BDD 'Then' step. Should I look at application and DB as an black box?

If I'm wrinting BDD style tests. What would be better practise:

When User A creates new record
Then DB contain correct record

or

When User A creates new record
Then User A can get his new record by some API request
And Admin-user can get this new record by another API request

So should I check internal state of DB or just use API and consider application + DB as a black box?


Solution 1:

You should test your application as much as possible using the APIs, as it gives the actual behaviour of your application. In your case, it would be

When User A creates new record
Then User A can get his new record by some API request
And Admin-user can get this new record by another API request

Reason being:

  1. By using the Admin API, you are making sure the record is in database and the Admin API behaves as expected
  2. In the future, if your DB changes, which is internal to your application, but the API's behaviour doesn't change then your BDD would work without any issues. In other words, if the devs decide to change DB and not the API, the business service which uses the API is not impacted
  3. If you test only DB, but the Admin API changes, your scenario would pass but the Business service, which uses the Admin API, would fail

The only scenario, you would check the record in DB directly without an API is, when there is no API to verify the record. You shouldn't develop an API purely for BDD. The Admin API should be used in a business service and if this is not the case, you can check the DB record directly (your 1st option).

PS: We have developed a product NoCodeBDD. As the name implies, you can automate BDD without any code using NoCodeBDD. I would love to get some feedback from the community. You can download a free version from www.nocodebdd.com/download

Solution 2:

Generally the thing that creates should be the thing that validates. So

  • if a user (human interacting with a UI) creates

    • then a user interacting with the UI would validate by viewing the created thing.
  • if an api client creates

    • then the api client would validate by examine the response from the create call
    • additionally the api client could get the thing created using a link in the response

In both cases I would only consider validating via the DB as a temporary measure whilst you are working on the scenario