Die im Konferenzprogramm des GTD digital 2021 angegebenen Uhrzeiten entsprechen der Central European Time (CET).
Per Klick auf "VORTRAG MERKEN" innerhalb der Vortragsbeschreibungen können Sie sich Ihren eigenen Zeitplan zusammenstellen. Sie können diesen über das Symbol in der rechten oberen Ecke jederzeit einsehen.
Gerne können Sie die Konferenzprogramm auch mit Ihren Kollegen und/oder über Social Media teilen.
Der Track+ besteht aus Präsentationen der Sponsoren und unterliegt somit nicht der Qualitätssicherung des Conference Boards.
Bitte beachten Sie, dass es für vereinzelte Workshops eine Teilnehmerbeschränkung gibt. Weitere Infos hierzu finden Sie in den Workshop-Beschreibungen.
I have been working on a project with an extremely intricate users' roles structure for more than a year and during that time I've noticed many things that I could have done better and issue that I could have avoided.
I will drag your attention to: importance of creating and reviewing documentation on a regular basis; unification of roles restrictions; admin panel testing; merging of roles; priorities in system roles testing; how not be lost in permissions testing.
Absence of critical issues in roles and permissions is crucial for business, thus shouldn`t be neglected.
Target Audience: Testers
Prerequisites: experience with access rights testing would be nice but not necessary
Level: Basic
Extended Abstract:
Most of websites have at least 3 system roles - admin, logged in user and guest. Testing of users' access rights doesn`t seem to be too complicated in this case. However, what if there are multiple roles? What if there are more than 10 roles and some of their functionalities overlap?
I want to tell a story of the project with an intricate users' access rights system.
I am going to raise the following topics:
- What to do if you are hired when the project is already ongoing and there is no documentation for user roles;
In my opinion sometimes roles and permissions testing is underestimated and is not tested separately. Instead it's expected that a tester will cover all roles while testing a feature. This is a justified approach when a new feature is tested, but not effective during regression or for automated tests.
Absence of critical issues in roles and permissions is crucial for business, thus shouldn`t be neglected.