Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

QoD Test definitions #349

Merged
merged 8 commits into from
Aug 30, 2024
Merged
Show file tree
Hide file tree
Changes from 6 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
70 changes: 0 additions & 70 deletions code/Test_definitions/QoD_API_Test.feature

This file was deleted.

19 changes: 18 additions & 1 deletion code/Test_definitions/README.md
Original file line number Diff line number Diff line change
@@ -1 +1,18 @@
This directory contains at least one `.feature` file containing test definitions for the repository API(s).
This directory contains the `.feature` files with test definitions for the 3 repository API(s).
There is a separate Feature file per API operation.

The test plan has to be enhanced and some scenarios still contains comments and questions to be resolved:

* Should `sinkCredential` be returned as part of `SessionInfo` and `ProvisioningInfo` responses?
* For port ranges, the maximum is considered in the schema so a generic schema validator may generate a 400 INVALID_ARGUMENT without further distinction, instead of the specific 400 OUT_OF_RANGE, so both could be accepted
* For `sinkCredential.accessTokenType`, only `bearer` is considered in the schema so a generic schema validator may generate a 400 INVALID_ARGUMENT without further distinction, instead of the specific 400 INVALID_TOKEN, so both could be accepted
* When providing a non existent QoS Profile to create a session or provisioning, what code to return? 400 INVALID_ARGUMENT is proposed
* For expired tokens, both codes "UNAUTHENTICATED" or "AUTHENTICATION_REQUIRED" for 401 may be returned, depending on whether the access token can be refreshed or not
* Decision about 422 DEVICE_IDENTIFIERS_MISMATCH is under discussion
* Now that QoS Profiles may be restricted to certain devices, what code to return when the provided device in createSession is not suitable for the provided qosProfile. We may reuse 422 DEVICE_NOT_APPLICABLE
* When providing a path parameter, such sessionId or provisioningId, which is not compliant with the spec format (UUID), what code to return? Options are 400 INVALID_ARGUMENT or 404 NOT_FOUND if path parameter format is not checked previously
* 422 UNSUPPORTED_DEVICE_IDENTIFIERS is in the Commonalities guidelines (document) but it is not yet in the artifact and it not yet considered in the quality-on-demand or qos-profiles API specs, but it is in qod-provisioning API spec
* It is not defined the expected behavior when extending the duration of a session in qosStatus REQUESTED or UNAVAILABLE
* For QoS Profile response validations, it is pending to check additional constraints, such as minDuration being less or equal than maxDuration, etc
* When accessing a session or provisioning created by a different client, both 403 INVALID_TOKEN_CONTEXT and the generic 403 PERMISSION_DENIED codes could make sense.

Loading