Confirm project schedule with supervisor before formal test. Receive version App UI test version to send test specification test: check the rp/rendering function test: check the requirements document, compatibility test, stress test, performance test application as soon as possible to the formal environment, the background statistical test order statistical test, user behavior, send online reports, regression test resources product functional requirements document; Product prototype drawing; Product renderings; Behavior statistical analysis definition document; Test device (ios8.0-ios11; Android4.0 – Android8.1; Winphone7.1 and above; Symbian et al.) others.

Daily report and product launch report) The tester shall send daily test report to the tested items every day. The contents of the test daily are: to grade the quality of the current test version; Examples of more serious problems are given to prompt developers to give priority to modifications; Evaluate the overall condition of the release. Before product launch, tester sends product launch report.) The content of the online report is: to grade the quality of the current version; Attached test report (functional test report, compatibility test report, performance test report and APP available performance standard; Summarize the basic situation of the online version. Any remaining issues must be listed and documented for resolution.

The business process

Test point

Security testing

  • Software permissions

1) Risk of deduction: including sending SMS, making phone calls and connecting to the network, etc

2) Privacy disclosure risk: including access to mobile phone information, contact information, etc

3) Test App’s input validity verification, authentication, authorization, sensitive data storage, data encryption and other aspects

4) Restrict/allow access to the Internet using mobile phone functions

5) Restrict/allow the use of mobile phone sending and receiving functions

6) Restrict/allow applications to register autostart applications

7) Restrict or use local connections

8) Restrict/allow the use of mobile phones to take photos or record recordings

9) Restrict/allow access to user data using mobile phones

10) Restrict/allow the use of mobile phone to write user data

11) Detect App user authorization level, data leakage, unauthorized access, etc

Installation and uninstallation security

1) The application should be installed correctly on the device driver

2) The corresponding icon of the application can be found on the installed device driver

3) Whether to contain the digital signature information

4) All managed properties and their values contained in JAD files and JAR packages must be correct

5) The data content displayed in the JAD file should be consistent with that displayed in the application

6) Installation path should be able to be specified

7) Applications cannot be preconfigured to start automatically without the user’s permission

8) Whether it is safe to uninstall, and whether all the files installed into it are unloaded

9) Whether there is a prompt for uninstalling files generated during user use

10) Whether the modified configuration information is restored

11) Whether the uninstallation affects the functions of other software

12) Uninstall should remove all files

Data security

1) When passwords or other sensitive data are entered into an application, it is not stored on the device, and neither is the password

2) The entered password will not be displayed in plain text

3) Passwords, credit card details, or other sensitive data will not be stored in their pre-typed locations

4) The id card or password must be at least 4 to 8 digits long for different applications

5) When the application processes credit card details, or other sensitive data, do not write the data in clear text to other individual data

6) Prevent the application from terminating unexpectedly without removing its temporary files, which may then read the data information.

7) When sensitive data is entered into an application, it is not stored on the device

8) Backup should be encrypted, the recovery of data should consider abnormal communication interruption during the recovery process, and the data should be restored before use

9) The application should consider user prompts or security alerts generated by the system or virtual machine

10) Applications should not ignore user prompts or security warnings generated by the system or virtual machine, nor should they deceive users with misleading information displayed in security alarms. Applications should not simulate security warnings to mislead users

11) Prior to data deletion, the application should notify the user or provide a “cancel” command to the application

12) “Cancel” command operation can achieve its function according to the design requirements

13) The application should be able to handle situations when the application is not allowed to connect to personal information management

14) When reading or writing user information, the application will send an error message to the user

15) Without damaging any content in the PERSONAL information management application without the user’s express permission

16) The application reads and writes data correctly.

17) The application should have exception protection.

18) Inform users immediately if important data in the database is about to be rewritten

19) Handle errors reasonably

20) Users should be prompted in case of accidents

Communication security

1) In the process of running its software, if there is a call, SMS, EMS, MMS, Bluetooth, infrared communication or charging, yes, and after the processing can recover the software normally, continue its original function

2) When a connection is created, the application can handle the interruption of the network connection and tell the user that the connection is down

3) It should be able to handle communication delay or interruption

4) The application will keep working until the communication times out, and then send the user an error message indicating a connection error

5) It shall be able to handle network abnormalities and timely report abnormal situations to users

6) Close the application or network connection in time when it is no longer in use. Disconnect HTTP, HTTPS coverage tests, and background services generally interact through HTTP to verify whether the HTTP environment is normal. In the public free network environment (such as McDonald’s and Starbucks), you need to enter the user name and password and use SSL authentication to capture and process library exceptions of the HTTP Client.

Man-machine interface security

1) The return menu is always available

2) Commands have priority order

3) Sound Settings do not affect the functionality of the application

4) The application must use the full-screen size applicable to the target device to display the above content

5) The application must be able to handle unpredictable user actions, such as wrong actions and pressing multiple keys simultaneously

Install and uninstall tests

Whether the App can be installed, run, and uninstalled correctly

  • The installation

1) The software runs on different operating systems (Palm OS, Symbian, Linux, Android, iOS, Black Berry OS 6.0,

2) Check whether the installation is normal.

3) Whether the software can run normally after installation, and whether the folder and files after installation have been written into the specified directory.

4) Whether the combination of software installation options conforms to the outline design instructions

5) UI test of software installation wizard

6) Whether the software installation process can be cancelled, and whether the written files will be processed according to the outline design instructions after clicking cancel

7) Whether the handling of unexpected situations during software installation meets the requirements (such as crash, restart, power failure)

8) Whether there is a prompt when the installation space is insufficient

9) No redundant directory structures and files are generated after installation

10) For installations that require network authentication and the like, try it out when you’re off the network

11) The installation manual should also be tested to see if it can be successfully installed according to the installation manual

  • uninstall

1) Directly delete the installation folder and check whether there is a message displayed during uninstallation.

2) Test whether the system directly uninstalls the program prompt message.

3) Test whether all installation folders are deleted after the uninstallation.

4) Test for unexpected situations during the unloading process (such as crash, power failure, restart).

5) Check whether the uninstallation supports the cancel function. Click cancel to uninstall the software.

6) The system directly uninstalls UI test, whether there is uninstallation status progress bar prompt.

UI test

(menus, dialogs, Windows, and other customizable controls) layout, style, and text the goal of the test is to ensure that the user interface provides appropriate access to the functionality of the test object.

Navigation test

1) Buttons, dialog boxes, lists and Windows, etc.; Or need to navigate between different connected pages

2) Whether navigation is easy and intuitive

3) Whether you need a search engine

4) Whether the navigation help is accurate and intuitive

5) Whether the navigation is consistent with the style of page structure, menu and connected page

Graphics test

1) Horizontal comparison. All controls operate in a unified manner

2) Adaptive interface design, content ADAPTS to the size of the window

3) Whether the page label style is unified

4) Whether the page is beautiful

5) The pictures on the page should have their practical significance and require an overall orderly and beautiful appearance

6) The picture quality should be high and the picture size should be as small as possible under the condition that the design meets the requirements

7) The overall use of color interface should not be too much

Content of the test

1) Whether the content of the input text is consistent with the system function

2) Whether the length of the text should be limited

3) Whether the text content is unclear

4) Whether there are typos

5) Whether the information is displayed in Chinese

6) Whether there are sensitive words and keywords

7) Whether there are sensitive pictures, such as pictures involving copyright, patent and privacy

A functional test

The functions of THE App are realized and evaluated by the following methods. The five elements of time, place, object, behavior and background or business analysis are used to analyze and refine the App. There are no specific test cases for the App. Where input is involved, the coverage of test implementation and requirement input should be tracked at each stage of test implementation to correct business or requirement misunderstandings in time

run

1) Test run after App installation, software can be opened normally.

2) Test the App to see if there is a loading progress prompt.

3) Test the opening speed of the App to see whether the speed is significant.

4) Whether the switching between App pages is smooth and logic is correct

Register 1) Edit the page with the form

2) Length of user name and password

3) Prompt page after registration

4) Whether the data of the front registration page and the management page of the background are consistent

5) After registration, page prompt will be displayed in background management

The login

1) Log in to the system as a legitimate user.

2) Whether the system allows multiple illegal logins and whether there is a limit on the number of logins.

3) Whether it is correct to log in the system using the account that has been logged in.

4) Whether it is correct to log in to the system using a disabled account.

5) Can you log in if the user name or password (password) is wrong or missed?

6 Log in to the deleted or modified user as the original user.

7 Do not enter the user password and user, repeat (ok or cancel button) whether to allow login.

8 After login, the login information is displayed.

9 There is a logout button on the page.

10 Handling login timeout.

The cancellation

1 Log out of the original module and check whether the new module can be correctly processed.

2 Terminate logout Whether to return to the original module and the original user.

3 Log out the original user and check whether the system processes the new user correctly.

4 Log out using an incorrect account, password, or disabled account

Switching between front and back applications

1 Switch to the background and return to the APP to check whether it stays in the previous operation interface.

2APP switch to the background, then back to the app, check whether the function and application status is normal, IOS4 and IOS5 version of the place

3 switch to the background, and then back to the foreground, notice whether the program crashes, function status is normal, especially for from

4. When entering the APP after unlocking the screen, pay attention to whether it will crash and whether the function status is normal, especially for switching from the background

5. Switch to the App when a call is interrupted during App use, and check whether the function status is normal

6 Check whether the APP can be started properly after the process of the app is killed and then started.

7 After the prompt box that must be processed appears, switch to the background and switch back again to check whether the prompt box still exists. Sometimes 8 For pages with data exchange, each page must carry out the test of switching between the front and the back and locking the screen

Avoid the login

app.   

1 If the login exemption function is enabled, consider the IOS version.

2 Determine whether you can enter the login – free state when no network is deployed.

3 After logging in to another user, check whether the user login information and data are updated and ensure that the original user logs out.

4 According to the existing RULES of MTOP, an account can log in to only one machine. So, need to check one account login more

5 Switch to the background, and then switch back to the verification of the foreground

6 Switch to the background, and then switch back to the foreground test

7 After the password is changed, check whether the valid identity is verified during data exchange

8 Applications that support automatic login Check whether the system can automatically log in to the system and perform no data operation during data exchange

9 Check whether the user logs out and stays on the login screen when starting the APP next time

Data update

1 Determine where manual refreshes are required, where automatic refreshes are required, and where manual + automatic refreshes are required

2 Determine where data needs to be updated when switching from the background to the foreground.

3 Determine which content needs to be updated in real time and which needs to be updated periodically based on the proper allocation of services, speeds, and traffic.

4 determine whether the processing logic of the data display part is requested from the server every time, or cached to the local, so as to have

5 Check that exceptions are handled where data is exchanged.

Offline browsing

1 Browse local data when no network is available

2 The app can be browsed normally after exiting the app

3 Switch to the background and then switch back to the foreground for normal browsing

4 Unlock the screen and return to the foreground of the application for normal browsing

5 An offline message is displayed when data on the server is updated

update

1 An update message is displayed when a new client version is available.

2 If the version is a non-mandatory upgrade version, users can cancel the update, and the original version can be used normally. The user launches the app the next time

3 If the version is mandatory update and the user does not perform any update after the mandatory update is provided, exit the client. The forcible upgrade message is displayed on the next startup.

4 If a new version of the client is available, check whether the update is successful without deleting the client.

5 If a new client version is available, check whether the functions of the updated client are correct without deleting the client locally

6 If a new version of the client is available, check whether the resource files with the same name, such as images, can be deleted without deleting the client

Location, camera service

1 Pay attention to system version differences when using the camera and locating services

2. For the location service and camera service, it is necessary to test the switch between front and back to check whether the application is normal.

3 If the location service is not enabled and you use the location service, a message is displayed asking you whether to allow location Settings. When determining

4 test positioning, camera service, need to use the real machine test.

Gesture operation test

1) The impact of unlocking the lock screen on the running App

2) The impact of network switching on running App

3) The impact of switching between front and background of running App

4) Switch between multiple running apps

5) Shut down the App when it is running

6) Restart the system when the App is running

7) Charge while App is running

8) When the App is running, kill the process and then open it

The network environment

12G, 3G, wifi. The current 2G network is relatively slow, especially when testing this

2 If no network is available, perform operations that require a network and provide friendly prompts to ensure that the program does not crash.

3 During the Intranet test, select exception handling when performing operations on the Internet.

4 If the network signal is poor, check whether the function status is normal and ensure that data submission failure does not cause crash.

5 If the network signal is not good, check whether the data is always in the submission state and whether there is a timeout limit. In case of data

6 If the network signal is poor, exit the page or run another crash command before the callback is complete.

Server down or 404, 502, etc

1.DNS and space service providers will affect their stability. For example, when a domain name resolution failure occurs,

2. The API request will likely result in a 404 error, throwing an exception. This is where the exception needs to go right

The interface test

1. The data in JSON format is sent to the client, so we need to conduct interface test on the server to ensure that

2. The JSON content is correct and has corresponding return values for branches and exception streams. This block test is available

3. Test itEST framework. The most convenient is to use HttpClient for interface testing.

Client database test 1) general add, delete, change, check test.

2) whether it can be automatically created when the table does not exist, whether it can be self-created after the database table is deleted, and whether the data can be automatically created from

3) Whether the client can save the data locally when the service needs to retrieve data from the server and save it to the client.

4) When the business needs to obtain data from the client, check whether the APP data can be automatically transferred from the client when the client data exists

5) After the data is modified or deleted, whether the client and server will be updated accordingly.