Answer Question for AiChat Test

Answer Question for AiChat Test ===================================================== #### notes: I use BDD Test using gherkhin language So all member squad can consume the report and test case also we can use TDD Development so we can boost the development time # Password ### Password field (UI) #### Test Scenario 1 ```gherkin Feature : Password field works Scenario: As User I want to create password using valid format Given I Already in create password page And I already fill other mandatory field When I input using valid format And I reinput password And I submit create password Then I should be able to get succes "create password notification" ``` #### Test Scenario 2 ```gherkin Feature : Password validation field works Scenario: As User I should not be able to create password using <Invalid Format> Given I Already in create password page And I already fill other mandatory field When I input using <Invalid Format> ANd I reinput using <Invalid Format> And I submit create password Then I should not be able to create password And I get notifi <Invalid Format> |Invalid Format| |weak password| |less than 10 character| |no uppercase| |no numeric | |without non-alphanumeric| |null| ``` #### Test Scenario 3 ```gherkin Feature : field re type password works Scenario: As User I should not be able to insert re-type password field using different password Given I Already in create password page And I already fill other mandatory field When I input using valid format And I reinput password using diferrent password Then shown notification "wrong type" ``` ### API (Back End) #### Test Scenario 4 ```gherkin Feature : ensure API create password works Scenario: As User I want to create password using valid format Given I Already get create password path When I Hit create password format path using valid API format Then I should be able get response "200" And Create password succes When I check password in databse Then password should already encrypted using data user and random format ``` #### Test Scenario 5 ```gherkin Feature : ensure API create password cover failed response Scenario: As User I want to create password using Invalid Api format Given I Already get create password path When I Hit create password format path using Invalid API format Then I should be able get response "400" bad request And Create password failed ``` #### Test Scenario 6 ```gherkin Feature : Password validation field works Scenario: As User I want to create password using <Invalid password format> Given I Already get create password path When I Hit create password format path using Invalid API format Then I should be able get response "400" And get <response body> And Create password failed |Invalid password Format|response body| |weak password|weak password| |less than 10 character|less than 10 character| |no uppercase|no uppercase| |no numeric |no numeric | |without non-alphanumeric|without non-alphanumeric| |null|password is null| ``` # Force Change Password (UI) #### Test Scenario 1 ```gherkin Feature : force change password works Scenario: As User I want to change password when system force me to change password Given I not yet change password until two month When I log in using old password Then shown notification instruct me to change password When I click the change password element And I Insert my username And I click button 'change password' Then system sent to me verification email And redirect to change password page When I change password using valid format And I re-type using same password And I submit the password Then I get notification change password succes And password changed ``` #### Test Scenario 2 ```gherkin Feature : validation re-type password works Scenario: As User I should not be able to input different value when re-type password Given I not yet change password until two month When I log in using old password Then shown notification instruct me to change password When I click the change password element And I Insert my username And I click button 'change password' Then system sent to me verification email And redirect to change password page When I change password using valid format And I re-type using different password And I submit the password Then I get notification change password failed ``` #### Test Scenario 3 ```gherkin Feature : password must different within one year Scenario: As User I should not be able to input different value when re-type password Given I not yet change password until two month When I log in using old password Then shown notification instruct me to change password When I click the change password element And I Insert my username And I click button 'change password' Then system sent to me verification email And redirect to change password page When I change password using same password within 1 year And I re-type using same password And I submit the password Then I get notification change password failed ``` # Force Change Password (Back End) #### Test Scenario 4 ```gherkin Feature : ensure API change password works Scenario: As User I want to change password using valid format Given I Already have expired token When I Hit create change format path using valid API format Then I should be able get response "200" And change password succes When I check password in databse Then password should already encrypted and different with previous password ``` # Locked user accounts (UI) #### Test Scenario 1 ```gherkin Feature : ensure Log in feature works Scenario: As User I should be able to log in Given I already in log in page When I input username with valid format And I input password with valid format And I submit log button Then I should be able log in ``` #### Test Scenario 2 ```gherkin Feature : ensure locked feature works Scenario: As User I should not be able to try log in with failed log in more than 10 in a row Given I already in log in page When I input username with valid format And I input password with invalid format And I submit log button Then I should not be able to lo gin When I re-try more than 10 time Then my account locked ``` # Locked user accounts (Back End) #### Test Scenario 3 ```gherkin Feature : ensure locked feature works Scenario: As User I should not be able to try log in with failed log in more than 10 in a row Given I already have log in path When I Hit endpoint with invalid format Then I got Failed response Then I should not be able to lo gin When I re-try more than 10 time Then my account locked ``` # Administrator exist at all time Notes: For this case better we use Automation API test or API Monitoiring tool #### Test Scenario 1 ```gherkin Feature : ensure Service admin Up Scenario: As User I should be able to acces admin service Given I already have Token When I Hit endpoint with valid format Then I got success response And I get respo '200' ``` # Auto-logout (UI) #### Test Scenario 1 ```gherkin Feature : ensure auto logout feature works Scenario: As User I should get forced log out after inactive more than 30 minutes Given I already log in When I inactive more than 30 minutes Then I should get forced log out by system ``` # Auto-logout (Back End) #### Test Scenario 1 ```gherkin Feature : ensure auto logout feature works Scenario: As User my token should be expired after inactive more than 30 minutes Given I already have active token When I inactive more than 30 minutes Then my token expired ``` #### Test Scenario 1 ```gherkin Feature : ensure can not log in using expired token Scenario: As user I should not be able to log in using Given I already have expired token When I Hit end point using expired t Then I should be able to get response '401' unauthorized or token expired ```