Stairs help for blind people


This post is follow up on my post about traveling to CAST 2016 as software tester. In that post I mentioned that I noticed at Paris Charles De Gaulle Airport metal pattern at the top of the stairs. Using Google, I tried to find out the purpose of that pattern, but with no result. Then community kicked in and I got response about the purpose of that pattern (tanks to another_one and Bruno Prsa).

That this pattern helps blind people to identify where stairs begin. This  blog post describes testing techniques that could help me to get to that conclusion by myself.

Michael Kelly article: Taking a tour through test country presents application tours that helps to get to know with the application. Two tours could have helped me to identify purpose of the pattern: user and scenario tours.

Kelly states:

The first is the user tour. In this tour, you attempt to imagine five users for the product and the information they would want from the product or the major features they would be interested in. The second tour is the scenario tour. Here, try to imagine five realistic scenarios for how the users identified in the user tour would use this product.

In BBST Test Design, you can learn about James Bach Heuristic Test Strategy Model where one of test technique is user testing.

Are you ready to enhance your testing craft?


Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Google maps offline mode scenario testing


As I was traveling to CAST2016 in Vancouver, and roaming cost for 1MB of data traffic using my Croatian operator is 10 US$, I decided to use Google maps in offline mode.

Why you did not buy Canadian sim card with data plan? I investigated that option, and I could not find on web simple explanation how to do that. Also, doing business in Croatia is rather complicated, and putting that expense on my company account would be very complicated. So I decided to go with Google maps offline option, and using wi-fi where possible.

Day before travel day, I downloaded Vancouver map. In iOS Google map application, you need to search for Vancouver, and select in main menu offline areas. Touch big blue plus sign, and hit download.

Offline content is valid for one month.

First surprise is that route feature is only available for Cars option, bus and walk is not available. My heuristics is that this is because of security implications for walk option. Google only wants to guide you for walking using up to date information. For example, you do not want to go through some riots area.

Bus option is not available because bus timetables need to be up to date all the time to have the most accurate routing.

My current location works in offline mode, but only when airplane mode is off.

And one interesting scenario (BBST scenario testing) happened. On Paris airport, I enabled data roaming, because those prices are acceptable (Croatia is part of EU). On plain I switched on airplane mode on, with data roaming enabled. Next stop, Toronto, Canada. And guess what, IT IS NOT POSSIBLE TO TURN OFF DATA ROAMING WHEN AIRPLANE MODE IS ON.

I was afraid that I will get some data traffic after I turn airplane mode off. But, luckily, my phone was not able to connect to any of Canadian mobile networks, so I could turn off mobile data roaming without any cost.

Scenario testing is very important part of professional testing activity. It is unfairly called manual testing, giving the impression that it is low skill activity.

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Tester on a journey


I traveled to Vancouver, Canada, in order to attend TestRetreat and CAST 2016. Here is the experience from the tester’s point of view.

First issue I found was at Zagreb Airport. Boarding card reader is only used just before you enter the Gate. Boarding card reader failed, and just in front of me, it was restarted. Scan of my board card returned “unknown flight” error. Despite that, I proceeded with boarding the plane.

In Paris CDG Airport, I took the picture (featured picture of this blog), because every step at the top of stairs section have this metal endorsement. I do not know why, I just documented that pattern.

While waiting for flight to Toronto, I did one exercise from book programming elixir. I was connected to Internet (only wifi connection), and started my Mac terminal. Exercise was a small program that is accessing the github api. I run it, and got ssl security exception, github certificate mismatch. This is security exception for man in the middle attack, and it means that you do not have direct connection with a server.

I opened Chrome and noticed airport wifi provider page where I needed to accept terms of service page. After that, I got direct connection with github api server.

Tester should never be bored during his journey.


Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Example of fast decision making


It this blog post I will give an example of fast decision making and explain why the skill of making fast decisions could make you better software tester.

Olympic basketball tournament started great for Croatian national team. They won over Spain, one of the best teams in last decade. Decision was made with last ball, when Dario Saric, new signed Philadelphia 76ers blocked one of the best world Players Paul Gasol.

What caught my attention as software tester was Dario’s statement about that block:

I saw that ball is not going to Nikola Mirotic (second center position Spain player), SO I JUMPED  BEFORE PAUL got the ball in order to block him.

That was fast decision (less that 1 second), he gambled a little bit, but with his observation, gambling was very justified.

He blocked Paul Gasol, and Croatia had an excellent start in Olympic tournament.

In order to be a better testers, you have to make a decision (for example, should I deploy to production this code change) in your context that is based on your observations. And it is important to start practicing your decision making by doing observations. You can start with your daily environment, it does not need to be connected with some software product.

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Django time machine


In my previous blog post, Simulating time in Ruby on Rails framework, I described how to travel in time in both directions by using Ruby on Rails console. In this post I will describe same feature for Django framework.

Here is example how to update in django shell user table last_login column, using Django active record classes. User is filtered using email column.

cd to_root_of_your_django_project
>python3 shell
>> from sl_models import user
>> user_instance = user.models.User.objects.filter(email="user_email value")
>> user_instance.values()
>> from datetime import timedelta
>> from datetime import date
>> user_instance.update( - timedelta(days=7)) //we are traveling by days, but it is also possible to travel by other time dimensions. Check python timedelta documentation

I wish you happy time traveling in Django!


Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Quick test idea: try inverse feature


In this post I will explain one quick, but very important, test idea. Inverse feature.

In order to avoid complex mathematical description and proof, let’s use simple plain explanation. Inverse feature does exactly the opposite from the original feature. And operates on output data of the original feature. Ad in the end, we should get back original data.

Here are few examples.

Every browser has zoom feature. Let's zoom in for 10% of this blog post, and again, zoom out on same blog post for 10%. You should view  blog post in starting resolution.

Or you have feature that exports list of users. The best way to test this feature is using import feature of users. Export users, delete them, do the import, you should get original list of users.

Inverse feature is very important quick test idea, because you can test original feature very quickly. Also, users will be very satisfied with your product if features of that product come in pairs.

This quick test idea is fallible because you can have four possible combinations:

both features work, both features fail, original feature fails, inverse feature fails.

It is important to be aware that using only this quick test method is not enough.

Which method would you use to help you in case when both features fail?

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Testival 2016 press release

We are proud to announce Testival 2016!

Testival is, simply put, a software testers’ event. A place for software testers to meet with each other and talk about testing. It is a combination of unconference format, where participants selects topics of interest, and keynote speakers.

Testival 2015 was a great success! We had 40 testers and two speakers. Dario Hrupec had talk “How do natural scientist test their ideas” and Maaret Pyhäjärvi talked about “Collaborative exploratory and unit testing”.

This year Testival 2016 will be hosted by STEP RI Science and Technology Park of the University of Rijeka Ltd!

Bookmark your calendars with Testival 2016 dates: September 23rd and 24th 2016!

This year we also have two exciting speakers:

Mirjana Kolarov is Test Department Manager at Levi9 IT Services and she will gave closing keynote: Reaching symbiosis of Exploratory and Automation Testing.

Ben Simo is Amphibious time-traveling context-driven cyborg software tester and he will give opening keynote Putting Context First.

In between is your time, our dear testers. This will be the time for session according to you selection in open session format.

With help of our sponsors, admission is free, and it is mandatory to register through Entrio system.

Our sponsors are:

Screen Shot 2016-07-23 at 3.47.00 PM

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Feature analysis for my Internet banking application


This post is feature analysis of my Internet banking application. As a user, I am not satisfied how those features are implemented because using them I spent much more time than expected.

As a user, I want to pay my bills reliably and as fast as possible. Feature that I used every month is to ADD MY BILL TRANSACTION TO BATCH OF TEN, and then I confirm that transaction with ONE transaction token.

SELECT PAYMENT TEMPLATES is also very important feature, because using them I only have to change one dynamic part of every bill, that is my PAYMENT ID created by the owner of the bill.

Combining those those two features, I spent less that 20 minutes to pay all my monthly bills. And that is acceptable for me.

Current system is live from the beginning of this year, which means that I used feature, CREATE A PAYMENT TEMPLATE, in the old system. All payment templates were successfully migrated to the new system.

This month, I needed to update one of those templates, and all the frustration and fun began. In user interface, there was no obvious information how to do that (obvious information in user interface is my prefered way of application documentation). Then I checked official user documentation.

Search for predlozak, croatian word for template. Second word will reveal Slika (picture) 10.17 and observe upper right corner. Yes, this is where you select to save NEW TEMPLATE.

So, there is no feature, UPDATE TEMPLATE. You need to delete current template and then create new one.

And here comes the BIG BANG FEATURE! In picture 10.17 you can see how to pay a transaction. Wait a minute, what does this have to do with creating the template? Well, they decide to merge two features, pay ONE transaction and during that feature, mark that you want also to create NEW TEMPLATE from that payment transaction. Simple and logical, if you are a Vogon.

So, here was my workflow:

  1. Add payment transaction to transaction batch of ten.
  2. Remove it from batch because I wanted to update it.
  3. Delete current template.
  4. Create new payment, mark that I want also new template from it
  5. Pay just one transaction
  6. Continue with adding other transactions, using their templates that need not to be updated, to batch transaction

There is also one feature, that I call ANNOYING FEATURE. Remember that in every PAYMENT, I need to update PAYMENT ID, hard coded by the owner of the bill. Croatia Vogons created a set of rules for that PAYMENT ID (and increased croatian employment number for 5000 thousand).

And bank developers decided to implement MAGNIFICENT FEATURE, check that business PAYMENT ID WHILE I am typing it in input field. Yeah for Javascript! Problem is that they trigger rule check BEFORE I FINISHED typing!

How is your Internet banking application these days?


Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

One character to rule them all


In this post I will provide example how just one character can make a significant difference regarding security of Django web application.

The issue is sql injection. When I test for sql injections and I have access to client codebase (which can save significant amount of money for client), I first search code for using raw sql code. I am using simple unix utilities, less and grep:

grep -H -r 'what_you_search' * | less

In Django code system, you should search for raw function because it accepts for input raw sql.

You should learn what is proper way to send sql parameters to that function. For Django raw, this is proper way:

>>> lname = 'Doe'
>>> Person.objects.raw('SELECT * FROM myapp_person WHERE last_name = %s', [lname])

I searched the codebase, and found following:

>>> lname = 'Doe'
>>> Person.objects.raw('SELECT * FROM myapp_person WHERE last_name = %s' % lname)

Have you noticed the difference? % instead of ,

Here is how you can easily construct strings in Python (Django is Python framework):

"welcome sql injection %s" % hacker_string

This just replaces hacher_string with %s. And does not check hacker_string for possible sql code injection, which raw function does, but only when user input is send as raw function parameter, as explained in documentation.

%, one character to rule them all!

Facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Blog that makes software testing interesting and exciting.