API tests with newman and postman

 

API is the most important part of your software because it has the highest security risks. What if someone were to hack your API? They could get production data, they could Bitcoin ransom the servers or they could hide on the machine until something interesting happens. The bottom line is, the stakes when using an API are much higher than if there is just a bug in the UI of your application — your data could be at risk and, by proxy, all of your users’ data.

API testing is not only the most vital testing to be done against your application, but it is also the easiest and quickest to execute

With your API tests and having a Continuous integration process, you can:

  • Test all of your endpoints no matter where they are hosted
  • Quickly ensure all of your services are running as expected
  • Confirm that all of your endpoints are secured from unauthorized AND unauthenticated users

 

Postman

Download postman for free

Now you need to have an API to test, you can select one from any-api or qa-symphony for this tutorial. In this example we are going to use this Oxford Dictionaries. Now on postman, you can create a collection and start to feed with your tests. Also, you can create an environment with environment variables and also global variables that can be used across the requests, for example a token.

 

Login with Token on Postman

  • Click on Manage Environments

 

  • Set the host

  • Type the request URL, change the host to the variable {{host}}
  • Select POST request and type the headers

 

  • Type the Body with the credentials for your site.

 

  • Open the Tests tab and write the tests to validate the request and set the access_token as an environment variable. You will need to use this variable in the header of all of your next requests.

var jsonData = JSON.parse(responseBody);

tests["Status code is 200"] = responseCode.code === 200;
tests["Access Token is not blank"] = jsonData.access_token !== "";
tests["Message success"] = jsonData.scope.indexOf("success") !== -1;

postman.setEnvironmentVariable ("access_token", jsonData.access_token);

 

  • Hit Send and if the status code is 200, it means the credentials are correct. Save the request in your collection.

 

  • Now you can create all the other requests and tests needed, just remember to add the {{access_token}} in your header and save the requests in your collection

 

 

Running your API automated tests

  • Now that you have a collection with all your tests, click on Runner and select your collection, environment. Type the number of interactions and delays in case you want to simulate more than multiple interactions.

  • You can also import a CSV file with data and substitute for variables in the body or header of the request.

 

  • The results report will be like this one:

 

Newman

 

To run your tests from the command line you need to have Newman, open your terminal and run npm install -g newman

  • Export your collection from Postman (Collection_v2) and download your environment (go to “Manage Environments” and click the download button) from Postman

 

  • Open your terminal an type the command to run the API tests: newman run /local/path_to_your_postman_collection.json

 

  • The result will be something like this:

 

  • To run the script on Jenkins you need to add the parameters  –reporters junit,json and the results should be created under a folder called “Newman” in your working directory, so: newman run -reporters junit,json /local/path_to_your_postman_collection.json

 

Resources: https://www.qasymphony.com/blog/automated-api-testing-tutorial/

https://api.qasymphony.com/#/login/postAccessToken

Usability Testing

Hello guys,

Today I am going to write about some usability tests techniques that you can use in your day-to-day tests. Usability tests is where you can figure out if your design is working or not, what can be improved and what is not straight forward.

Jakob Nielsen created the 10 usability heuristics, which includes:

  • Visibility of system status
  • Match between system and the real world
  • User control and freedom
  • Consistency and standards
  • Error prevention
  • Recognition rather than recall
  • Flexibility and efficiency of use
  • Aesthetic and minimalist design
  • Help users recognize, diagnose, and recover from errors
  • Help and documentation

 

Know your user

When you know your users, you can focus on their goals, the characteristics that they have and the attitudes that they display. You should also examine what the user expects from the product.

User personas are created from other forms of user research and thus offer an real life portrait that is easy for the team to keep in mind when designing the products. User personas have a name and a story.

 

Simplify

We need to start with the idea of a user in your worst case scenario when doing UX testing, someone who knows nothing about your product, is distracted when they use the system, has bad cell reception, etc. By watching that person use and fumble through your product, you can quickly identify areas where the app is not simple, clear or fast enough.

 

Trust your intuition

It’s important to remember what specific problem you’re setting out to solve. Trust your guts: early on, it’s especially important when larger decisions are so fragile. Remember that you can’t build something that pleases everyone: trying to do so normally results in a weak release. Stay focused on the use-case you want to nail and avoid trying to solve all the use cases at once. The smallest details can be the difference between a product that has a good experience for the user and one that has not.

 

Efficiency

It lies in the time taken by the user to do a task. For instance, if you are an E-commerce site, the efficiency of your site depends on the time and the number of steps that the users take to complete the basic tasks like buying a product.

 

Recall

This is one of the most important aspects to examine the person’s memory concerning the browsing process and the interface they used a while ago. If your design is simple and straight forward it will be easier to remember how to complete a task.

 

Emotional response

This helps to analyze the user’s feelings after they have used the product. Some might feel happy while others might feel down and there are others who are so deeply impressed that they recommend the product to their friend.

 

Resources:

https://uxmastery.com/beginners-guide-to-usability-testing/

https://www.nngroup.com/articles/how-many-test-users/

https://thenextweb.com/dd/2013/08/10/13-ways-to-master-ux-testing-for-your-startup/#.tnw_3ngxAqEM

https://www.invisionapp.com/blog/ux-usability-research-testing/

https://www.interaction-design.org/literature/article/7-great-tried-and-tested-ux-research-techniques

https://uxdesign.cc/ux-tools-for-user-research-and-user-testing-a720131552e1

https://www.cso.com.au/article/626752/data-breach-notification-just-it-business/