CRUD bug taxonomies

Taxonomy is the practice and science (study) of classification of things and concepts, including the principles that underlie such classification [source Wikipedia]. First time when I herd of how to apply taxonomy in software testing was in BBST Test Design course. You can find more details in Dr. Cem Kaner paper, Bug Taxonomies: Use Them to Generate Better Tests.

In my testing I often have to test CRUD functionality. I searched for CRUD (create, retrieve, update, delete) bug taxonomy list, but Google did not list any relevant result.

In this post I will try to do bug taxonomy for CRUD acronym. CRUD acronym is often used and I think that many testers would found that list very useful. In the end, I will map CRUD acronym on REST API methods.

In this example we have object with mandatory and optional attributes. One of the attributes must have unique value. Client side could create any Object (no any check is performed) and server has to do all checks. Context of bug taxonomy are object attribute values.

Create object:

Retrieve object:

Update object:

Delete object:

Notice the redundancy in Retrieve, Update and Delete.

This could be easily mapped to REST API:
Create -> POST
Retrieve -> GET
Update -> PUT
Delete -> DELETE

When I start testing RSET API, I first automate tests for CRUD bug taxonomy. But that taxonomy must be also used by project management in order to negotiate REST API protocol. For every object, we must know:

Otherwise,  RSET API could easily be used for malicious data manipulation. If you found that I missed some bug taxonomy, please let me know and I will add it to the list.