Test Plan for Share groups with groups
Share groups with groups
Test Plan forIntroduction
GitLab currently allows a group to be shared with individual users. This test plan covers the sharing of a group with a group in gitlab-ce#33054 on the group's "Members" page.
Scope
- This test plan only covers the new functionality of sharing a group with a group and not sharing members with a group
- It covers cases for adding, updating and deleting share with group
- Any re-used APIs that are unchanged and already tested are out of scope
ACC Matrix
The matrix below identifies the Attributes, Components, and Capabilities relevant to the scope of this test plan.
Attributes (columns) are adverbs or adjectives that describe (at a high level) the qualities testing is meant to ensure Components have.
Components (rows) are nouns that define major parts of the product being tested.
Capabilities link Attributes and Components. They are what your product needs to do to make sure a Component fulfils an Attribute
This feature mainly deals with the "Groups" functional area and so it included in the matrix. API is included since new endpoints for sharing groups with groups will be added.
For more information see the Google Testing Blog article about the 10 minute test plan and this wiki page from an open-source tool that implements the ACC model.
The numbers indicate the count of Capabilities at each intersection of Attribute and Component.
Intuitive | Obvious | Secure | Stable | Reliable | |
---|---|---|---|---|---|
Groups | 2 | 1 | 1 | 3 | 4 |
API | 3 | 3 |
Capabilities
-
Group (sharing with other groups) is
- Intuitive
- It's clear how to select the Group to share with, Max access level and Access expiration date
- It lands the user back on the "Share with group" tab when "Share" succeeds
- Obvious
- It shows clear messages when the "Share" succeeds or fails
- Secure
- Only groups that the current user has access to show up in "Select a group to share with" auto-complete dropdown.
- Stable
- Only the intended group of users receive the specified level of access
- Existing access of the target group of users is unaffected
- Existing access of users of the source project is unaffected
- Reliable
- Unintended group of users does not receive access
- Intended group of users do not receive unintended level of access
- Users in groups do not have access beyond the "Access expiration date"
- Users in groups do not have access after the group share with group entry is deleted
- Intuitive
-
API is
- Reliable
- It rejects the target groups that user does not have access to
- It rejects an invalid expiration date / past date
- It only exposes the groups that the user has access to
- Obvious
- All valid API methods and parameters are documented
- API methods and parameters have names that convey intent
- Error messages are clear and instructive
- Reliable
Test Plan
Capabilities mentioned above can be used to guide the testing. Some cases not completely obvious from the capabilities are mentioned in below list. This list, however, should not be considered exhaustive and should only be used as a reference point for actual tests.
A separate test for each scenario in the list might not be required if a single test could cover multiple scenarios.
Automated tests
The majority of tests should be lower level tests but it would be worthwhile having at least one happy-path end-to-end UI (blackbox) test. When adding new automated tests, please keep testing levels in mind.
Scenario 1: Share top level group with top level group - when no subgroups in source as well as target
- Verify that the shared group appears under "Existing members and groups" list and display correct values
- Verify that the members of the selected target group have the access to all the projects in the source group
Scenario 2: Share top level group with top level group - when source group has projects under subgroup and top level
- Verify that the members of the selected target group have the access to all the projects in the source group as well as the projects that are under source subgroups.
Scenario 3: Share top level group with top level group - when target group has members under subgroup and top level
- Verify that the members of the selected target group as well as the target subgroups have the access to all the projects in the source group.
Scenario 4: Share top level group with top level group - when source group has projects under subgroup and top level and target group has members under subgroup and top level
- Verify that the members of the selected target group as well as the target subgroups have the access to all the projects in the source group as well as the projects that are under source subgroups.
Scenario 5: Share top level group with a subgroup - when target group has members under top level as well as under subgroups
- Verify that the members of the selected target subgroup have the access to all the projects in the source group.
- Verify that the members of the top level group of the selected subgroup do not have access to the projects in the source group.
Scenario 6: Share subgroup with a top level group - when source group has projects under top level as well as under subgroups
- Verify that the members of the selected target group have the access to all the projects in the source subgroup.
- Verify that the members of the selected target group do not have the access to the projects in the source top level group.
Scenario 7: Share subgroup with a subgroup - when source group has projects under top level as well as under subgroups and target group has members under top level as well as under subgroups
- Verify that the members of the selected target subgroup have the access to all the projects in the source subgroup.
- Verify that the members of the selected target subgroup do not have the access to the projects in the source top level group.