UCD Kuali Rice UCD Kuali Rice 1.0.0 Test Plan Version 1.0.1 September 1, 2009 Prepared by: Emerson David Information and Educational Technology University of California, Davis Reviewed by: Hampton Sublett Curtis Bray Deborah Lauriano Introduction Kuali Rice is a set of integrated enterprise middleware tools that isolates many of the complications inherent in J2EE environment, allowing high quality business applications to be built in an agile fashion. Kuali Rice currently offers workflow (KEW), messaging (KEN), an enterprise service bus (KSB), identity and access management for Kuali applications (KIM) and a development framework for implementing the tools (KNS). It is anticipated that Kuali Rice will become a formal standard for campus-level administrative services. Further, Rice is expected to become an implementation and investment priority for campuslevel academic services as well as for departmental services that will be scaled, or might be considered for scaling, across colleges or supported at a campus level. As a campus standard, Kuali Rice's interfaces and protocols, such as Kuali Service Bus (KSB) and Kuali Enterprise Workflow (KEW), will be used by departmental applications to interface with major campus administrative systems. Finally, an expectation of compatibility with or use of Kuali Rice will be a standard component of our procurement process for major campus software. Specific details regarding campus standards will be developed, published, and shared with the campus community through a collaborative, evolutionary process. The purpose of this Test Plan is to test: 1. integration with UCD CAS 2. integration with UCD LDAP 3. correct assignment of Rice administration-level roles and privileges 4. successful routing of a document via eDocLite 5. successful routing of a document via a Rice-enabled application Reference Documents UC Davis Kuali Rice Policy 200-45 Conceptual Review http://admincomputing.ucdavis.edu/secure/projects/kuali-rice/Kuali-Rice-Conceptual.pdf A Roadmap for Kuali Rice at UC Davis (DRAFT) https://confluence.ucdavis.edu/confluence/display/CIAA/A+Roadmap+for+Kuali+Rice+at+UC+Davis Kuali Rice Foundation Documentation https://test.kuali.org/confluence/display/KRDOC/Home+(1.0.0) Software Test Environment Hardware Configuration: Tester will need a PC or a Mac Software Configuration and Web Browsers (user must have one of the following configurations): PC: Internet Explorer 7 or higher, Firefox 3 or higher MAC: Safari 3 or higher, Firefox 3 or higher UNIX: Firefox 3 or higher Test Set-Up: Kerberos login required. Control Software Test Plan and Procedure: The test plan will be run by the tester and issues/bugs/questions will be entered into the results section of this test plan. The completed Test Plan will be returned to Hampton Sublett (hsublett@ucdavis.edu). Hampton will catalog and prioritize unresolved issues/bugs/questions in Jira (bug tacking system) for the programmers to resolve. After the programmers resolve the issues Hampton will repeat failed tests until successful. Personnel: Execution of this test plan will be performed by Steven Hillman. Test Cases: The Test Plan is divided into sections in order to test the refactored enhancements against the Functional Requirements (see below). See Appendix A for the list of Test Cases mapped to requirements. Results: Each test case has a procedure, tester inputs/actions, expected results, and actual results. Test Completion Criteria: Each test results in either a Pass or Fail. Results Recorded: All testing results will be documented in the results column of each Test Case. If a test Fails, testers should document all issues/bugs/questions; what went wrong, when, and how, including screenshots if applicable. All testing results should be represented in this test plan. The results will be ranked most critical to least critical by the Program Manager (Hampton sublett) and all issues will be entered into Jira (IET bug tacking system) accordingly. Suspension/Resumption Requirements: All Test Cases will be run until completed. If an issue is encountered that stops the tester from continuing the Test Plan, he/she should contact the Rice Admin and a decision will be made to suspend or resume testing within specified conditions. If corrections are made to the system during testing, or as a result of an issue that suspends testing, the testers will resume testing, starting from the beginning of the Test Case. Requirements – Kuali Rice 1.0.0 Functional Testing 1. Routing documents using eDocLite a. Initiate an eDocLite document: eDocLite Example 1 b. Approve a document c. Disapprove a document d. Add a Note and attach a file 2. Routing documents using a Rice-embedded application a. Initiate a document: SampleEmbeddedClientDocument b. Approve a document c. Disapprove a document 3. Rice Unsecured Web Page Tests (https://test.kuali.org/confluence/display/KULRICE/Functional+Testing) Integration Testing 1. Integration with LDAP a. Searching for users using off-characters such as [ !, &, %, $, #, *, -, etc.] b. Plugging HTML tags into search fields Security Testing 1. Authentication via CAS a. Authenticating as yourself b. Authenticating while already authenticated into another application 2. Rice Secured Web Page Tests (https://test.kuali.org/confluence/display/KULRICE/Functional+Testing) a. Workflow i. Rule Attribute ii. Rule Template iii. XML Stylesheet iv. XML Ingestion v. Document Operation b. Notification i. Manage Content Types c. Service Bus i. Message Queue ii. Thread Pool iii. Service Registry iv. Quartz v. Security Management 3. IBM Rational Appscan Tests Load Testing 1. Silk Performer Load Tests (https://confluence.ucdavis.edu/confluence/x/cQH1) Appendix A – Target Instances Test Suites Functional Testing Routing documents using eDocLite Routing documents using a Rice-embedded application Rice Unsecured Web Page Tests Target Instance DEV-NIGHT http://rice-dev-night.ucdavis.edu Integration Testing Integration with LDAP Security Testing Authentication via CAS Rice Secured Web Page Tests Functional Testing Routing documents using eDocLite Routing documents using a Rice-embedded application Rice Unsecured Web Page Tests DEV-INT http://rice-dev-int.ucdavis.edu Integration Testing Integration with LDAP Security Testing Authentication via CAS Rice Secured Web Page Tests Functional Testing Routing documents using eDocLite Routing documents using a Rice-embedded application Rice Unsecured Web Page Tests TEST http://rice-test.ucdavis.edu Integration Testing Integration with LDAP Security Testing Authentication via CAS Rice Secured Web Page Tests Functional Testing Routing documents using eDocLite Routing documents using a Rice-embedded application Rice Unsecured Web Page Tests Integration Testing Integration with LDAP Security Testing Authentication via CAS Enforcement of Kuali Service Bus security Rice Secured Web Page Tests IBM Rational AppScan Testing Load Testing Silk Performer Load Test STAGE http://rice-stage.ucdavis.edu Test Suites Functional Testing Rice Unsecured Web Page Tests Integration Testing Integration with LDAP Security Testing Authentication via CAS Rice Secured Web Page Tests Target Instance PROD http://rice.ucdavis.edu Appendix B - Use Cases Functional Testing Test Case Routing documents using eDocLite A-1 Routing documents using a Rice-embedded application A-2 Rice Unsecured Web Page Tests A-3 Integration Testing Integration with LDAP B-1 Security Testing Authentication via CAS C-1 Enforcement of Kuali Service Bus security C-2 Rice Secured Web Page Tests C-3 IBM Rational AppScan Tests (https://confluence.ucdavis.edu/confluence/x/cQH1) Load Testing Load Tests (https://confluence.ucdavis.edu/confluence/x/cQH1) Table A-1 Routing documents via eDocLite Test Set-up Procedure Set-up Step No. 1. Set-up Operator Actions Clear web browser cache (Without clearing your browser cache, the PDF documents tested may not show the new changes and test results may not be accurate.) Test Procedure Test Step No. 1a. 1b. 2. 3a. Test Inputs / Operator Actions Initiate an eDocLite document 1. Authenticate as yourself 2. In the Main Menu tab, under the Workflow section, click on eDoc Lite 3. Click search 4. Find Document Type eDoc.Example1Doctype 5. Click on Create Document 6. Click route (without filling out the form) Create and Route Test eDocLite same as 1a, except: 1. fill out the form 2. Click route 3. Note the Document Id 4. Under the Main Menu tab, click Doc Search 5. Search by the Document Id 6. Open the Document Approve a Document 1. Authenticate as someone authorized to approve the Document from 1b 2. Under the Main Menu tab, click Action List 3. Click on the Document Id 4. Open the Document 5. Click approve Disapprove a Document 1. Repeat steps 1-2 from 1b and create a new Document 2. Authenticate as someone authorized to approve the Document 3. Repeat steps 2-4 from 2 4. Click disapprove Expected Results Get “error: Please enter your full name” Get “error: Enter a valid date in the format mm/dd/yyyy.” Document shows as ENROUTE status. Document fields are protected from editing. Document goes into FINAL status. Document goes into DISAPPROVED status. Please indicate what Operating System: operating system and web browser you are Browser: using for this test: (PC or Mac, IE 7 or Firefox 3, etc.) TESTING / ACTUAL RESULTS (Pass or Fail - document all Failures) 3b. 1. 2. 3. 4. 5. 4. Authenticate as the person who initiated the Document (e.g. yourself) Under the Main Menu tab, click Action List Click on the Document Id Open the Document Click acknowledge Add a Note and attach a file 1. Repeat steps 1-2 from 1b and create a new Document 2. Type a note in the Note field. 3. Next to the Attachment field, click Browse 4. Browse for some PDF and click Open 5. Under Action, click save 6. Click route 7. Note the Document Id 6. Under the Main Menu tab, click Doc Search 7. Click on the Document Id you just created 8. Open the Document 9. Under the View Notes section, click download Tester Recommendations: The initiator is prompted to acknowledge the disapproval Under Create Note, a section call View Notes appears with text you typed in. At the bottom of the Note, the name of the file you attached appears Next to the file name, a download link appears Upon clicking download, the file you attached should open Table A-2 Routing documents using a Rice-embedded Application Test Set-up Procedure Set-up Step No. 1. Set-up Operator Actions Open a web browser and launch Sample-Embedded Client: http://localhost:8080/sample-embedded-client Test Procedure Test Step No. 1. 2a. 2b. 3. Test Inputs / Operator Actions Expected Results Initiate a document 1. At the main page, click Create a new document 2. For Create document as User, enter your Kerberos ID 3. For Route document as User, enter someone else’s Kerberos ID 4. You can leave XML Payload empty, but if you put something in, the content must be surrounded by well-formed XML tags. 5. Click Route a new Document 6. Note the Document ID that was created Approve a Document- Authorized Approver 1. At the main page, click Load an existing Document 2. Enter the Document Id from 1 3. For Load document as User, enter the Kerberos ID of the person to whom you routed the document in 1 4. Click Load the Document 5. Click approve Approve a Document- Unauthorized Approver 1. Repeat steps 1-6 from 1 2. At the main page, click Load an existing Document 3. Enter on the Document Id from 1 4. For Load document as User, enter a Kerberos ID other than that of the person to whom you routed the document in 1 5. Click Load the Document Disapprove a Document Get directed to the Document Created screen that says “Document was successfully created with id <Document ID> !” Get directed to the Document Loaded screen, with an Approve button and a Disapprove button Get directed to the Action Submitted screen Get directed to the Document Loaded screen, with neither an Approve button nor a Disapprove button Get directed to the Action Submitted screen Please indicate what Operating System: operating system and web browser you are Browser: using for this test: (PC or Mac, IE 7 or Firefox 3, etc.) TESTING / ACTUAL RESULTS (Pass or Fail - document all Failures) 6. 7. 8. Repeat steps 1-3 from 2b For Load document as User, enter the Kerberos ID of the person to whom you routed the document in 2b Click disapprove Tester Recommendations: Table A-3 Rice Unsecured Web Page Tests Test Setup Procedure Set-up Step No. 1. 2. 3. Test Step No. 1. Set-up Operator Actions Authenticate to the target Kuali Rice instance. Click the Administration tab. Enter your Kerberos login name and password. (Click “OK” through certificate warning messages if any) Kuali Rice Administration page appears. Test Inputs / Operator Actions Execute Rice Unsecured Page Tests Use section C-3 as a guide to secure/unsecure pages. Expected Results https://test.kuali.org/confluence/display/KULRICE/Functional +Testing#FunctionalTesting-Pages For all Lookup pages, try at least a blank search and two combinations of different search terms, trying every button at least once, including each of the field Help buttons and the Clear/Cancel buttons on bottom. As an example, one possible run-thru of Document Lookup would be the following: Perform a blank search (no fields filled) Perform a Date Created From search (using the calendar button) with a Document ID entered Perform a nested Type search (using the search button by Type)- in Doc Type Lookup perform another nested search by Parent Doc Type- with a Date Created To (using the calendar button) Perform a nested Initiator search (search button by Initiator), with a Date (typed in) Note that the nested searches will leave you with fewer potential combinations to check for Person Lookup and Document Type. Also try to do at least one double nested search wherever possible. 1a. Backdoor Login appears/doesn’t appear As you go through pages, ensure that the backdoor login appears for DEV-NIGHT/INT and TEST, and does not appear for STAGE and PROD For DEV-NIGHT/INT and TEST Backdoor login box/button appears to the right of “Logged in User: <your Kerberos User Name>” For STAGE and PROD Backdoor login box does not appear on any page Please indicate what Operating System: operating system and web browser you are Browser: using for this test: (PC or Mac, IE 7 or Firefox 3, etc.) TESTING / ACTUAL RESULTS (Pass or Fail - document all Failures) 2. After Obtaining Proper Role, Execute Rice Secure Page Tests Tester Recommendations: Same as step 1/1a on secure pages. Table B-1 Integration with LDAP Test Setup Procedure Set-up Step No. 1. 2. 3. Set-up Operator Actions Authenticate to the target Kuali Rice instance. Click the Administration tab. Enter your Kerberos login name and password. (Click “OK” through certificate warning messages if any) Kuali Rice Administration page appears. Test Procedure Test Step No. Test Inputs / Operator Actions Expected Results 1a. Search by Principal Name (Kerberos ID) A single record is returned. 1b. Search by Principal ID Use the same Kerberos ID as 1a The same single record from 1a is returned. 2. Search by First Name or Last Name Use a last name that will return large sets of records Several records are returned OR an exception get returned saying that the LDAP administrative limit is hit 3. Search by several criteria Zero or more records are returned. Search by errant criteria: Use off-characters such as integers symbols spaces apostrophe’s hyphens accented characters, etc. Search by errant criteria: Plug HTML tags into search fields Search by Listings E-mail Search by an e-mail that known to the ou=Listings (WP) subtree in LDAP and not known to the ou=People subtree. Rows returned if these characters actually exist in people’s names 4a. 4b. 5. Values to check: cmbowe@ucdavis.edu and No rows returned Two records returned for each search Use Clear button between searches or alternate people to ensure update of results Please indicate what Operating System: operating system and web browser you are Browser: using for this test: (PC or Mac, IE 7 or Firefox 3, etc.) TESTING / ACTUAL RESULTS (Pass or Fail - document all Failures) constance_bowe@hms.harvard.edu rmszabo@ucdavis.edu and robert.szabo@ucdmc.ucdavis.edu Tester Recommendations: Table C-1 Authentication via CAS Test Procedure Test Step No. 1. Test Inputs / Operator Actions Authenticate to the target Kuali Rice instance 1. Open the target Rice home page 2. Click on the Administration tab 3. Enter your Kerberos User Name and Password Expected Results Kuali Rice page displays in the browser screen. UC Davis Secure Login screen displays in the browser screen. The screen displays “Logged in User: <your Kerberos User Name>”. Document Search screen displays in the browser screen. Note: Depending on the browser you are using, you may have to accept and click through a few security certificate warnings. 2. Authenticate while already authenticated in another CAS-secured application 1. Authenticate into a CAS-secured application such as JIRA or Confluence 2. Open the target Rice home page 3. Click on the Administration tab Tester Recommendations: The screen displays “Logged in User: <your Kerberos User Name>” without redirecting to CAS first. Please indicate what Operating System: operating system and web browser you are Browser: using for this test: (PC or Mac, IE 7 or Firefox 3, etc.) TESTING / ACTUAL RESULTS (Pass or Fail - document all Failures) Table C-2 Enforcement of Kuali Service Bus Security Test Setup Procedure Set-up Step No. 1. 2. Set-up Operator Actions Open a web browser and launch Sample-Service-Provider: http://localhost:8080/sample-service-provider OOpen a separate web browser and launch Sample-Service-Consumer: http://localhost:8080/sample-service-consumer Test Procedure Test Step No. Test Inputs / Operator Actions 1. Tester Recommendations: Expected Results Please indicate what Operating System: operating system and web browser you are Browser: using for this test: (PC or Mac, IE 7 or Firefox 3, etc.) TESTING / ACTUAL RESULTS (Pass or Fail - document all Failures) Table C-3 Rice Secured Web Page Tests Test Set-up Procedure Set-up Step No. 1. 2. 3. 4. Set-up Operator Actions Ensure that you have no roles assigned in Kuali Rice Authenticate to the target Kuali Rice instance. Click the Administration tab. Enter your Kerberos login name and password. (Click “OK” through certificate warning messages if any) Kuali Rice Administration page appears. Test Procedure Test Step No. Test Inputs / Operator Actions Expected Results 1a. Authenticate as a User without any Roles Administrative tab- Workflow section, click Rule Attribute org.kuali.rice.kns.exception.AuthorizationException: user <user id> is not authorized to take action 'Look Up Records' on targets of type 'RuleAttribute' 1b. Workflow section, click Rule Template 1c. Workflow section, click XML Stylesheet 1d. Workflow section, click XML Ingestion 1e. Workflow section, click Document Operation 1f. Notification section, click Manage Content Types Configuration section, click Parameter Component org.kuali.rice.kns.exception.AuthorizationException: user <user id> is not authorized to take action 'Look Up Records' on targets of type 'RuleTemplate' org.kuali.rice.kns.exception.AuthorizationException: user <user id> is not authorized to take action 'Look Up Records' on targets of type ‘EDocLiteStyle’ org.kuali.rice.kns.exception.AuthorizationException: user <user id> is not authorized to take action ‘’ on targets of type ‘IngesterAction’ org.kuali.rice.kns.exception.AuthorizationException: user <user id> is not authorized to take action ‘null’ on targets of type ‘DocumentOperationAction’ java.lang.SecurityException: User <user id> is not a Notification System administratior org.kuali.rice.kns.exception.AuthorizationException: user <user id> is not authorized to take action 'Look Up Records' on targets of type ‘ParameterDetailType’ org.kuali.rice.kns.exception.AuthorizationException: user <user id> is not authorized to take action 'Look Up Records' on targets of type ‘ParameterType’ org.kuali.rice.kns.exception.AuthorizationException: user <user id> is not authorized to take action '’ on targets of type ‘MessageQueueAction’ org.kuali.rice.kns.exception.AuthorizationException: user <user id> is not authorized to take action ‘' on targets of 1g. 1h. Configuration section, click Parameter Type 1i. Service Bus section, click Message Queue 1j. Service Bus section, click Thread Pool Please indicate what Operating System: operating system and web browser you are Browser: using for this test: (PC or Mac, IE 7 or Firefox 3, etc.) TESTING / ACTUAL RESULTS (Pass or Fail - document all Failures) 1k. Service Bus section, click Service Registry 1l. Service Bus section, click Quartz 1m. Service Bus section, click Security Management 1n. Main Menu tab- KNS Maintenance Documents section, click Parameter Component Lookup 1o. KNS Maintenance Documents section, click Parameter Type Lookup 1p. KNS Maintenance Documents section, click Pessimistic Lock Lookup type ‘ThreadPoolAction’ org.kuali.rice.kns.exception.AuthorizationException: user <user id> is not authorized to take action ‘’ on targets of type ‘ServiceRegistryAction’ org.kuali.rice.kns.exception.AuthorizationException: user <user id> is not authorized to take action ‘’ on targets of type ‘QuartzQueueAction’ org.kuali.rice.kns.exception.AuthorizationException: user <user id> is not authorized to take action ‘’ on targets of type ‘JavaSecurityManagementAction’ org.kuali.rice.kns.exception.AuthorizationException: user <user id> is not authorized to take action 'Look Up Records' on targets of type 'ParameterDetailType' org.kuali.rice.kns.exception.AuthorizationException: user <user id> is not authorized to take action 'Look Up Records' on targets of type 'ParameterType' org.kuali.rice.kns.exception.AuthorizationException: user <user id> is not authorized to take action 'Look Up Records' on targets of type 'PessimisticLock' 2b. Obtain “Rice” and “Technical Administrator” Privileges Authenticate as a User with ‘Technical Administrator’ and ‘Rice’ roles Administrative tab- Workflow section, click Rule Attribute Workflow section, click Rule Template 2c. Workflow section, click XML Stylesheet XML Stylesheet screen appears 2d. 2e. 2f. Workflow section, click XML Ingestion Workflow section, click Document Operation Notification section, click Manage Content Types Configuration section, click Parameter Component Configuration section, click Parameter Type Service Bus section, click Message Queue Service Bus section, click Thread Pool Service Bus section, click Service Registry Service Bus section, click Quartz Service Bus section, click Security Management Main Menu tab- KNS Maintenance Documents section, click Parameter Component Lookup KNS Maintenance Documents section, click Parameter Type Lookup KNS Maintenance Documents section, click Pessimistic Lock Lookup XML Ingestion screen appears Document Operation screen appears Manage Content Types screen appears 2a. 2g. 2h. 2i. 2j. 2k. 2l. 2m. 2n. 2o. 2p. Rule Attribute screen appears Rule Template screen appears Parameter Component screen appears Parameter Type screen appears Message Queue screen appears Thread Pool screen appears Service Registry screen appears Quartz screen appears Security Management screen appears Parameter Component Lookup appears Parameter Type Lookup appears Pessimistic Lock Lookup appears Tester Recommendations: