Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Unit Testing approach

Go to solution
Former Member

‎2008 Oct 07 4:13 AM

0 Likes
1,278

Hi,

We had done technical migration of value based roles to derived roles, and facing problem to design the unit testing approach for the same. can you please suggest what must unit testing approach and how to create test cases for authorizations specificaly to derived roles created from value based roles ?

goal is after testing, end users should not feel any changes done in roles approach.

Thanks.

Regards,

Swapnil

<removed_by_moderator>

Edited by: Julius Bussche on Oct 7, 2008 3:40 PM

1 ACCEPTED SOLUTION
Read only

Go to solution
Former Member

‎2008 Oct 07 4:46 AM

0 Likes
845

Hi Swapnil,

The Testing of Security roles need to be taken in a two step approach

Step 1 Unit Testing in DEV

A. Prepare the test cases for each of the derived roles and ensure that your main focus is to see if you are able to execute all the tcodes that have been derived from the parent role with out authorization errors. You also need to verify if each of the derived roles are applicable to those respective Org level Values.

B. Because there will not enough data in DEV ( except In some cases where you have a refresh of fresh PROD data) it is always advisable to do the actual testing of the roles in QA. The goal here is to see if you are able to perform a dry run of all tcodes/Reports/Programs that belong to the roles.

C. You may create fewer Unit test ids as you only assign one ID with one role and once the role is tested you can assign the same ID to another role.

Step 2 Integration Testing in QA

A. Prepare the Integration Test cases for each of the Derived roles. Here most likely the testing will be performed by the end users/Business Analysts in that respective Business Process. Each test case must reflect the possible Org level Authorization Objects and Values that need to be tested.

B. As Integration testing is simulation of actual Production authorizations scenario, care must be taken when creating mulitple Integration test user ids and assigning them right roles and send the ids to the end users to perform the testing in QA.

C. The objective here is that end user must feel comfortable with the test cases and perform both Positive and Negative testing. Testing results must be caputured and documented for any further analysis.

D. In an event of any authorization errors from Integration testing, the authorization errors will be sent to the Security team along with SU53 screenshots. The roles will be corrected in DEV and transported back to QA and the testing continues.

E. Also the main objective of Integration testing would be to check if the transactions are reflecting the right amount of data when executed and any mismatch in the data will be direct implication that the Derived roles do not contain the right Org level values.

Hope this helps you to understand how testing of Security roles (Derived) is done at a high level.

Regards,

Kiran Kandepalli.

Edited by: Kiran Kandepalli on Oct 7, 2008 5:47 AM

5 REPLIES 5
Read only

Go to solution
Former Member

‎2008 Oct 07 4:46 AM

0 Likes
846

Hi Swapnil,

The Testing of Security roles need to be taken in a two step approach

Step 1 Unit Testing in DEV

A. Prepare the test cases for each of the derived roles and ensure that your main focus is to see if you are able to execute all the tcodes that have been derived from the parent role with out authorization errors. You also need to verify if each of the derived roles are applicable to those respective Org level Values.

B. Because there will not enough data in DEV ( except In some cases where you have a refresh of fresh PROD data) it is always advisable to do the actual testing of the roles in QA. The goal here is to see if you are able to perform a dry run of all tcodes/Reports/Programs that belong to the roles.

C. You may create fewer Unit test ids as you only assign one ID with one role and once the role is tested you can assign the same ID to another role.

Step 2 Integration Testing in QA

A. Prepare the Integration Test cases for each of the Derived roles. Here most likely the testing will be performed by the end users/Business Analysts in that respective Business Process. Each test case must reflect the possible Org level Authorization Objects and Values that need to be tested.

B. As Integration testing is simulation of actual Production authorizations scenario, care must be taken when creating mulitple Integration test user ids and assigning them right roles and send the ids to the end users to perform the testing in QA.

C. The objective here is that end user must feel comfortable with the test cases and perform both Positive and Negative testing. Testing results must be caputured and documented for any further analysis.

D. In an event of any authorization errors from Integration testing, the authorization errors will be sent to the Security team along with SU53 screenshots. The roles will be corrected in DEV and transported back to QA and the testing continues.

E. Also the main objective of Integration testing would be to check if the transactions are reflecting the right amount of data when executed and any mismatch in the data will be direct implication that the Derived roles do not contain the right Org level values.

Hope this helps you to understand how testing of Security roles (Derived) is done at a high level.

Regards,

Kiran Kandepalli.

Edited by: Kiran Kandepalli on Oct 7, 2008 5:47 AM

Read only

Go to solution
Former Member
In response to Former Member

‎2008 Oct 07 5:09 AM

0 Likes
845

Hi,

Thanks Kiran, It will be helpful if you can give an example of test case in term of roles testing, I am preparing the same approach you suggested here and confirmed on the right path ... thanks for that.

I am facing problem to design the test case as mentioned before. kindly suggest.

Thanks,

Regards,

Swapnil.

Read only

Go to solution
Former Member
In response to Former Member

‎2008 Oct 07 12:57 PM

0 Likes
845

HI Swapnil,

Here is a typical example of a Role Test case that I have used in my previous Security projects.

In the Test case document you need to mention the following:

1. SAP technical Role Name

2. Role Description

3. List of all Tcodes that need to be tested -

4. Or Level Authorization objects and the values you have supplied in the Role

5. Any Tables, Programs, Reports that are included in the Role

6. Any Specific Authorization Objects and their values supplied in the Role

7. Include enough space for the Tester to give comments on both Positve and Negative testing.

As your test cases will be to do testing on the Derived roles, Care must be taken to put the right Org Level Auhtorization Objects and their Values you have supplied in the corresponding Derived roles otherwise the Tester will be confused while testing.

Hope this Helps,

Regards,

Kiran Kandepalli.

Read only

Go to solution
Former Member
In response to Former Member

‎2008 Oct 08 1:30 PM

0 Likes
845

Hi Kiran,

Thanks for your input and the same helped me to design the test cases as per the clients requirment. appriciate your help.

Regards,

Swapnil Lakhe

Read only

Go to solution
Former Member
In response to Former Member

‎2008 Oct 08 2:16 PM

0 Likes
845

Hi Swapnil ,

I hope your question is answered.

Pls let me know if you have any further questions or else change the Question status to Answered.

Regards,

Kiran Kandepalli.