Testing service is crucial to ensure that the service (API) takes the right set of inputs and provides a valid result. A service can be tested in the following ways:
- Use Abstracta UI itself
It is simple and easy to do if the tester is able to log in with multiple user roles. But it is not the case all the time. Performing testing using tools like postman will enable user impersonation to test it and ensure that all users get the right data based on data profiling and policies enforced.
- Use Postman Collections
Postman collections simplify the testing strategy to validate data security applied to various users.
Export services as a postman collection:
- Menu > Organizations
- A list of organizations are displayed
- Choose an organization by clicking on the checkbox
- The "Postman Collection" button is enabled on top of the organizations' list
- Click on "Postman Collection"
- Two files of type "Collection" and "Environment" will be downloaded. (Browsers like chrome shows up a popup button to "allow multiple files to download". Accept that to download)
Follow the below steps to import:
- Open Postman Tool. If not downloaded already, download from here.
- Click on "Import" > Upload files popup appears
- Import the files downloaded from Abstracta™
Configure values for the "Environment" file:
- Select "Environments"
- Click on the imported environment file
- Get application token
- Open Abstracta™ UI
- Menu > Applications
- Choose an application and select "Manage API Token"
- Copy Client id & Client Secret from the below dialogue.
- If an API token is not generated, generate API Token. When an API token is generated, an M2M user is generated. (Check Menu > Admin > Users)
- Copy *as another user* (>>YOUR_FORUSER_SECRET_HERE<< ) secret from above.
- Update the current value for variable client_id_x with the value copied from the API token screen.
- Update the current value for variable secret_id_x with the value copied from the API token screen.
- Update the current value for variable for_user_secret_id_x with the value copied from the Manage user dialogue screen.
- Get "For User Secret"
- The API testing expects the user secret to enforce the data policies.
- Open Abstracta™ UI
- Menu > Admin > Users
- Choose a user for which you want to impersonate (A user can give impersonate access to the application M2M user). You can do other uses as well provided you are an Administrator.
- Copy the secret code generated
- Update the current value for variable var_for_user_secret with the value copied.
- Save the changes.
Test the service in Postman Collection:
- Select "Collections"
- Choose the imported collection file
- Navigate to your application in the collection folder
- Each data source defined in Abstracta™ would appear as a folder
- One additional folder with the name "_auth" appear as well
- Expand folder "_auth" > Select API "Get Token" > Click on "Send" > It generates a token and saves it in a variable jwt_token.
- Navigate to the data source folder where the services are defined and to be tested
- Select a Service (API)
- Review "Body" of the API and update any if needed.
- Click on the "Send" button.
- The JSON response will appear.
- Validate the data
- Repeat the process until your testing is complete.