Testing Boundaries

Sometimes we need to test our interaction with a certain dependency, but doing so proves difficult. But using a certain trick, we can get nearly the same assurance we're seeking without all the hassle.

The problem

Let's say you want to test that when you lock your bedroom door, it cannot be opened from the outside. The problem is that there's only one door, and you're all by yourself. So if you actually step outside the door, lock it, and shut it, you'll be locked out of your own bedroom. Getting back in may be difficult, expensive or even impossible.

One approach to testing this could be to stand on the inside, lock it, and try to pull it open. But first of all that won't work with many types of locks, which automatically unlock themselves when turned from the inside. But more importantly, this doesn't give us the assurance that it can't be opened from the outside when locked, which is precisely what we want to test.

This isn't that different from testing software. Sometimes we want to test an interaction with something like a database or the file system. If we tried to use the real thing in our tests, it would likely be problematic. Setting up the environment for tests and ensuring it's taken down correctly is tricky and often slows down tests. Plus it can easily become a bottleneck to making the test suite portable between different machines.

The solution

The key is to make use of known principles, and test around them instead of through them.

Let's look at our door example. We know that whether the handle can be turned is independent of whether the door is closed. So while the door is open, we can test that the outside handle can't be turned when the lock is enabled. This gives us assurance that the lock makes the handle unable to be turned from the outside.

We already have half our assurance. The only behavior left to test is that when the door is pushed at from the outside, it doesn't open. We can test this with the door unlocked so we don't lock ourselves out, since we've just proven that it's impossible to turn the handle when it's locked anyway. So pushing at the door is equivalent to trying to open it properly when locked.

These are the only two tests we need to give us nearly complete assurance that nobody can open the door from the outside when it's locked. It may not be literally the same as locking yourself out, but it's as close as we'll get without having a locksmith on call. All we had to do was design the right tests taking into account the relevant principles at work.

In practice

Let's say we want to test that our object-under-test searches our database for any names beginning with "Bob". We don't need to load up a database and fire up a real query just to generate this kind of assurance. Instead we can rely on the documentation of our database which indicates that a query using the = operator may use wildcards (asterisks) in the string.

Our first test would state that our object-under-test calls the function FindNamesBeginningWith() passing in the string "Bob". Our second test states that this function sends a SQL query to the database containing "WHERE NAME = '?*'" and the string argument. (In real life each database has it's own unique API for doing this, but that's beside the point.)

One extra benefit of this technique is that if either behavior breaks in our production code, only one test will fail. For example if we call the function just right, but the function doesn't generate the right SQL query, our test that says we call the function will still pass. If we were to use the real database throughout our test suite, then every test whose execution path included that function would also fail, disguising the real source of the problem with an avalanche of mysteriously failing tests with potentially obfuscating output.


There are a few caveats with this technique. For one thing, these principles are implied, so they're virtually hidden. If we were to apply this principle in some tests, either the name of the test or the comments should indicate the principle assumed to be at work in the test. Otherwise the tests become fragile. Communication between teammates is the key here, especially some kind of longer-term communication.

Another caveat is that, unlike with physics, the laws of a given software library may not match up with another library, or even a future version of the selfsame library. In the above example, this test might pass with MySQL but fail if we switched to PostgreSQL. Or, it may pass with MySQL 2, but tomorrow a teammate may upgrade the system to MySQL 3, and although your tests would pass, the functionality would break in production.

This technique isn't a panacea, and it may be the wrong solution in many circumstances. But as with all tools in our generalized tool-belts, it has a time and place, and you may one day find this is the best solution for the task at hand. On that day, I hope this analogy serves well as an alternative perspective when deciding what kind of tests to write.

Steven Degutis has worked with a variety of programming languages including Ruby, Python, Objective-C, Clojure, C, and Go.