Best practices for testing
RECOMMENDATION: We recommend a development process that includes all major types of testing – unit, integration, UI automation, performance and security.
Following is a list of all major types of testing and the recommended best practices in the context of add-on development:
We recommend using a powerful mocking framework when testing custom code that has Sitefinity CMS dependencies. JustMock provides for unrestricted mocking of dependent objects, including non-virtual methods, sealed classes, static methods and classes, as well as non-public members and types.
When developing for Sitefinity CMS, you need to cover your custom code with integration tests that use the Sitefinity CMS context in order to test your custom logic in an actual environment. The Sitefinity CMS web test runner connects to the Sitefinity CMS application and queries all of the tests available. For more information, see Tutorial: Create integration tests with Sitefinity CMS web test runner.
UI automation testing
When testing the developed add-on, we recommend using a setup with an empty Sitefinity CMS application with the add-on installed on it. This environment can be used for the execution of GUI automation tests that verify that the add-on works as expected from an end-user perspective. We recommend ensuring that the test cases cover all steps of the installation, import of content, and use of the given add-on.
In addition to the Basic Security Practices for Web Applications, we recommend using static application security testing (SAST) and dynamic application security testing (DAST) tools.