Thinking of Test Cases
A strong theme on Taro is that good testing distinguishes a good engineer from a great one. Thinking of good test cases is not trivial, and I would like to know how the great engineers at Taro approach testing.
For example, my company is working on a program (program B, say) that picks up and validates payment requests from program A and sends them to program C, which issues payments, after which program B notifies program A that payment has been issued. I have been put in charge of thinking of test cases, with the biggest concern being duplicate payment issuing.
I have only been able to think of 8 test cases that may actually occur in the program. I have been asked to think of 20-30, and I'm finding it quite difficult to do so. I've only written test cases that can occur assuming the program works as expected, i.e. in which the user does something unexpected. For example, at a certain point program B reads data from a file into the database and moves that file into a directory called "archive". I could hypothetically write test cases for the program's behaviour when the file did not successfully move to "archive", but intuitively this seems trivial.
I believe I probably am thinking about testing in the wrong way / have insufficient knowledge of testing theory. I approached it by starting with what Alex calls the "happy flow", the way the user is supposed to use the program. I then thought of multiple ways the user could mess up when using the program. My next strategy is to go through the code and see what could go wrong (a sort of "white-box" approach), but this is low-level and time-intensive, so I wanted to ensure that it is a good testing strategy. Most testing I've seen thus far has been "black box", i.e. ignore the code and just play around with different user actions.
As always, the advice is very appreciated!
Discussion
(8 comments)- 32 months agoEng @ Taro
I then thought of multiple ways the user could mess up when using the program.
Another approach is to come from the perspective of a malicious user who is trying to cause as much chaos as possible to the system. A malicious user might try to use bad input, send many requests in parallel, or try to find a way to extort the system to send payments to themselves.
- 02 months agoJunior Engineer [OP]Startups
Thanks Charlie! That's a great strategy.
- 32 months agoTech Lead/Manager at Meta, Pinterest, Kosei
AI tools like Gemini or ChatGPT will be very helpful here. Can you give it the context (maybe even the code) of the program and ask it to generate 20-25 test cases?
A lot of them will be garbage, but it's likely to have a few ideas that you haven't thought of. Or they will spur ideas that you can use.
- 1
2 months agoTech Lead @ Robinhood, Meta, Course HeroGenAI tools are pretty lacking here, but they're still surprisingly semi-decent. If you give a detailed enough prompt and tell it general edge case areas to think about, it can give you some good ideas to get started. I've tried it a couple times and have been impressed.
- 12 months agoJunior Engineer [OP]Startups
Thank you for your response, Rahul! Much appreciated. While Gen AI is really helpful for "getting the juices flowing" I've surprisingly found them quite bad for this use case, even the high-tier chain-of-thought models like o3 prompted with a detailed explanation of the specs.
In general, too, I find that even using Gen AI for inspiration / priming when coding can lead one's thinking in the wrong direction.
- 22 months agoTech Lead @ Robinhood, Meta, Course Hero
Payments overall are a basket case of potential edge cases and failures:
- Insufficient balance to issue the payment
- Payment just fails for some reason
- Duplicate payments
- Payment is a fraud (not authentically created by relevant parties)
- Payment is money laundering
- One of the payment parties is an illegal organization (terrorists, drug cartels)
There are also a ton of laws governing what you need to do with payments, and that opens up even more edge cases. For example, payments usually need to be logged so you can construct a ledger. That has edge cases like the log not being created, the log being created but malformed, the log being created correctly initially but then getting corrupted later, etc...
Modern coding languages generally help with this process as code that can fail will return an exception. Understand why and what kind of exception it is. From there, seriously think about the user implications and how to react if that error were to occur.
I think you might have seen this already, but this particular case study lesson from my code quality course can help get the test case juices flowing: Case Study: Signup Form Edge Cases
- 02 months agoJunior Engineer [OP]Startups
Thanks so much for taking the time to respond! It is very helpful. In my specific case, payment issuing is the responsibility of program C, so the great tests you suggested are out of scope for me.
Perhaps a better distillation of my question is: what strategies do you use to come up with test cases and edge cases?
- 02 months agoTech Lead @ Robinhood, Meta, Course Hero
what strategies do you use to come up with test cases and edge cases?
On top of the exception covering I mentioned before:
- Role-playing as a malicious user
- Role-playing as an incredibly dumb user
- Talking to other engineers who are more familiar with the space
- Pattern recognition from raw experience
- Asking genAI for some ideas
Here's another thread about general DSA edge cases as well which is still applicable: "How do you find edge cases in DSA problems for FAANG?"
![Mid-Level Software Engineer [SDE 2] at Amazon company logo](/_next/image/?url=https%3A%2F%2Ffirebasestorage.googleapis.com%2Fv0%2Fb%2Ftech-career-growth.appspot.com%2Fo%2Fcompany_logos%252Famazon_logo.jpg%3Falt%3Dmedia%26token%3Dff5f2302-08be-43bc-b7b1-d381ba508d99&w=48&q=75){kind=logo}
