Features to be Tested
Teste代写 User module (Auth & UserStatusController) The module should be able to handle all requests from users, including login, register
Features |
Expected Functionality |
Risk |
User module (Auth & UserStatusController)Teste代写 |
The module should be able to handle all requests from users,including login, register, and forget the password. For login, when the user puts their valid credential in the input boxes and hit the login button, the module has to redirect the user to the homepage with a valid session. If the credential is not valid or user has not inputted anything, then the module should redirect to the login page and show error messages. For the register part, when the user puts their valid information matching the requirement in the input boxes and hit the register button, the module has to redirect the user to the homepage with a valid session.
For password retrieving, when the user puts their valid email in the input boxes and hit the send button, the module has to send an email to the user with resetting links that could not be constructed by other users and such link should enable the user to change their credentials. If the admin user would like to suspend the user, they could send a request to the method index in UserStatusController, in which it would first verify if the request is from admin user and update the status of the user account in the database. |
High – Check if CSRF mark is included in each auth view template, preventing the threat of CSRF attack. Check if the input would transform all malicious notations, preventing XSS attack and SQL injection attack. |
Search Module |
The module enables admin user to search cars and users. When the visitor has no session or has the session of a normal user, then such visitor would be shown a page with the button saying “You need to log in as admin to continue”. If the visitor has the session of admin, they could type the keyword in the search box. After clicking the search button, the user would be presented with a list of data that each line is a match of such keyword.Teste代写 | High – Check if the input would transform all malicious notations, preventing XSS attack and SQL injection attack. Check if normal user could search, preventing unauthorized visits. |
Booking Module (BookingController & Booking Model) |
The module has 7 different methods. Firstly, index method is dedicating to process the users’ requests and call to another method. Such method is store, which dedicates to store users’ booking information, including carId, start time, end time, etc., into the database. (show, edit, update, destroy, create are not implemented yet.) | High – Check if the input would transform all malicious notations, preventing XSS attack and SQL injection attack. |
Car Module (CarsController & CarStatusController & Car Model) |
The module has 7 different methods. Firstly, index method in CarsController would return the view of adding cars, in which it would first verify if the user is the admin user. Then, after user input all information and click add button, the request would be sent to store module, in which the information of the new car should be verified (if the user is putting a string value in int field) and saved in the database and the user should be redirected to the homepage. carsSortedByDistance method would return the valid car information and has the data that has decreasing order based on the distance between the car and the user. index method in CarStatusController would process the request and update the status of the car (retired or not) based on users’ request, in which it would first verify if the user is the admin user. (Others are not implemented) |
High – Check if the input would transform all malicious notations, preventing XSS attack and SQL injection attack. |
Confirm Module |
The module should process users’ request and calculate the fee for user based on the equation: cost = (((endTime – startTime) / 60) / 60) * pph. Then, users’ booking should be passed to booking modules. (Waiting for further implementation) | High – Check if the input would transform all malicious notations, preventing XSS attack and SQL injection attack. Check if the price is verified at serverend so that the user could not modify the price. |
|
Map Module (GeocodeContoller & StaticMapController & FLocationData) |
The module would return a map that focuses on the entered latitude and longitude or makes a colored route from one latitude and longitude to another latitude and longitude. The user could view and slide the map. | Normal – Check if the map could display and API key of the map provider is correct. |
| ViewTrip Module (ViewTripController) | The module would show user about the information of the car they booked with map module embedded. | Normal – Check if the map could display on the page. |
Features not to be Tested Teste代写
As following features are of Laravel itself, which has been tested extensively by developers and examined by different organizations on the Github.
- Some Eloquent Models (DB, etc.)
- Eloquent Models’ Methods (set(), etc.)
- Request Method (Get and Post)
Approaches
Code Inspection
- Before the code is committed to the repo on the Github, the developer has to check the modules by themselves by using tools like httpie on macOS, etc. to ensure the modules they developed could meet their expectation.
- If the code is related to frontend (templates and views), then the developer has to build on the local server and use inspection tools, like Google Chrome, to see if different screen size would have no impact on the display of information as well as beauty.
- The code should follow PSR (PHP Standard Recommendations) be verified to meet the requirement committing to Github.
- PM (Project Manager) has to fully examine and evaluate the addition codes and its effect on the whole system before deploying them to the production servers.
Unit Test Teste代写
The test would be based on Laravel’s own testing system that depends on PHPUnit, which would try to assert the feature of each testable modules and parts of the whole system by either using Requests module and directly testing the part by including them. When each module has been finished, the unit test should be written to ensure that it could work as expected.
Security Test
The test would try to find all security vulnerabilities and should be done before the deployment to the production systems. The test could be conducted by using automatic vulnerability detecting (fuzzing) softwares to scan or asking people to try the system and later examine the log files.
Test Deliverables Teste代写
Unit Tests
Name |
Test Case 1 |
| Component | BookController::index() & BookController::store() |
| Route | /book |
| Purpose | Process the users’ requests and call to another method, store, which dedicates to store users’ booking information, including carId, start time, end time, etc., into the database. |
| Preconditions | A new car inserted to the database and its id would later be used in test data. With user session. |
Test Data |
Correct data:[‘carId’ => <id>,’startTime’=>1, ‘endTime’=>2000] Incorrect data:[‘carId’ => <not existed id>,’startTime’=>1, ‘endTime’=>2000] and [‘carId’ => <id>,’startTime’=>’Test$Laravel$’, ‘endTime’=>’Test$Laravel$’] |
| Expected Result | For correct data, there should be a record in bookings table in database with startTime as 1, endTime as 2000, and carId as . For wrong data, there should be no insertion to the database. |
| Priority | Normal |
| Time Required | <1min |
| Name | Test Case 2 |
Component |
CarsController::store() |
| Route | [POST] /addcar/store |
| Purpose | The information of the new car should be verified (if user is putting a string value in int field) and saved in the database and the user should be redirected to the homepage. |
| Preconditions | With admin session. |
| Test Data | Correct data:[‘make’=>’Test$Laravel$’,’model’=>’Test$Laravel$’, ‘year’=>0, ‘seating’=>0, ‘rego’=>’Test$Laravel$’, ‘lat’=>0, ‘lng’=>0, ‘pph’=>0] Incorrect data: [‘make’=>’Test$Laravel$’,’model’=>’Test$Laravel$’, ‘year’=>’Test$Laravel$’, ‘seating=>’Test$Laravel$’, ‘rego’=>’Test$Laravel$’, ‘lat’=>’Test$Laravel$’, ‘lng’=>’Test$Laravel$’, ‘pph’=>’Test$Laravel$’] |
| Expected Result | For correct data, there should be a record in cars table in the database with make, model, and rego as Test$Laravel$ and seating, lat, lng, and pph as 0. For wrong data, there should no insertion to the database. |
| Priority | Normal Teste代写 |
Time Required |
<1min |
| Name | Test Case 3 |
| Component | CarsController::carsSortedByDistance() |
| Route | [POST] /api/carssorted |
| Purpose | Return the valid car information, in which the data has decreasing order based on the distance between the car and the user. |
| Preconditions | Have several fake cars in database, containing retired cars and unavailable cars from 1 to 2000. With user session. |
| Test Data | [‘limit’=>’10’, ‘lat’=>’1’, ‘lng’=>’1’, ‘startTime’=>’1’, ‘endTime’=>’2000’] |
Expected Result |
Return the available car from start time 1 to end time 2000 information and the data has decreasing order based on the distance between the car and the user |
| Priority | Normal |
| Time Required | <1min |
| Name | Test Case 4 |
| Component | CarStatusController::index() |
| Route | [POST] /car/status |
| Purpose | Process the request and update the status of the car (retired or not) based on users’ request, in which it would first verify if the user is admin user. |
| Preconditions | Have one car in the database, which is not retired. With admin session. |
Test Data |
Correct data: [‘carId’ => <id>, ‘status’ => true] Teste代写 |
| Expected Result | The retired column of the car should changed from 0 to 1. |
| Priority | Normal |
| Time Required | <1min |
| Name | Test Case 5 |
| Component | ConfirmController::index() |
| Route | /confirm |
Purpose |
The module should process users’ request and calculate the fee for user based on the equation: cost = (((endTime – startTime) / 60) / 60) * pph. Then, users’ booking should be passed to booking modules. (Waiting for further implementation) |
| Preconditions | Have one car in the database, which is not retired. With user session. |
| Test Data | Correct data:[‘carId’=><id>,’startTime’=>0, ‘endTime’=>2000] Incorrect data: [‘carId’=><retired or unexist car id>,’startTime’=>0, ‘endTime’=>2000] or[‘carId’=><id>,’startTime’=>’0’, ‘endTime’=>’2000’] |
| Expected Result | For correct data, the calculated price following the formula would be shown and user could click the button to call the booking module. For wrong data, there should be errors presented on the page. |
| Priority | Normal |
| Time Required | <1min |
| Name | Test Case 6 |
Component |
GeocodeController::index() |
| Route | [POST] /geocode |
| Purpose | Return the information from Mapquest API about the user’s location requested. |
| Preconditions | With user session. |
| Test Data | [‘location’=>’a’] |
| Expected Result | The JSON result returned should contain the success information from Mapquest API (“statuscode”:0). |
| Priority | Normal Teste代写 |
Time Required |
2min |
| Name | Test Case 7 |
| Component | UserStatusController::index() |
| Route | [POST] /user/status |
| Purpose | Update the status of the user account in database |
Preconditions |
Have one user in the database, which is not suspended. With admin session. |
| Test Data | [‘userId’ => <id>, ‘status’ => ‘suspend’] |
| Expected Result | The type column of the user would switch from user to suspended. |
| Priority | Normal |
| Time Required | <1min |
| Name | Test Case 8 |
Component |
FLocationData::getDestinationLatLng() & FLocationData::getTrip() |
| Route | None |
| Purpose | Not finished? |
| Preconditions | / |
| Test Data | / |
| Expected Result | /Teste代写 |
| Priority | / |
| Time Required | / |
Manual Tests
| Name | Test Case 1 |
| Component | Auth |
| Route | /login |
Preconditions |
None |
| Procedures | The user should first visit the login page and put some incorrect credential and click the login button. Then, the user would input correct credential and click the login button. |
| Expected Result | For correct credential, the user should see the home page with his username printed. For wrong credential, the user should see the login page with error messages.Teste代写 |
| Priority | Low |
| Time Required | <1min |
| Name | Test Case 2 |
| Component | Auth |
| Route | /register |
| Preconditions | None |
| Procedures | The user should first visit the register page and put some intentionally mistaken information and click the register button. Then, the user would input correct information and click the register button. |
Expected Result |
For correct information, the user should see the home page with a map covering the whole page and nav bar has item named logout. For wrong information, the user should see the register page with error messages.Teste代写 |
| Priority | Low |
| Time Required | <1min |
| Name | Test Case 3 |
| Component | HomeController |
Route |
/home |
| Preconditions | None |
| Procedures | The user should visit the home page without being logged in. Then, the user should visit the home page after logged in. |
| Expected Result | For not logging, the user should see the home page with a map covering the whole page and nav bar has items named register and login. After logging in, the user should see the home page with a map covering the whole page and nav bar has item named logout. |
| Priority | Low |
| Time Required | <1min |
Environmental Needs
Server Requirement Teste代写
As the production servers are on the Amazon Web Service (AWS), using its Elastic Cloud Service (ECS), the testing would also be carried out on both local server and development ECS server on AWS so as to ensure that the application will work on production servers. Following softwares are used for building a server for the application.
- Nginx >= 1.13
- PHP >= 7.3
- OpenSSL Extension
- PDO Extension
- Composer
- MariaDB >= 10.2
Testing Framework
Testing of the functions in the application and identifying security vulnerabilities would depend on following testing softwares or suites.
- PHPUnit provided by Laravel for conducting the unit test
- BurpSuite and Google Chrome for manual security tests
- Netsparker for automatic security tests
- Faker provided by Laravel for constucting fake data used in unit tests
更多其他:prensentation代写 文学论文代写 商科论文代写 Essay代写 研究论文代写 期末论文代写 毕业论文代写 论文代写
您必须登录才能发表评论。