Test Cases

Download as xlsx, pdf, or txt
Download as xlsx, pdf, or txt
You are on page 1of 9

* Pre-Conditions

1 Admin and Read only users account should be existed already in system.
2 User name and password of both user should be available for login.

Sr# Steps

* Authentication
1 Verify the login functionality with valid username and
password.
2 Verify the login functionality with invalid username or
password.

3 Verify the login with empty data in the required fields.


e existed already in system.
be available for login.

Expected Result Category Status


(Pass/Fail)

The user should be logged in to the system and respected page (For. Functional
Ex, dashboard) and data should be displayed to the user.
The validation message/prompt should be displayed to the user that
the 'Username/Email or Password is invalid".

Validation message should be displayed as "Please enter username


and password".
Execution Date Bug# Remarks/Comments/Other Observations
(dd/mm/yyyy)

There are multiple ways to display the prompt as in popup,


toaster message, etc. which can be implemented based on
requirements and security purpose.

There are multiple ways of displaying the validation as mark a


field by red shwing that it is required, displaying a prompt with
message, displaying a help text on hovering on the fields etc.
* Pre-Conditions
1 Admin and Read only users account should be existed already in system.
2 User name and password of both user should be available for login.

Sr# Steps

* Authentication
1 Verify that the login screen is having option to enter
username and password with submit button

2 Verify the length of fields(Username/Email and


Password) available on login page.

3 Verify the input format of the data entered in password


field.
4 Verify the login with valid credentials.

5 Verify the login with invalid username and correct


password.
6 Verify the login with invalid password and correct
username/email.
7 Verify the login with empty data in the required fields.

8 Verify the login entering the username and keeping the


password field blank and vice versa.
9 Verify login functionality with multiple unsuccessful
attempts.
10 Verify the link of logged in user and paste it to another
browser.
11 Verify the username/email field by entering it in
Uppercase.
12 Verify the username and password stored in database
while logging in.
13 Verify the copy/paste is allowed in password field or not.

14 Verify the notification email is sent if user is login to


unusual device/machine.

15 Verify the login with SQL injection and cross site


scripting.
16 Verify clicking on browser back button after logging out
from the application.

17 Verify logging the same user in multiple platform and log


out from one of them.
18 Verify the session time out functionality.

19 Verify clearing cookie during the active session and


refresh the page.
20 Verify Autofill form data setting in browser is not
remembering password.
21 Verify below scenario :
Login to application and bookmark the logged in page.
Open the bookmark link after a while.(After 2 - 3 hours)

* Authorization
21 Verify that the permissions granted to both roles are
working as expected.

22 Verfiy when the read only user tries access module


which is not accessible to him.

23 Verify below scenario :


Open the application in different browser, with different
roles one as Admin and another as read only. Now copy
the link of module or page which is restricted to readonly
and paste it to the browser in which read only user has
logged in.

24 Verify below scenario :


Copy the auth cookie of admin user and paste it to the
read only user.

25 Verify the Gui in both the user.

* Document Management
26 Verify that in document management module they is a
button to browse documents and some required input
fields for metadata.

Add Document
e existed already in system.
be available for login.

Expected Result Category Status


(Pass/Fail)

The login page should have 2 fields to enter username and password
and a submit button. And a forgot password button in case if
credentials are forgot.

The maximum length of fields should be set as per the input type of Functional
the fields as well data required in the field and validation message
should be displayed in case more than allowed characters are
entered.

Password should be displayed in masked format(ex. ***) instead of GUI


showing in text format.
The user should be logged into the system and required data should Functional
be accessed/displayed to the user.
The validation message/prompt should be displayed to the user that Functional
the 'Username/Email or Password is invalid".
The validation message/prompt should be displayed to the user that Functional
the 'Username/Email or Password is invalid".
Validation message should be displayed as "Please enter username Functional
and password".

Validation message should be displayed as "Please enter the Functional


password" and in other case "Please enter the username".
The user login credentials should get locked for specific period for Security
security purpose.
The login page of the application should be opened in other browser. Security

The input in username/email with uppercase should be treated as Functional


valid input and should not give the validation.
The password stored in database while logging in should be in Security
encrypted format.
Users should not be allowed to copy and paste Password from text Security
box
The notification email should be sent to registered email of user if Security
user is logged in from unusual device.

The system should be handled if any such security attacks are made Security
on application.
The system should be redirected to login page only and should not be Security
redirected to that logged in user's page. Also the Auth cookie stored
while logging in should be removed once the user logs out.

The user should be logged out from all other platforms as well. Security

The user should be logged out on clicking on any function is session is Session
timed out.
The user should be logged out to the system if cookie is deleted and Session
ask user to login again to get the access.
The password should not be stored by the autofill form data by the Functional
browser.
The system should redirected to login page with validation message
and ask user to login again.

The user should only be able to access or perform any


module/activity of which the permission is granted.

That restricted module should not be visible to read only user or


proper validation message of "Access denied" or "You are not
authorized to this module" should be prompted.

The validation prompt should be displayed as "Access denied" or "You


are not authorized to this module" and the page or module of admin
user should not be opened.

The system should be logged out and directed to the login page. The
access of admin user should not be updated to read only user.

The GUI should not be differ some functionality is not there in read
only user.
Execution Date Bug# Remarks/Comments/Other Observations
(dd/mm/yyyy)

For ex. Username/email - minimum 6 to maximum 30


characters are allowed. No more than 30 characters are
allowed.

There are multiple ways of displaying the validation as mark a


field by red showing that it is required, displaying a prompt
with message, displaying a help text on hovering on the fields
etc.

Another option is to use the captcha for this and to avoid/block


any automated systems as well.

This is the additional security feature developed as per the


product domain or requirement. Two - way authentication is
also an option if product needs more security.
Precondition : If multiple login with different platform at same
time feature is implemented.

For Admin : Admin can upload, search, view, edit and delete
records.
Read Only : This user can only view and search records.

You might also like