iwasforcedtobehere/dracarys
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a5ec70e0af7d9b84af7c96b4efd7357388ad61ed
dracarys/README.md

376 lines
10 KiB
Markdown
Raw Blame History

# Dracarys - Financial API Automation Framework
A comprehensive test automation framework for testing financial APIs, including wallet and credit scoring services.
## Table of Contents
- [Features](#features)
- [Prerequisites](#prerequisites)
- [Installation](#installation)
- [Configuration](#configuration)
- [Project Structure](#project-structure)
- [Running Tests](#running-tests)
- [Test Categories](#test-categories)
- [Reporting](#reporting)
- [Extending the Framework](#extending-the-framework)
- [Best Practices](#best-practices)
## Features
- **API Testing**: Comprehensive testing of REST APIs
- **Performance Testing**: Load and stress testing capabilities
- **Security Testing**: Security vulnerability testing
- **Data-Driven Testing**: Support for data-driven tests
- **Parallel Execution**: Parallel test execution for faster results
- **Detailed Reporting**: Comprehensive test reports with metrics
- **Database Validation**: Ability to validate data in databases
- **Environment Configuration**: Support for multiple environments
## Prerequisites
- Java 8 or higher
- Maven 3.6 or higher
- TestNG 7.4 or higher
- RestAssured 4.3 or higher
- MySQL or PostgreSQL (for database validation)
## Installation
1. Clone the repository:
```bash
git clone https://github.com/iwasforcedtobehere/Dracarys.git
cd Dracarys
```
2. Install dependencies:
```bash
mvn clean install
```
## Configuration
### Environment Configuration
The framework supports multiple environments (dev, test, staging, prod). Configuration files are located in `src/main/resources/`.
1. **config.properties**:
```properties
# Base URI for API
baseURI=https://api.example.com
# API version
apiVersion=v1
# Environment
environment=test
# Database configuration
db.driver=com.mysql.jdbc.Driver
db.url=jdbc:mysql://localhost:3306/test_db
db.username=test_user
db.password=test_password
# Authentication
auth.type=bearer
auth.token=your_auth_token
```
2. **log4j2.xml**:
Configure logging levels and appenders as needed.
### Test Configuration
Test configurations are defined in `src/test/resources/testng.xml`. You can create different test suites for different purposes.
## Project Structure
```
Dracarys/
├── src/
│ ├── main/
│ │ ├── java/
│ │ │ └── com/financial/api/
│ │ │ ├── config/ # Configuration classes
│ │ │ ├── models/ # Data models
│ │ │ │ ├── wallet/ # Wallet-related models
│ │ │ │ └── credit/ # Credit-related models
│ │ │ ├── services/ # API service classes
│ │ │ └── utils/ # Utility classes
│ │ └── resources/
│ │ ├── config.properties # Configuration file
│ │ └── log4j2.xml # Logging configuration
│ └── test/
│ ├── java/
│ │ └── com/financial/api/
│ │ └── tests/ # Test classes
│ │ ├── WalletApiTest.java
│ │ ├── CreditApiTest.java
│ │ ├── WalletPerformanceTest.java
│ │ ├── CreditPerformanceTest.java
│ │ ├── WalletSecurityTest.java
│ │ └── CreditSecurityTest.java
│ └── resources/
│ └── testng.xml # Test configuration
├── pom.xml # Maven dependencies
└── README.md # This file
```
## Running Tests
### Running All Tests
```bash
mvn clean test
```
### Running Specific Test Suite
```bash
mvn clean test -Dsuite=src/test/resources/testng.xml
```
### Running Tests with Specific Groups
```bash
mvn clean test -Dgroups=smoke
mvn clean test -Dgroups=regression
mvn clean test -Dgroups=performance
mvn clean test -Dgroups=security
```
### Running Tests in Parallel
```bash
mvn clean test -Dparallel=methods -DthreadCount=5
```
## Test Categories
The framework includes several categories of tests:
### 1. Functional Tests
- **WalletApiTest**: Tests for wallet operations
- Create wallet
- Get wallet
- Update wallet
- Get wallet balance
- Create transaction
- Get transaction
- Update transaction status
- Deposit funds
- Withdraw funds
- **CreditApiTest**: Tests for credit operations
- Submit credit application
- Get credit application
- Update credit application
- Get applications by status
- Calculate credit score
- Get credit score
- Get credit score history
- Approve application
- Reject application
- Get credit products
### 2. Performance Tests
- **WalletPerformanceTest**: Performance tests for wallet operations
- Create multiple wallets
- Get multiple wallets
- Create multiple transactions
- Deposit funds performance
- Get wallet balance performance
- Get transactions performance
- Transfer funds performance
- **CreditPerformanceTest**: Performance tests for credit operations
- Submit multiple applications
- Get multiple applications
- Calculate multiple credit scores
- Get multiple credit scores
- Get credit score histories
- Get applications by status performance
- Get credit products performance
### 3. Security Tests
- **WalletSecurityTest**: Security tests for wallet operations
- SQL injection in wallet creation
- XSS in wallet creation
- Authentication bypass in wallet retrieval
- Authorization bypass in wallet retrieval
- IDOR in wallet retrieval
- SQL injection in transaction creation
- XSS in transaction creation
- Negative amount in transaction creation
- Extremely large amount in transaction creation
- Authentication bypass in transaction retrieval
- Authorization bypass in transaction retrieval
- CSRF protection in wallet update
- Rate limiting in wallet creation
- Input validation in wallet creation
- Sensitive data exposure in wallet response
- **CreditSecurityTest**: Security tests for credit operations
- SQL injection in credit application submission
- XSS in credit application submission
- Authentication bypass in credit application retrieval
- Authorization bypass in credit application retrieval
- IDOR in credit application retrieval
- SQL injection in credit score calculation
- XSS in credit score calculation
- Negative loan amount in credit application submission
- Extremely large loan amount in credit application submission
- Negative loan term in credit application submission
- Extremely large loan term in credit application submission
- Authentication bypass in credit score retrieval
- Authorization bypass in credit score retrieval
- CSRF protection in credit application update
- Rate limiting in credit application submission
- Input validation in credit application submission
- Sensitive data exposure in credit application response
- Sensitive data exposure in credit score response
## Reporting
The framework generates detailed reports for test execution:
### Console Reports
- Real-time test execution status
- Test pass/fail statistics
- Test execution time metrics
- Error logs and stack traces
### HTML Reports
- Comprehensive test reports with charts
- Test execution summary
- Detailed test results
- Performance metrics
- Security vulnerability findings
### Log Files
- Detailed execution logs
- Error logs
- Debug information
## Extending the Framework
### Adding New API Tests
1. Create a new test class in `src/test/java/com/financial/api/tests/`
2. Extend the appropriate base class if available
3. Add test methods with appropriate annotations
4. Use the existing service classes or create new ones
### Adding New API Services
1. Create a new service class in `src/main/java/com/financial/api/services/`
2. Extend the `BaseService` class
3. Implement methods for API operations
4. Use RestAssured for HTTP requests
### Adding New Data Models
1. Create a new model class in `src/main/java/com/financial/api/models/`
2. Define fields with appropriate data types
3. Add getters and setters
4. Add validation annotations if needed
### Adding New Utilities
1. Create a new utility class in `src/main/java/com/financial/api/utils/`
2. Implement utility methods
3. Make methods static if appropriate
4. Add Javadoc comments
## Best Practices
### Test Design
- Follow the Arrange-Act-Assert pattern
- Keep tests independent and isolated
- Use descriptive test names
- Add proper test documentation
- Use assertions effectively
### Code Quality
- Follow Java coding standards
- Use meaningful variable and method names
- Add proper comments and documentation
- Keep methods small and focused
- Handle exceptions properly
### Performance Testing
- Define realistic performance thresholds
- Use appropriate load levels
- Monitor system resources during tests
- Analyze performance metrics
- Identify and address bottlenecks
### Security Testing
- Test for common security vulnerabilities
- Use both positive and negative test cases
- Validate input sanitization
- Test authentication and authorization
- Check for sensitive data exposure
### Maintenance
- Regularly update dependencies
- Refactor code as needed
- Add new tests for new features
- Fix failing tests promptly
- Keep documentation up to date
## Troubleshooting
### Common Issues
1. **Test Failures Due to Environment Changes**
- Update configuration files
- Check API endpoints
- Verify authentication tokens
2. **Database Connection Issues**
- Check database credentials
- Verify database URL
- Ensure database is running
3. **Performance Test Failures**
- Check system resources
- Verify test data
- Adjust performance thresholds
4. **Security Test Failures**
- Check API security implementations
- Verify input validation
- Review authentication and authorization
### Getting Help
- Check the project documentation
- Review test code examples
- Contact the framework maintainers
- Submit issues on GitHub
## Contributing
We welcome contributions to the framework! Please follow these guidelines:
1. Fork the repository
2. Create a feature branch
3. Make your changes
4. Add tests for new functionality
5. Ensure all tests pass
6. Submit a pull request
## License
This project is licensed under the MIT License - see the LICENSE file for details.
Reference in New Issue View Git Blame Copy Permalink