Tweet
Defect ID: DR-TL004
Defect Description: Unauthorized tester allowed access to Web project test cases.
Test configuration:
OS - Microsoft Windows XP Pro
CPU - P4, 2.40 GHz
RAM - 512KB
SUT - Testlog V3.0 Build 1013
Server - Apache 2.2.4
IE - Version 7.0.5730.11
Test Preconditions:
Project A - Tester A - Remote Access Enabled
Tester B - Remote Access Enabled
Tester C - Remote Access Disabled
Project B - Tester A - Remote Access Enabled
Tester B - Remote Access Disabled
Tester C - Remote Access Enabled
Steps to reproduce:
1. Access TestLog with IE.
2. Verify the TestLog Web Access dialog is displayed.
3. Verify there are multipal databases available to select from.
4. Click on Project 'B' database
5. Verify login dialog is displayed.
6. Login to 'B' database with Tester 'B's TesterID and Password from Project 'A'.
Actual results: Tester B from project A was allowed to login to project B.
Expected results: A tester shall be granted access to a project if the tester has a valid Tester ID and password for that project. When there are multipal projects the tester must be granted access for each project that the tester is allowed to access.
Respectfully submitted,
JC Kurth
Sr. QA/Test Engineer
Defect Description: Unauthorized tester allowed access to Web project test cases.
Test configuration:
OS - Microsoft Windows XP Pro
CPU - P4, 2.40 GHz
RAM - 512KB
SUT - Testlog V3.0 Build 1013
Server - Apache 2.2.4
IE - Version 7.0.5730.11
Test Preconditions:
Project A - Tester A - Remote Access Enabled
Tester B - Remote Access Enabled
Tester C - Remote Access Disabled
Project B - Tester A - Remote Access Enabled
Tester B - Remote Access Disabled
Tester C - Remote Access Enabled
Steps to reproduce:
1. Access TestLog with IE.
2. Verify the TestLog Web Access dialog is displayed.
3. Verify there are multipal databases available to select from.
4. Click on Project 'B' database
5. Verify login dialog is displayed.
6. Login to 'B' database with Tester 'B's TesterID and Password from Project 'A'.
Actual results: Tester B from project A was allowed to login to project B.
Expected results: A tester shall be granted access to a project if the tester has a valid Tester ID and password for that project. When there are multipal projects the tester must be granted access for each project that the tester is allowed to access.
Respectfully submitted,
JC Kurth
Sr. QA/Test Engineer
Comment