Add-ons/QA/Testplan/Abuse reporting in about:addons

From MozillaWiki
Jump to: navigation, search

Revision History

Date Version Author Description
05/14/2018 1.0 Carciu Victor Created first draft


  • In order to increase monitoring of unlisted Firefox extensions and user security, we are implementing a new abuse report feature in the Firefox Add-ons Manager. It will allow users to report add-ons they have installed or recently removed. It includes report categorization features that will also be implemented on AMO for consistency and better report quality.


This document purports to detail the test approach for the Abuse reporting in about:addons feature and includes Entry/Exit criteria, Scope for testing, links to test cases etc

Entry Criteria

  • QA has access to all the PRDs, mocks and related documents
  • The feature has landed on Nightly
  • AMO parts has landed on dev

Exit Criteria

  • All the bugs against the feature have been triaged
  • All the P1/P2 bugs have been fixed
  • All the resolved bugs have been verified by QA
  • The find/fixed rate is going down over a predefined period of time

Acceptance Criteria

This section broadly outlines when the product is ready to ship

  • QA has signed off
  • All info is localized at least for a pre-defined set of locales
  • All the necessary PR/blogposts have been sent out


This section describes what parts of the feature will be tested and what parts won't be.

what's in scope?

  • This is a cross-platform feature that is not limited to any specific operating systems or locales. QA for this should be straightforward: confirming that all abuse reporting user flows function as expected.

As this is a new feature, there should be unit test coverage provided as part of the development effort; in addition, there are no existing issues that need to be resolved for this, and mitigation of any blocking issues discovered in QA should be as simple as not enabling the pref for release.

what's out of scope?

  • Security testing


Dev Lead: Luca Greco; irc nick :rpl
QA Manager: Krupa Raj; irc nick :krupa
QA Lead: Victor Carciu; irc nick :victorc
Webextensions QA: Victor Carciu; irc nick :VictorC
AMO QA: Alexandra Moga; irc nick :LexaSV

Requirements for testing


OSes covered: Windows, Mac OS X, Linux

Channel dependent settings (configs) and environment setups




The feature is enabled by default

Test Strategy

Test Objectives

This section details the progression test objectives that will be covered. Please note that this is at a high level. For large projects, a suite of test cases would be created which would reference directly back to this master. This could be documented in bullet form or in a table similar to the one below.

Ref Function Test Objective Test Type Owners
TO-1 Abuse reporting from about:addons To verify that the extension uses the API correctly Manual Add-ons QA Team
TO-2 Abuse reporting from AMO To verify that the extension uses the API correctly Manual Add-ons QA Team
TO-3 Reviewers\Admins tools view for abuse reports To verify that the extension uses the API correctly Manual Add-ons QA Team
TO-4 API To verify that the extension uses the API correctly Manual Add-ons QA Team


This section should contain links for builds with the feature -

  • Link for Nightly builds
  • Link for Beta builds
  • Link for Release builds

Test Execution Schedule

The following table identifies the anticipated testing period available for test execution.

Project phase Start Date End Date
Start project
Study documentation/specs received from developers
QA - Test plan creation 05-14-2018
QA - Test cases/Env preparation 05-16-2018 N/A
QA - Nightly Testing N/A N/A
QA - Beta Testing 05-20-2018
Release Date

Testing Tools

Detail the tools to be used for testing, for example see the following table:

Process Tool
Test plan creation Mozilla wiki
Test case creation [ Docs] / TestRail
Test case execution [ Docs] / [ TestRail]
Bugs management Bugzilla / Github



Track the dates and build number where feature was released to Nightly
Track the dates and build number where feature was merged to Release/Beta

Risk analysis

Question about providing client ID and installation date to AMO for an AMO-based flow vs bridging the AMO-based flow with the Firefox one to create one UX.
Identify the high-risk assumptions
Identify existing bugs on the feature with high risk
Identify if other areas are affected by the fix


* List and links for specs
  PRD - [1]

* bug 1540175 - [meta] add abuse reporting flow to about:addons
Full Query
ID Priority Component Assigned to Summary Status Resolution Target milestone
1541940 P2 Add-ons Manager Add ability to get add-on install date from mozAddonManager to support verifying abuse reports sent from AMO. NEW ---
1541944 P2 Add-ons Manager Provide hashed clientID to amo for abuse report verification. NEW ---
1543377 P1 Add-ons Manager Luca Greco [:rpl] Add the abuse reporting panel to the about:addons page RESOLVED FIXED mozilla68
1544927 P1 Add-ons Manager Luca Greco [:rpl] Telemetry on integrated abuse reporting RESOLVED FIXED mozilla68
1544928 P1 Add-ons Manager Luca Greco [:rpl] Allow to start the integrated addon abuse report flow from Firefox UI RESOLVED FIXED mozilla68
1549290 P2 Add-ons Manager Luca Greco [:rpl] Add support for addon_signature "curated" in AbuseReport NEW ---
1551515 P1 Add-ons Manager Luca Greco [:rpl] Library button focused/unfocused when clicking on a abuse report panel's radio button ASSIGNED ---

7 Total; 4 Open (57.14%); 3 Resolved (42.86%); 0 Verified (0%);



Summary of testing scenarios

Test Areas

Test Areas Covered Details
Reporting abuse from about:addons flow
Verifying all report abuse fields are implemented according to specs
Verify report abuse from reviewer tools\admins point of view
Reporting from AMO - UX almost identical with the one in Firefox
API verification

Test suite

  • Link for the [ Initial test planning]
  • Link for the [ Google doc tests]
  • Link for the []

Bug Work

Tracking bug - []

Bug fix verification

[Verified] [ Bug xxxxxxx] - Display permissions prompt for webextensions installed using mozAddonManager

2017-01-10: verified fixed on 53.0a1 across platforms

[Verified] [ Bug xxxxxxx] - Prompt users with permissions for third-party webextensions installs

2015-04-21: verified fixed on 53.0a1 across platforms
Logged bugs

[ Bug xxxxxxx] - Misaligned icon and webextension name in permissions doorhanger

Sign off


Check list

  • All test cases should be executed
  • Has sufficient automated test coverage (as measured by code coverage tools) - coordinate with RelMan
  • All blockers, criticals must be fixed and verified or have an agreed-upon timeline for being fixed (as determined by engineering/RelMan/QA)


Nightly testing

List of OSes that will be covered by testing

  • Link for the tests run
    • Full Test suite, use template from []

Merge to Beta Sign-off List of OSes that will be covered by testing

  • Link for the tests run
    • Full Test suite


Exit Criteria Status Notes/Details
Testing Prerequisites (specs, use cases)
Testing Infrastructure setup
Test Plan Creation 02-14-2019
Test Cases Creation 02-13-2019 N/A
Full Functional Tests Execution
Automation Coverage
Performance Testing
All Defects Logged
Critical/Blockers Fixed and Verified
QA Signoff - Nightly Release Email to be sent
QA Beta - Full Testing
QA Signoff - Beta Release Email to be sent