Quality management

Functional testing

Functional testing is a type of software testing that validates the software system against the functional requirements/specifications. The purpose of functional testing is to ensure that the software behaves as expected and that all functionalities work according to the requirements.

We utilize JUnit for functional testing, focusing on integration and unit test cases to ensure comprehensive coverage. Additionally, we use Postman for API testing and perform regression testing to maintain software quality throughout the development lifecycle.

1. JUnit testing

1.1. Integration testing

Integration tests verify the interactions between different application components, ensuring they work together as expected.

These tests often involve multiple system elements, such as databases, web servers, and external APIs.

By examining the integration points and data flow between components, you can identify issues that arise when components interact, which helps ensure that your application functions correctly in a real-world environment.

Key points

  • Objective: To verify the interactions between integrated units or components.

  • Scope: Tests the data flow and control flow between modules.

  • Focus: Ensures that integrated components work together as expected.

1.2. Unit testing

Unit tests focus on testing individual parts of your code, such as methods or classes, in isolation from the rest of the application.

Using JUnit, these tests can be executed quickly and independently, ensuring that each part of your code behaves as expected.

This approach helps identify and fix bugs early in the development cycle, leading to more robust and reliable software.

Key points

  • Objective: To verify that individual units or components work as intended.

  • Scope: Tests the functionality of specific sections of code, usually at the function level.

  • Focus: Ensures that each part of the software functions correctly in isolation.

 @Test
 void create_ANN_Contract_With_InvalidDateFormat_For_AmortizationDate() throws IOException, ValueUnknownException {
    Map<String, Object> props = contractAttributes.get(0); // Get the first contract properties
	props.put("amortizationDate", "01-01-2021T00");
	ContractValidation validateContract = validator.validateContract(props);

	// Extract the actual error message
	List<String> actualErrors = validateContract.getError();

	// Since the error list could have multiple messages, pick the one you need to assert
	String actualError = actualErrors.get(0);  // Assuming it's the first error in the list

	// Perform the assertion on the specific error message
	assertEquals("Field amortizationDate:01-01-2021T00 Incorrect format. Must be of format YYYY-MM-DDTHH:MM, where HH:MM = 00:00 or 24:00", actualError);

	}

2. API testing

API testing involves testing application programming interfaces (APIs) directly and as part of integration testing to determine if they meet expectations for functionality, reliability, performance, and security.

Postman is a popular tool we use for API testing to validate the interactions between different software components via APIs.

Key points

  • Objective: To verify that APIs return the expected responses and interact correctly with other software components.

  • Scope: Tests the endpoints, request methods, response data, status codes, headers, and performance of APIs.

  • Focus: Ensures that each API operates as intended and handles different scenarios, including edge cases.

3. Regression testing

Regression testing involves re-running previously conducted tests to ensure that recent changes in the software (e.g., bug fixes, enhancements) have not introduced new defects.

The goal is to verify that new changes have not adversely affected existing functionality.

Key points

  • Objective: To ensure that new changes do not break existing functionality.

  • Scope: Tests the entire application or specific modules impacted by recent changes.

  • Focus: Detects any unintended side effects or regressions caused by changes in the codebase.

Non-functional testing

Non-functional testing focuses on the non-functional aspects of an application, such as performance, usability, reliability, and security.

It ensures that the software meets certain criteria and standards beyond just its functional requirements.

We utilize non-functional testing, focusing on Security Testing and Load Testing.

1. Security testing

Security testing is aimed at identifying vulnerabilities and weaknesses in an application that could be exploited by malicious actors. It ensures that the application is protected against various security threats and adheres to best practices for data protection and user privacy.

1.1. OWASP ZAP

Overview

OWASP ZAP (Open Web Application Security Project - Zed Attack Proxy) is an open-source security testing tool designed to find vulnerabilities in web applications. It is used for automated and manual security testing to identify potential threats and weaknesses.

Use case

  • Objective: Ensure that the application is secure and free from vulnerabilities that could be exploited by attackers.

  • Tools: OWASP ZAP (Zed Attack Proxy).

  • Scope: Identify security flaws such as SQL injection, cross-site scripting (XSS), broken authentication, and security misconfigurations.

2. Load testing

Load testing involves evaluating how a system performs under a specific load or number of simultaneous users. It helps determine the system’s capacity, identify performance bottlenecks, and ensure that it can handle expected traffic.

2.1. JMeter

Overview

JMeter is an open-source tool used for performance and load testing of web applications. It helps simulate a large number of users and analyze the application’s behavior under heavy load.

Use case

  • Objective: Ensure that the application can handle expected and peak loads without performance degradation.

  • Tools: Apache JMeter

  • Scope: Test the application’s response time, throughput, and stability under various load conditions.