QA/IAM/TestPlan
< QA
Jump to navigation
Jump to search
Overview
This test plan covers the general weekly testing that will happen against 'Identity and Access Management' product. The goal is to ensure a defined and consistent amount of quality and usability in the server side and client side.
Strategy
Identity and Access Management work:
- aligned with IT on a common plan
- identified replacement for persona
- outlined future integration of LDAP with mozillians.org
- auth0 will replace persona
Scope of Testing
- Client-side testing will cover the following areas: basic functionality and UI, accounts and emails, interaction with the Server, security and privacy, usability and compatibility across OS and browsers.
- Server-side testing will cover the following areas: basic functionality, support for multiple client sites, user security and privacy, information handling and storage, information persistence across deployments, and logging.
General Test Information
Links and Documentation
- Auth0 Implementation Roadmap:
- Tracking work:
Weekly Test Schedules
- Unknown yet
Weekly Meetings
- Participation Systems Standup: every Tuesday, Thursday from 5pm to 5:15pm in Pierros's Vydio
- Sprint Review / Retro / Planning: every Monday from 3pm to 5:30pm in Henrik's Vidyo
Email and IRC
- Post
- email List: parsys@mozilla.com
- Google Group: https://groups.google.com/a/mozilla.com/forum/#!forum/parsys
- IRC: #parsys
- Team:
- Henrik Mitsch(:hmitsch)
- Arielle - currently not on the team, will be back 01 JAN 2017
- John Giannelos(:nemo-yiannis) - development on reps.mozilla.org, mozillians.org and supporting the infrastructure
- Nikos Roussos(:nikos) - front-end
- Pierros Papadeas(:pierros) - eng management for the team
- Anastasios Katsoulas(:tasos) - web dev on mozillians
- Yousef Alam(:yalam96) -new infrastructure + community websites
- Teodora Vermesan(:TeoVermesan) - QA Engineer
- Ioana Chiorean (:ioanachiorean) - Release QA Mobile Team Lead
- Florin Mezei ((:florinmezei) - Project Manager (Release QA, WebQA, BuildDuty)
Bugs and Open Issues
- Bugzilla: mozillians.org & reps.mozilla.org
- Github: mozmoderator
Client and Server Test Environments
- development: http://mozillians-dev.allizom.org
- staging: http://mozillians.allizom.org
- production: http://mozillians.org
Supported OS and Browsers
- All information about supported platforms, operating systems, browsers, mobile devices will be kept in a Google doc spreadsheet
Major Areas Focus
- Sign Up:
- Buttons:
- Verify the page has a 'SIGN UP' button
- Verify the page has an 'Email' field
- Verify the page has a 'Password' field
- Verify the page has both 'Submit' and 'Cancel'(x) buttons
- Verify the page has 'SIGN UP WITH other apps' option
- Form fields:
- Verify that clicking submit button after entering all the required fields, submits the data
- Verify that clicking cancel button after entering all the required fields, cancels the submit request and resets all the fields
- Verify that not filling the mandatory fields and clicking submit button will lead to validation error: "Can't be blank"
- Verify that sign up with other apps works as expected
- Verify that sign up with an already verified email will lead to an error message: "The user already exists"
- Verify sign-up with:
- valid email, invalid password
- valid email, valid password
- invalid email, invalid password
- invalid email, valid password
- Email Field:
- Verify email strings
- Verify all legal combinations of characters
- Copy/Pasting emails from other sources
- Auto-completion of emails
- Verify minimum/maximum sizes of emails (length)
- Password field:
- Verify password strings
- Verify all legal combinations of characters
- Copy/Pasting passwords from other sources
- Verify minimum/maximum sizes of passwords (length)
- Verify that passwords are stored if "remember password" option is chosen
- Verify that passwords are not stored if "never remember password" option is chosen
- Email notification:
- Email notification for new accounts: verification email through email provider
- Check functionality when the user can not verify by email (email provider is down or user can not access email account for some reason)
- Check functionality when the user does not verify by email (skips, forgets)
- Buttons:
- Login
- Verify that 'email field, 'password' field, "Not your account?" link, "Don't remember your password?" link are present
- Verify that if the user was already logged in with an account he can changed the account using the "Not your account" option or login with the previous one
- Login with:
- valid email, valid password
- valid email, invalid password
- invalid email ,invalid password
- valid email and password
- with other apps
- simultaneously in two different browsers with the same account
- with different emails in the same browser/different browser
- an email if he did not confirm the used email
- Verify that the log in is kept when restoring a session after a browser crash
- Verify that a message gets displayed in case user leaves email or password field as blank
- Verify that a message is displayed in case user exceeds the character limit of the user name and password fields
- Verify that the password is in encrypted form when entered
- Verify that there is limit on the total number of unsuccessful attempts
- Verify that in case of incorrect credentials a message is displayed "incorrect username or password"
- Verify if the password can be copy-pasted or not
- Verify that once logged in, clicking back button doesn't logout user
- Logout
- Verify application allows single sign off from all the devices.
- Verify application let’s you sign off for multiple accounts.
- Verify if application takes more time for logout at different connection speeds
- Verify the logout page redirects to the page where it allows login or homepage
- Verify the logout button or link works on all devices
- Network: Verify the impact of various ways to access the internet
- Ethernet - personal vs. office, with and without VPN
- Public WiFi
- Private WiFi and other home setups
- 3g, 4g
- Other:
- Login to the application with multiple accounts at the same time
- Check if everything works as expected in different browsers
- Page crash should not reveal application or server info. Error page should be displayed for this
- Error messages should not reveal any sensitive information
QA Sign-Off for Stage
- TBD
- Complete all required testing for the current weekly train
QA Sign-Off for Production
- TBD
- Complete all required testing for the current weekly train