diff options
author | sg481n <sg481n@att.com> | 2017-08-03 17:27:34 -0400 |
---|---|---|
committer | sg481n <sg481n@att.com> | 2017-08-03 17:27:34 -0400 |
commit | 43854a9e3310ff7a92257d16c4fc0a8321eaec68 (patch) | |
tree | 46af936c5da4f9c60d7d63dade5c61a8fd5ef9f4 /authz-test/TestSuite/TC_Perm3 | |
parent | f691a8b8dfc9eea4c6b3bfa45ea60f07ad347e69 (diff) |
[AAF-21] Initial code import
Change-Id: I63d7d499bbd46f500b5f5a4db966166f613f327a
Signed-off-by: sg481n <sg481n@att.com>
Diffstat (limited to 'authz-test/TestSuite/TC_Perm3')
-rw-r--r-- | authz-test/TestSuite/TC_Perm3/00_ids | 10 | ||||
-rw-r--r-- | authz-test/TestSuite/TC_Perm3/10_init | 16 | ||||
-rw-r--r-- | authz-test/TestSuite/TC_Perm3/20_innerGrants | 29 | ||||
-rw-r--r-- | authz-test/TestSuite/TC_Perm3/30_outerGrants | 23 | ||||
-rw-r--r-- | authz-test/TestSuite/TC_Perm3/99_cleanup | 22 | ||||
-rw-r--r-- | authz-test/TestSuite/TC_Perm3/Description | 13 |
6 files changed, 113 insertions, 0 deletions
diff --git a/authz-test/TestSuite/TC_Perm3/00_ids b/authz-test/TestSuite/TC_Perm3/00_ids new file mode 100644 index 00000000..ad09d774 --- /dev/null +++ b/authz-test/TestSuite/TC_Perm3/00_ids @@ -0,0 +1,10 @@ +expect 0 +set XX@NS=<pass> +set testid@aaf.att.com=<pass> +set testunused@aaf.att.com=<pass> +set testid_1@test.com=<pass> +set testid_2@test.com=<pass> +set bogus=boguspass + +#delay 10 +set NFR=0 diff --git a/authz-test/TestSuite/TC_Perm3/10_init b/authz-test/TestSuite/TC_Perm3/10_init new file mode 100644 index 00000000..f8e2ebf1 --- /dev/null +++ b/authz-test/TestSuite/TC_Perm3/10_init @@ -0,0 +1,16 @@ +as XX@NS +# TC_Perm3.10.0.POS Print NS to prove ok +expect 200 +ns list name com.test.TC_Perm3.@[user.name] + +# TC_Perm3.10.1.POS Create Namespace with User ID +expect 201 +ns create com.test.TC_Perm3.@[user.name]_1 @[user.name] testid_1@test.com + +# TC_Perm3.10.2.POS Create Namespace with Different ID +expect 201 +ns create com.test.TC_Perm3.@[user.name]_2 @[user.name] testid_2@test.com + +# TC_Perm3.10.3.POS Create Namespace in Different Company +expect 201 +ns create com.att.TC_Perm3.@[user.name] @[user.name] testunused@aaf.att.com diff --git a/authz-test/TestSuite/TC_Perm3/20_innerGrants b/authz-test/TestSuite/TC_Perm3/20_innerGrants new file mode 100644 index 00000000..4f6482cd --- /dev/null +++ b/authz-test/TestSuite/TC_Perm3/20_innerGrants @@ -0,0 +1,29 @@ +as testid_1@test.com + +# TC_Perm3.20.0.POS User1 Create a Perm +expect 201 +perm create com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction + +# TC_Perm3.20.5.NEG User1 should not be able to create Role in other group +expect 403 +role create com.test.TC_Perm3.@[user.name]_2.dev.myRole_a + +# TC_Perm3.20.6.POS User2 should be able to create Role in own group +as testid_2@test.com +expect 201 +role create com.test.TC_Perm3.@[user.name]_2.dev.myRole_a + +# TC_Perm3.20.7.NEG User2 should not be able to grant Perm to own Role +expect 403 +perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction com.test.TC_Perm3.@[user.name]_2.dev.myRole_a + +# TC_Perm3.20.8.NEG User2 cannot create Role in NS 2 +as testid_2@test.com +expect 403 +perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction com.test.TC_Perm3.@[user.name]_2.dev.myRole_a + +# TC_Perm3.20.9.POS Role created, but can't grant... has to be testid_1 +expect 201 +as testid_1@test.com +perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction com.test.TC_Perm3.@[user.name]_2.dev.myRole_a + diff --git a/authz-test/TestSuite/TC_Perm3/30_outerGrants b/authz-test/TestSuite/TC_Perm3/30_outerGrants new file mode 100644 index 00000000..ca2f7c53 --- /dev/null +++ b/authz-test/TestSuite/TC_Perm3/30_outerGrants @@ -0,0 +1,23 @@ +# TC_Perm3.30.0.POS User1 Create a Perm +as testid_1@test.com +expect 201 +perm create com.test.TC_Perm3.@[user.name]_1.dev.myPerm_b myInstance myAction + +# TC_Perm3.30.5.NEG User1 should not be able to create Role in other group +expect 403 +role create com.test.TC_Perm3.@[user.name]_2.dev.myRole_b + +# TC_Perm3.30.6.POS User2 should be able to create Role in own group +as testunused@aaf.att.com +expect 201 +role create com.att.TC_Perm3.@[user.name].dev.myRole_b + +# TC_Perm3.30.7.NEG User2 should not be able to grant Perm to own Role +expect 403 +perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_b myInstance myAction com.att.TC_Perm3.@[user.name].dev.myRole_b + +# TC_Perm3.30.8.POS User should be able to grant cross company only Double Perm +as testid_1@test.com +expect 403 +perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_b myInstance myAction com.att.TC_Perm3.@[user.name].dev.myRole_b + diff --git a/authz-test/TestSuite/TC_Perm3/99_cleanup b/authz-test/TestSuite/TC_Perm3/99_cleanup new file mode 100644 index 00000000..89b20783 --- /dev/null +++ b/authz-test/TestSuite/TC_Perm3/99_cleanup @@ -0,0 +1,22 @@ +expect 200,404 +as testid_1@test.com +# TC_Perm3.99.2.POS Namespace Admin can delete Namespace +force ns delete com.test.TC_Perm3.@[user.name]_1 + +# TC_Perm3.99.3.POS Print Namespaces +ns list name com.test.TC_Perm3.@[user.name]_1 + +as testid_2@test.com +# TC_Perm3.99.4.POS Namespace Admin can delete Namespace +force ns delete com.test.TC_Perm3.@[user.name]_2 + +# TC_Perm3.99.5.POS Print Namespaces +ns list name com.test.TC_Perm3.@[user.name]_2 + + +as testunused@aaf.att.com +# TC_Perm3.99.6.POS Remove Namespace from other company +force ns delete com.att.TC_Perm3.@[user.name] + +# TC_Perm3.99.7.POS Print Namespace from other company +ns list name com.att.TC_Perm3.@[user.name] diff --git a/authz-test/TestSuite/TC_Perm3/Description b/authz-test/TestSuite/TC_Perm3/Description new file mode 100644 index 00000000..9f572aa2 --- /dev/null +++ b/authz-test/TestSuite/TC_Perm3/Description @@ -0,0 +1,13 @@ +This is a targeted Test Case specifically to cover Inner and Outer Granting. + +APIs: + + +CLI: +ns create +ns delete +perm create +perm grant +role create +as + |