NB-Public/kandimat
13
0
Fork 0
Code Issues 15 Pull requests Projects Releases 1 Wiki Activity

Create security tests for the backend #10

New issue
Open
opened 2020-05-31 00:55:45 +02:00 by christoph.lienhard · 0 comments
christoph.lienhard commented 2020-05-31 00:55:45 +02:00 (Migrated from git.verdigado.com)
Copy link

Find a good solution to test the whole backend, especially concerning the security.

Test cases consist of three parts:

  • the role of the user which does the query (editor, candidate, (verified) user, or anonymous)
  • the query itself
  • the expected response

A solution may be to create a "test"-client (with appollo-js) and convert test cases into queries but there may be of-the-shelf solutions for graphql which can be utilized (they need to work with jwt authentication, though)

The tests should include most of the security setup specified in the security considerations readme.

Find a good solution to test the whole backend, especially concerning the security. Test cases consist of three parts: * the role of the user which does the query (editor, candidate, (verified) user, or anonymous) * the query itself * the expected response A solution may be to create a "test"-client (with appollo-js) and convert test cases into queries but there may be of-the-shelf solutions for graphql which can be utilized (they need to work with jwt authentication, though) The tests should include most of the security setup specified in the [security considerations readme](https://git.verdigado.com/Netzbegruenung/candymat/src/branch/security-setup/backend/security_considerations.md).
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
go-live
feature/#28
feature/#30
#33_introduce_arc42
develop
feature/#17
v0.1.0
Labels
Clear labels   
Documentation

Issues related to documentation enhancement

  
Infrastructure

Issues related to infrastructure, like docker-compose or setting up a test framework.

  
Redaktions-App

Issues related to the candymat redaktions app

  
User-App

Issues related to the candymat user app

  
backend

Issues related to the backend

  
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
wontfix

This won't be fixed

  
Effort
High
estimated 24 hours of work

  
Effort
Low
estimated 4 hours of work

  
Effort
Medium
estimated 12 hours of work

  
Prio
High
Mission critical

  
Prio
Low
Nice to have

  
Prio
Medium
Improves function or usability substantially

  
Type
Bug
Prevents existing functionality from being used

  
Type
Feature
Adds new features

No labels
Documentation
Infrastructure
Redaktions-App
User-App
backend
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
Effort
High
Effort
Low
Effort
Medium
Prio
High
Prio
Low
Prio
Medium
Type
Bug
Type
Feature
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: NB-Public/kandimat#10
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?