How to implement a scenario in Gherkin where a conditional is required? - gherkin

I am business analyst/ PO who is trying to utilize Gherkin for the first time. I have the following scenario (and mostly these types only) where the expected behavior is:
Given I a registered user
And I am on a landing page
When I select an option to...(say search and connect with my client agent)
Then the system prompts me to turn on geo location (thru my app)
Now based on the accept or deny for the above prompt, the system presents different screens for a user to move forward. If I accept, system displays map and specific search. If I deny, system displays another way to search.
How do I implement such a scenario?

What you have there is a split, where two differing outcomes can happen.
They are separate scenarios.
The first, you are looking for a prompt. The second, confirm, and check outcomes, the third, deny and check outcomes.
Background:
Given I a registered user
And I am on a landing page
When I select an option to search and connect with my client agent
Scenario: I should be prompted
Then the app should prompt me to turn on geo-location
Scenario: I turn on my geo-location
When I turn on my geo-location
Then I should see a map
And I should see a specific search
Scenario: I turn off my geo-location
When I deny the app access to my geo-location
Then I should see another way to search

Related

How can I apply to a same career fair more than one time with same user in jmeter?

I am doing load tests to a apply option of career fair section. But I have only one user's login informations and I want to do apply tests more than one time with same user. For example when I create 10 users with Thread Group, the http request for apply is going to be fall 9 times. I think that's why we use only one user and the apply button is going to be applied button and not clickable. How can I do this test?
There is one golden rule: 1 virtual user == 1 real user with all its stuff like credentials, permissions, business actions, cookies, cache, etc. See How to make JMeter behave more like a real browser article for more details.
So ideally you need to have as many credentials as threads (virtual users) you set in JMeter's Thread Group
Test need to be repeatable, to wit leave the system in unmodified state so you could re-run the test once again. If the application process is irreversible you need to either cancel the application somewhere in the tearDown Thread Group or modify the database using JDBC Test Elements to restore the system state
If your system doesn't allow multiple logins from one user I don't think you will be able to conduct your test with a single user for multiple sessions.

Should integration test bypass login natural processes in order don't retest same login functionality for many times

Let's say I'm testing a web service and I have a couple of scenarios requires user to be authenticated:
Scenario #1: Customer sign-up
Scenario #2: Customer sign-in
Scenario #3: Customer change name
Scenario #4: Customer update image
Should all the tests go through all login steps like:
1) Go to register page
2) Enter new user information
3) Activate account
4) Go to login page
5) Enter login and password
6) Press the Login button
7) Check if I authenticated as a customer
Or I can just test it once and implement endpoint which quickly creates a user and log it in.
So if I have that kind of endpoint that means I can skip retesting the same things all the time and just have short scenarios #3 and #4 implementation. But in this case, I have a less natural environment.
Please tell me about the best practices that you use in real projects.
Few best practices:
use the testing pyramid integration > ui (tests are much slower on UI, automate in the UI only the necessary things to have main flows covered)
for the UI use fast methods for the setup (so yes, web services, test login only once)
if possible keep some test data trough the builds (for example to make sure a new build that might change data structure does not affect basic functionality, e.g. login)
tests should be atomic (not depend on each other)
do some cleanup from time to time to remove duplicate test code and to improve the framework(speed, stability)
You shouldn't copy and paste the "log in" scenario to all of the other scenarios, but having an account and being logged in are prerequisites for the other use cases. From a behavior driven development perspective this will translate to one or more Given steps that simulate or actually perform those steps:
Scenario: Customer change name
# Calls web service or database to create new user
Given "Bob" is a registered user
# Calls web service or database to make account active
And "Bob" has an active account
# Opens browser, navigates to login page, fills out login form and submits it
And the user is logged in as "Bob"
# Steps specific to changing name and asserting it has changed
When the user changes their name to "Samuel"
Then the user's name is "Samuel"

How can I figure out if the authenticated user is authorized to access an area/controller/action?

Being in a view and you know the area-name, controller-name and action-name of a destination to which you want the user to provide a link to, how can I figure out if the area/controller/action is authorized for the authenticated user.
Imaginary Use-case:
I have a table with a list of books (the result of bookscontroller.index). To the far right are some icons to edit or delete a specific book. The edit link refers to bookscontroller.edit and the delete link to bookscontroller.delete.
On the actions there are custom authorizationattributes and this works perfect. If a user want to access books/edit/1 and the user is not allowed to edit books, the user gets redirected to the logon page.
It is a bit stupid to have that edit-icon there if the user is not allowed to edit books. So at view level I would like to be able to figure out if the user is allowed to use the edit action of the bookscontroller. If he is, show the icon if not, do not show the action.
Goal: use that knowledge to create a custom tag-helper.
The go-to method is reactive, i.e. you check if a user can do action when the user tries to do. Since you do not want to go that way, here is how. (yet, this is anti-pattern)
Have the authentication token of the user send back to backend. The backend should have an API end point for each button on the page user can click. With the authentication token, the back-end resolve whether to dim or enable the buttons.
Now, what the backend does to resolve this is not very efficient. The backend needs to literally attempt certain actions and aborts the transaction. For create and retrieve, it is trivial (you can pre-resolve them) but for edit and delete, this requires a lot of resources.
The standard way of controlling such actions on UI is to use role based authorization.
For the buttons or other such UI elements, setup role tags, e.g. "admin:edit", "viewer:readonly" etc.
When you are authenticating a user, send the applicable roles from the backend server, store them in a way that is globally accessible to your UI and use them for filtering UI elements across your application.

Multi-user login through JMeter

I need some clarification in the testing process, specifically when multiple users (100 Users) login to a web application through JMeter.
I can log in with a single valid user but if there are 100 users and 1 is a valid user and 99 are invalid users, the 99 users cannot log in.
The problem is creating 100 is a difficult process.
Now, is testing login as mentioned above the same as testing with 100 valid users?
If not, is there any better process to test login with multi-users?
There is only one obvious requirement: each JMeter thread (virtual user) should use different credentials, in other words JMeter user must represent real user using real browser as close as possible, otherwise your load testing will not make sense.
So ideally you should have 100 different credentials so each virtual user could use its own username/password combination and have its own session. It particularly matters when your test scenario assumes some business processes, i.e. one user starts workflow, another one approves, third one finishes, etc.
If each load test iteration assumes "clean" system you could consider automating user creation process via setUp Thread Group where you can create the prerequisites (users, content, whatever). Ask around, it might be the case you can create the user using a single REST API or Database call, or it could be possible to import users from LDAP or using a shell command
As a last resort you can use single credentials with multiple JMeter virtual users, however in this case you may run into issues with your application so try avoiding CRUD operations so your test would represent just browsing.

Using the same credentials to login to two Joomla! sites (1.5 & 1.6)

I am looking for a way for my users to be able to login to both of my Joomla sites (one running 1.5 and the other 1.6) using the same credentials. For example, if a user registers to my Joomla1.5 portal, when they use that same info for my Joomla1.6, they get logged in without having to re-register and vice versa.
I guess an authentication plugin would be the best solution in combination with a XML-RPC service? Joomla1.5 site's plugin is triggered which "communicates" with the Joomla1.6 site where the user is already registered, if the credentials check out, a new user is created and the user automatically gets logged in.
Thanks in advance for any ideas/help.
You are trying to do two very different things that will require two very different plugins. First, you need a bridge to handle user table synchronization. You not only have to create a user for each site, you have to sync everything about both accounts each time anything changes. This would include changing email address, password, or even user name plus any other related data such as the use groups that the user belongs to. A good place to start would be jFusion, which is designed to bridge Joomla with other software packages but can certainly be modified to bridge Joomla sites. JFusion also has the added advantage of creating user sessions for each connected software package for a single unified login, which would be the second piece of the puzzle you would need to solve once you get the users sorted out.
http://www.jfusion.org/