in state page.

Back button of browser (2)

ID: 1.2 Title: Use back button to go back to previous Step from Finish Step

Description: When users go back previous Step from Finish page, ensure that users cannot

perform the action to go to Finish page again.

Steps:

1. Go to Step 1, take require actions, and go to Step 2,3…

2. Continue until the Finish Page

3. Click Back button of browser.

4. Do the same step 2 (click Next/OK/Submit…) to go to Finish page again.

Expected Result:

- Auto redirect to Step 1 or reported as an error.

1. Back button of browser. Access link by wrong way.3. Edit information or take action after losing permission.4. Take parallel actions.5. Special fields.6. Security cases.

Content

Access the link by wrong ways (1)

ID: 2.1 Title: Access logged in state link without login before.

Description: Test by pasting internal URL directly into browser address bar without login. Internal

pages should not open.

Steps:

1. Copy any logged-in state link.

2. Go to another browser. Remember, DO NOT login

3. Paste the link to URL bar, then access it.

4. Verify what will happen?

Expected Result:

- Should not display any information of the page, even though it only appear in the moment.

- Auto redirect to login page immediately.


ID: 2.2 Title: Access logged in state link after logged-out.

Description: Verify that previous accessed pages should not accessible after log out i.e. Sign out

and then press the Back button to access the page accessed before.

Steps:

1. Login. Open 2 tabs.

2. On tab 1, current staying at logged-in state page, go to other page.

3. On tab 2, log out.

4. On tab 1, click Back button of browser, than take any actions.


Expected Result:

Case 1: Auto redirect to login page as soon as users go back to previous page by Back button.

Case 2: The web app still show previous page, but auto redirect to login page when users take any

actions, without any errors.


ID: 2.3Title: Access link that has not permission: Admin access Users' link or vice

versa.

Description: When Admin access User’s link or vice versa, the web app must be able to handle

and show customized error page: “Access Denied”, or something like that.

Steps:

1. Login as Admin/User

2. Try to access Users/Admin’s link


Expected Result:

- Should show customized error page with message: “Access Denied”, or “You do not have

permission”, or “404 page was not found” or something like that.

- Do not show error page without handling.


ID: 2.4 Title: User 1 access item’s link of user 2 with specific ID

Description: Try directly changing the URL site ID parameter to different site ID which is not

related to logged in user. Access should denied for this user to view others statistics.

Steps:

1. Login User1 on browser 1

2. Access detail page of any items, copy link of this

3. Login User2 on browser 2

4. User2 paste the item’s link of User1 and access it.


Expected Result:

- Should show customized error page with message: “Access Denied”, or “You do not have

permission”, or “404 page was not found” or redirect to default page or something like that.

- Do not show error page without handling.


ID: 2.5 Title: Access item’s link was deleted, disabled or inactive.

Description: If the item was deleted, disabled or inactive, the web app must be able to handle and

show customized error page: “Sorry, page not found”, or something like that.

Steps:

1. Open detail page of any items (Document detail, User detail, Trip detail v.v…)

2. Then copy link of this page.

3. Delete/Disable these items or change status of them to inactive.

4. Paste the item’s link to other tab/browser, access it.

5. Verify what will happen.

Expected Result:

- Should show customized error page with message: “Sorry, page not found”, or “Sorry, this page is

not available” or redirect to default page or something like that.

- Do not allow user access these page or show error page without handling.


ID: 2.6 Title: Access link of Step 2,3,4 in Wizard Step without Step 1

Description: Test by pasting URL of Step 2,3,4 (Wizard Step) directly into browser address bar

without Step 1. These pages should not open.

Steps:

1. Copy URL of Step 2 (or 3,4…)

2. Paste these URL into browser address bar and access.


Expected Result:

- Pages of Step 2,3,4 should not open and redirect to Step 1 or default page


ID: 2.7 Title: Access link of Step 4,5 or more after go to Step 2

Description: Try directly pasting the URL of Step 3,4 (Wizard Step) into browser address bar after

users went to Step 2.

Steps:

1. Copy link of Step 4,5 or more

2. Go to Wizard Step, then go to Step 2

3. Paste the link of Step 4,5 into browser address bar, access it.


Expected Result:

- Pages of Step 4,5… should not open.

- Redirect to current Step was being processed.

1. Back button of browser.2. Access link by wrong way. Edit information or take action after losing permission.4. Take parallel actions.5. Special fields.6. Security cases.

Content

Edit info or take action after losing permission (1)

ID: 3.1 Title: User takes action after his account is deleted or inactive.

Description: The web app must be able to handle and auto redirect to login page when user takes

any actions after his account is deleted or inactive.

Steps:

1. User login with his account

2. Go to Admin page and delete this account (or change status to inactive)

(Maybe there is other ways to do this step, it depend on web app)

3. Go back to User page

4. Take any actions and verify what will happen

Expected Result:

- Web app should auto redirect to login page or show error message to alert user know that what is

happening.


ID: 3.2 Title: Edit information on item’s detail page after item was deleted

Description: When item was deleted/removed/closed, ensure that the item’s detail page will auto

redirect to default page, or show error message if user edit/update information on it.

Steps:

1. Go to Detail page of any items, and keep staying on it.

2. Delete/Remove/Close this item.

3. Go back to item’s detail page (on Step 1)

4. Edit something then Save.


Expected Result:

- Should show error message “This item was deleted/removed/closed” or something like that to

alert user know that what is happening.


ID: 3.3Title: User edits information on item’s detail page after he lost permission to

do it.

Description: When users lost their permission, they cannot edit information of item.

Steps:

1. User1 go to Detail page of any items, edit something and keep staying on it.

2. Change the Role of User 1 Or Change the owner of the item to User 2

3. Go back to the page on Step 1

4. Click Save


Expected Result:

- Should show error message “You do not have permission to do this” or something like that to alert

user know that what is happening.

1. Back button of browser.2. Access link by wrong way.3. Edit information or take action after losing permission. Take parallel actions.5. Special fields.6. Security cases.

Content

Take parallel actions (1)

ID: 4.1 Title: Login 2 or more account at the same time

Description: Ensure that only the last account will be used.

Steps:

1. Open 2 or more login page on multi tabs at the same time.

2. The first, on tab 1, input User1 and password to login. Make sure login successfully

3. The second, on tab 2, input User2 and password to login. Make sure login successfully

4. Go back tab 1 (logging in User1), and take any actions


Expected Result:

- When take any action on User1 page (at Step2), web app should auto redirect to User2 page

immediately, and make sure it does not take any the effect to both of user.

- If possible, on User1 page, web app will auto detect and show error after few minutes (live check)

“You are not logged in under the User1. The application will shut down immediately”


ID: 4.2 Title: Log out while other actions are being processed.

Description: After logged-out, the web app must be able to handle and auto redirect to login page

when end of the actions are being processed.

Steps:

1. Open 2 tabs and login with the same account.

2. On tab 1, take this action: Upload file, import CSV or anything that take long time.

3. On tab 2, log out.

4. Go back tab 1 (actions are being processed), and waiting for actions end.


Expected Result:

- The web app should not freeze or maybe waiting forever, should auto redirect to login page when

actions end.


ID: 4.3 Title: Take parallel the same actions at Wizard Step.

Description: Users can do the same steps on multi tabs, but ensure that only one Wizard will be

done, all other one will declined.

Steps:

1. On tab 1, go to Wizard Step 1, then go to Step 2 and copy link of this step

2. On tab 2, paste the link to URL bar and access it.

3. On tab 1, go to next step (Step 3)

4. On tab 2, go to next step (Step 3), too.

5. On tab 1, go to last/finish step (maybe Step 4)

6. On tab 2, go to last/finish step, too

7. Verify what will happen after step 6

Expected Result:

- The web app must be able to handle, ensure that only one Wizard (the first Wizard) will be done,

all other one will declined, and auto redirect to default page, or redirect to Step 1 of Wizard.

1. Back button of browser.2. Access link by wrong way.3. Edit information or take action after losing permission.4. Take parallel actions. Special fields.6. Security cases.

Content

Special fields (1)

ID: 5.1 Title: Fields do not allow some specific characters: copy and paste

Description: With fields do not allow some specific characters, the web app must be able to

handle all cases, for example: copy and paste.

Steps:

1. Click on fields, make sure that cannot input specific characters by keyboards

2. Copy those characters from other places

3. Paste them into field.


Expected Result:

- If the fields do not allow input specific characters, so users cannot also paste them into field.

- Or if users can paste the specific characters, the web app must be able to handle and show error

popup when users Save or Done editing.

Special fields (2)

ID: 5.2 Title: Input correct format date but it’s invalid.

Description: Assure that leap years are validated correctly, that Feb. 28, 29, 30 are validated

correctly and do not cause errors/miscalculations.

Steps:

1. Click on Date field

2. Input correct format date but it’s invalid: Jan/32/2014 or Feb/29/2014, Feb/30/2014

3. Save or take next action related the date field


Expected Result:

- Do not Save or take action successful. Counted it as an error, and show error popup.

- Do not cause any errors.

Special fields (3)

ID: 5.3 Title: Input a blank or value zero in first position of the numeric field

Description: Assure that numeric fields with a blank, or value zero in position 1 are processed or

reported as an error. With a blank in last/middle position should be processed, too.

Steps:

1. Click on numeric field

2. Input a blank or value zero in first position of the numeric field:

“ 123”, “0123”, “123 ” or “12 3”

3. Save or take next action related the this numeric field


Expected Result:

- All these cases should be processed or counted as an error, or show corresponding error

message.

1. Back button of browser.2. Access link by wrong way.3. Edit information or take action after losing permission.4. Take parallel actions.5. Special fields. Security cases.

Content

Security (1)

ID: 6.1Title: Take actions at other places which was logged in the same account,

after changing password, e-mail or forgot and reset password successfully.

Description: For security, account was logged-in at other places should be log-out and required

log-in again, if there is any change like: change email, password or password has been forgotten

and reset.

Steps:

1. Login account A on Browser 1 and Browser 2.

2. On Browser 1, change password, email or forgot password then reset password successfully.

3. On Browser 2, take any actions.

4. Verify what will happen on Browser 2 at that time.

Expected Result:

- On browser 2, should redirect to login page immediately when users take any actions, and require

login again.

Security (2)

ID: 6.2 Title: The link is available only 1 time.

Description: When users access the One Time Link from the second time, it should be expired or

cannot access.

Steps:

1. Go to e-mail client.

2. Check e-mail: activation, reset password, or change e-mail.

3. Click link activation or reset password successfully, or change e-mail successfully

4. Try to access these link the second time and take action on them.

Expected Result:

- Should show expired page that handled, or maybe users can access the link, like reset password,

but cannot change password successfully at the second time.

Testing Experience in Web Application

Part 3: What should pay attention to

Coming soon…

Thank you!

Testing experience in web application P2 special cases

Technology

Transcript of Testing experience in web application P2 special cases