Testing Fundamentalstesting~10 mins

Authorization testing in Testing Fundamentals - Test Execution Trace

Choose your learning style9 modes available

Learn Why Deep Trace Try Challenge Automate Recall Frame

Test Overview

This test checks if a user without proper permissions is prevented from accessing a restricted page. It verifies that the system correctly blocks unauthorized access and shows an error message.

Test Code - Selenium with unittest

Testing Fundamentals

import unittest
from selenium import webdriver
from selenium.webdriver.common.by import By
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC

class AuthorizationTest(unittest.TestCase):
    def setUp(self):
        self.driver = webdriver.Chrome()
        self.driver.get('https://example.com/login')

    def test_unauthorized_access(self):
        driver = self.driver
        # Log in as a regular user
        driver.find_element(By.ID, 'username').send_keys('regular_user')
        driver.find_element(By.ID, 'password').send_keys('password123')
        driver.find_element(By.ID, 'login-button').click()

        # Wait until login completes and dashboard loads
        WebDriverWait(driver, 10).until(
            EC.presence_of_element_located((By.ID, 'dashboard'))
        )

        # Try to access admin page directly
        driver.get('https://example.com/admin')

        # Wait for error message
        error_element = WebDriverWait(driver, 10).until(
            EC.presence_of_element_located((By.ID, 'error-message'))
        )

        # Assert error message text
        self.assertEqual(error_element.text, 'Access Denied: You do not have permission to view this page.')

    def tearDown(self):
        self.driver.quit()

if __name__ == '__main__':
    unittest.main()

Execution Trace - 9 Steps

Step	Action	System State	Assertion	Result
1	Test starts and opens Chrome browser	Browser opens at https://example.com/login page	-	PASS
2	Find username input and enter 'regular_user'	Login page with username field filled	-	PASS
3	Find password input and enter 'password123'	Login page with password field filled	-	PASS
4	Find and click login button	Login form submitted	-	PASS
5	Wait up to 10 seconds for dashboard element to appear	Dashboard page loaded after successful login	Dashboard element is present	PASS
6	Navigate directly to https://example.com/admin page	Browser attempts to load admin page	-	PASS
7	Wait up to 10 seconds for error message element to appear	Error message displayed on page	Error message element is present	PASS
8	Check that error message text equals 'Access Denied: You do not have permission to view this page.'	Error message text visible to user	Error message text matches expected	PASS
9	Close browser and end test	Browser closed	-	PASS

Failure Scenario

Failing Condition: User is able to access the admin page without proper authorization

Execution Trace Quiz - 3 Questions

Test your understanding

What does the test verify after logging in as a regular user?

AThat the user cannot access the admin page

BThat the user can access the admin page

CThat the login page shows an error

DThat the dashboard is inaccessible

Key Result

Always verify that unauthorized users cannot access restricted pages by checking for proper error messages or redirects. This ensures your authorization controls work as intended.