Fernanda, parte de este equipo, nos hizo el favor de crear esta reseña ya que conoce perfectamente dicho tema.
Ejemplo: flujo de proceso api
I HAVE FOUR DIFFERENT PROCESS TO IMPLEMENT
1.Checking API contract
2.Creating test cases
3.Executing test cases
4.Implementing different test flows
1.Checking API ContractAn API is essentially a contract between the client and the server or
between two applications. Before any implementation test can begin,
it is important tomake sure that the contract is correct.
a. Endpoints are correct,b. Resource correctly reflects the object model
(proper JSON/XML structure used in response),c. There is no missing functionality or duplicate functionality,d. Relationships between resources are reflected in the API correctly.
Now, that we have verified the API contract, we are ready tothink of
what and how totest.2.Creating test cases
I mostly create the following test case groups:a. Basic positive test (happy paths)b. Extended positive testing withoptional parameters (optional parameters
and extra functionality)c. Negative testing withvalid input (trying toadd an existing username)d. Negative testing withinvalid input (trying toadd a username which
is null)e. Destructive testing (sending null, empty string, integer or other types,
odd date format, deleting necessary parameters)f. Security, authorization, and permission tests (sending valid or
invalid access tokens topermitted or unpermitted endpoints)3.Executing test cases
For each API request I need toverify following items:a. Data accuracy:Check the request and response body whether those are
as written on API documentation in terms of data type and data structure.
b. HTTP status code:For example, creating a resource should return201
CREATED and unpermitted requests should return403 FORBIDDEN,etc.
c. Response headers: HTTP server headers have implications on both
security and performance.
d. Response body:Check valid JSON body and correct field names, types,
and values - including in error responses.
e. Authorization checks:Check authentication and authorization
f. Error messages:Check the error code coverage in case API returns
any error
g. Response time:Implementation of response timeout
4.Test flows
We need toimplement the next test flow if previous flow is success:a. Single-step workflow:Executing a single API request and checking the
response accordingly. Such basic tests are the minimal building blocks we
should start with, and there’s no reason tocontinue testing if these tests
fail.
b. Multi-step workflow withseveral requests:For example, we execute a
POST request that creates a resource withid and we then use this id tocheckifthis resource is present in the list of elements received by a
GET request. Then we use a PATCH endpoint toupdatenew data, and we again
invoke a GET request tovalidate the newdata. Finally, we DELETE that
resource and use GET again toverify it no longer exists.
c. Combined API and UI test:This is mostly relevant tomanual testing,
where we want toensure data integrity between the UI and API. We execute
requests via the API and verify the actions through the UI or vice versa.
The purpose of these integrity test flows is toensure that although the
resources are affected via different mechanisms the system still maintains
expected integrity and consistent flow
Valoraciones y comentarios
Recuerda algo, que tienes la capacidad de valorar esta crónica si te fue de ayuda.
¡Haz clic para puntuar esta entrada!
(Votos: 0 Promedio: 0)