diff options
author | sg481n <sg481n@att.com> | 2017-08-03 17:27:34 -0400 |
---|---|---|
committer | sg481n <sg481n@att.com> | 2017-08-03 17:27:34 -0400 |
commit | 43854a9e3310ff7a92257d16c4fc0a8321eaec68 (patch) | |
tree | 46af936c5da4f9c60d7d63dade5c61a8fd5ef9f4 /authz-test/TestSuite/TC_Cred1 | |
parent | f691a8b8dfc9eea4c6b3bfa45ea60f07ad347e69 (diff) |
[AAF-21] Initial code import
Change-Id: I63d7d499bbd46f500b5f5a4db966166f613f327a
Signed-off-by: sg481n <sg481n@att.com>
Diffstat (limited to 'authz-test/TestSuite/TC_Cred1')
-rw-r--r-- | authz-test/TestSuite/TC_Cred1/00_ids | 8 | ||||
-rw-r--r-- | authz-test/TestSuite/TC_Cred1/10_init | 36 | ||||
-rw-r--r-- | authz-test/TestSuite/TC_Cred1/15_create | 33 | ||||
-rw-r--r-- | authz-test/TestSuite/TC_Cred1/30_multiple_creds | 69 | ||||
-rw-r--r-- | authz-test/TestSuite/TC_Cred1/99_cleanup | 29 | ||||
-rw-r--r-- | authz-test/TestSuite/TC_Cred1/Description | 16 |
6 files changed, 191 insertions, 0 deletions
diff --git a/authz-test/TestSuite/TC_Cred1/00_ids b/authz-test/TestSuite/TC_Cred1/00_ids new file mode 100644 index 00000000..9f6ad902 --- /dev/null +++ b/authz-test/TestSuite/TC_Cred1/00_ids @@ -0,0 +1,8 @@ +expect 0 +set testid@aaf.att.com=<pass> +set testunused@aaf.att.com=<pass> +set bogus=boguspass +set XX@NS=<pass> + +#delay 10 +set NFR=0 diff --git a/authz-test/TestSuite/TC_Cred1/10_init b/authz-test/TestSuite/TC_Cred1/10_init new file mode 100644 index 00000000..18231c0d --- /dev/null +++ b/authz-test/TestSuite/TC_Cred1/10_init @@ -0,0 +1,36 @@ +as testid@aaf.att.com +# TC_Cred1.10.0.POS List NS to prove ok +expect 200 +ns list name com.test.TC_Cred1.@[user.name] + +# TC_Cred1.10.1.POS Create Personalized Namespace to add Credentials +expect 201 +ns create com.test.TC_Cred1.@[user.name] @[user.name] testid@aaf.att.com + +# TC_Cred1.10.10.POS Create role to assign mechid perm to +expect 201 +role create com.test.TC_Cred1.@[user.name].cred_admin testid@aaf.att.com +role create com.test.TC_Cred1.@[user.name].pw_reset + +# TC_Cred1.10.11.POS Assign roles to perms +as XX@NS +expect 201 +perm create com.att.aaf.password com.test reset com.test.TC_Cred1.@[user.name].pw_reset +perm create com.att.aaf.mechid com.test create com.test.TC_Cred1.@[user.name].cred_admin +perm grant com.att.aaf.mechid com.att create com.test.TC_Cred1.@[user.name].cred_admin + +as testid@aaf.att.com +# TC_Cred1.10.30.POS Assign user for creating creds +expect 201 +user cred add m99999@@[user.name].TC_Cred1.test.com password123 +set m99999@@[user.name].TC_Cred1.test.com=password123 + + +# TC_Cred1.10.31.POS Credential used to similate non-admin Tier1 user with reset and create permissions +expect 201 +user role add m99999@@[user.name].TC_Cred1.test.com com.test.TC_Cred1.@[user.name].pw_reset,com.test.TC_Cred1.@[user.name].cred_admin + +# TC_Cred1.10.32.POS Remove create rights for testing +expect 200 +user role del testid@aaf.att.com com.test.TC_Cred1.@[user.name].cred_admin + diff --git a/authz-test/TestSuite/TC_Cred1/15_create b/authz-test/TestSuite/TC_Cred1/15_create new file mode 100644 index 00000000..c862d980 --- /dev/null +++ b/authz-test/TestSuite/TC_Cred1/15_create @@ -0,0 +1,33 @@ +# TC_Cred1.15.1.NEG Non-Admin, no permission user cannot create mechID +as testunused@aaf.att.com +expect 403 +user cred add m99990@@[user.name].TC_Cred1.test.com password123 + +# TC_Cred1.15.3.POS Non-Admin, with create permission user can create mechID +as m99999@@[user.name].TC_Cred1.test.com +expect 201 +user cred add m99990@@[user.name].TC_Cred1.test.com password123 + +# TC_Cred1.15.10.NEG Non-Admin, no reset permission cannot reset mechID +as testunused@aaf.att.com +expect 403 +user cred reset m99990@@[user.name].TC_Cred1.test.com password123 + +# TC_Cred1.15.11.POS Non-Admin, with reset permission can reset mechID +as m99999@@[user.name].TC_Cred1.test.com:password123 +expect 200 +user cred reset m99990@@[user.name].TC_Cred1.test.com password123 + +# TC_Cred1.15.12.POS Admin, without reset permission can reset Password +as testid@aaf.att.com +expect 200 +user cred reset m99990@@[user.name].TC_Cred1.test.com password123 + +# TC_Cred1.15.15.POS Admin, without reset permission can reset mechID +expect 200 +user cred reset m99990@@[user.name].TC_Cred1.test.com password123 1 + +# TC_Cred1.15.20.POS Admin, delete +expect 200 +user cred del m99990@@[user.name].TC_Cred1.test.com password123 1 + diff --git a/authz-test/TestSuite/TC_Cred1/30_multiple_creds b/authz-test/TestSuite/TC_Cred1/30_multiple_creds new file mode 100644 index 00000000..689225e2 --- /dev/null +++ b/authz-test/TestSuite/TC_Cred1/30_multiple_creds @@ -0,0 +1,69 @@ +# TC_Cred1.30.1.NEG Multiple options available to delete +as XX@NS +expect 201 +user cred add m99990@@[user.name].TC_Cred1.test.com pass23Word + +as testid@aaf.att.com +expect 201 +user cred add m99990@@[user.name].TC_Cred1.test.com pass23worD + +# TC_Cred1.30.2.POS Succeeds when we choose last option +expect 200 +user cred del m99990@@[user.name].TC_Cred1.test.com 2 + +# TC_Cred1.30.10.POS Add another credential +expect 201 +user cred add m99990@@[user.name].TC_Cred1.test.com password123 + +# TC_Cred1.30.11.NEG Multiple options available to reset +expect 300 +user cred reset m99990@@[user.name].TC_Cred1.test.com password123 + +# TC_Cred1.30.12.NEG Fails when we choose a bad option +expect 406 +user cred reset m99990@@[user.name].TC_Cred1.test.com password123 0 + +# TC_Cred1.30.13.POS Succeeds when we choose last option +expect 200 +user cred reset m99990@@[user.name].TC_Cred1.test.com password123 2 + +#TC_Cred1.30.30.NEG Fails when we don't have specific property +expect 403 +user cred extend m99990@@[user.name].TC_Cred1.test.com + +#### EXTENDS behavior #### +#TC_Cred1.30.32.POS Setup Temp Role for Extend Permission +expect 201 +as XX@NS +role create com.test.TC_Cred1.@[user.name].extendTemp + +#TC_Cred1.30.33.POS Grant Extends Permission to Role +expect 201 +perm grant com.att.aaf.password com.att extend com.test.TC_Cred1.@[user.name].extendTemp + +#TC_Cred1.30.35.POS Add current User to Temp Role for Extend Permission +expect 201 +role user add com.test.TC_Cred1.@[user.name].extendTemp XX@NS + +#TC_Cred1.30.36.POS Extend Password, expecting Single Response +expect 200 +user cred extend m99990@@[user.name].TC_Cred1.test.com 1 + +#TC_Cred1.30.39.POS Remove Role +expect 200 +set force=true +role delete com.test.TC_Cred1.@[user.name].extendTemp + +#### MULTI CLEANUP ##### +expect 200 +role list user m99990@@[user.name].TC_Cred1.test.com + +# TC_Cred1.30.80.POS Delete all entries for this cred +expect 200 +set force=true +user cred del m99990@@[user.name].TC_Cred1.test.com + +# TC_Cred1.30.99.POS List ns shows no creds attached +expect 200 +ns list name com.test.TC_Cred1.@[user.name] + diff --git a/authz-test/TestSuite/TC_Cred1/99_cleanup b/authz-test/TestSuite/TC_Cred1/99_cleanup new file mode 100644 index 00000000..3af41749 --- /dev/null +++ b/authz-test/TestSuite/TC_Cred1/99_cleanup @@ -0,0 +1,29 @@ +as testid@aaf.att.com +# TC_Cred1.99.1.POS Delete credentials +expect 200,404 +force user cred del m99990@@[user.name].TC_Cred1.test.com + +#TC_Cred1.99.2.POS Ensure Remove Role +expect 200,404 +set force=true +role delete com.test.TC_Cred1.@[user.name].extendTemp + +# TC_Cred1.99.10.POS Remove ability to create creds +force user role del testid@aaf.att.com com.test.TC_Cred1.@[user.name].cred_admin + +as XX@NS +perm ungrant com.att.aaf.mechid com.att create com.test.TC_Cred1.@[user.name].cred_admin +force perm delete com.att.aaf.password com.test reset +force perm delete com.att.aaf.mechid com.test create + +as testid@aaf.att.com +force role delete com.test.TC_Cred1.@[user.name].cred_admin +force role delete com.test.TC_Cred1.@[user.name].pw_reset + +# TC_Cred1.99.99.POS Delete Namespace for TestSuite +set force=true ns delete com.test.TC_Cred1.@[user.name] + +as XX@NS +force ns delete com.test.TC_Cred1.@[user.name] +force ns delete com.test.TC_Cred1 + diff --git a/authz-test/TestSuite/TC_Cred1/Description b/authz-test/TestSuite/TC_Cred1/Description new file mode 100644 index 00000000..59af5e1d --- /dev/null +++ b/authz-test/TestSuite/TC_Cred1/Description @@ -0,0 +1,16 @@ +This Testcase Tests the essentials of User Credentials + +APIs: + POST /auth/cred + PUT /auth/cred + DELETE /auth/cred + + +CLI: + Target + user addCred :user :password + user delCred :user + Ancillary + ns create + ns delete + |