summaryrefslogtreecommitdiffstats
path: root/authz-test/TestSuite/TC_NS2
diff options
context:
space:
mode:
authorsg481n <sg481n@att.com>2017-08-28 12:11:35 -0400
committersg481n <sg481n@att.com>2017-08-28 12:11:47 -0400
commitbd890c575163e4d87ac24198b9c68a39cf4bbc4d (patch)
tree2d6c5baa66d1df8f8c841d39646e93020ed203bc /authz-test/TestSuite/TC_NS2
parent72b21f2ac109b0d95fef3ef608c0c343337d4ce2 (diff)
Update project structure to org.onap.aaf
Update project structure of authz module in aaf from com.att to org.onap.aaf and add distribution management and repositories. Issue-id: AAF-21 Change-Id: Ia2486954e99f2bd60f18122ed60d32d5590781e9 Signed-off-by: sg481n <sg481n@att.com>
Diffstat (limited to 'authz-test/TestSuite/TC_NS2')
-rw-r--r--authz-test/TestSuite/TC_NS2/00_ids10
-rw-r--r--authz-test/TestSuite/TC_NS2/10_init71
-rw-r--r--authz-test/TestSuite/TC_NS2/20_add_data18
-rw-r--r--authz-test/TestSuite/TC_NS2/40_viewByName31
-rw-r--r--authz-test/TestSuite/TC_NS2/41_viewByAdmin20
-rw-r--r--authz-test/TestSuite/TC_NS2/99_cleanup27
-rw-r--r--authz-test/TestSuite/TC_NS2/Description7
7 files changed, 184 insertions, 0 deletions
diff --git a/authz-test/TestSuite/TC_NS2/00_ids b/authz-test/TestSuite/TC_NS2/00_ids
new file mode 100644
index 00000000..450818e0
--- /dev/null
+++ b/authz-test/TestSuite/TC_NS2/00_ids
@@ -0,0 +1,10 @@
+expect 0
+set XX@NS=<pass>
+set testid@aaf.att.com=<pass>
+set testunused@aaf.att.com=<pass>
+set bogus@aaf.att.com=boguspass
+
+#delay 10
+set NFR=0
+
+
diff --git a/authz-test/TestSuite/TC_NS2/10_init b/authz-test/TestSuite/TC_NS2/10_init
new file mode 100644
index 00000000..73b2cc78
--- /dev/null
+++ b/authz-test/TestSuite/TC_NS2/10_init
@@ -0,0 +1,71 @@
+
+as testid@aaf.att.com
+# TC_NS2.10.0.POS Check for Existing Data
+expect 200
+ns list name com.test.TC_NS2.@[user.name]
+
+# TC_NS2.10.1.POS Create Namespace with valid IDs and Responsible Parties
+expect 201
+ns create com.test.TC_NS2.@[user.name] @[user.name] testid@aaf.att.com
+ns create com.test.TC_NS2.@[user.name].project @[user.name] testunused@aaf.att.com
+
+# TC_NS2.10.10.POS Create role to assign mechid perm to
+expect 201
+role create com.test.TC_NS2.@[user.name].cred_admin testid@aaf.att.com
+
+as XX@NS:<pass>
+# TC_NS2.10.11.POS Assign role to mechid perm
+expect 201
+perm grant com.att.aaf.mechid com.att create com.test.TC_NS2.@[user.name].cred_admin
+
+
+as testid@aaf.att.com
+# TC_NS2.10.70.POS Expect Namespace to be created
+expect 200
+ns list name com.test.TC_NS2.@[user.name]
+
+as testid@aaf.att.com
+# TC_NS2.10.70.POS Expect Namespace to be created
+expect 200
+perm list role com.test.TC_NS2.@[user.name].admin
+
+as testid@aaf.att.com
+# TC_NS2.10.70.POS Expect Namespace to be created
+expect 200
+perm list role com.test.TC_NS2.@[user.name].owner
+
+as testid@aaf.att.com
+# TC_NS2.10.70.POS Expect Namespace to be created
+expect 200
+role list perm com.test.TC_NS2.@[user.name].access * *
+
+as testid@aaf.att.com
+# TC_NS2.10.70.POS Expect Namespace to be created
+expect 200
+role list perm com.test.TC_NS2.@[user.name].access * read
+
+as testid@aaf.att.com
+# TC_NS2.10.80.POS Expect Namespace to be created
+expect 200
+ns list name com.test.TC_NS2.@[user.name].project
+
+as testid@aaf.att.com
+# TC_NS2.10.80.POS Expect Namespace to be created
+expect 200
+perm list role com.test.TC_NS2.@[user.name].project.admin
+
+as testid@aaf.att.com
+# TC_NS2.10.80.POS Expect Namespace to be created
+expect 200
+perm list role com.test.TC_NS2.@[user.name].project.owner
+
+as testid@aaf.att.com
+# TC_NS2.10.80.POS Expect Namespace to be created
+expect 200
+role list perm com.test.TC_NS2.@[user.name].project.access * *
+
+as testid@aaf.att.com
+# TC_NS2.10.80.POS Expect Namespace to be created
+expect 200
+role list perm com.test.TC_NS2.@[user.name].project.access * read
+
diff --git a/authz-test/TestSuite/TC_NS2/20_add_data b/authz-test/TestSuite/TC_NS2/20_add_data
new file mode 100644
index 00000000..ef5e11ea
--- /dev/null
+++ b/authz-test/TestSuite/TC_NS2/20_add_data
@@ -0,0 +1,18 @@
+as testid@aaf.att.com
+# TC_NS2.20.1.POS Create roles
+expect 201
+role create com.test.TC_NS2.@[user.name].watcher
+role create com.test.TC_NS2.@[user.name].myRole
+
+# TC_NS2.20.2.POS Create permissions
+perm create com.test.TC_NS2.@[user.name].myType myInstance myAction
+perm create com.test.TC_NS2.@[user.name].myType * *
+
+# TC_NS2.20.3.POS Create mechid
+user cred add m99990@@[user.name].TC_NS2.test.com password123
+
+as XX@NS
+# TC_NS2.20.10.POS Grant view perms to watcher role
+expect 201
+perm create com.att.aaf.ns :com.test.TC_NS2.@[user.name]:ns read com.test.TC_NS2.@[user.name].watcher
+
diff --git a/authz-test/TestSuite/TC_NS2/40_viewByName b/authz-test/TestSuite/TC_NS2/40_viewByName
new file mode 100644
index 00000000..6539acc7
--- /dev/null
+++ b/authz-test/TestSuite/TC_NS2/40_viewByName
@@ -0,0 +1,31 @@
+
+as testunused@aaf.att.com
+# TC_NS2.40.1.NEG Non-admin, not granted user should not view
+expect 403
+ns list name com.test.TC_NS2.@[user.name]
+
+as testid@aaf.att.com
+# Tens test user granted to permission
+# TC_NS2.40.10.POS Add user to watcher role
+expect 201
+user role add testunused@aaf.att.com com.test.TC_NS2.@[user.name].watcher
+
+as testunused@aaf.att.com
+# TC_NS2.40.11.POS Non-admin, granted user should view
+expect 200
+ns list name com.test.TC_NS2.@[user.name]
+
+as testid@aaf.att.com
+# TC_NS2.40.19.POS Remove user from watcher role
+expect 200
+user role del testunused@aaf.att.com com.test.TC_NS2.@[user.name].watcher
+
+# Thirties test admin user
+# TC_NS2.40.20.POS Admin should be able to view
+expect 200
+ns list name com.test.TC_NS2.@[user.name]
+
+# TC_NS2.40.21.POS Admin of parent NS should be able to view
+expect 200
+ns list name com.test.TC_NS2.@[user.name].project
+
diff --git a/authz-test/TestSuite/TC_NS2/41_viewByAdmin b/authz-test/TestSuite/TC_NS2/41_viewByAdmin
new file mode 100644
index 00000000..ad15e9d9
--- /dev/null
+++ b/authz-test/TestSuite/TC_NS2/41_viewByAdmin
@@ -0,0 +1,20 @@
+# TC_NS2.41.10.POS List by User when Same as Caller
+as testunused@aaf.att.com
+expect 200
+ns list admin testunused@aaf.att.com
+
+# TC_NS2.41.15.POS List by User when not same as Caller, but own/admin namespace of Roles
+as testid@aaf.att.com
+expect 200
+ns list admin testunused@aaf.att.com
+
+# TC_NS2.41.20.POS List by User when not same as Caller, but parent owner of Namespace
+as XX@NS
+expect 200
+ns list admin testunused@aaf.att.com
+
+# TC_NS2.41.80.NEG List by User when not Caller nor associated to Namespace
+as testunused@aaf.att.com
+expect 200
+ns list admin XX@NS
+
diff --git a/authz-test/TestSuite/TC_NS2/99_cleanup b/authz-test/TestSuite/TC_NS2/99_cleanup
new file mode 100644
index 00000000..24d16d3a
--- /dev/null
+++ b/authz-test/TestSuite/TC_NS2/99_cleanup
@@ -0,0 +1,27 @@
+expect 200,404
+as testid@aaf.att.com
+
+# TC_NS2.99.1.POS Namespace Admin can delete Namepace defined Roles & Perms
+role delete com.test.TC_NS2.@[user.name].myRole
+role delete com.test.TC_NS2.@[user.name].watcher
+perm delete com.test.TC_NS2.@[user.name].myType myInstance myAction
+perm delete com.test.TC_NS2.@[user.name].myType * *
+user cred del m99990@@[user.name].TC_NS2.test.com
+
+as XX@NS
+force perm delete com.att.aaf.ns :com.test.TC_NS2.@[user.name]:ns read
+
+# TC_NS2.99.15.POS Remove ability to create creds
+perm ungrant com.att.aaf.mechid com.att create com.test.TC_NS2.@[user.name].cred_admin
+
+as testid@aaf.att.com:<pass>
+force role delete com.test.TC_NS2.@[user.name].cred_admin
+
+# TC_NS2.99.90.POS Namespace Admin can delete Namespace
+force ns delete com.test.TC_NS2.@[user.name].project
+force ns delete com.test.TC_NS2.@[user.name]
+sleep @[NFR]
+
+# TC_NS2.99.99.POS Check Clean Namespace
+ns list name com.test.TC_NS2.@[user.name]
+
diff --git a/authz-test/TestSuite/TC_NS2/Description b/authz-test/TestSuite/TC_NS2/Description
new file mode 100644
index 00000000..40f2b6c4
--- /dev/null
+++ b/authz-test/TestSuite/TC_NS2/Description
@@ -0,0 +1,7 @@
+This Testcase Tests the viewability of different ns commands
+
+APIs:
+
+CLI:
+
+