QA/IAM/TestPlan: Difference between revisions

Overview

This test plan covers the general weekly testing that will happen against 'Identity and Access Management' product in the Stage Test environment. The goal is to ensure a defined and consistent amount of quality and usability in the server side and client side.

Strategy

Identity and Access Management work:

• aligned with IT on a common plan
• identified replacement for persona
• outlined future integration of LDAP with mozillians.org
• auth0 will replace persona

Scope of Testing

• Client-side testing will cover the following areas: basic functionality and UI, accounts and emails, interaction with the Server, security and privacy, usability and compatibility across OS and browsers.
• Server-side testing will cover the following areas: basic functionality, support for multiple client sites, user security and privacy, information handling and storage, information persistence across deployments, and logging.

General Test Information

Links and Documentation

• Auth0 Implementation Roadmap:
  • https://docs.google.com/presentation/d/1Cd_UDM-ncdiVDGrwuBSOl0d8YhiYTXE1QuXifTsj4zA/edit#slide=id.g1655979439_0_0
• Tracking work:
  • https://tree.taiga.io/project/pierros-mozilla-particiaption-systems/kanban

Weekly Test Schedules

• Unknown yet

Weekly Meetings

• Participation Systems Standup: every Tuesday, Thursday from 5pm to 5:15pm in Pierros's Vydio
• Sprint Review / Retro / Planning: every Monday from 3pm to 5:30pm in Henrik's Vidyo

Email and IRC

• Post
• email List: parsys@mozilla.com
• Google Group: https://groups.google.com/a/mozilla.com/forum/#!forum/parsys
• IRC: #parsys
• Team:
  • Henrik Mitsch(:hmitsch)
  • Arielle - currently not on the team, will be back 01 JAN 2017
  • John Giannelos(:nemo-yiannis) - development on reps.mozilla.org, mozillians.org and supporting the infrastructure
  • Nikos Roussos(:nikos) - front-end
  • Pierros Papadeas(:pierros) - eng management for the team
  • Anastasios Katsoulas(:tasos) - web dev on mozillians
  • Yousef Alam(:yalam96) -new infrastructure + community websites
  • Teodora Vermesan(:TeoVermesan) - QA Engineer
  • Ioana Chiorean (:ioanachiorean) - Release QA Mobile Team Lead
  • Florin Mezei ((:florinmezei) - Project Manager (Release QA, WebQA, BuildDuty)

Bugs and Open Issues

• Bugzilla: mozillians & reps
• Github: mozmoderator

Client and Server Test Environments

• development: http://mozillians-dev.allizom.org
• staging: http://mozillians.allizom.org
• production: http://mozillians.org

Supported OS and Browsers

• All information about supported platforms, operating systems, browsers, mobile devices will be kept in a Google doc spreadsheet

Major Areas Focus

• Sign Up:
  • Buttons:
    • Verify the page has a 'sign up' button
    • Verify the page has 'email' and 'password' field
    • Verify the page has both 'submit' and 'cancel'(x) buttons
    • Verify the page has 'Sign Up with other apps' option
    • Verify that the required/mandatory fields are marked with * against the field
  • Form fields:
    • Verify that clicking submit button after entering all the required fields, submits the data to the server
    • Verify that clicking cancel button after entering all the required fields, cancels the submit request and resets all the fields
    • Verify that not filling the mandatory fields and clicking submit button will lead to validation error
    • Verify that not filling the optional fields and clicking submit button will still send data to server without any validation error
    • Verify that sign up with other apps works as expected
    • Verify sign-up with:
      • valid email, invalid password
      • valid email, valid password
      • invalid email, invalid password
      • invalid email, valid password
      • different accounts using same email and password combos
      • a password email already in use
      • an email already in use
  • Email Field:
    • Email strings/types
    • Verify all legal combinations of characters
    • Copy/Pasting emails from other sources
    • Auto-completion of emails
    • Verify minimum/maximum sizes of emails (length)
  • Password field:
    • Password strings/types
    • Verify all legal combinations of characters
    • Copy/Pasting passwords from other sources
    • Verify minimum/maximum sizes of passwords (length)
    • Verify that passwords are stored if "remember password" option is chosen
    • Verify whether or not passwords are stored client-side
    • Verify whether or not passwords are stored on the server
  • Email notification:
    • Email notification for new accounts: verification email through email provider with proper email account listed, live verification link, etc.
    • Check functionality when the user can not verify by email (email provider is down or user can not access email account for some reason)
    • Check functionality when the user does not verify by email (skips, forgets)
• Login
  • Verify: Email field, Password field, "Not your account?", "Don't remember your password?"
  • Login with:
    • valid email, valid password
    • valid email, invalid password
    • invalid email ,invalid password
    • valid email and password
    • with other apps
    • simultaneously in two different browsers with the same email, then log out from one of the two browsers
    • with different emails for different clients in the same browser/different browser
    • with the same email for different clients in the same browser, then log out from one of the browsers
  • Verify that the user cannot log in with an email if he did not confirm the used email
  • Verify that the log in is kept when restoring a session after a browser crash
  • Verify that a message gets displayed in case user leaves email or password field as blank
  • Verify that a message is displayed in case user exceeds the character limit of the user name and password fields
  • Verify that there is reset button to clear the field's text
  • Verify that the password is in encrypted form when entered
  • Verify that there is limit on the total number of unsuccessful attempts
  • Verify that in case of incorrect credentials a message is displayed "incorrect username or password"
  • Verify if the password can be copy-pasted or not
  • Verify that once logged in, clicking back button doesn't logout user
• Logout
  • Verify application allows single sign off from all the devices.
  • Verify application let’s you sign off for multiple accounts.
  • Verify application clears the session for the user after logout
  • Verify if application takes more time for logout at different connection speeds
  • Verify the logout page redirects to the page where it allows login or homepage
  • Verify the logout button or link works on all devices
• Network: Verify the impact of various ways to access the internet
  • Ethernet - personal vs. office, with and without VPN
  • Public WiFi
  • Private WiFi and other home setups
  • 3g, 4g
• Other:
  • Login to the application with multiple accounts at the same time
  • Check if everything works as expected in different browsers
  • Page crash should not reveal application or server info. Error page should be displayed for this
  • Error messages should not reveal any sensitive information

QA Sign-Off for Stage

• Complete all required testing for the current weekly train: resolved/closed issues, suggested areas for QA focus, specific features and areas of test coverage, automation, etc.

QA Testing for Production

QA Sign-Off for Production