Table of Contents: Introduction
-
- Preface
- 1. Python programming from entry to proficiency
- 2. Practical implementation of interface automation projects
- 3. Web automation project actual combat
- 4. Practical implementation of App automation project
- 5. Resumes of first-tier manufacturers
- 6. Test and develop DevOps system
- 7. Commonly used automated testing tools
- 8. JMeter performance test
- 9. Summary (little surprise at the end)
Preface
1. Testing concerns and anomalies in the payment category
For payment systems on the market, the principles are actually similar. Most software systems on the market involve payment functions and will interact with third-party payment systems and jump to the corresponding payment system to implement their payment functions. Here are the factors that need to be considered before conducting this type of testing:
1) Understand what third-party payment interfaces are and how to implement direct system interaction. It is recommended to draw a flow chart and familiarize yourself with the system implementation process repeatedly. Only by understanding the process can we better assess the risks involved and facilitate the design of test cases;
2) In addition to the main functions, what are the abnormal scenarios that need to be considered;
3) What are the risks? How to avoid it?
The main test points involved in the testing process are summarized as follows:
The main test points and abnormal scenarios that need to be paid attention to during the testing process:
①First of all, ensure that the interface can be called normally;
②Generate an order. After the payment is completed, the callback will be repeated synchronously or asynchronously, and only once is valid;
③ Generate an order, copy the order number and amount, generate an order again, use fiddler to set a breakpoint, and replace the existing order number and amount with the first completed order number and amount, and the payment cannot be completed;
④ When an order is generated and the amount is modified when jumping to a third party, the amount cannot be credited, or if it is a game recharge with game currency, the game currency corresponding to the tampered amount will be credited;
⑤Asynchronous notification is blocked, synchronization is valid, payment is made, and the payment can be received normally;
⑥Synchronization setting is invalid, asynchronous is valid, payment is made, and asynchronous payment can be received normally; a>
⑦ Both synchronization and asynchronous settings are invalid. After the third-party payment is completed, within the time range of the resend mechanism, the asynchronous setting is valid. By the next notification time, the account can be notified normally (verification of the replenishment mechanism, if the merchant receives After the third-party payment is notified of success, it is necessary to inform the third-party payment that it has received a successful notification. If the third-party payment receives a response from the merchant that is not ok or times out, the third-party payment will consider the notification to have failed and will continue to call notify_url within the specified time. , usually with time or frequency restrictions);
⑧ Verify whether the payment order is stored completely and correctly in the database (for example: third-party order number – to facilitate reconciliation with the third party and troubleshooting, order amount, order status, etc.);
⑨ If the user purchases physical goods and the user initiates a return, it is necessary to ensure that the return process is normal and the funds can be returned normally, and verification of concurrent situations must be considered to ensure safety;
⑩ If the user purchases virtual goods, such as phone bills, gas cards, etc., returns can only be initiated when delivery fails, so please pay attention to verification;
Common pitfalls
When the user purchased 100 yuan of game currency, he went to the third-party payment redirect to change the amount from 100 yuan to 0.01 yuan. As a result, he took 0.01 yuan to recharge 100 yuan of game currency. Failure to verify the order amount leads to such consequences and the loss is relatively large. During the testing process, everyone must pay attention to verifying the server side, and any tampering of data during payment must be verified.
When both synchronous and asynchronous notifications exist, the asynchronous notification (background notification of successful third-party payment) is not received, resulting in some users not being able to recharge, causing customer complaints.
When synchronization and asynchronousness coexist, you must check the synchronization and asynchronousness separately to ensure that both are received normally.
Most of the Internet products we make involve third-party payment, so the payment function must be important. As a member of testing Internet products, we must ensure payment security.
How to avoid payment risks?
In order to further enhance the security of the payment function, some monitoring mechanisms can also be added appropriately.
For example:
Comparing orders with third-party orders can be done using batch running. When we complete the payment, the order is retrieved from the database and queried through the third-party order query interface. When there is an abnormality in the amount of the same order, the alarm notification can be used to detect and handle it in time. Even when there is an abnormality, the created order will be terminated, thereby minimizing the loss.
2. How does the payment platform test various channels and bank channels?
As a payment platform, it is connected to many channels such as Kuaiqian, Yibao or direct bank, and its internal product process is its own.
Is there any better testing method in the industry to test each channel and the bank channels it supports? As a product, I have applied for more than a dozen bank cards to facilitate testing, but QA and development are unwilling to do so. What should I do?
Answer: For payment platforms, tests related to payment channels can be roughly divided into: testing payment channel functions and testing payment product functions.
1) Payment channel function test
Mainly testing functions with banks, UnionPay, other external payment channels, and non-payment functions such as real-name authentication.
Under normal circumstances, the payment channel interface is only open to third-party payment internally, and the payment channel will not be directly exposed to external merchants. External merchants are packaged and provided in the form of payment products.
Payment channels are the most basic capabilities of third-party payment companies. Since they involve calling various external interfaces and services, each channel provides different testing environment, quasi-production environment, and production environment requirements. At the same time, third-party payment itself also needs Maintaining the corresponding test environment, quasi-production environment, and different versions of the production environment is really troublesome to do complete testing.
Test Methods:
Develop a set of unified test gateways internally (whether the interface communication protocol is socket, http, xml, etc., it is generally unified as http to facilitate testing), unify the test entrances of various channels, and maintain corresponding interface parameters for different channels Template allows testers to quickly enter and submit original payment requests.
After submitting to the payment channel, if the payment channel maintains a test environment or a quasi-test environment, you can directly use the provided test account to complete the actual call to the payment channel test.
If it is not provided, you can only test it by opening bank cards, corporate accounts, etc. through different channels as in the question.
In this case, the minimum limit is generally used for testing. The application for test cards, the source of test fees, and daily management can formulate corresponding policies based on the actual situation of each company. It is best for the company to bear various expenses, simplify related processes, and have corresponding incentives. For example, do not have to pay for such expenses. Extremely lengthy reimbursement process.
Testing purposes:
Ensure the correctness, integrity, and availability of payment channel functions, and verify whether the channels are smooth and functional.
A typical example is that a new function is launched in the original payment channel, and the production environment test finds that there is a problem. It is extremely troublesome to run the complete process in the production environment. You can use the test gateway test or the stable version of the quasi-production environment to test, and the quick positioning is to go online. Does the new version affect the generation function, payment channel issues, or production environment network issues?
2) Payment product function testing
The payment products here can be basic products within third-party payment, or they can be products or interfaces provided to external merchants.
In this case, the focus of testing is not the basic functions of the payment channel, but the core functions of the payment product. For payment products, it can be assumed that the payment channel is a black box, and the services provided by the black box are reliable and stable.
Test Methods:
Develop a set of simulation gateways for payment channels internally to simulate various interface functions of various payment channels and return corresponding simulation messages based on payment requests.
The payment request does not need to be actually submitted to an external payment channel. Generally, the simulation gateway and the above test gateway will be developed and deployed uniformly.
| The following is the most comprehensive software testing engineer learning knowledge architecture system diagram in 2023 that I compiled. |
1. Python programming from entry to proficiency
2. Practical implementation of interface automation projects
3. Web automation project actual combat
4. Practical implementation of App automation project
5. Resumes of first-tier manufacturers
6. Test and develop DevOps system
7. Commonly used automated testing tools
8. JMeter performance test
9. Summary (little surprise at the end)
Hold on to the wings of your dreams, let go of the flames of your soul, and move forward bravely without fear of difficulties. No matter when and where, if you stick to your faith and pursue excellence, you will eventually achieve extraordinary life legends.
Move forward bravely and meet the call of challenge. Only by letting go of hesitation and confusion and working hard can we gain true freedom and achievement. Only by surpassing yourself in every effort can you create a brilliant chapter in life.
On the long journey, never give up, never give up, stick to your original intention and pursue excellence. Only by bravely meeting challenges and surpassing your own limits can you achieve your unwavering dream. As long as you work hard, success will be inevitable.