COrbitCA - CAcert.org Account Holders CCA Completing Campaign - Technology Project Background


CCA patches Testing

first:




D O N ' T     P A N I C ! ! !




(well ... i would have used nice and friendly red letters to write DON'T
PANIC) ... but in pure-text-emails this is not possible)

what i wanted to say:

some minutes ago i removed the CCA-patches from the web of test1.cacert.at and installed the actual tarball there.

( Before you ask: No ... I'm not drunk [okay ... one coke light, but this doesn't count] ... and i don't used drugs ... ;-) ).

The patches will come back ... but differently ...

... since i've seen, that the way i did it in July did not work.

The background is not ready up to now, but will be prepared in the next week ... so additional informations will follow.

have a nice day ...


Project Description

The CCA Rollout needs system patches that are developed by dirk and added to the test system test1.cacert.at. These patches needs to be tested before activating it on the live system.

As of Aug 31th, there is no test plan and no ongoing testing. This page is the matrix to coordinate the tests and is also the report overview.

Test Team


Test Environment

The test environment includes addtl. coding, that needs to be removed, once the testing has been finished. To set the different permission levels for testing different user levels (un-assurerd, assured, challenge passed users and so on) needs setting the permission levels individualy. Therefor each tester needs by default SSH access and knowledge about how to modify the account settings for the test account.

To get a wider test team, addtl. code has been implemented:

/www/includes/account_stuff.php   lines 218 - 224    (inserting an addtl. menu option)
/www/ccatperm.php
  1. Start the test with create an account.
  2. Test all menu option you can reach with this level of permission
  3. Select menu: CCA Patch - Set permissions to set the next level for testing by yourself
  4. After selecting the permissions, you'll get a results page of permissions modifications, with Next you start from the login page

  5. Repeat all tests with the new permission settings, each permissions level (points) have two test options: a) without Challenge passed b) with Challenge passed

  6. continue at step 2 until all permission levels and all addtl. options has been tested

For the first time you get only the next possible permission level. If once 150 points reached, you have also addtl. option settings (ORGadmin, TTPadmin, Board setting, and so on). So please walk thru all menu options, to test all possible actions by each permission level. With increased permission level, addtl. options are possible and scripts that cannot accessed by permission level 0 points with no Challenge passed can be tested later on.

What you have to test - The 25 test levels

Each function listed in the matrix below (each? not all) includes the addtl. Checkbox for the CCA acceptance. First you have to try to leave the Checkbox unselected. Can you continue with the regular function you've selected ? or does the system report a warning message, stopping you to continue processing ? If so, the test was successful in the first step. Now retry to start this function with the Checkbox enabled. Can you continue to the next page ? If yes, the 2nd half of the test was successful and needs to be reported with a SUCCESS below in the test matrix.

All key generation functions (generate client cert, generate server cert) doesn't completes, but before processing the key generation function you'll receive a page before. If you'll reach this page the test is successful even though the key generation doesn't works.

There are some scripts that cannot reached by directly testing. These scripts are include files or central scripts that are used by several functions. In this case, the related functions are listed in the comments box. In error reportings these scripts may be displayed (i.e. error in /www/wot.php ...)

Several scripts cannot be accessed without proper flag settings (TTPadmin, Sysadmin, ORGadmin). These flags are disabled from the beginning. At the very end of your testings, if you have reached the 150 points level, these addtl. flag settings becomes selectable by the CCA Patch - Set permissions page.

As some functions may vary in the results by different point levels, the tests needs to be repeated again and again thru several point levels. There are 10 levels included in this "Set Permissions" script: 0, 1, 49, 50, 51, 99, 100, 102, 148, 150 points.

The Assurers are no longer assurers if they didn't passed the Assurers Challenge, the scripting includes also this situation. An old assurer with 150 points, Assurer Challenge not passed yet needs also be tested. So, each level should be tested twice. One test without the Assurer Challenge passed, the 2nd round at the same level with the Assurer Challenge passed flag set.

So all in all you have to walk thru 20 test levels upto 150 points. Then, you have to do some addtl. special flags testing: TTPadmin, Board, TTPadmin and Board, ORGadmin, Sysadmin flags enabled. This means: 5 addtl. test rounds.

If you'll find some errors (except key generation error, this function is not available on the test system), please report these errors at the end of this page.

Test Matrix

Glossar: {+} Test success, {0} Ongoing Test or needs reviewing by others, {-} Test fails, cube_white.jpg N/A

Testers

Ted

Iang

Uli

b2

WD

...

Description

Comment #

Group 1 patches

0,1-

... level tested

/www/index.php

{+}

Logged-In: CAcert.org - Go Home

/pages/index/0.php

{0}

Logged-Out: Translations - id=0&lang=de_DE

x18

/pages/index/1.php

{+} cube_white.jpg

{+}

create an account

w/o CCA is blocked

/pages/index/1.php

{+}

{+} cube_white.jpg

{-}

create an account

x1, x2, x12

/pages/index/4.php

{+}

{+}

password login

x2

Group 2 patches

1-

/www/gpg.php

cube_white.jpg

N/A at level 0 (as expected?)

/pages/gpg/0.php

cube_white.jpg

GPG/PGP Keys - New

N/A at level 0 (as expected?)

Group 3 patches

1-

/includes/account.php

cube_white.jpg

cube_white.jpg

cube_white.jpg

cube_white.jpg

cube_white.jpg

cube_white.jpg

include file of /www/account.php

x11

/pages/account/1.php

{+}

{+}

{+}

add email to account

/pages/account/3.php

{-}

{+}

{+}

generate client certificate

x7, x13, x14

/pages/account/7.php

{0}

{+}

add domain

x14, x15

/pages/account/10.php

{+}

generate server certificate (paste csr)

x13, x14

/pages/account/13.php

{+}

{+}

{+}

edit personal data

/pages/account/16.php

cube_white.jpg

{+}

OA - generate client certificate

Needs ORGadmin set

/pages/account/20.php

cube_white.jpg

OA - paste csr (generate server certificate)

Needs ORGadmin set; is this correct? the page does not say

/pages/account/43.php

cube_white.jpg

Sysadmin - Find User - Show Agreements the user gave. how do we do this?

x5, x10

Group 4 patches

1-

/www/wot.php

{0}

Is used by: My Details (Listing, Location, Points), CAcert Web of Trust (About, Find an Assurer, Rules, Assure Someone, Trusted Third Parties)

Walk thru all the menu options listed in the box one left // x17, x9

/pages/wot/6.php

cube_white.jpg

Special Assurance Programs

Needs 3 tests: TTPadmin set, Board set, TTPadmin and Board set; x16

Testers

Ted

Ian

Uli

b2

WD

...

Description

Comment #

unpatched

1-

/pages/index/5.php

{+}

{+}

{0}

Lost password function

x3, do we want to ask CCA acceptance here? x4

/pages/disputes/1.php

{0}

emailaddress dispute

x6

/pages/disputes/2.php

{0}

domain dispute

x6

/pages/wot/10.php

{-}

Details - My Points

x8, x9


Comment #

x1) create an account

Ian:


x2) create an account, password login (fixed)

uli:





x3) lost password


x4)


x5) no access


x6) dispute pages no CCA?


x7) revoke pending certificate


x8) My Details - My Points (solved)


x9) My Details - My Points


x10) Sysadmin - Find User Operations

Show Assurances the user got
https://www.test1.cacert.at/account.php?id=43&userid=119&assuredto=yes
7 columns header, result columns: 1st spawn=2, 2nd spawn=1, 3rd spawn=3, 1 missing

Show Assurances the user gave
https://www.test1.cacert.at/account.php?id=43&userid=119&assuredby=yes
7 columns header, result columns: 1st spawn=2, 2nd spawn=1, 3rd spawn=3, 1 missing

table result columns missing 1 column

Show Agreements the user gave
https://www.test1.cacert.at/account.php?id=43&userid=119&listagreements=yes
4 columns header, result columns: 4x 1   is ok


x11) /includes/account.php

Script cannot be tested individualy, cause its an include file in all account.php operations.
/www/account.php  line 19
        include("../includes/account.php");
and includes the requested actions handling of all other account.php scripts
its only 'viewable' in case of an error


x12) Password

Password requires a space in it, otherwise the "strength-o-meter" gives from -2 to +2 points.

It seems that requiring a full strength test of every feature of the system ... in order to test the required stuff we want to test today ... might be inefficient!

x13) Generate Client/Server Cert

End with message that it is queued and never comes back...


x14) Multiple pages Functions

x15) Email Response

x16) Special Assurance Programs

x17) Ajax Form not working

SGML Parser Error / Warning messages

Result: 7 Fehler / 0 Warnungen

line 6 column 67 - Fehler: document type does not allow element "META" here
   1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
   6: <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
line 27 column 6 - Fehler: end tag for element "HEAD" which is not open
  27: </head>
line 28 column 64 - Fehler: document type does not allow element "BODY" here
  28: <body onload="hideall(); explode('home'); explode('mydetails');">
line 82 column 42 - Fehler: required attribute "TYPE" not specified
  82: <script language="javascript" src="/ac.js"></script>
line 83 column 29 - Fehler: required attribute "TYPE" not specified
  83: <script language="javascript">
line 99 column 28 - Fehler: there is no attribute "AUTOCOMPLETE"
  99: <td><input autocomplete="off" type="text" id="location" name="location" value="" size="50" /> (hit enter to submit)</td>
line 104 column 29 - Fehler: required attribute "TYPE" not specified
 104: <script language="javascript">

x18) Translation DE


references:


Technology/Laboratory/COrbitCA (last edited 2010-10-06 10:07:02 by UlrichSchroeter)