**1. Product Version 2 (roughly 75% of the project implemented):**
**1. Product Version 2 (roughly 75% of the project implemented):**
- Implementation of 1-2 additional epics (compared to product version 1).
- Make sure all code is committed on GitLab by the deadline.
New epics implemented:
-Track the user stories in your product backlog accordingly.
-As a health conscious individual with dietary restrictions, I want to find recipes that filter out my allergies and utilize leftovers so I can cook regularly at home, avoid processed food and reduce eating out (Hiba worked on this).
**2. Test/QA Plan (should contain the following info):**
**2. Test/QA Plan (should contain the following info):**
- Introduction - A brief description of the quality assurance strategies you are using
**Introduction - A brief description of the quality assurance strategies you are using**
- Scope - The features/requirements/user stories (functional and non-functional) that will be checked and those that will not be checked.
- Test methodology - deliverables, strategies/approach (unit, regression, system/integration, acceptance), bug reporting, test tools (See the "test plan" document on Canvas as a guide
- List the test cases used to evaluate (at least 10 test cases for each user story)
- _**Manual Unit Testing:**_ Individual frontend components (search bar, filter dropdowns, recipe cards, comment inputs, rating stars, photo upload sections, profile settings) and backend API endpoints ( recipe CRUD routes, search/filter APIs, authentication routes, comments/ratings APIs). The goal is to confirm that each part works properly in isolation.
- _**Manual Integration Testing**_ - After unit-level checks, we test how different modules interact. Examples include verifying that search inputs correctly communicate with the backend, recipes load all required details, uploaded photos appear properly, user authentication persists across pages, filters update results in real time, and comments/ratings or saved recipes sync properly with the database. This ensures the system behaves correctly when components depend on each other.
- _**System Testing:**_ We run complete end-to-end tests in the browser to simulate full user journeys. This covers user sign-in, searching or filtering recipes, creating and uploading recipes, and interacting with recipe pages. These tests evaluate the whole app as a single working system.
- _**Acceptance Testing**_- Each user story is checked against its acceptance criteria. Team members act as the personas and verify that the feature behaves the way it was described in the backlog and in the acceptance tests.
- _**Regression Testing**_- Whenever we introduce new features or update existing ones, we re-test previously completed features: search, filtering, recipe creation, AI generation, photo uploads, comments/ratings, and leaderboard updates. This helps ensure older functionality continues to work after new changes.
- _**User Interface Testing**_ - We manually inspect how the UI behaves across different pages. This includes checking button responsiveness, form validation, search interactions, dropdown filters, photo previews, page layouts, and overall usability. The goal is to ensure that the interface is clean, intuitive, and consistent across the entire application.
**Scope - The features/requirements/user stories (functional and non-functional) that will be checked and those that will not be checked.**
**Features to be tested:**
_**1. User Profile Management**_
- Creating a profile with personal details
- Editing profile information
- Ensuring profile information is correctly displayed to other users
- Verifying that authentication works when users perform profile-related actions
_**2. Search and Filter System**_
- Searching by a single ingredient
- Searching by multiple ingredients
- Searching by title
- Searching by recipe description
- Using filter options:
- Allergy restrictions
- Cuisine type
- Include ingredients
- Exclude ingredients
- Ensuring the “Clear All Filters” button resets filters and search results properly
_**3. Recipe Listing & Recipe Detail Pages**_
- Displaying recipes with all required details (title, ingredients, steps, author, date, images)
- Ensuring recipe cards load correctly in the search results
- Accurate rendering of photos and instructions on the recipe detail page
- GenAI recipe generation, including:
- Prompt submission
- Generated recipe formatting
- Image and ingredient inclusion when applicable
_**4. Comments and Ratings**_
- Posting a comment as a logged-in user
- Ensuring multiple users can comment on the same recipe
- Liking/disliking individual comments
- Submitting a rating (1–5 stars)
- Ensuring each user can only rate a recipe once
- Correct calculation and display of the average rating
- Updating the average rating when new ratings are submitted
- Displaying the username and timestamp for each comment
_**5. Recipe Creation System**_
- Creating a recipe with all required fields (title, ingredients, instructions, description)
- Uploading one or more photos
- Validating required fields before allowing recipe submission
- Ensuring the new recipe appears in the recipe list after creation
_**6. Leaderboard System**_
- Loading and displaying leaderboard rankings
- Sorting recipes correctly based on rating or score
- Showing rank, recipe title, and score for each entry
- Highlighting or identifying the user’s own recipes within the leaderboard
- Updating leaderboard order when new ratings are added
- Error handling (empty fields, invalid input, API errors)
- Basic responsiveness and layout consistency
**Features to not be tested:**
These items are beyond the scope of the current milestone:
- Internal processes of any third-party services
- Database backup and recovery procedures
- Server hosting, infrastructure performance, or load balancing
- Compatibility with outdated or unsupported browsers
- High-volume stress or performance testing
**3. Test Methodology**
_**Deliverables**_
- Test Plan Document (this document)
- Test Cases for each user story (minimum 10 per user story)
- Bug Reports documented through GitLab Issues
- Test Execution Logs (notes/screenshots captured during testing)
- Final Acceptance Test Summary for completed epics
- Regression Test Checklist used during each new feature deployment
_**Strategies/Approaches**_
_**1. Unit Testing (Manual)**_
- Focus on individual components and backend endpoints.
- Example targets: comment submission function, rating calculation logic, search filter behaviour, recipe creation form validation, file upload handling, etc.
- Verified using:
- Manual input testing in the UI
- Postman API calls
- Console inspection via Chrome DevTools: Used to verify component behaviour, check for frontend errors, watch API calls in the Network tab, and confirm UI elements update correctly during manual testing.
- Database validation by checking if the correct records were created or updated after API calls (new recipe entry, comment saved, rating recorded, etc.)
- Goal: Ensure each module works independently as expected.
_**2. Integration Testing**_
- Ensures that different modules communicate properly and work together as expected.
- Leaderboard → database rating data → sorted ranking display
- Integration testing is done after each major feature or epic is completed.
_**3. System Testing**_
- End-to-end testing of the entire application in a real browser.
- Validates full user workflows, such as:
- Logging in → searching → opening a recipe → commenting → liking/disliking → rating
- Creating a recipe → uploading photos → viewing the final listing
- Generating an AI recipe → reviewing formatting and content → saving it
- Viewing the leaderboard → checking ranking order and scores
- System testing covers overall functionality and basic non-functional aspects like usability and layout consistency.
_**4. Acceptance Testing**_
- Based directly on the acceptance criteria written for each user story.
- Team members test features as if they were real users from the personas.
- A feature is “accepted” only when all acceptance criteria are met with no outstanding issues.
_**5. Regression Testing**_
- Re-runs important tests after any new feature, update, or fix is added.
- Ensures previously working features—search, filters, recipe creation, comments, ratings, profile pages, and the leaderboard—still behave correctly.
- Regression testing is done:
- Before finalizing Product Version 2
- After fixing medium or high-severity bugs
- After adding or updating backend endpoints
_**6. User Interface (UI) Testing**_
- UI testing checks that the application looks and behaves correctly from the user’s point of view. This includes:
- Verifying all forms and inputs work properly (search, filters, recipe creation, comments, ratings).
- Making sure navigation between pages is smooth and consistent.
- Checking button states, error messages, and general visual feedback.
- Ensuring images and recipe details display correctly on listing and detail pages.
- Confirming the leaderboard shows ranks, scores, and titles clearly.
- Reviewing layout and responsiveness on different screen sizes.
- UI testing is done manually in the browser to ensure the interface is clear, usable, and consistent.
_**Bug Reporting**_
All bugs identified during testing follow this workflow:
- Bug Identification: The tester finds unexpected or incorrect behaviour.
- Reproduction: The tester repeats the steps to confirm the issue is consistent.
- Documentation: Each bug includes:
- Title
- Description
- Steps to reproduce
- Expected vs. actual behaviour
- Fix & Verification
- The developer fixes the bug and commits changes referencing the issue.
- The tester re-runs the test case to verify the fix.
- Regression Testing: Surrounding features are tested to ensure no new bugs were introduced.
_**Test Tools**_
- Postman: Used to manually test backend API endpoints (comments, ratings, authentication, recipe creation, and search queries).
- Chrome DevTools: Used for debugging UI behavior, inspecting network requests, monitoring console logs, and testing responsiveness.
- Browser-Based Manual Testing: Used to manually verify user flows, UI states, and interactions.
- GitLab Issues: Used for bug tracking, prioritization, and progress updates.
- VS Code Debugger (used as needed): Used during development to inspect code execution and debug logic errors.
_**Test Cases**_
**Epic 1: As HomeCookHerin, I want to explore and interact with recipes from various cuisines so that I can learn to cook new dishes and find inspiration (Amna's Epic)**
User Story 1: As HomeCookHerin, I want to search for recipes by cuisine type and filter results by main ingredient so I can quickly find recipes that match my interests.
| Test Case ID | Test Scenario | Test Steps | Test Data | Expected Results | Actual Results | Pass/Fail |
| TC-SEARCH-10 | Verify “Clear All Filters” resets search | 1. Apply any filters.<br>2. Click “Clear All Filters”. | — | Filters reset and full, unfiltered recipe list is shown. | -- | -- |
User Story 2: As HomeCookHerin, I want to rate and comment on recipes I have tried so that I can provide feedback to other cooks and mark which recipes I enjoyed.
| Test Case ID | Test Scenario | Test Steps | Test Data | Expected Results | Actual Results | Pass/Fail |
| TC-RATE-03 | Rating without logging in | 1. Log out.<br>2. Open recipe.<br>3. Attempt to rate. | -- | System prompts user to log in before rating. | -- | -- |
| Test Case ID | Test Scenario | Test Steps | Test Data | Expected Results | Actual Results | Pass/Fail |
| TC-COM-03 | Multiple users commenting | 1. User A comments.<br>2. Logout.<br>3. User B logs in and comments. | A:"Good", B:"Great" | Both comments appear with correct usernames and timestamps. | -- | -- |
| Test Case ID | Test Scenario | Test Steps | Test Data | Expected Results | Actual Results | Pass/Fail |
- As a group, customize the code inspection document/checklist (which will be provided in the lecture) and add other appropriate items to fit your product (giving us an exact replica of the checklist will be a zero).
**- As a group, customize the code inspection document/checklist (which will be provided in the lecture) and add other appropriate items to fit your product (giving us an exact replica of the checklist will be a zero).**
- Use the checklist to check another team member’s code (you cannot check your own code). Each team member needs to submit a report.
_**General**_
1. Does the code work as intended for the feature being reviewed (e.g., search, filters, comments, recipe upload, leaderboard)?
2. Is the code easy to read and understand without relying on external explanations?
3. Does the code follow our team’s conventions (React component naming, consistent indentation, meaningful variable names, clear folder structure)?
4. Is there any repeated logic that could be moved into shared utilities (e.g., API error handlers, database queries, form validation)?
5. Is the component or function modular, or is it doing more than one responsibility?
6. Are there unnecessary global variables or shared state values?
7. Is there commented-out code that should be removed?
8. Are loops, array maps, and async workflows properly controlled and guaranteed to terminate?
9. Do variable and function name clearly describe their purpose (e.g., handleLikeClick vs. clickFunction)?
_**Performance**_
1. Are there any expensive operations that run more often than necessary (e.g., re-fetches on every render, un-memoized computations)?
2. Can built-in methods (map, reduce, filter) replace custom loops?
3. Are unnecessary console logs or debugging statements left in the code?
4. Are API calls grouped efficiently (e.g., avoiding repeated fetches inside components)?
_**Security**_
1. Are backend inputs validated (types, required fields, length limits) before being used in queries?
2. Are database queries protected against injection, relying on parameterized queries using pg-pool?
3. Are errors from third-party tools (e.g., file uploads, JWT verification) properly handled?
4. Are invalid parameters (e.g., missing recipeId, invalid rating value) rejected with appropriate error responses?
5. Are password-protected or user-specific routes using authentication middleware (protectRoute) correctly?
_**Documentation**_
1. Do functions or components include meaningful comments when logic is not immediately obvious?
2. Are all API routes documented (purpose, inputs, outputs)?
3. Are unusual behaviors or edge cases (e.g., rating updates, filtering multiple ingredients) explained?
4. Are third-party libraries (bcrypt, JWT, PostgreSQL client, React icons, etc.) used in a clear and understandable way?
5. Are TODOs marked clearly where something is incomplete or will be updated?
6. Are data structures explained (e.g., recipe object, comment schema, ratings table)?
_**Testing**_
1. Is the code structured to be testable (clear functions, predictable props, isolated logic)?
2. Can functions be triggered manually for testing (e.g., clean API endpoints, stable UI selectors)?
| **General** | Does the code work as intended for the feature being reviewed? | Yes, comments, ratings, average rating updates, and reactions all work. |
| General | Is the code easy to read and understand? | Yes. |
| General | Does the code follow team coding conventions? | Yes, consistent naming, formatting, and folder structure. |
| General | Any repeated logic that should be moved to shared utilities? | No repeated logic found. |
| General | Is the component or function modular? | Yes, each part performs one responsibility. |
| General | Any unnecessary global variables or shared state? | No. |
| General | Any commented-out code that should be removed? | No. |
| General | Are loops/maps/async workflows properly controlled? | Yes. |
| General | Do variable/function names clearly describe their purpose? | Yes — e.g., `handleReaction`, `fetchComments`. |
| **Performance** | Any expensive operations running too often? | No. |
| Performance | Can built-in methods replace custom loops? | Already using built-in methods. |
| Performance | Any unnecessary console logs/debug statements? | Yes — rating stars log errors instead of showing alerts. |
| Performance | Are API calls grouped efficiently? | Yes. |
| **Security** | Are backend inputs validated before queries? | Yes. |
| Security | Are database queries protected (parameterized)? | Not fully — needs improvement. |
| Implementation | Any possible overflow/invalid values in calculations? | No. |
| Implementation | Are parenthesis/grouping used properly? | Yes. |
| Implementation | Are async operations handled safely (try/catch)? | Yes, but some missing UI alerts. |
| Implementation | Do loops/branches terminate correctly? | Yes. |
| Implementation | Are if-else/switch structures complete and readable? | Yes, with comments when needed. |
_**Hiba's Report to Herin**_
_**Aron's Report to Hooriya**_
_**Hooriya's Report to Aron**_
**4. Contributions and Action Plan**
**4. Contributions and Action Plan**
- Provide a list of who did what for this milestone and assign a % for their contribution and who will work on what for the next milestone.
- Provide a list of who did what for this milestone and assign a % for their contribution and who will work on what for the next milestone.
5. Optional: Updated versions of previous deliverables.
Team Contribution Breakdown
| Member | Work Completed | Contribution % |
| ------ | ------ | ------ |
| Amna Shakeel | Worked on Deliverable 3. Fixed comment + rating logic to work with authenticated users. Created test cases for my user stories. | 20% |
Amna's: I used ChatGPT to help format the test cases, clean up wording, and organize sections of this document but all final content reflects my own work and decisions.
