Most greenfield software projects start with a database design, usually followed by an API implementation that often happens in parallel with the user interface (UI) implementation. Before the UI is ready to wire up to the API with real data, the API needs integration testing between it and the database layer. This is where knowledge of SQL and databases can help a QA tester take their testing to the next level.

Advatages of Database Access

Below are some examples of the kinds of testing capabilities that are unlocked when a QA also has knowledge of the data store:

• Developers have a nasty habit of implementing all the GET endpoints first. In this case, it can be convenient to use the database directly to create data when the creation API endpoints are not ready yet. For example, you could pre-populate the tables if data creation APIs are not implemented, and this will allow you to start testing the GET endpoints that are implemented.
• Testing things that cannot be done through the UI (or even though the API). For example, some buggy code has accidentally deleted a user and there is no way to restore it through the UI or APIs. If your database uses soft delete, you can easily do this directly in the database.
• The ability to compare real data in the database with the data returned by the API. Because data retrieval is an additional layer and the query in the code (store procedures) can be implemented incorrectly. One example of this is an API that does time zone conversions incorrectly, and you can only see this if you can see the data in the database to confirm it.

• The ability to quickly create a large amount of test data. For example, you need to test pagination or infinite scrolling on a UI with a default pageSize of 25 items. With a little bit of SQL knowledge, you will be able to semi-automate this task and speed up testing. You can insert the test data directly into the database with a minimum number of 26 items to test the pagination.
• The ability to delete and edit data directly in the database. For example, if you are testing filtering.
• Checking for items directly in the database which were created, changed, or deleted via the UI or APIs. Sometimes the API often uses fewer fields than are stored in the relevant tables. In this case it makes sense to check what default values the record was created with, and see if any fields are missing in the mapping.
• Working with deleted items. When testing by the black-box method, it may look like the delete has worked – you call DELETE /api/Users/1 and try to GET /api/Users/1 and it returns nothing. However, with access to the database, you will have additional information about what has actually happened to the entity that you deleted.

The following examples relate more to the database testing and the ability to keep the data clean, but also allow testers to understand how things work at the back-end and improve test case coverage:

• The record can be soft or hard deleted (soft delete uses a flag e.g. IsDeleted, IsActive to mark the data as deleted without erasing the data itself from the DB).
• The database can have cascading deletes enabled for foreign key relationships. This makes sense to use when a child entity requires a parent entity and is no longer valid if the parent is deleted. If this is not the case, other options for handling deletes across foreign keys should be discussed.
• Assign NULL values to the foreign keys. Breaking the link between the dependent entities is only suitable for optional references where the database column to which the foreign key is mapped can allow NULL values. For example, if more than one table is involved – this means that the record to be deleted has dependencies or in use. So it makes sense to try to remove the entity with different variations.
• Analyzing the data directly in the database can help QA find the true cause of the bug. Sometimes there are non-obvious bugs (especially if it is a custom bug) for which it is difficult to trace the dependency through GUI/API checking. In this case tables store more information to investigate the bug.
• If you are developing an application using a legacy DB, it is useful to analyze the existing data in the tables that may raise some questions (e.g. new application is going to have some data validation that is different from what is currently stored in DB)
• Knowing data types and length/precision of fields.
• Ability to directly access the database for automated testing.
• Being able to read a database schema and understanding the relationship between tables, keys, and indexes can provide more knowledge when creating test cases.

Conclusion

As you can see, it can be very helpful for a QA tester to have access to the database for the application they are testing. It requires the QA engineer to learn some things they may not know about database design and SQL queries, but when in the hands of a skilled QA engineer, this knowledge unlocks many capabilities to better test the application.