The “Exploratory Software Testing” book by James Whittaker is a really good book for tester in that it provide ways for testers to think about “What” you want to test.
While I am reading the books, a lot of ideas come from my mind. Today morning, I was thinking about how to make it simple to apply to my work, I come to an idea of Tester’s Persona. Unlike to User Scenario Persona, or Tester’s Career Persona, the Tester’s Persona focus on which hat you wear when you doing testing.
I use the our Web based database management tool (SWA) at (https://www.sqlazurelabs.com/houston.aspx) to explain some of the Tester’s Persona and how we do testing for the tool:
· Un-lucky guys:
This guy is really un-lucky, and hit accidental things in one day which a normal person wouldn’t happen.
o When he try to submit the modified data through the SWA into the backend server, the server is done. (It test how SWA client and middle tier can handle this smoothly).
o When the server is online again, and he issued a long running report query for 24 hours, then the middle-tire is done. ( it tests how SWA handle broken connection between SWA and middle-tier).
o He accidently delete one important table through SWA (we should warn user when he/she try to delete something through SWA).
o He open a very large script file given by someone, and found the script file is too large, and it crash the SWA.
o He open a binary file which is not a script file, and found SWA client crashed.
o He open a table which has large amount of data, and it eat all his computer resources.
· Trouble maker:
Suppose you are doing a presentation on the feature of SWA. Whenever you say something, this is guy he always interrupt you by asking some rude questions:
o When you connect to a database, he asked: can I connect two databases. What if I don’t know the database, so I like to connect the server first, and choose my database.
o When you are demoing open a query and run. He asked: can I use the query window as my query editor, why it does not have syntax highlight, and intellesense?
o When you are running a script, he asked: what kind of script I can run? Can I issue: use tempdb; select foo;
o When you show the Table panel, he saw there is a delete button. He asked: what if I want to undo my change?
o When you show how to choose the column types. He asked what if I have alias type, CLR type, TVP types?
o When you show how to choose the column types. He asked what happened if the table has table, or we cannot change the table schema?
o When you show the tables in the [Tables Panels]. He asked: why only my tables shows, where is my stored procedure, and views. What if someone add a table, or I added one table though SWA, can the panel will be automatically updated?
o Why I double click a table, the tool show a editing button even I did not change any of the fields?
The hacker knows we have the cool SWA tool, and he will explore the product to find ways to attack the server or the service:
o He will try deny of service attack on the middle tier or server.
o He will try to generate random scripts with interesting characters as schema name and data, and crash your server or middle tier or SWA.
o He will try to listen TCP traffic between SWA client and middle tier , and see whether he can found the SA password of the server.
o He will try SQL Injection.
o He will open SQL Profiler on the server, and understand what is going on the server, and try potential ways of attacking the server.
o He will think why we use http instead of https protocol?
· Normal user:
As a new user to this tool, I have no knowledge about this tool before, so I try to use the tool to finish my job:
o Is the text or icon intuitive, so that I don’t need to guess what this means?
o I want to use Ctrl-C, Ctrl-P in the query window. (It should just work, no need knowledge, no need document).
o If I hit one issue, how easy I can find the answer quickly, does F1 works?
· Curious user:
As a curious person, I am really excited to try this new tools, and I will play with the tool:
o I will try Connect/Disconnect/Connection/Disconnect multiple times
o I will try to hit Disconnect button while the SWA is connecting.
o I will drop a table, create a table with the same name.
o I will editing the table columns, at the same time, issuing queries to the same table, editing the rows of the table.
o I will open all tables in a database
o I will open 1000 script windows
o I will open a random file on my disk
o I will click execute/stop/ execute/stop many times.
o I will click comment/uncomment/comment/uncomment many times
o I will try to connect to one of my favor database which contains all my interesting data/queries.
As a insider, I know all details of the implementation/architecture, and I will use my knowledge to explore the feature.
One example is to focus on the data flow between client middle tier and server. Suppose you know that the middle tier is only a gateway between client and server, it does not cache any data or schema. Then you might try:
o Sending large chunk of data from the client
o Retrieve lard chunk of data from server
o When editing on the client, modified the objects on the server, such as delete the table, alter the table, etc.
o Restart the Middle tier during data transforming.
Any thought on this. Please add your comments.