diff options
Diffstat (limited to 'authz-test/TestSuite/TC_NS2')
| -rw-r--r-- | authz-test/TestSuite/TC_NS2/00_ids | 10 | ||||
| -rw-r--r-- | authz-test/TestSuite/TC_NS2/10_init | 71 | ||||
| -rw-r--r-- | authz-test/TestSuite/TC_NS2/20_add_data | 18 | ||||
| -rw-r--r-- | authz-test/TestSuite/TC_NS2/40_viewByName | 31 | ||||
| -rw-r--r-- | authz-test/TestSuite/TC_NS2/41_viewByAdmin | 20 | ||||
| -rw-r--r-- | authz-test/TestSuite/TC_NS2/99_cleanup | 27 | ||||
| -rw-r--r-- | authz-test/TestSuite/TC_NS2/Description | 7 |
7 files changed, 184 insertions, 0 deletions
diff --git a/authz-test/TestSuite/TC_NS2/00_ids b/authz-test/TestSuite/TC_NS2/00_ids new file mode 100644 index 00000000..450818e0 --- /dev/null +++ b/authz-test/TestSuite/TC_NS2/00_ids @@ -0,0 +1,10 @@ +expect 0 +set XX@NS=<pass> +set testid@aaf.att.com=<pass> +set testunused@aaf.att.com=<pass> +set bogus@aaf.att.com=boguspass + +#delay 10 +set NFR=0 + + diff --git a/authz-test/TestSuite/TC_NS2/10_init b/authz-test/TestSuite/TC_NS2/10_init new file mode 100644 index 00000000..73b2cc78 --- /dev/null +++ b/authz-test/TestSuite/TC_NS2/10_init @@ -0,0 +1,71 @@ + +as testid@aaf.att.com +# TC_NS2.10.0.POS Check for Existing Data +expect 200 +ns list name com.test.TC_NS2.@[user.name] + +# TC_NS2.10.1.POS Create Namespace with valid IDs and Responsible Parties +expect 201 +ns create com.test.TC_NS2.@[user.name] @[user.name] testid@aaf.att.com +ns create com.test.TC_NS2.@[user.name].project @[user.name] testunused@aaf.att.com + +# TC_NS2.10.10.POS Create role to assign mechid perm to +expect 201 +role create com.test.TC_NS2.@[user.name].cred_admin testid@aaf.att.com + +as XX@NS:<pass> +# TC_NS2.10.11.POS Assign role to mechid perm +expect 201 +perm grant com.att.aaf.mechid com.att create com.test.TC_NS2.@[user.name].cred_admin + + +as testid@aaf.att.com +# TC_NS2.10.70.POS Expect Namespace to be created +expect 200 +ns list name com.test.TC_NS2.@[user.name] + +as testid@aaf.att.com +# TC_NS2.10.70.POS Expect Namespace to be created +expect 200 +perm list role com.test.TC_NS2.@[user.name].admin + +as testid@aaf.att.com +# TC_NS2.10.70.POS Expect Namespace to be created +expect 200 +perm list role com.test.TC_NS2.@[user.name].owner + +as testid@aaf.att.com +# TC_NS2.10.70.POS Expect Namespace to be created +expect 200 +role list perm com.test.TC_NS2.@[user.name].access * * + +as testid@aaf.att.com +# TC_NS2.10.70.POS Expect Namespace to be created +expect 200 +role list perm com.test.TC_NS2.@[user.name].access * read + +as testid@aaf.att.com +# TC_NS2.10.80.POS Expect Namespace to be created +expect 200 +ns list name com.test.TC_NS2.@[user.name].project + +as testid@aaf.att.com +# TC_NS2.10.80.POS Expect Namespace to be created +expect 200 +perm list role com.test.TC_NS2.@[user.name].project.admin + +as testid@aaf.att.com +# TC_NS2.10.80.POS Expect Namespace to be created +expect 200 +perm list role com.test.TC_NS2.@[user.name].project.owner + +as testid@aaf.att.com +# TC_NS2.10.80.POS Expect Namespace to be created +expect 200 +role list perm com.test.TC_NS2.@[user.name].project.access * * + +as testid@aaf.att.com +# TC_NS2.10.80.POS Expect Namespace to be created +expect 200 +role list perm com.test.TC_NS2.@[user.name].project.access * read + diff --git a/authz-test/TestSuite/TC_NS2/20_add_data b/authz-test/TestSuite/TC_NS2/20_add_data new file mode 100644 index 00000000..ef5e11ea --- /dev/null +++ b/authz-test/TestSuite/TC_NS2/20_add_data @@ -0,0 +1,18 @@ +as testid@aaf.att.com +# TC_NS2.20.1.POS Create roles +expect 201 +role create com.test.TC_NS2.@[user.name].watcher +role create com.test.TC_NS2.@[user.name].myRole + +# TC_NS2.20.2.POS Create permissions +perm create com.test.TC_NS2.@[user.name].myType myInstance myAction +perm create com.test.TC_NS2.@[user.name].myType * * + +# TC_NS2.20.3.POS Create mechid +user cred add m99990@@[user.name].TC_NS2.test.com password123 + +as XX@NS +# TC_NS2.20.10.POS Grant view perms to watcher role +expect 201 +perm create com.att.aaf.ns :com.test.TC_NS2.@[user.name]:ns read com.test.TC_NS2.@[user.name].watcher + diff --git a/authz-test/TestSuite/TC_NS2/40_viewByName b/authz-test/TestSuite/TC_NS2/40_viewByName new file mode 100644 index 00000000..6539acc7 --- /dev/null +++ b/authz-test/TestSuite/TC_NS2/40_viewByName @@ -0,0 +1,31 @@ + +as testunused@aaf.att.com +# TC_NS2.40.1.NEG Non-admin, not granted user should not view +expect 403 +ns list name com.test.TC_NS2.@[user.name] + +as testid@aaf.att.com +# Tens test user granted to permission +# TC_NS2.40.10.POS Add user to watcher role +expect 201 +user role add testunused@aaf.att.com com.test.TC_NS2.@[user.name].watcher + +as testunused@aaf.att.com +# TC_NS2.40.11.POS Non-admin, granted user should view +expect 200 +ns list name com.test.TC_NS2.@[user.name] + +as testid@aaf.att.com +# TC_NS2.40.19.POS Remove user from watcher role +expect 200 +user role del testunused@aaf.att.com com.test.TC_NS2.@[user.name].watcher + +# Thirties test admin user +# TC_NS2.40.20.POS Admin should be able to view +expect 200 +ns list name com.test.TC_NS2.@[user.name] + +# TC_NS2.40.21.POS Admin of parent NS should be able to view +expect 200 +ns list name com.test.TC_NS2.@[user.name].project + diff --git a/authz-test/TestSuite/TC_NS2/41_viewByAdmin b/authz-test/TestSuite/TC_NS2/41_viewByAdmin new file mode 100644 index 00000000..ad15e9d9 --- /dev/null +++ b/authz-test/TestSuite/TC_NS2/41_viewByAdmin @@ -0,0 +1,20 @@ +# TC_NS2.41.10.POS List by User when Same as Caller +as testunused@aaf.att.com +expect 200 +ns list admin testunused@aaf.att.com + +# TC_NS2.41.15.POS List by User when not same as Caller, but own/admin namespace of Roles +as testid@aaf.att.com +expect 200 +ns list admin testunused@aaf.att.com + +# TC_NS2.41.20.POS List by User when not same as Caller, but parent owner of Namespace +as XX@NS +expect 200 +ns list admin testunused@aaf.att.com + +# TC_NS2.41.80.NEG List by User when not Caller nor associated to Namespace +as testunused@aaf.att.com +expect 200 +ns list admin XX@NS + diff --git a/authz-test/TestSuite/TC_NS2/99_cleanup b/authz-test/TestSuite/TC_NS2/99_cleanup new file mode 100644 index 00000000..24d16d3a --- /dev/null +++ b/authz-test/TestSuite/TC_NS2/99_cleanup @@ -0,0 +1,27 @@ +expect 200,404 +as testid@aaf.att.com + +# TC_NS2.99.1.POS Namespace Admin can delete Namepace defined Roles & Perms +role delete com.test.TC_NS2.@[user.name].myRole +role delete com.test.TC_NS2.@[user.name].watcher +perm delete com.test.TC_NS2.@[user.name].myType myInstance myAction +perm delete com.test.TC_NS2.@[user.name].myType * * +user cred del m99990@@[user.name].TC_NS2.test.com + +as XX@NS +force perm delete com.att.aaf.ns :com.test.TC_NS2.@[user.name]:ns read + +# TC_NS2.99.15.POS Remove ability to create creds +perm ungrant com.att.aaf.mechid com.att create com.test.TC_NS2.@[user.name].cred_admin + +as testid@aaf.att.com:<pass> +force role delete com.test.TC_NS2.@[user.name].cred_admin + +# TC_NS2.99.90.POS Namespace Admin can delete Namespace +force ns delete com.test.TC_NS2.@[user.name].project +force ns delete com.test.TC_NS2.@[user.name] +sleep @[NFR] + +# TC_NS2.99.99.POS Check Clean Namespace +ns list name com.test.TC_NS2.@[user.name] + diff --git a/authz-test/TestSuite/TC_NS2/Description b/authz-test/TestSuite/TC_NS2/Description new file mode 100644 index 00000000..40f2b6c4 --- /dev/null +++ b/authz-test/TestSuite/TC_NS2/Description @@ -0,0 +1,7 @@ +This Testcase Tests the viewability of different ns commands + +APIs: + +CLI: + + |