Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
i am experiencing some difficulties(user managmen) while using selenium. It makes me start thinking about how much focused should be scenarios/steps. For example i am testing adding posts as user.
Should the user steps (Given existing user) should be clicking page to register and then add the post? Or should i create user through model and be clicking just the post addition?
Don't shame just paste a link to a short explaining article ;)
I tend to follow the approach recommended in the Cucumber Book (which I don't have to hand). Generally, it suggests using direct model access to perform setup which is not the focus of the test
e.g. for an 'adding item to my shopping basket' test, I would directly manipulate the models to create a logged-in user and products to be added, then use browser integration to perform the actions being tested, in this case clicking the 'add to basket' button and checking the basket contents.
I would only start clicking through the login page with Capybara/Webrat etc if I was actually testing the login functionality.
Find someone who is interested in the user posting the article, and talk to them about the scenarios. Whatever focus they have is probably the focus you should use.
For instance, they will probably say,
Given there's a user who likes horses
And they're already logged in
When they add a post
Then it should be visible to other people who like horses
etc.
The language is very informal. I encourage you to keep their words as much as possible. Business people definitely won't be talking in terms of clicking the post, creating user models, etc. You can make the code underneath this do whatever is necessary to make your business's scenarios work.
If something is a "Given", do whatever is easy to make it work. Maybe that's hacking data or knocking up a user model; maybe that's clicking a page. If you get it wrong you will be able to change later without changing the scenarios, so it should be OK to try whatever is easy. Automating UIs is slow, so you might eventually decide to use data or a model, but if you do this later on you'll have a better idea of what the data/model will look like anyway.
The "When" is the event that causes the behavior you're interested in - in this instance, "When they add a post". You should always do this from the highest level you can - some people like to automate the UI, others the controllers, but this is basically the core of your scenario, so you shouldn't be hacking data in here.
Here's an article I wrote about using BDD to have conversations which I think will be useful to you. You might also like this one, "Step Away from the Tools", or this rant I wrote on StackOverflow a while back.
The most important thing about BDD is to talk to people, though. Please try to do that and not let the tools prevent you from doing it!
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 5 years ago.
Improve this question
I'm reorganizing my agile board on youtrack and am trying to conform to the industry best practices however I would much rather call an epic
"User Profile"
as opposed to
"A users can view their own and other users information and content on their user profile"
if I can get away with it.
I'm going to be applying for jobs soon so theres a chance someone might look at what I've done and I just want to make sure I don't look bad because of something like this.
To further clarify how I view each "Type" of issue (to make sure I'm understanding them correctly)
Epic - User Profile (brief description)
Feature - User Feed (detailed description)
Task - A user may like items in the feed
At the time of writing the epic stories, probably you don't have the same clarity level on what the customer really want.
So the epic title might be "User Profile" while later on when you start creating the user stories; the user story title "As user I want to be able to update my profile so that I can add avatar".
The title of an epic should be 'fit for purpose'. What that purpose is depends on how you are using them.
For example, say you were the only person who had visibility of the epics. In that case the epic title should be something that made sense to you. If, however, the epic was visible widely across business users then it would make sense to use an epic title that means the most to them.
There isn't really a 'best practice' when it comes to this kind of thing as agile approaches vary so much. Really it is about finding a solution that works well for your particular organisation and if it doesn't work well, adapting it to be better.
I would suggest the only situation you absolutely want to avoid is having epic titles that are meaningful to the delivery team, but not understood by the business users.
There is really no logical difference between an epic and a story; the distinction is one of scale. In fact, it is often the case that a story becomes an epic when the team estimates it to be relatively large.
We find it really easier to go through the product backlog items, specially when we are trying to rank them by showing a title which sum-up the main purpose behind the user story and if more details is needed then we dig into it to check the whole user story with it is acceptance criteria.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
As long as it's SQL injection proof, would it be alright for me to let non-members add comments to a post and give the Author the ability to delete them?
Before you do it, consider the following questions
(and any other questions specific to your project that may spring to mind)
Do you have a good rate-limiting scheme set up so a user can't just fill your hard drive with randomly-generated comments?
Do you have a system in place to automatically ban users / IP addresses who seem to be abusive? Do you have a limit on the number / number of kilobytes of comments loaded per page (so someone can't fill a page with comments, making the page take forever to load / making it easy to DoS you by making a lot of requests for that page)?
Is it possible to fold comments out of sight on the webpage so users can easily hide spammy comments they'd rather not see?
Is it possible for legitimate users to report spammy comments?
These are all issues that apply to full members, of course. But it also matters for anonymous users, and since anonymous posting is low-hanging fruit, a botmaster would be more likely to target that. The main thing is simply to consider "If I were a skilled programmer who hated this website, or wanted to make money from advertising on it, and I have a small botnet, what is the worst thing I could do to this website using anonymous comments given the resources I have?" And that's a tough question, which depends a great deal on what other stuff you have in place.
If you do it, here are a few pointers:
HTML-escape the comments when you fetch them from the database before you display them, otherwise you're open to XSS.
Make sure you never run any eval-like function on the input the user gives you (this includes printf; to do something like that you'd want to stick with printf("%s", userStr);, so printf doesn't directly try to interpret userStr. If you care about why that's an issue, google for Aleph One's seminal paper on stack smashing),
Never rely on the size of the input to fall within a specific range (even if you check this in Javascript; in fact, especially if you try to ensure this in Javascript) and
Never trust anything about the content will be true (make no assumptions about character encoding, for example. Remember, a malicious user won't need to use a browser; they can craft their calls however they want).
Default to paranoia If someone posts 20 comments in a minute, ban them from commenting for a while. If they keep doing that, ban their IP. If they're a real person, and they care, they'll ask you to undo it. Plus, if they're a real person, and they have a history of posting 20 comments a minute, chances are pretty good those comments would be improved by some time under the banhammer; no one's that witty.
Typically this kind of question depends on the type of community, as well as the control you give your authors. Definitely implement safety and a verification system (eg CAPTCHA), but this is something you'll have to gauge over time more often than not. If users are being well-behaved, then it's fine. If they start spamming every post they get their hands on, then it's probably time a feature like that should just go away.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 5 years ago.
Improve this question
What's a good way to capture user stories when you have features that are common across multiple UI modes?
For example, imagine a commercial flight information system, something someone might use to answer the question "When is flight UA211 expected to land?"
As is often the case, the feature of providing schedule information is common underlying functionality, even though you might ask for it via a desktop web browser, a mobile browser (where you want to apply different style to make it more usable), and maybe even via SMS shortcodes.
Now, that certainly could be a single user story ("As someone meeting a traveller, I want to see flight arrival information so that I can be at the airport on time"). But that seems wrong (and would probably be an epic story, anyway).
You can make it separate user stories ("As a desktop user...", "As a smartphone user...", etc), which I've done in the past, and the team just knows to estimate the first one to include all of functionality, and the subsequent ones to estimate only UI implementation.
A third option is to make the underlying functionality a story isolated from the presentation layer, and then have UI stories: "As a flight info system front end, I want to get flight status information so that I can present it to the user", "As a desktop user, I want to see flight arrival... etc". But that seems artificial.
Thoughts?
dwh
I think the problem is that you are trying to tie the UI functionality to the backend too tightly.
For example, if you break it into a simple story:
A user may want to know the flight status given the flight number.
OK, now, given that you implement that, now you can look at which platforms will be calling this, as, one part of agile is not to over-develop, but in this case, if you have a business need to support mobile and desktop devices, then you should look at implementing this as a REST service, since that is the simplest solution for both to work with.
So the REST service solves the first story above.
Now, you will find that there are other specifics for each platform. For example, is there something on the phone that may already have the information, for example, did the traveller go to a trip site and already enter his info, then you may want to go there, assuming that the traveller is in the users contacts.
Or, if the user is just going to enter a flight number and that is it, then why not just do it as a webpage, as that is the simplest approach that supports both concepts. Then, if you have a url that supports GET, and outputs as HTML then you can easily display.
So, my first story was too simple, you may want to consider whether it is possible to return different types of data, so a user may want to have HTML, PDF, json or xml, but for each of these there should be a business need.
Unfortunately it is hard to answer your question as there are too many unknowns, which is why you are having a difficult time. If you ask the wrong question then you do have an epic, but if you can just break it down to a few simple stories then it becomes much easier to solve.
I would recommend the second option.
As you suggested, the first sounds like too much for a single story, and a story should always fit into a single iteration.
With the third option, the big problem is that you aren't delivering business value at the end of the story, which is generally a bad practice.
There are other ways you could split this work though. You could initially develop a very cut-down, barebones version which would work across all clients, and then refine each of them in subsequent stories.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I have been thinking about setting up some sort of library for all our internally developed software at my organisation. I would like collect any ideas the good SO folk may have on this topic.
I figure, what is the point in instilling into developers the benefits of writing reusable code, if on the next project the first thing developers do is file -> new due to a lack of knowledge of what code is already out there to be reused.
As an added benefit, I think that just by having a library like this would encourage developers to think more in terms of reusability when writing code
I would like to keep this library as simple as possible, perhaps my only two requirements being:
Search facility
Usable for many types of components: assemblies, web services, etc
I see the basic information required on each asset/component to be:
Name & version
Description / purpose
Dependencies
Would you record any more information?
What would be the best platform for this i.e., wiki, forum, etc?
What would make a software library like this successful vs unsuccessful?
All ideas are greatly appreciated.
Thanks
Edit:
Found these similar questions after posting:
How do you ensure code is reused correctly?
How do you foster the use of shared components in your organization?
Sounds like there is no central repository of code available at your organization. Depending on what you do this could be because of compatmentalization of the knowledge due to security restrictions, the fact that external vendor code is included in some/all of the solutions, or your company has not yet seen the benefits of getting people to reuse, refactor, and evangelize the benefits of such a repository.
The common attributes of solutions I have seen work at mutiple corporations are a multi pronged approach.
Buy in at some level from the management. Usually it's a CTO/CIO that the idea resonates with and they claim it's a good thing and don't give any money to fund it but they won't sand in your way if they are aware that someone is going to champion the idea before they start soliciting code and consolidating it somewhere.
Some list of projects and the collateral available in english. Seen this on wikis, on sharepoint lists, in text files within a source repository. All of them share the common attribute of some sort of front end search server that allows full text over the description of a solution.
Some common share or repository for the binaries and / or code. Oftentimes a large org has different authentication/authorization methods for many different environments and it might not be practical (or possible logistically) to share a single soure repository - don't get hung up on that aspect - just try to get it to the point that there is a well known share/directory/repository that works for your org.
Always make sure there is someone listed as a contact - no one ever takes code and runs it in production without at lest talking to the previous owner of it - and if you don't have a person they can start asking questions of right away then they might just go ahead and hit file->new.
Unsuccessful attributes I've seen?
N submissions per engineer per time period = lots of crap starts making it's way in
No method of rating / feedback. If there is no means to favorite/rate/give some indicator that allows the cream to rise to the top you don't go back to search it often because you weren't able to benefit from everyone else's slogging through the code that wasn't really very good.
Lack of feedback/email link that contacts the author with questions directly into their email.
lack of ability to categorize organically. Every time there is some super rigid hierarchy or category list that was predetermined everything ends up in "other". If you use tags or similar you can avoid it.
Requirement of some design document to accompany it that is of a rigid format the code isn't accepted - no one can ever agree on the "centralized" format of a design doc and no one ever submits when this is required.
Just my thinking.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
I'm going to give a two hour workshop on a programming topic (NHibernate). It will be a small group, of around five people. The attendees will all have their own laptops.
What would be the best way to structure the workshop so that the attendees get an insight into the topic and preferrably don't fall asleep?
I don't know if you can get a black-n-white answer here, but definitely there's opinions on how to best engage your audience...
You will probably know your audience much better than I do, so you're in a better place to make this determination. I'll assume your attendees are going to be developers, due to the topic you'll be presenting.
And here's my personal opinion: "what we learn to do, we learn by doing", right? So, go with some hands-on exercise. For instance, look at the NerdDinner tutorial online to see how you can have them 'build' something while exploring the features of NHibernate you wish to expose them to.
I also reccomend making sure one of the exercises is more similar to a 'maintainance' task instead of a 'create from scratch' example since people will eventually spend more time in the former rather than the latter mode. SO perhaps have an exercise or two for them to do from scratch, and then have a prepared 'code base' they'll have to modify.
HTH
Add a few (or just one!) hands-on lab(s) into the mix. You could burn it on CD or whatever, hand it out at the start and they can all load it up and play along and run it. It just means you need to put some effort in, in terms of creating the template project and to ensure they just have to fill in a few things/gaps here and there, and it will run without a problem.
During your presentation you will then have 'Hands-on lab intervals'. Where you go through some of the steps and let the candidates fill in some of the pieces of the puzzle.
That way, you can let them fill in the appropriate gaps that you think are necessary in order to "get" it. And at the same time, it ensures the attendees won't fall asleep, as they actually actively participate.
I think the most important thing to keep in mind is that your attendees are going to have different learning styles. What I would do is create a slide-show or outline that gives the skeleton of the topics you want to cover. Then create the code examples you want to work from based off of the topics. Once that is done create your solution code files to all of the examples you made. Ideally, you will want to give all of the attendees a copy of the material when they show up. This way they have something to following along with and if they get ahead or fall behind they have the material necessary to still learn. Finally, make sure you practice your presentation. When you practice it you won't want it to take the full 2 hours because you will want to leave time for questions. It also could help if you mark on your outline how long it should take you to get to each major point. That way you know if you are staying on pace or not.