Overview
The backend database User Acceptance Testing ("UAT") tests the four Application Programming Interface ("API") endpoints that add valid records to a Xano database.
To recap, the APIs have the following functionality:
- Authenticate an API client
- Accept a JSON input
- Apply basic data checks to skip invalid records & store valid records
I used two external clients to do the UAT: the MVP's Flask Python backend and Postman. I wanted to try Postman as it's been a while since I've used it, and there's no harm refreshing my knowledge.
Test Scenario Coverage
I came up with test scenarios that cover the following:
Authentication: Is each endpoint secure?
Data validation: Does each endpoint correctly handle duplicate records and invalid entities?
Data storage: Does each endpoint store valid records in the correct table?
Sample Data & UAT Results
I re-used the same 10 Custodian Statement PDF statements (covering 71 pages) from the previous UAT as the sample dataset.
This approach allowed me to easily validate my results by comparing the current UAT output to the previous UAT output (in Excel) as Xano data can be easily exported to Comma Separate Value ("CSV") format.
The alternative - using a fresh set of sample data - would have been to compare the current output to the Custodian Statement PDFs. This is a really tedious task with no obvious benefit.
I executed 20 UAT test case scenarios in total, and there were fortunately no failures.
External API Client: Flask Python Backend
To call the Xano API endpoint using the Flask Python backend, I used Python's requests library.
The json_data variable contains the data extracted from the Custodian Statement PDF. The snapshot below is the results summary in my browser after a successful API call is made.
External API Client: Postman
Example 1: Invalid Auth Token
Entering an invalid AuthToken returns a 401 Unauthorized response. This is expected.
Example 2: Skip Duplicate Records
To simulate this test, I first added 234 valid records to the custodian_securities table using the API endpoint.
I then called the API endpoint with the same JSON input. As expected, none of these records were stored as they were all duplicates.
Example 3: Skip records with invalid entities
I created a JSON input with a fictitious entity called "Mickey Mouse". I then called the add_custodian_securities API endpoint.
As expected, a 200 Response Code was returned, with the skipped record listed in the response.
Next Steps
I previously did a flowchart to lay out the MVP's envisioned scope, and have updated it to illustrate what has been completed ("Phase 1") and what I plan to do next ("Phase 2").
--Ends
Top comments (0)