Table of Contents: Introduction
-
- Preface
- 1. Python programming from entry to proficiency
- 2. Practical implementation of interface automation projects
- 3. Web automation project actual combat
- 4. Practical implementation of App automation project
- 5. Resumes of first-tier manufacturers
- 6. Test and develop DevOps system
- 7. Commonly used automated testing tools
- 8. JMeter performance test
- 9. Summary (little surprise at the end)
Preface
1. Bugs and problems commonly encountered in interfaces
Non-compliant parameters are passed in, causing the program to crash;
data type overflows, resulting in inconsistent data reading and writing;
because the object permissions are not verified, other users' sensitive information can be accessed;
improper status processing leads to logic confusion;
logic verification If the test is not perfect, loopholes can be exploited to obtain illegal benefits;
2. Test case design
Input - interface processing logic - output -
an interface usually has input and output, sometimes there is no output,
use case design considerations, input, output
For input, you can design according to parameter types;
for processing, you can design use cases according to logic;
for output, you can analyze and design based on results;
Details:
Designed for input:
Numeric type:
Equivalence class: Within the value range, outside the value range
Boundary method: Value range boundary: Boundary maximum, minimum; Boundary minimum -1, maximum +1, etc.
Special values: 0, negative Value, etc.
traversal method: traverse all values in the value range
For example: the range of an input value is int 1-12, the values within the range need to be considered; the boundary values 0,1,12,13; the special value of the type -1,0; the minimum and maximum boundary values of int also need to be considered Consider; if 1-12 has a specified meaning, you need to traverse all values
Risks: special values, improper handling of boundary values, program exit, data overflow, return error message, etc.
Int: Data type boundary: -2147483648, 2147483648. (Integer.MAX_VALUE)
String type:
String length:
Equivalence method: Within the value range, outside the value range
Boundary method: Specifies the range boundary, type boundary
Special value: 0, that is, the empty character
String content:
Specific types: English, Chinese, upper and lower case, etc.
Special characters: >, <*!@#$%, etc.
Sensitive characters: "flg" "TMD"", etc.
For example: The function string length of the interface is 3 digits, and the test length is: 3 digits, more than 3, less than 3; the
maximum length of String; special null character; the content of the string is numeric, non-numeric, etc.; special characters; whether Sensitive characters need to be filtered;
Risks: When other types, super long characters, sensitive words, etc. are passed in, whether the program exits abnormally, whether it is displayed, there is a storage problem, and sensitive words are specially processed.
Array or linked list type:
Number of members:
Equivalence method: Within the value range, outside the value range
Boundary method: Specifies the range boundary, number boundary value
Special value: 0, etc.
Member content:
Equivalence class: legal and illegal members
Repeat method: repeated members
Example: The length of the array accepted by the interface is generally 5, with values within 1-5, and 6
boundary values outside the range. The maximum allowed by the request , minimum value; special value, 0; content is legal or illegal; whether duplicate content is allowed.
Risk: 0 means whether to exit abnormally, whether duplicate content is allowed
Constraint analysis for logical design :
numerical restrictions: score restrictions, gold coin restrictions, level restrictions, etc. (can be executed only when conditions are met)
status restrictions: need to log in first, etc. (synchronization of information, etc.)
relationship restrictions: bound relationships, friend relationships, etc.
Permissions Restrictions: Administrators, etc.
Risks: Insufficient judgment of constraints, users can make profits through special means, etc.
Analysis of operation objects:
Operations are usually targeted at objects. Operations are performed on legal and illegal objects. What will happen to the background processing?
Risk: Users can operate without permission.
State transition analysis:
The logic under test is abstracted into a state machine, and each state is switched according to the logic of each function. If this order is disrupted and jump operations are performed, there will be logic problems and verification correctness
risks: special means can be used to achieve what is originally impossible. status, thereby making profits, etc.
Timing analysis:
In some complex activities, an activity consists of a series of actions performed in a specified order. Only when the actions are completed in sequence can the expected results be obtained. In a normal process, actions are executed in sequence without disruption. However, during interface testing, you need to consider whether there will be problems if they are not executed in sequence.
For example: client data synchronization is triggered by the client, and users cannot intervene during this period. What we see during functional testing is whether it can be synchronized normally. If we further dismantle it, the synchronization process is a series of actions.
For example: obtain user information, initiate a request, return login information in the background, upload local data locally, verify data in the background, generate diff and corresponding new number, return incremental data and numbers, report conflicts locally, handle conflicts in the background, and return Information about client synchronization completion.
The interface needs to be called in sequence to be completed synchronously, but when testing the interface, you can test the execution of disrupting this sequence, whether there are exceptions, etc.
Risk: After non-sequential execution, data abnormalities may occur, and there may be other program problems.
Design for output:
For output results: There may be only one correct result, but there are many wrong situations. Use case design can be carried out based on the returned result list or type.
Risks:
Insufficient error front-end processing leads to front-end exceptions;
improper error prompt handling, users see obscure program code;
improper error prompts, users do not know where the problem is and how to solve it
Interface timeout:
The interface returns normally. What if it cannot receive the return? Interface timeout processing is also a part that needs to be considered. If it is not handled properly, the entire process will be blocked, and the return value will be received after timeout, resulting in logical confusion.
Total other tests:
Abandoned interface test:
Abandoned interfaces may not be deleted in time, and related abandoned interfaces need to be checked to avoid problems.
Interface design rationality analysis:
analysis of the following aspects:
whether the interface fields are redundant;
whether the interface is redundant;
whether the interface returns the information expected by the caller; whether
the interface definition can meet all calling requirements;
whether the interface definition is convenient to call;
Security testing:
For non-professional security testers who pay more attention to business security, the following considerations can be made:
whether the interface uses the https protocol; whether
the request data of the interface is encrypted;
whether the key information saved to the database has been processed Encryption processing;
whether there are restrictions on requests for some commonly used tools;
whether the interface restricts the number of accesses to the same IP;
Test projects:
repeated submission, concurrent testing, distributed testing (load balancing testing), environment anomaly testing, large data volume testing
Performance test focus:
response time, throughput, number of concurrencies, server performance: (CPU, content, IO, network)
| The following is the most comprehensive software testing engineer learning knowledge architecture system diagram in 2023 that I compiled. |
1. Python programming from entry to proficiency
2. Practical implementation of interface automation projects
3. Web automation project actual combat
4. Practical implementation of App automation project
5. Resumes of first-tier manufacturers
6. Test and develop DevOps system
7. Commonly used automated testing tools
8. JMeter performance test
9. Summary (little surprise at the end)
Strive persistently, embrace challenges, move forward bravely, and bravely venture into the future. Don’t be afraid of difficulties or failures, use wisdom and courage to overcome obstacles, and create brilliance on the road of struggle. Believe in your potential, chase your dreams, and achieve an extraordinary life journey!
At every dawn, the dawn of struggle illuminates the way forward, and with courage, we set sail towards our dreams. Don’t be afraid of challenges, go beyond your limits, and let hard work and sweat pave the way to success. Believe in your persistence and keep struggling, and you will eventually bloom your own brilliant flowers!
Move forward bravely, persist in hard work, and the power of struggle will open up endless possibilities. No matter what the starting point is, as long as you have a dream and work hard to move forward, you can overcome the wind and rain and welcome glory.