CN113094264A

CN113094264A - Interface testing method and device

Info

Publication number: CN113094264A
Application number: CN202110353372.2A
Authority: CN
Inventors: 孙吉平; 张雅楠
Original assignee: Beijing Senseshield Technology Co Ltd
Current assignee: Beijing Senseshield Technology Co Ltd
Priority date: 2021-03-31
Filing date: 2021-03-31
Publication date: 2021-07-09
Anticipated expiration: 2041-03-31
Also published as: CN113094264B

Abstract

The application discloses an interface testing method and device, which are used for providing a testing mode suitable for an interface corresponding to a data fence and improving interface testing efficiency. The method comprises the following steps: acquiring a tool kit with a data fence function; determining a target function module provided by the toolkit, wherein the target function module corresponds to an interface set, the interface set comprises at least two interfaces, and input data of at least one interface of the at least two interfaces comprises output data of the other interface; testing a target function module provided by the tool kit; and when the target function module passes the test, determining that all the interfaces contained in the interface set corresponding to the target function module are qualified interfaces. By adopting the scheme provided by the application, the testing efficiency of the interface can be improved.

Description

Interface testing method and device

Technical Field

The present invention relates to the field of interface management, and in particular, to a method and an apparatus for testing an interface.

Background

The data fence previously developed by the inventors is a service that can be used to secure information. The services provide interfaces in the form of dynamic link libraries, the data fence services are attached to other applications in the form of tool kits, and the other applications call corresponding interface sets to realize various functions of the data fence services.

Since the data fence application is provided by a plurality of interfaces, whether an interface is available or not can be tested by an interface test mode. The existing interface test is usually based on the one-by-one test of the functions of a single interface, but the method is directly applied to the test of the data fence, only whether the functions of the single interface are normal can be tested, it is difficult to test whether some functions in the data fence are normal, and the efficiency is low, so how to provide a test mode suitable for the interface corresponding to the data fence and improve the interface test efficiency is a technical problem to be solved urgently.

Disclosure of Invention

An object of the embodiments of the present application is to provide a method and an apparatus for testing an interface, so as to provide a test method suitable for an interface corresponding to a data fence and improve interface test efficiency.

In order to solve the technical problem, the embodiment of the application adopts the following technical scheme: an interface testing method, comprising:

acquiring a tool kit with a data fence function;

determining a target function module provided by the toolkit, wherein the target function module corresponds to an interface set, the interface set comprises at least two interfaces, and input data of at least one interface of the at least two interfaces comprises output data of the other interface;

testing a target function module provided by the tool kit;

and when the target function module passes the test, determining that all the interfaces contained in the interface set corresponding to the target function module are qualified interfaces.

The beneficial effect of this application lies in: when the interface is tested, the target function module provided by the tool kit with the data fence function is determined, and then the target function module is tested, because the target function module needs to call all the corresponding interfaces when realizing the function of the target function module, and the function of the target function module cannot be realized as long as one interface is unqualified in the interface corresponding to the target function module, therefore, when the target function module passes the test, all the interfaces corresponding to the target function module are qualified interfaces, so that batch test of a plurality of interfaces is realized through the test of the function modules corresponding to the plurality of interfaces, and therefore, the test mode suitable for the interfaces corresponding to the data fence can be provided, and the test efficiency of the interfaces can be improved by adopting the scheme provided by the application.

In one embodiment, the testing of the target function module provided by the toolkit comprises:

determining an interface set and a calling sequence which need to be called when the corresponding function of the target function module is realized;

acquiring a test case corresponding to the target function module, wherein the test case comprises input data and a corresponding expected result, and the expected result is output data when the function module is successfully implemented;

sequentially calling the interfaces in the interface set according to the calling sequence based on the input data in the test case to obtain a corresponding execution result;

and when the execution result is matched with the expected result in the test case, determining that the target function module passes the test.

In one embodiment, the data fence enabled toolkit, when invoked by a particular application, can prohibit users outside the data fence from accessing data sent by users inside the data fence; and/or users within the data fence can be allowed to access the respective transmitted data to each other.

In one embodiment, when the target function module is a domain function module, the interface set corresponding to the target function module includes at least two of the following interfaces: adding a domain member interface, a data decryption interface, a deleting domain member interface and a request interface;

testing the target function module provided by the tool kit, comprising:

calling the adding domain member interface, and adding a second member in the first test case into the created first domain;

calling a request interface to send an operation request of a second member for the first data; the first data is data sent by the first member in the first domain, and the first data ciphertext is a ciphertext obtained by calling a data encryption interface and encrypting the first data by using a first key of the first member;

under the condition that the second member is in the first domain, calling the data decryption interface to decrypt the first data ciphertext by using the first key to obtain a first execution result;

determining that the target function module passes the test using the first test case if the first execution result matches a first expected result in the first test case;

alternatively, the first and second electrodes may be,

calling the deleted domain member interface, and deleting a third member in the second test case from the established first domain;

calling a request interface, and sending an operation request of a third member for the first data;

when the third member is out of the first domain, refusing to call the data decryption interface to decrypt the first data ciphertext to obtain a second execution result;

and if the second execution result is matched with a second expected result in the second test case, determining that the target function module passes the test using the second test case.

In one embodiment, when the target function module is an organization function module, the interface set corresponding to the target function module includes at least two of the following interfaces:

creating an organization interface, adding an organization member interface, a data decryption interface, deleting the organization member interface and a request interface;

testing the target function module provided by the tool kit, comprising:

calling an interface of the created organization, and creating a first organization in a first domain;

calling the member adding organization interface, and adding a third member in a third test case into the established first organization;

calling a request interface to send an operation request of a third member for second data; the second data is data sent by the first member in the first organization, and the second data ciphertext is a ciphertext obtained by calling a data encryption interface and encrypting the second data by using a second key of the first member;

when the third member is in the first organization, the data decryption interface is called, and the second data ciphertext is decrypted through the second secret key to obtain a third execution result;

determining that the target function module passes the test using the third test case if the third execution result matches a third expected result in the third test case;

alternatively, the first and second electrodes may be,

calling the member deleting organization interface, and deleting a fourth member in a fourth test case from the established first organization;

calling a request interface to send an operation request of a fourth member for second data;

when the fourth member is outside the first organization, refusing to call the data decryption interface to decrypt the second data ciphertext to obtain a fourth execution result;

and if the fourth execution result is matched with a fourth expected result in the fourth test case, determining that the target function module passes the test using the fourth test case.

In one embodiment, the interface set corresponding to the target function module includes: a data encryption interface and an updated data decryption interface;

calling a request interface to send an encryption request of a first member to first data in a fifth test case, wherein the first member is a member in a first domain;

calling the data encryption interface, and encrypting the first data by using a first key of the first member to obtain a first data ciphertext;

calling an updated request interface to send an operation request of a second member on the first data;

under the condition that the second member is in the first domain, calling the updated data decryption interface to decrypt the first data ciphertext by using the first key to obtain a fifth execution result;

and if the fifth execution result is matched with a fifth expected result in the fifth test case, determining that the target function module passes the upgrade test by using the fifth test case.

In one embodiment, the interface set corresponding to the target function module includes: the updated data encryption interface and the updated data decryption interface;

calling a request interface to send an encryption request of a first member to first data in a sixth test case, wherein the first member is a member in a first domain;

calling the updated data encryption interface, and encrypting the first data by using a first key of the first member to obtain a first data ciphertext;

calling a request interface to send an operation request of a second member for the first data;

under the condition that the second member is in the first domain, calling the data decryption interface to decrypt the first data ciphertext by using the first key to obtain a sixth execution result;

and if the sixth execution result is matched with a sixth expected result in the sixth test case, determining that the target function module passes the upgrade test using the sixth test case.

In one embodiment, when the target function module provided by the tool kit is multiple, the method further comprises:

when all target function modules pass the test, determining that all interfaces in the tool kit are qualified interfaces;

and when the target function module which fails the test exists, determining an interface which fails to be called, and generating prompt information aiming at the interface which fails to be called.

The present application further provides an interface testing apparatus, including:

the acquisition module is used for acquiring a tool kit with a data fence function;

the first determining module is used for determining a target function module provided by the toolkit, wherein the target function module corresponds to an interface set, the interface set comprises at least two interfaces, and input data of at least one interface in the at least two interfaces comprises output data of the other interface;

the testing module is used for testing the target function module provided by the tool kit;

and the second determining module is used for determining that all the interfaces contained in the interface set corresponding to the target function module are qualified interfaces when the target function module passes the test.

In one embodiment, the test module is configured to:

the test module is further configured to:

the request interface sends an operation request of a second member for the first data; the first data is data sent by the first member in the first domain, and the first data ciphertext is a ciphertext obtained by calling a data encryption interface and encrypting the first data by using a first key of the first member;

alternatively, the first and second electrodes may be,

the test module is further configured to:

alternatively, the first and second electrodes may be,

the test module is further configured to:

In one embodiment, when the target function module provided by the kit is multiple, the apparatus further includes:

a third determining module, configured to determine that all interfaces in the toolkit are qualified interfaces when all target function modules pass the test;

and the generating module is used for determining an interface which fails to be called when the target function module which fails to pass the test exists, and generating prompt information aiming at the interface which fails to be called.

The present application also provides a non-transitory computer readable storage medium, wherein when instructions in the storage medium are executed by a processor, the interface testing method corresponding to any one of the above embodiments can be performed.

Drawings

FIG. 1 is a flowchart illustrating an interface testing method according to an embodiment of the present application;

FIG. 2 is a flowchart illustrating testing of functional modules in a tool kit according to an embodiment of the present disclosure;

FIG. 3 is a flowchart of an interface testing method according to another embodiment of the present application;

FIG. 4 is a flowchart illustrating testing of functional modules in a tool kit according to another embodiment of the present application;

FIG. 5 is a flow chart illustrating how the organization function is implemented;

fig. 6 is a block diagram of an interface testing apparatus according to an embodiment of the present application.

Detailed Description

Various aspects and features of the present application are described herein with reference to the drawings.

It will be understood that various modifications may be made to the embodiments of the present application. Accordingly, the foregoing description should not be construed as limiting, but merely as exemplifications of embodiments. Those skilled in the art will envision other modifications within the scope and spirit of the application.

The accompanying drawings, which are incorporated in and constitute a part of the specification, illustrate embodiments of the application and, together with a general description of the application given above and the detailed description of the embodiments given below, serve to explain the principles of the application.

These and other characteristics of the present application will become apparent from the following description of preferred forms of embodiment, given as non-limiting examples, with reference to the attached drawings.

It is also to be understood that although the present application has been described with reference to some specific examples, those skilled in the art are able to ascertain many other equivalents to the practice of the present application.

The above and other aspects, features and advantages of the present application will become more apparent in view of the following detailed description when taken in conjunction with the accompanying drawings.

Specific embodiments of the present application are described hereinafter with reference to the accompanying drawings; however, it is to be understood that the disclosed embodiments are merely exemplary of the application, which can be embodied in various forms. Well-known and/or repeated functions and constructions are not described in detail to avoid obscuring the application of unnecessary or unnecessary detail. Therefore, specific structural and functional details disclosed herein are not to be interpreted as limiting, but merely as a basis for the claims and as a representative basis for teaching one skilled in the art to variously employ the present application in virtually any appropriately detailed structure.

The specification may use the phrases "in one embodiment," "in another embodiment," "in yet another embodiment," or "in other embodiments," which may each refer to one or more of the same or different embodiments in accordance with the application.

Fig. 1 is a flowchart of an interface testing method according to an embodiment of the present application, where the method includes the following steps S11-S14:

in step S11, a kit with a data fence function is acquired;

in step S12, determining a target function module provided by the kit, where the target function module corresponds to an interface set, the interface set includes at least two interfaces, and input data of at least one of the at least two interfaces includes output data of another interface;

in step S13, testing the target function module provided by the kit;

in step S14, when the target functional module passes the test, it is determined that all the interfaces included in the interface set corresponding to the target functional module are qualified interfaces.

In this embodiment, during testing, a kit with a data fence function is obtained. A data fence is a service that can be used to secure information. Illustratively, data may be mutually accessible between users within a data fence, and users outside of the data fence may not access user data within the data fence.

In an implementation manner, the toolkit can realize a cross-platform unified interface through a node. Illustratively, the toolkit may provide data _ auth _ api.dll, and the developer's application may invoke the interface in d11, thereby implementing various functions related to data protection. The toolkit includes a plurality of interfaces, which may be, for example, a C interface, an http server interface, and the like.

And determining the target function module provided by the tool kit. The toolkit can implement a plurality of functions independently or by interacting with a server, and accordingly it can be understood that the toolkit can provide a plurality of function modules. The target functional module herein may be understood as a part or all of the plurality of functional modules. Each target function module may correspond to an interface set, where the interface set includes at least two interfaces, and input data of at least one of the at least two interfaces includes output data of another interface.

During testing, for a target function module, the testing device needs to simulate the calling flow of an application program, and calls a plurality of interfaces in the interface set corresponding to the target function module according to a specific sequence, so as to realize the function provided by the target function module for a user. In this process, the output data of the interface called first may become a part or all of the input data of the interface called later. Illustratively, the created key interface is used to create a key for a specific user, and the ID of the user a is used as the input data of the created key interface, so that in the case that the interface can be called normally, the output data should be a key Ka corresponding to the ID of the user a, that is, a key Ka generated by the user a. The data encryption interface is used for encrypting data, and the key Ka of the user A and certain data Da of the user A are used as input data of the data encryption interface, so that the output data should be ciphertext of the data Da under the condition that the interface can be called normally. It can be seen that creating a key interface and a data encryption interface may be included in the interface set corresponding to the functional module for encrypting user data. For this function, it is necessary to call the create key interface first and then call the data encryption interface. The output data of the key interface is created and needs to be part of the input data of the data encryption interface.

It should be understood that the interfaces in the corresponding interface sets may be completely different, partially the same, or even all the same for different functional modules. For different functional modules, even though the interfaces in the corresponding interface sets are completely the same, the calling orders of the corresponding interfaces are different.

When the data fence is tested, each function in the data fence is realized by calling each interface set in the data fence through the application program, so that the use flow of the application program can be simulated during testing, and the corresponding interface is called to complete different functions. By simulating the use flow, the correctness of each interface involved in the use flow and a scene corresponding to the use flow can be verified.

Testing a target function module provided by the tool kit;

specifically, fig. 2 is a flowchart of testing each function module in the tool kit, and as shown in fig. 2, the tool kit includes different function modules. For example, the domain function module may have functions including: data sent by a user in the domain to the domain can only be operated by members in the domain, such as viewing, editing or forwarding, and cannot be operated by members outside the domain. And the functions of the organization function module can comprise: the content sent by the user in the organization to the user in the organization can be operated by the user in the organization and can not be operated by the user outside the organization. For another example, the functions of the member function module include deleting a member in a domain, adding a member to a domain, deleting a member in an organization, adding a member to an organization, and the like.

It is to be understood that, when a plurality of target function modules are provided in the tool kit, when all of the target function modules pass the test, all of the interfaces in the tool kit are determined to be qualified interfaces. In addition, when there is a target function module that fails the test, determining an interface that fails to be called, and generating a prompt message for the interface that fails to be called.

The beneficial effect of this application lies in: when the interface is tested, a target function module provided by the tool kit with the data fence function is determined, and then the target function module is tested, because the target function module needs to call all the corresponding interfaces when realizing the function of the target function module, and if only one interface in the interface corresponding to the target function module is unqualified, the function of the target function module cannot be realized, therefore, when the target function module passes the test, all the interfaces corresponding to the target function module are qualified interfaces, and the business process corresponding to the function module is also considered to be correct. Therefore, batch testing of the plurality of interfaces is realized through testing the functional modules corresponding to the plurality of interfaces. Therefore, this application can provide the test mode that is fit for the interface that the data rail corresponds to, adopt the scheme that this application provided, can promote the efficiency of software testing and the comprehensiveness of interface.

In one embodiment, as shown in FIG. 3, the above step S13 can be implemented as the following steps S31-S34:

in step S31, determining an interface set and a calling sequence that need to be called when the function corresponding to the target function module is implemented;

in step S32, a test case corresponding to the target function module is obtained, where the test case includes input data and a corresponding expected result, and the expected result is output data when the function module is successfully implemented;

in step S33, sequentially calling the interfaces in the interface set according to the calling order based on the input data in the test case, and obtaining the corresponding execution results;

in step S34, when the execution result matches the expected result in the test case, the target function module is determined to pass the test.

In this embodiment, the interface set and the call sequence that need to be called when the corresponding function of the target function module is realized are determined. For example, each different functional module, when implementing its function, is typically implemented by sequentially calling the corresponding interfaces.

For example, when it is required to test whether content sent by an intra-domain user can be operated by intra-domain members and by extra-domain members, the following interfaces may be sequentially invoked to implement corresponding functions:

the administrator identity is created by calling an interface to create the administrator identity, and then the domain is created for the administrator by calling an interface to create the domain. The administrator may create multiple members, such as member A, member B, member C, etc., by creating an interface for the members. The add member operation is performed in a previously created domain by adding members to the domain's interface, e.g., member a, member B may be added to the domain. Thereafter, a key Ka is created for member a by creating a key interface. After receiving the data Da sent by the member A, the data Da is encrypted by using Ka through calling a data encryption interface to obtain a Da ciphertext, so that the member outside the domain is prevented from viewing the plaintext data. Member A can share the Da ciphertext to anyone, but not all can view the Da content. The testing device may then invoke another interface to send a request that member B wishes to view data Da, and upon detecting that member B is a member in the domain, invoke a data decryption interface to decrypt the Da ciphertext into plaintext for viewing by member B in the domain. Therefore, when the function of "the members in the domain can view the information sent by the members in other domains" provided by the domain function module is realized, at least the interfaces are required to be called sequentially. The above-mentioned interfaces can not realize the above-mentioned function no matter which call fails, on the contrary, as long as can realize the above-mentioned function, indicate that the above-mentioned five interfaces are all qualified interfaces. For the function of testing the "information that the member outside the domain cannot view the member inside the domain" the creation of the administrator interface, the creation of the domain interface, and the like may also be understood as a partial interface in the interface set corresponding to the function, but the administrator and the domain may not be repeatedly created, and the domain created before may be continuously used. The test device can call the request interface to send a request that the out-of-domain member C wants to view the data Da, and when detecting that the out-of-domain member C requests to view the data Da, the test device refuses to call the data decryption interface to decrypt the Da ciphertext.

In this embodiment, each functional module includes a corresponding test case, where the test case includes input data and a corresponding expected result, and the expected result is output data when the functional module is successfully implemented. In addition, the type and number of the interface calls are only examples, and other interfaces may be involved in the actual operation process, for example, the target user may authorize the designated user, and may generate a corresponding algorithm using the authorization information, and the target user may perform encryption and decryption operations using the algorithm.

And after determining the interface set and the calling sequence which need to be called when the corresponding function of the target function module is realized, acquiring the test case corresponding to the target function module. Many test cases may be required to test one target functional module. Each test case may be used independently for testing, and one test case may need to be invoked to multiple interfaces. Each test case comprises input data and a corresponding expected result, and the expected result is output data when the functional module is successfully implemented. The testing device calls the interfaces in the interface set in sequence according to the calling sequence based on the input data in each test case to obtain the corresponding execution result. For a test case, when the execution result matches the expected result in the test case, it may be determined that no defect was found when the target functional module was tested using the test case. And if all the test cases are tested and no defect is found, determining that the target function module passes the test.

Specifically, a process of performing a test based on a test case is shown in fig. 4, and it can be understood that only a part of functions corresponding to each functional module is exemplarily shown in the test process related to fig. 4 to describe the present invention more clearly, and in a specific application process, the test case is written in advance in combination with a common scene of a user. And the specific test cases are more complex than the example of fig. 4. Moreover, it can be further understood that each test scenario and each test case listed in the present application also describe, by way of example only, a part of a flow and a part of a function of protecting data by a toolkit.

In one embodiment, the data-fence enabled toolkit, when invoked by a particular application, can prohibit users outside the data fence from accessing data sent by users inside the data fence; and/or users within the data fence can be allowed to access the respective transmitted data to each other.

The tool kit with the data fence function can provide an interface in the form of a dynamic link library, and when the data fence service is attached to other applications in the form of the tool kit, the other applications call corresponding interface sets to realize various functions of the data fence service. Therefore, the specific application in this embodiment refers to an application that can call at least each interface set in the data fence-enabled toolkit. In specific application, the tool kit with the data fence function can prohibit a user outside the data fence from accessing data sent by the user inside the data fence; and/or users in the data fence can be allowed to access the data sent by the users, so that the tool kit is suitable for application programs needing information interaction, such as web disk/cloud disk software, chat software, shopping websites, information sharing platforms and the like.

For example, a provider of cloud disk software may allocate a closed space for an organization or an enterprise when facing the organization, the enterprise, or a group consisting of a plurality of users. An enterprise or an organization may add all members of the organization or enterprise to the enclosure. The user in the closed space can see the data sent by the user in the closed space, and the user outside the closed space cannot see the specific data content even if the user acquires the data, so that the information security of enterprises and organizations is protected. The enclosed space may be a data fence or domain as mentioned herein, the users added to the enclosed space may be users within the data fence or domain as mentioned herein, and the users not added to the enclosed space may be users outside the data fence or domain as mentioned herein. After the tool kit is added to application programs such as network disk/cloud disk software, chatting software and shopping websites, the application programs can realize the data fence function by calling the interfaces in the tool kit, secondary development is not needed, and development cost of the application programs is saved.

the above step S13 may be implemented as the following steps A1-A4 or A5-A8:

in step A1, calling the add domain member interface, and adding the second member in the first test case into the created first domain;

in step a2, the call request interface sends an operation request of the second member on the first data; the first data is data sent by the first member in the first domain, and the first data ciphertext is a ciphertext obtained by calling a data encryption interface and encrypting the first data by using a first key of the first member;

in step a3, in a case that the second member is in the first domain, invoking the data decryption interface to decrypt the first data ciphertext with the first key, so as to obtain a first execution result;

in step A4, if the first execution result matches a first expected result in the first test case, determining that the target function module passes the test using the first test case;

in step a5, calling the delete domain member interface, and deleting the third member in the second test case from the created first domain;

in step a6, a request interface is called to send an operation request of the third member for the first data;

in step a7, in a case that the third member is outside the first domain, refusing to invoke the data decryption interface to decrypt the first data ciphertext to obtain a second execution result;

in step A8, if the second execution result matches a second expected result in the second test case, it is determined that the target function module passes the test using the second test case.

For example, when the domain function module is tested, a first test case corresponding to the domain function module is obtained, input data of the first test case is obtained by adding a second member to the created first domain, and a first expected result of the first test case is that the first secret key can decrypt first encrypted data. Therefore, according to the first test case, firstly calling an adding domain member interface, adding a second member into the created first domain, and then calling a request interface to send an operation request of the second member for the first data; the first data is data sent by the first member in the first domain, and the first data ciphertext is a ciphertext obtained by calling a data encryption interface and encrypting the first data by using a first key of the first member; under the condition that the second member is in the first domain, calling the data decryption interface to decrypt the first data ciphertext by using the first key to obtain a first execution result; if the first execution result is matched with a first expected result in the first test case and the first execution result is that a first key can decrypt a first data ciphertext, determining that the target function module passes the test by using the first test case;

in addition, the test case corresponding to the domain function module may further include a second test case in addition to the first test case, input data of the second test case is that a third member is deleted from the first domain, and a second expected result of the second test case is that the third member cannot decrypt the first data ciphertext. After the second test case is obtained, calling the deletion domain member interface according to the input data of the second test case, and deleting a third member in the second test case from the established first domain; then, calling a request interface, and sending an operation request of a third member for the first data; when the third member is out of the first domain, refusing to call the data decryption interface to decrypt the first data ciphertext to obtain a second execution result; and if the second execution result is matched with a second expected result in the second test case, namely a third member cannot decrypt the first data ciphertext, determining that the target function module passes the test using the second test case.

In addition, it should be noted that, when the target function module is a domain function module, the interface set corresponding to the target function module may further include at least two interfaces as follows: the step of creating an administrator identity interface, creating a domain interface, changing an administrator interface, adding a member to a domain interface, a data encryption interface, a data decryption interface, and testing the target function module (i.e., the step S13) can be further implemented by the following steps B1-B2 or B3:

in step B1, it is determined whether the content sent by the intra-domain user to the intra-domain can be successfully operated by the intra-domain members and by the extra-domain members;

in step B2, when the content sent to the domain by the domain user can be successfully operated by the domain members, determining that the target function module passes the test;

in step B3, when the content sent by the user in the domain to the member outside the domain cannot be successfully operated, the target function module is determined to pass the test.

the above step S13 may be implemented as the following steps C1-C5 or C6-C9:

in step C1, the interface of the creation organization is called to create a first organization in a first domain;

in step C2, the add organization member interface is called, and the third member in the third test case is added to the created first organization;

in step C3, the call request interface sends an operation request of the third member for the second data; the second data is data sent by the first member in the first organization, and the second data ciphertext is a ciphertext obtained by calling a data encryption interface and encrypting the second data by using a second key of the first member;

in step C4, in a case that the third member is in the first organization, the data decryption interface is called, and the second data ciphertext is decrypted by the second key, so as to obtain a third execution result;

in step C5, if the third execution result matches a third expected result in the third test case, determining that the target function module passes the test using the third test case;

in step C6, the delete organization member interface is called, and the fourth member in the fourth test case is deleted from the created first organization;

in step C7, the call request interface sends an operation request of the fourth member for the second data;

in step C8, in a case that the fourth member is outside the first organization, refusing to invoke the data decryption interface to decrypt the second data ciphertext, obtaining a fourth execution result;

in step C9, if the fourth execution result matches the fourth expected result in the fourth test case, it is determined that the target function module passes the test using the fourth test case.

This embodiment mainly introduces the testing of the organization function, and specifically, fig. 5 is a schematic flow chart of the implementation of the organization function, which can be seen from fig. 5. When the organization function is realized, firstly, a domain needs to be created, then, a user is added in the domain, and then, an organization is created, wherein the relationship between the domain and the organization is as follows: assuming that the domain is a large enclosure, the tissue is a sub-enclosure corresponding to the large enclosure. For example, after all members of a company are added to a domain, an organization is created according to different departments, and each department corresponds to one organization, so that information sent by users inside the departments in the organization cannot be located in the domain, and other users outside the organization cannot view the information, and independence between the departments can be guaranteed. When testing the function of an organization, a domain needs to be created first, then the organization is created, part of users are added into the organization, and the other part of users are outside the organization or outside the domain. The user (e.g. the first member) in the organization uses the own key to encrypt the own data (e.g. the second ciphertext data) by calling the encryption interface. And then the first member authorizes other users in the organization and shares the second ciphertext data to the organization. An authorized user (e.g., a third member added to the first organization) may use the authorization to invoke a decryption interface for decryption. While a user outside the organization (e.g., a fourth member deleted from the first organization) may not be able to decrypt the data without corresponding authorization. Illustratively, the fourth member can obtain the second ciphertext data and decrypt it for viewing before being deleted, and when deleted from the first organization, although it may still retain the second ciphertext data, it cannot continue decrypting and cannot view the second data again because the corresponding authorization is lost.

The process of "the user (e.g., the first member) in the organization authorizes another user in the organization" may also occur before "the user encrypts its data by using its own key by calling the encryption interface", for example, when the user in the organization has just joined the organization, when another user is joined in the organization, when the current time reaches a predetermined time point, when the toolkit is updated, or the like.

If the content sent by the user in the organization to the organization needs to be tested can be successfully received by the members in the organization and the members outside the organization, then the following interfaces are required to be called in sequence to realize the corresponding functions:

the method comprises the steps of creating an administrator identity by calling an interface for creating the administrator identity, creating an organization by calling the interface for creating the organization, adding members to the interface of the organization, encrypting data by calling a data encryption interface after receiving the data sent by the members to prevent members outside the organization from viewing the data, and calling a data decryption interface to decrypt information sent by the members to the organization for viewing by users in the organization when the data viewed by the users in the organization are detected. When the interfaces are successfully called, the content sent by the users in the organization to the organization can be successfully received by the members in the organization, and the content sent by the users in the organization to the organization can not be successfully received by the members outside the organization, in this case, the target function module is determined to pass the test.

For example, the input data in the test case corresponding to the domain function module and the organization function module may be input specification information "123" by using an id of one test user a, and the output data displayed when the function module succeeds may be a dialog box display output result "123" of another test user b.

As can be seen from the above description, in the embodiment, the input data of the third test case is to add the third member to a specified organization (for example, the first organization in this embodiment), and the third expected result corresponding to the third test case is that the third member can decrypt the second data ciphertext by invoking the data decryption interface, so as to decrypt the second data ciphertext by using the second key. The input data of the fourth test case is that the fourth member is deleted from the designated organization (e.g., the first organization in this embodiment), and the fourth expected result of the fourth test case is that the fourth member cannot call the data decryption interface to decrypt the second data ciphertext.

It should be noted that the third member and the fourth member may be the same member or different members in the same organization.

In addition, when the target function module is an organization function module, the interface set corresponding to the target function module may further include at least two interfaces: creating an organization interface, adding an organization member interface, a data encryption interface, a data decryption interface and deleting the organization member interface;

the testing step of the target function module (i.e., the above-mentioned step S13) can also be realized by the following steps D1-D2 or D3-D4:

in step D1, it is determined whether the content sent by the first user in the organization to the second user in the organization can be successfully received;

in step D2, when the content sent by the first user in the organization to the second user in the organization can be successfully received, determining that the target function module passes the test;

in step D3, it is determined whether the content sent by the third user in the organization to the fourth user outside the organization can be successfully received;

in step D4, when the content sent by the third user in the organization to the fourth user outside the organization cannot be successfully received, the target function module is determined to pass the test.

Due to business requirements, the toolkit developer may need to upgrade the toolkit. A user of an application that has previously used the toolkit may have called an interface in the toolkit through the application to protect his or her data. The toolkit after upgrading needs to enable the users to continue to normally use the data which are protected before. That is, the updated toolkit needs to be compatible with the old data. Therefore, the embodiment also provides a test upgrading scheme so as to further improve the comprehensiveness and efficiency of the test. Specifically, the embodiment needs to be tested, and whether the toolkit after successful upgrade can still be called to process the previous data or not, during the test, the test can be performed according to the encryption interface of the data and the updated data decryption interface, and the test is specifically performed through the embodiments corresponding to the following steps E1 to E5; in addition, a test can be performed according to the updated data encryption interface and the updated data decryption interface, which is specifically performed by the following embodiments corresponding to steps F1 to F5:

in one embodiment, the interface set corresponding to the target function module includes: data encryption interface, updated data decryption interface, the method may further be implemented as the following steps E1-E5:

in step E1, the call request interface sends an encryption request of a first member for first data in a fifth test case, where the first member is a member in the first domain;

in step E2, the data encryption interface is called, and the first data is encrypted by using the first key of the first member, so as to obtain a first data ciphertext;

in step E3, calling the updated request interface to send an operation request of a second member on the first data;

in step E4, in a case that the second member is in the first domain, invoking the updated data decryption interface to decrypt the first data ciphertext with the first key, so as to obtain a fifth execution result;

in step E5, if the fifth execution result matches the fifth expected result in the fifth test case, it is determined that the target function module passes the upgrade test using the fifth test case.

In this embodiment, when the fifth execution result is that the first data ciphertext is successfully decrypted by using the first key, it indicates that the updated toolkit is compatible with old data. The toolkit after the upgrade is successful can still be called to process the previous data.

In one embodiment, the interface set corresponding to the target function module includes: updated data encryption interface, data decryption interface, the method may also be implemented as the following steps F1-F5:

in step F1, the call request interface sends an encryption request of the first data in the sixth test case by the first member, where the first member is a member in the first domain;

in step F2, invoking the updated data encryption interface, and encrypting the first data by using the first key of the first member to obtain a first data ciphertext;

in step F3, calling the request interface to send an operation request of the second member on the first data;

in step F4, in a case where the second member is in the first domain, invoking the data decryption interface to decrypt the first data ciphertext with the first key, so as to obtain a sixth execution result;

in step F5, if the sixth execution result matches the sixth expected result in the sixth test case, it is determined that the target function module passes the upgrade test using the sixth test case.

The sixth overdue result in the sixth test case is that the first data ciphertext can be decrypted based on the first secret key, that is, if the sixth execution result matches the sixth expected result in the sixth test case, it indicates that the updated toolkit is compatible with the old data. The tool kit after successful upgrade can still be called to process the previous data, and the target function module passes the upgrade test by using the sixth test case.

In one embodiment, when the target function module is a member function module, the interface set corresponding to the target function module includes at least one of the following interfaces:

creating an interface of a domain, creating an interface of an organization, and adding members to the interface of the domain; deleting interfaces of members in the domain, adding the members to the interfaces of the organization, and deleting the interfaces of the members in the organization;

the method may also be implemented as the following steps G1-G2 or steps G3-G4:

in step G1, it is determined whether members can be successfully added and/or successfully deleted within the domain;

in step G2, when the member can be successfully added and/or successfully deleted in the domain, determining that the target function module passes the test;

in step G3, it is determined whether members can be successfully added and/or successfully deleted within the organization;

in step G4, when a member can be successfully added and/or successfully deleted within the organization, the target function module is determined to pass the test.

In one embodiment, when the target function module provided by the kit is plural, the method may be further implemented as the following steps H1-H2:

in step H1, when all the target function modules pass the test, determining that all the interfaces in the tool kit are qualified interfaces;

in step H2, when there is a target function module that fails the test, an interface that failed to be called is determined, and prompt information is generated for the interface that failed to be called.

Specifically, when a plurality of target function modules are provided by the tool kit, when all the target function modules pass the test, all the interfaces in the tool kit are determined to be qualified interfaces. In addition, when there is a target function module that fails the test, determining an interface that fails to be called, and generating a prompt message for the interface that fails to be called. During testing, partial functions can be selected to be executed so as to test partial functions, all functions can be executed so as to test all functions, and partial or all functions can be executed in a circulating manner so as to judge the stability of each interface. Meanwhile, in the testing process, the testing result of each functional module is recorded, and a testing report is generated.

It can be known from the above description that when testing a certain functional module, the interfaces of such a service need to be interdependent, for example, when testing an organization or a domain function, to call a file encryption/decryption interface, a user interface needs to be added first, so that not only is it necessary to ensure complete interfaces, but also the call sequence of the interfaces needs to be ensured, and then, the testing of all the interfaces is performed in a process of simulating the user use flow, that is, a test scenario. The correctness of the input and output data is tested in such a way, so that the correctness of each interface and different business processes can be tested simultaneously.

In one implementation, an intermediate layer, such as a js intermediate layer, may be further provided in the testing apparatus, and is used to convert the C interface into the js interface for testing when called. In this way, the test method in the embodiment of the present application may be run on a plurality of different platforms (e.g., windows, mac, android, ios), and use the same set of test script interface. For example, the middle layer is realized by using the same set of js codes, a reactive native platform can be used for running on ios and android, and an electron platform can be used for running on windows and mac, so that test results are obtained.

Fig. 6 is a block diagram of an interface testing apparatus according to an embodiment of the present application, where the apparatus includes the following modules:

the acquisition module 61 is used for acquiring a tool kit with a data fence function;

the first determining module 62 is configured to determine a target function module provided by the kit, where the target function module corresponds to an interface set, the interface set includes at least two interfaces, and input data of at least one interface of the at least two interfaces includes output data of another interface;

the test module 63 is used for testing the target function module provided by the tool kit;

and a second determining module 64, configured to determine that all the interfaces included in the interface set corresponding to the target functional module are qualified interfaces when the target functional module passes the test.

In one embodiment, the test module is configured to:

the test module is further configured to:

alternatively, the first and second electrodes may be,

the test module is further configured to:

alternatively, the first and second electrodes may be,

the test module is further configured to:

The present application also provides a non-transitory computer readable storage medium, wherein when instructions in the storage medium are executed by a processor, the interface testing method corresponding to any of the above embodiments can be performed.

The above embodiments are only exemplary embodiments of the present application, and are not intended to limit the present application, and the protection scope of the present application is defined by the claims. Various modifications and equivalents may be made by those skilled in the art within the spirit and scope of the present application and such modifications and equivalents should also be considered to be within the scope of the present application.

Claims

1. An interface testing method, comprising:

acquiring a tool kit with a data fence function;

testing a target function module provided by the tool kit;

2. The method of claim 1, wherein testing the target function module provided by the toolkit comprises:

3. The method of claim 1, wherein the data-fence enabled toolkit, when invoked by a particular application, is capable of prohibiting a user outside the data fence from accessing data sent by a user inside the data fence; and/or users within the data fence can be allowed to access the respective transmitted data to each other.

4. The method according to claim 1 or 2, wherein when the target function module is a domain function module, the set of interfaces corresponding to the target function module includes at least two of the following interfaces: adding a domain member interface, a data decryption interface, a deleting domain member interface and a request interface;

testing the target function module provided by the tool kit, comprising:

alternatively, the first and second electrodes may be,

5. The method according to any one of claims 1 to 4, wherein when the target function module is an organization function module, the interface set corresponding to the target function module includes at least two interfaces as follows:

testing the target function module provided by the tool kit, comprising:

alternatively, the first and second electrodes may be,

6. The method according to any one of claims 1-5, wherein the interface set corresponding to the target function module comprises: a data encryption interface and an updated data decryption interface;

7. The method according to any one of claims 1-6, wherein the interface set corresponding to the target function module comprises: the updated data encryption interface and the updated data decryption interface;

8. The method of claim 1, wherein when the toolkit provides a plurality of target function modules, the method further comprises:

9. An interface testing apparatus, comprising:

10. A non-transitory computer readable storage medium, wherein instructions in the storage medium, when executed by a processor, are capable of performing the interface testing method of claims 1-8.