Hard to test login feature

[orzymandias]

No way to verify your applicaiton actually works as I have no credentials to login to the actual source academy.

Cannot verify if those are actual student information after loggin in

[nus-pe-bot]

Team's Response

There is no way to circumvent this since we are also not able to provide testers with a valid account to log in due to privacy and security issues. Moreover, since the application is meant for CS1101S tutors, they will have a valid account to use the application, and thus the severity of this should be low as this bug only arises for testing purposes for testers without a valid Source Academy account.

Items for the Tester to Verify

:question: Issue response

Team chose [response.Rejected]

• [x] I disagree

Reason for disagreement: Thank you for your reponse. Your concerns about security and privacy are completely valid and understandable but your response just validates the report that it is indeed impossible for me to test and verify that your login feature actually works which is a limitation for testing when such a feature is included. Furthermore, the project briefing already warns againsts incorporating such features for this very reason.

I think authentication features are fine for manual testing if there are means for testers to login via a test account to verify if authentication works properly and also if data fetched from the server will show up in the application.

---

:question: Issue severity

Team chose [severity.Low] Originally [severity.High]

• [x] I disagree

Reason for disagreement: The severity given was high for 2 reasons:

• It is impossible to use the login feature without an account which makes it "unusable"
• This constraint has spillover effects, apart from verifying logging in, in the form of not being able to test if application is able to fetch student , quest and mission data. Also, it is impossible to test if fetched data, will be parsed properly by the application and check if operations on these data will be saved to the server or just be saved locally. And if it is the latter case, how it handles conflicting data since data on the server and data saved locally are not in sync. Different testers with and without a source academy accounts will have unequal opportunities since those without an account are unable to test under these scenerios.

I have consulted prof Darmith about the testability of this application and this is his input:

---