[AAF-21] Initial code import

Change-Id: I63d7d499bbd46f500b5f5a4db966166f613f327a
Signed-off-by: sg481n <sg481n@att.com>

6 files changed, 191 insertions, 0 deletions

diff --git a/authz-test/TestSuite/TC_Cred1/00_ids b/authz-test/TestSuite/TC_Cred1/00_ids
new file mode 100644
index 00000000..9f6ad902
--- /dev/null
+++ b/authz-test/TestSuite/TC_Cred1/00_ids
@@ -0,0 +1,8 @@
+expect 0
+set testid@aaf.att.com=<pass>
+set testunused@aaf.att.com=<pass>
+set bogus=boguspass
+set XX@NS=<pass>
+
+#delay 10
+set NFR=0
diff --git a/authz-test/TestSuite/TC_Cred1/10_init b/authz-test/TestSuite/TC_Cred1/10_init
new file mode 100644
index 00000000..18231c0d
--- /dev/null
+++ b/authz-test/TestSuite/TC_Cred1/10_init
@@ -0,0 +1,36 @@
+as testid@aaf.att.com
+# TC_Cred1.10.0.POS List NS to prove ok
+expect 200
+ns list name com.test.TC_Cred1.@[user.name]
+
+# TC_Cred1.10.1.POS Create Personalized Namespace to add Credentials
+expect 201
+ns create com.test.TC_Cred1.@[user.name] @[user.name] testid@aaf.att.com
+
+# TC_Cred1.10.10.POS Create role to assign mechid perm to
+expect 201
+role create com.test.TC_Cred1.@[user.name].cred_admin testid@aaf.att.com
+role create com.test.TC_Cred1.@[user.name].pw_reset 
+
+# TC_Cred1.10.11.POS Assign roles to perms
+as XX@NS
+expect 201
+perm create com.att.aaf.password com.test reset com.test.TC_Cred1.@[user.name].pw_reset
+perm create com.att.aaf.mechid com.test create com.test.TC_Cred1.@[user.name].cred_admin 
+perm grant com.att.aaf.mechid com.att create com.test.TC_Cred1.@[user.name].cred_admin
+
+as testid@aaf.att.com
+# TC_Cred1.10.30.POS Assign user for creating creds
+expect 201
+user cred add m99999@@[user.name].TC_Cred1.test.com password123
+set m99999@@[user.name].TC_Cred1.test.com=password123
+
+
+# TC_Cred1.10.31.POS Credential used to similate non-admin Tier1 user with reset and create permissions
+expect 201
+user role add m99999@@[user.name].TC_Cred1.test.com com.test.TC_Cred1.@[user.name].pw_reset,com.test.TC_Cred1.@[user.name].cred_admin
+
+# TC_Cred1.10.32.POS Remove create rights for testing
+expect 200
+user role del testid@aaf.att.com com.test.TC_Cred1.@[user.name].cred_admin 
+
diff --git a/authz-test/TestSuite/TC_Cred1/15_create b/authz-test/TestSuite/TC_Cred1/15_create
new file mode 100644
index 00000000..c862d980
--- /dev/null
+++ b/authz-test/TestSuite/TC_Cred1/15_create
@@ -0,0 +1,33 @@
+# TC_Cred1.15.1.NEG Non-Admin, no permission user cannot create mechID
+as testunused@aaf.att.com
+expect 403
+user cred add m99990@@[user.name].TC_Cred1.test.com password123
+
+# TC_Cred1.15.3.POS Non-Admin, with create permission user can create mechID
+as m99999@@[user.name].TC_Cred1.test.com
+expect 201
+user cred add m99990@@[user.name].TC_Cred1.test.com password123
+
+# TC_Cred1.15.10.NEG Non-Admin, no reset permission cannot reset mechID
+as testunused@aaf.att.com
+expect 403
+user cred reset m99990@@[user.name].TC_Cred1.test.com password123
+
+# TC_Cred1.15.11.POS Non-Admin, with reset permission can reset mechID
+as m99999@@[user.name].TC_Cred1.test.com:password123
+expect 200
+user cred reset m99990@@[user.name].TC_Cred1.test.com password123
+
+# TC_Cred1.15.12.POS Admin, without reset permission can reset Password
+as testid@aaf.att.com
+expect 200
+user cred reset m99990@@[user.name].TC_Cred1.test.com password123
+
+# TC_Cred1.15.15.POS Admin, without reset permission can reset mechID
+expect 200
+user cred reset m99990@@[user.name].TC_Cred1.test.com password123 1
+
+# TC_Cred1.15.20.POS Admin, delete
+expect 200
+user cred del m99990@@[user.name].TC_Cred1.test.com password123 1
+
diff --git a/authz-test/TestSuite/TC_Cred1/30_multiple_creds b/authz-test/TestSuite/TC_Cred1/30_multiple_creds
new file mode 100644
index 00000000..689225e2
--- /dev/null
+++ b/authz-test/TestSuite/TC_Cred1/30_multiple_creds
@@ -0,0 +1,69 @@
+# TC_Cred1.30.1.NEG Multiple options available to delete
+as XX@NS
+expect 201
+user cred add m99990@@[user.name].TC_Cred1.test.com pass23Word
+
+as testid@aaf.att.com
+expect 201
+user cred add m99990@@[user.name].TC_Cred1.test.com pass23worD
+
+# TC_Cred1.30.2.POS Succeeds when we choose last option
+expect 200
+user cred del m99990@@[user.name].TC_Cred1.test.com 2
+
+# TC_Cred1.30.10.POS Add another credential
+expect 201
+user cred add m99990@@[user.name].TC_Cred1.test.com password123
+
+# TC_Cred1.30.11.NEG Multiple options available to reset
+expect 300
+user cred reset m99990@@[user.name].TC_Cred1.test.com password123
+
+# TC_Cred1.30.12.NEG Fails when we choose a bad option
+expect 406
+user cred reset m99990@@[user.name].TC_Cred1.test.com password123 0 
+
+# TC_Cred1.30.13.POS Succeeds when we choose last option
+expect 200
+user cred reset m99990@@[user.name].TC_Cred1.test.com password123 2
+
+#TC_Cred1.30.30.NEG Fails when we don't have specific property
+expect 403
+user cred extend m99990@@[user.name].TC_Cred1.test.com 
+
+#### EXTENDS behavior ####
+#TC_Cred1.30.32.POS Setup Temp Role for Extend Permission
+expect 201
+as XX@NS
+role create com.test.TC_Cred1.@[user.name].extendTemp
+
+#TC_Cred1.30.33.POS Grant Extends Permission to Role
+expect 201
+perm grant com.att.aaf.password com.att extend com.test.TC_Cred1.@[user.name].extendTemp 
+
+#TC_Cred1.30.35.POS Add current User to Temp Role for Extend Permission
+expect 201
+role user add com.test.TC_Cred1.@[user.name].extendTemp XX@NS
+
+#TC_Cred1.30.36.POS Extend Password, expecting Single Response
+expect 200
+user cred extend m99990@@[user.name].TC_Cred1.test.com 1
+
+#TC_Cred1.30.39.POS Remove Role
+expect 200
+set force=true
+role delete com.test.TC_Cred1.@[user.name].extendTemp
+
+#### MULTI CLEANUP #####
+expect 200
+role list user m99990@@[user.name].TC_Cred1.test.com 
+
+# TC_Cred1.30.80.POS Delete all entries for this cred
+expect 200
+set force=true
+user cred del m99990@@[user.name].TC_Cred1.test.com 
+
+# TC_Cred1.30.99.POS List ns shows no creds attached
+expect 200
+ns list name com.test.TC_Cred1.@[user.name]
+
diff --git a/authz-test/TestSuite/TC_Cred1/99_cleanup b/authz-test/TestSuite/TC_Cred1/99_cleanup
new file mode 100644
index 00000000..3af41749
--- /dev/null
+++ b/authz-test/TestSuite/TC_Cred1/99_cleanup
@@ -0,0 +1,29 @@
+as testid@aaf.att.com
+# TC_Cred1.99.1.POS Delete credentials
+expect 200,404
+force user cred del m99990@@[user.name].TC_Cred1.test.com 
+
+#TC_Cred1.99.2.POS Ensure Remove Role 
+expect 200,404
+set force=true 
+role delete com.test.TC_Cred1.@[user.name].extendTemp
+
+# TC_Cred1.99.10.POS Remove ability to create creds
+force user role del testid@aaf.att.com com.test.TC_Cred1.@[user.name].cred_admin
+
+as XX@NS
+perm ungrant com.att.aaf.mechid com.att create com.test.TC_Cred1.@[user.name].cred_admin
+force perm delete com.att.aaf.password com.test reset
+force perm delete com.att.aaf.mechid com.test create
+
+as testid@aaf.att.com
+force role delete com.test.TC_Cred1.@[user.name].cred_admin
+force role delete com.test.TC_Cred1.@[user.name].pw_reset
+
+# TC_Cred1.99.99.POS Delete Namespace for TestSuite 
+set force=true ns delete com.test.TC_Cred1.@[user.name] 
+
+as XX@NS
+force ns delete com.test.TC_Cred1.@[user.name]
+force ns delete com.test.TC_Cred1
+
diff --git a/authz-test/TestSuite/TC_Cred1/Description b/authz-test/TestSuite/TC_Cred1/Description
new file mode 100644
index 00000000..59af5e1d
--- /dev/null
+++ b/authz-test/TestSuite/TC_Cred1/Description
@@ -0,0 +1,16 @@
+This Testcase Tests the essentials of User Credentials
+
+APIs:	
+   POST /auth/cred
+   PUT /auth/cred
+   DELETE /auth/cred
+
+
+CLI:
+   Target
+	user addCred :user :password
+	user delCred :user 
+   Ancillary
+	ns create 
+	ns delete 
+