Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-83193

Write exploratory QA test for the SMS subsystem

XMLWordPrintable

    • MOODLE_405_STABLE
    • Hide

      Prerequisites

      1. This will be tested by Moodle HQ due to requiring your mobile number to be added to the AWS sandbox account.
      2. The LMS Platform team will set the tester up with AWS SMS access. Where the testing steps reference your mobile phone number, you should only use the one that was setup on the AWS sandbox account, otherwise you will not receive the required SMS.
      3. You will require one site on Moodle 4.4, and another brand new site on 4.5.
      4. You will require admin access to both Moodle sites.
      5. You will want to have CLI access to the sites, to recover from any account lockout.

      Test Mobile phone SMS Authentication (upgrade):

      1. Log into your Moodle 4.4 instance as admin.
      2. Navigate to: Site administration > plugins > admin tools > Multi-factor authentication.
      3. Enable the "MFA plugin enabled" checkbox and save.
      4. Find "SMS mobile phone" in the list of factors and press Settings.
      5. Enable the factor and set it up with the provided AWS credentials.
      6. Checkout 4.5 (main) and upgrade the site.
      7. Navigate to: Site administration > plugins > admin tools > Multi-factor authentication.
      8. Confirm you can see the new setting SMS gateway.
      9. Confirm the SMS gateway setting has the following option selected: MFA AWS (AWS).
      10. Navigate to: Site administration > plugins > SMS > Manage SMS Gateways.
      11. Confirm you can see the following gateway in the table: MFA AWS (AWS).
      12. Click the toggle to disable the gateway.
      13. Confirm you can see the notification that it's in use and cannot be disabled.
      14. Click the Delete action to delete the gateway.
      15. Confirm you can see the notification that it's in use and cannot be deleted.
      16. Click the Edit action to edit the gateway.
      17. Confirm you can see the same credentials you previously set up in MFA (to confirm they migrated successfully).
      18. Access your user preferences / "Multi-factor authentication preferences".
      19. Set up the "SMS mobile phone" factor with your mobile phone number.
      20. Confirm you have received an SMS on your phone.
      21. Enter the code you received where prompted in Moodle and continue.
      22. Open a second browser (either a different browser, or a private/incognito session, so it is not currently logged in) and access Moodle with your user.
      23. Enter your username and password.
      24. Confirm a new screen is displayed where it asks for the Mobile phone SMS.
      25. Confirm you have received an SMS on your phone.
      26. Enter the code in the box and click on verify code.
      27. Confirm you are logged successfully and you have access to Moodle.
      28. Once logged in as admin, open notifications and confirm that you received the notification about the migration of the SMS gateway instance.

      Test Mobile phone SMS Authentication (fresh install):

      1. Stand up a Moodle main (4.5) instance.
      2. Access to your Moodle as admin user.
      3. Navigate to: Site administration > plugins > admin tools > Multi-factor authentication.
      4. Enable the "MFA plugin enabled" checkbox and save.
      5. Find "SMS mobile phone" in the list of factors and press Settings.
      6. Confirm you are prompted to set up an SMS gateway.
      7. Follow the link "set up an SMS gateway".
      8. Fill all the fields using the AWS credentials provided previously.
      9. Save changes.
      10. Confirm you are redirected back to the SMS mobile phone settings for MFA, and config options are now available.
      11. Navigate to: Site administration > plugins > SMS > Manage SMS Gateways.
      12. Click the toggle to disable the gateway.
      13. Confirm that the gateway is disabled.
      14. Click the Edit action.
      15. Change the name of the gateway.
      16. Confirm that the gateway is updated with the new name.
      17. Click the Delete action.
      18. Select continue button in the dialogue.
      19. Confirm that the gateway is deleted.
      20. Create another SMS gateway using the same AWS credentials.
      21. Navigate to: Site administration > plugins > admin tools > Multi-factor authentication.
      22. Find "SMS mobile phone" in the list of factors and press Settings.
      23. Confirm you can see the newly created SMS gateway in the list of SMS gateways.
      24. Select the created SMS gateway in the SMS gateway setting.
      25. Enable the factor and confirm you can then set the factor weight and secret validity duration.
      26. Fill those with the default values and save changes.
      27. Set up the "SMS mobile phone" factor with your mobile phone number.
      28. Confirm you have received an SMS on your phone.
      29. Enter the code you received where prompted in Moodle and continue.
      30. Open a second browser (either a different browser, or a private/incognito session, so it is not currently logged in) and access Moodle with your user.
      31. Enter your username and password.
      32. Confirm a new screen is displayed where it asks for the Mobile phone SMS.
      33. Confirm you have received an SMS on your phone.
      34. Enter the code in the box and click on verify code.
      35. Confirm you are logged successfully and you have access to Moodle.
      36. You may want to also test a student can follow the same process and log in with SMS as a second factor.

      NOTE: If you mess things up and locked yourself out, you can disable the whole MFA plugin from the CLI:

      php admin/cli/cfg.php --component=tool_mfa --name=enabled --set=0

       

      Show
      Prerequisites This will be tested by Moodle HQ due to requiring your mobile number to be added to the AWS sandbox account. The LMS Platform team will set the tester up with AWS SMS access. Where the testing steps reference your mobile phone number, you should only use the one that was setup on the AWS sandbox account, otherwise you will not receive the required SMS. You will require one site on Moodle 4.4, and another brand new site on 4.5. You will require admin access to both Moodle sites. You will want to have CLI access to the sites, to recover from any account lockout. Test Mobile phone SMS Authentication (upgrade): Log into your Moodle 4.4 instance as admin. Navigate to: Site administration > plugins > admin tools > Multi-factor authentication. Enable the "MFA plugin enabled" checkbox and save. Find "SMS mobile phone" in the list of factors and press Settings. Enable the factor and set it up with the provided AWS credentials. Checkout 4.5 (main) and upgrade the site. Navigate to: Site administration > plugins > admin tools > Multi-factor authentication. Confirm you can see the new setting SMS gateway. Confirm the SMS gateway setting has the following option selected: MFA AWS (AWS). Navigate to: Site administration > plugins > SMS > Manage SMS Gateways. Confirm you can see the following gateway in the table: MFA AWS (AWS). Click the toggle to disable the gateway. Confirm you can see the notification that it's in use and cannot be disabled. Click the Delete action to delete the gateway. Confirm you can see the notification that it's in use and cannot be deleted. Click the Edit action to edit the gateway. Confirm you can see the same credentials you previously set up in MFA (to confirm they migrated successfully). Access your user preferences / "Multi-factor authentication preferences". Set up the "SMS mobile phone" factor with your mobile phone number. Confirm you have received an SMS on your phone. Enter the code you received where prompted in Moodle and continue. Open a second browser (either a different browser, or a private/incognito session, so it is not currently logged in) and access Moodle with your user. Enter your username and password. Confirm a new screen is displayed where it asks for the Mobile phone SMS. Confirm you have received an SMS on your phone. Enter the code in the box and click on verify code. Confirm you are logged successfully and you have access to Moodle. Once logged in as admin, open notifications and confirm that you received the notification about the migration of the SMS gateway instance. Test Mobile phone SMS Authentication (fresh install): Stand up a Moodle main (4.5) instance. Access to your Moodle as admin user. Navigate to: Site administration > plugins > admin tools > Multi-factor authentication. Enable the "MFA plugin enabled" checkbox and save. Find "SMS mobile phone" in the list of factors and press Settings. Confirm you are prompted to set up an SMS gateway. Follow the link "set up an SMS gateway". Fill all the fields using the AWS credentials provided previously. Save changes. Confirm you are redirected back to the SMS mobile phone settings for MFA, and config options are now available. Navigate to: Site administration > plugins > SMS > Manage SMS Gateways. Click the toggle to disable the gateway. Confirm that the gateway is disabled. Click the Edit action. Change the name of the gateway. Confirm that the gateway is updated with the new name. Click the Delete action. Select continue button in the dialogue. Confirm that the gateway is deleted. Create another SMS gateway using the same AWS credentials. Navigate to: Site administration > plugins > admin tools > Multi-factor authentication. Find "SMS mobile phone" in the list of factors and press Settings. Confirm you can see the newly created SMS gateway in the list of SMS gateways. Select the created SMS gateway in the SMS gateway setting. Enable the factor and confirm you can then set the factor weight and secret validity duration. Fill those with the default values and save changes. Set up the "SMS mobile phone" factor with your mobile phone number. Confirm you have received an SMS on your phone. Enter the code you received where prompted in Moodle and continue. Open a second browser (either a different browser, or a private/incognito session, so it is not currently logged in) and access Moodle with your user. Enter your username and password. Confirm a new screen is displayed where it asks for the Mobile phone SMS. Confirm you have received an SMS on your phone. Enter the code in the box and click on verify code. Confirm you are logged successfully and you have access to Moodle. You may want to also test a student can follow the same process and log in with SMS as a second factor. NOTE: If you mess things up and locked yourself out, you can disable the whole MFA plugin from the CLI : php admin/cli/cfg.php --component=tool_mfa --name=enabled --set=0  
    • 1
    • Team Hedgehog 2024 Sprint 3.3

      This will replace the steps from the 4.4 release related to SMS MFA factor.

      This should essentially be a revised set of steps based on the SMS MVP issue, adjusted to note creds need to be set up by the LMS platform team, and it should be tested by HQ only due to requiring paid creds.

            michaelh Michael Hawkins
            michaelh Michael Hawkins
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 hour, 1 minute
                1h 1m

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.