Test plan for Add LDAP to SmartCard authentication strategy

Introduction

This test plan is for https://gitlab.com/gitlab-org/gitlab-ee/issues/7693 that adds the feature to allow a SmartCard user to authenticate credentials on the card against a configured LDAP server.

ACC Matrix

The matrix below identifies the Attributes, Components, and Capabilities relevant to the scope of this test plan.

Attributes (columns) are adverbs or adjectives that describe (at a high level) the qualities testing is meant to ensure Components have.

Components (rows) are nouns that define major parts of the product being tested.

Capabilities link Attributes and Components. They are what your product needs to do to make sure a Component fulfils an Attribute

This feature mainly deals with the "Authentication" functional area and so it included in the matrix. API is included since new endpoints for sharing groups with groups will be added.

For more information see the Google Testing Blog article about the 10 minute test plan and this wiki page from an open-source tool that implements the ACC model.

The numbers indicate the count of Capabilities at each intersection of Attribute and Component.

	Secure	Responsive	Intuitive	Reliable
Authentication	1		1	4

Capabilities

Authentication is
- Reliable
  - It lets a SmartCard user login if their credentials verify with LDAP server
  - It does not let a SmartCard user login if their credentials do not verify with LDAP server
  - It does not let a SmartCard user login if connection to LDAP server fails
  - It does not let a SmartCard user login if smart card is not inserted
- Intuitive
  - Logging in is easy as pressing "Login with smart card" button
  - It presents the user with a clear message when unable to login
- Secure
  - It does not allow logging in with username and password if disabled in config

Test Plan

The scope of this feature is small enough that an exhaustive list of tests is not needed here. The Capabilities above should be enough to guide the testing.