0
0
Testing Fundamentalstesting~20 mins

Authorization testing in Testing Fundamentals - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepTraceTryChallengeAutomateRecallFrame
Challenge - 5 Problems
🎖️
Authorization Testing Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
1:30remaining
Understanding Authorization vs Authentication

Which statement best describes the difference between authorization and authentication?

AAuthentication and authorization are the same and used interchangeably.
BAuthentication verifies who you are; authorization determines what you can access.
CAuthorization verifies who you are; authentication determines what you can access.
DAuthorization is done before authentication in the login process.
Attempts:
2 left
💡 Hint

Think about logging in first, then checking permissions.

Predict Output
intermediate
1:30remaining
Result of Role-Based Access Check

What will be the output of the following Python code simulating a simple authorization check?

Testing Fundamentals
user_role = 'editor'
resource = 'article'

permissions = {
    'admin': ['article', 'comment', 'user'],
    'editor': ['article', 'comment'],
    'viewer': ['article']
}

if resource in permissions.get(user_role, []):
    print('Access granted')
else:
    print('Access denied')
AAccess granted
BKeyError
CAccess denied
DTypeError
Attempts:
2 left
💡 Hint

Check if 'article' is in the list for 'editor' role.

assertion
advanced
1:30remaining
Validating Authorization Failure in Test Assertion

Which assertion correctly tests that a user without 'admin' role cannot delete a user account?

Testing Fundamentals
def can_delete_user(user_role):
    return user_role == 'admin'

user_role = 'viewer'
result = can_delete_user(user_role)
Aassert result is False
Bassert result == True
Cassert result != False
Dassert result == None
Attempts:
2 left
💡 Hint

The function returns True only for 'admin'. For 'viewer', it returns False.

🔧 Debug
advanced
2:00remaining
Identify the Bug in Authorization Logic

What is the bug in this JavaScript authorization check code?

Testing Fundamentals
function checkAccess(role) {
  if (role == 'admin') {
    return true;
  } else {
    return false;
  }
}

console.log(checkAccess('viewer'));
AThe role variable is not declared.
BThe function does not return any value.
CThe assignment operator '=' is used instead of comparison '=='.
DThe console.log statement is missing parentheses.
Attempts:
2 left
💡 Hint

Check the condition inside the if statement carefully.

framework
expert
2:30remaining
Best Practice for Authorization Testing in Automation Framework

In an automated test framework, which approach best ensures authorization rules are tested effectively?

ATest only happy paths where users have full access to resources.
BTest authorization only after deployment to production.
CSkip authorization tests and rely on manual testing for security.
DUse parameterized tests to check multiple roles against resource access permissions.
Attempts:
2 left
💡 Hint

Think about covering different user roles and permissions efficiently.