Shulou(Shulou.com)06/01 Report--

You might say, "user login" is a bit too easy. All I have to do is find a user, ask him to enter a user name and password on the interface, and then click the "confirm" button to verify that the login is successful. Indeed, this constitutes the most basic and typical test case, and it is also the most typical Happy Pass scenario for end users when using the system.

But as a test engineer, your goal is to ensure that the functions of the system in a variety of application scenarios meet the design requirements, so you need to consider more and more comprehensive test cases. So you need to design a series of test cases according to the requirement description of the "user login" function, combined with the following five knowledge points.

Knowledge point 1: the equivalent class partition method divides all possible input data into several subsets, in each subset, if any input data has the same effect in exposing potential errors in the program, then such a subset constitutes an equivalent class. Later, as long as a value is randomly selected from each equivalence class for testing, a small number of representative test inputs can be used to obtain better test coverage results.

Knowledge point 2: boundary value analysis is to select the boundary values of input and output for testing. Because a large number of software errors usually occur on the boundary of the input or output range, it is necessary to focus on testing the boundary values, usually selecting values that are exactly equal to, just greater than or just less than the boundary as the test data.

Knowledge point 3: explicit functional requirements (Functional requirement) refers to the specific functions that the software itself needs to implement, such as "normal users can log in successfully with the correct user name and password", "non-registered users cannot log in", etc., these are typical descriptions of explicit functional requirements. (test case 1-20)

Knowledge point 4: non-functional requirements (Non-functional requirement) from the perspective of software testing, non-functional requirements are mainly related to security, performance and compatibility.

Knowledge point 5: "exhaustive testing" refers to a testing method that contains all possible combinations of software input values and prerequisites. There should be no unknown software defects in the system that completes exhaustive testing. (impossible)

User login test case:

Functional testing (Function test)

1. Do not enter anything. Click the submit button to see the prompt. (non-empty check)

2. Enter the correct user name and password and click the submit button to verify that you can log in correctly. (normal input)

3. Enter the wrong user name or password, and the verification login will fail and prompt the corresponding error message. (error check)

4. Can you jump to the correct page after successful login (low)

5. What to do with the user name and password if it is too short or too long (security, whether there is a prompt when the password is too short)

6. User name and password with special characters (such as spaces), and other non-English situations (whether filtered or not)

7. Remember the function of the user name

8. The function that the password cannot be recorded after login failure

9. The handling of spaces before and after the user name and password

10. Whether the password is encrypted (asterisks, dots, etc.)

11. when it comes to CAPTCHA, consider whether excessive distortion of the text makes it difficult to identify, consider whether the color (color-blind user), refresh or change the button is easy to use.

12. is it correct to register, forget your password, log out and log in with another account on the login page

13. When entering a password, there should be a message when the uppercase keyboard is turned on

14. Whether different levels of users, such as administrator users and ordinary users, have correct permissions after logging in to the system.

Whether the default focus of the page is located in the input box of the user name

16. Whether the shortcut keys such as Tab and Enter can be used normally

II. Interface testing (UI Test)

1. Whether the layout is reasonable and whether the two testbox and one button are aligned.

2. Whether the length and height of testbox and button are compound requirements.

3. Whether the design style of the interface is consistent with that of UI.

4. The text in the interface is simple and easy to understand, and there are no typos.

Third, performance stress Test (performance test)

1. Whether the response time of single user login is less than 3 seconds.

2. Whether there are too many requests in the background when a single user logs in

3. Whether the response time of user login in high concurrency scenario is less than 5 seconds.

4. Whether the monitoring indicators of the server in high concurrency scenarios are in line with expectations.

5. Whether there is resource deadlock and unreasonable resource waiting in high rendezvous point concurrency scenario.

6. Whether there is a memory leak on the server side if a large number of users log in and log out continuously for a long time.

4. Security testing (Security test)

1. Whether the Cookie generated after a successful login is httponly (otherwise it is easy to be stolen by scripts)

2. Whether the user name and password are sent to the Web server by encryption

3. The authentication of user name and password should be done on the server side, not just on the client side with javascript.

4. The input boxes of user name and password should block SQL injection attacks.

5. Input boxes for user names and passwords, which should be prohibited from entering scripts (to prevent XSS attacks)

6. Limit the number of wrong logins (to prevent violent cracking)

7. Consider whether multiple users can log in on the same machine.

8. Consider a user logging in on multiple machines

5. Usability testing (Usability Test)

1. Whether it can be operated by keyboard, and whether there are shortcut keys.

2. Enter the user name, password and press enter to see if you can log in.

3. Whether the input box can be switched by Tab key

VI. Compatibility testing (Compatibility Test)

1. Can the mainstream browsers show normal and normal functions (IE,6,7,8,9, Firefox, Chrome, Safari, etc.)

2. Whether different platforms can work properly, such as Windows, Mac

3. Whether the mobile device is working properly, such as Iphone, Andriod

4. Different resolutions

VII. Localization testing (Localization test)

Whether the page is displayed correctly in different language environments.

Software Auxiliary testing (Accessibility test)

1. Software assistive function testing refers to testing whether the software provides sufficient auxiliary functions to disabled users.

2. Can it show normal at high contrast (used by people with poor eyesight)

IX. Other tests

1. Enter the wrong password for 3 or more times in a row and remember whether it has been locked for a certain period of time (for example, 15 minutes)? Login is not allowed within time. Can I continue to log in beyond the point in time?

2. After the user's session expires, can the previous session expired page be returned when you log in again?

3. Is the user name and password input box supporting keyboard shortcuts? Such as: undo, copy, paste, etc.

4. Do you want to allow users with the same name to log in at the same time? Consider logging in both web and app at the same time

5. When logging in with a mobile phone, do you first judge that the network is available?

6. When logging in by mobile phone, do you first judge whether there is a new version of app?

7. Whether there is a burying point interface

Summary

First of all, for high-quality software testing, use case design needs to consider not only explicit functional requirements, but also a series of non-functional requirements such as compatibility, security and performance. These non-functional requirements play an important role in the quality of the software system.

Secondly, excellent test engineers must have a wide range of knowledge in order to design targeted test cases that are easier to find problems.

Finally, the use case design of software testing is inexhaustible, and engineering practice is inevitably subject to time cost and economic cost, so excellent test engineers need to strike a balance between defect risk and R & D cost.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.