7 files changed, 194 insertions, 0 deletions

diff --git a/authz-test/TestSuite/TC_NSdelete1/00_ids b/authz-test/TestSuite/TC_NSdelete1/00_ids
new file mode 100644
index 00000000..450818e0
--- /dev/null
+++ b/authz-test/TestSuite/TC_NSdelete1/00_ids
@@ -0,0 +1,10 @@
+expect 0
+set XX@NS=<pass>
+set testid@aaf.att.com=<pass>
+set testunused@aaf.att.com=<pass>
+set bogus@aaf.att.com=boguspass
+
+#delay 10
+set NFR=0
+
+
diff --git a/authz-test/TestSuite/TC_NSdelete1/10_init b/authz-test/TestSuite/TC_NSdelete1/10_init
new file mode 100644
index 00000000..7be6981c
--- /dev/null
+++ b/authz-test/TestSuite/TC_NSdelete1/10_init
@@ -0,0 +1,35 @@
+as testid@aaf.att.com
+# TC_NSdelete1.10.0.POS Check for Existing Data
+expect 200
+ns list name com.test.TC_NSdelete1.@[user.name].app
+ns list name com.test.force.@[user.name]
+ns list name com.@[user.name]
+
+as XX@NS
+# TC_NSdelete1.10.1.POS Create Namespaces with valid IDs and Responsible Parties
+expect 201
+ns create com.test.TC_NSdelete1.@[user.name].app @[user.name] testid@aaf.att.com
+ns create com.@[user.name] @[user.name] testid@aaf.att.com
+ns create com.test.force.@[user.name] @[user.name] testid@aaf.att.com
+ns create com.test.TC_NSdelete1.@[user.name] @[user.name] testid@aaf.att.com
+
+# TC_NSdelete1.10.2.POS Expect Namespace to be created
+expect 200
+ns list name com.test.TC_NSdelete1.@[user.name].app 
+ns list name com.test.TC_NSdelete1.@[user.name]
+ns list name com.@[user.name]
+ns list name com.test.force.@[user.name]
+
+# TC_NSdelete1.10.10.POS Create role to assign mechid perm to
+expect 201
+role create com.test.TC_NSdelete1.@[user.name].cred_admin
+
+# TC_NSdelete1.10.11.POS Assign role to mechid perm
+expect 201
+perm grant com.att.aaf.mechid com.att create com.test.TC_NSdelete1.@[user.name].cred_admin
+
+as testid@aaf.att.com
+# TC_NSdelete1.10.12.POS Assign user for creating creds
+expect 201
+user role add testid@aaf.att.com com.test.TC_NSdelete1.@[user.name].cred_admin
+
diff --git a/authz-test/TestSuite/TC_NSdelete1/20_DeleteApp b/authz-test/TestSuite/TC_NSdelete1/20_DeleteApp
new file mode 100644
index 00000000..519e135f
--- /dev/null
+++ b/authz-test/TestSuite/TC_NSdelete1/20_DeleteApp
@@ -0,0 +1,30 @@
+as testid@aaf.att.com
+# TC_NSdelete1.20.1.POS Create valid Role in my Namespace
+expect 201
+role create com.test.TC_NSdelete1.@[user.name].app.r.A
+
+# TC_NSdelete1.20.2.POS Create valid permission 
+expect 201
+perm create com.test.TC_NSdelete1.@[user.name].app.p.A myInstance myAction
+
+# TC_NSdelete1.20.3.POS Add credential to my namespace
+expect 201
+user cred add m99990@app.@[user.name].TC_NSdelete1.test.com password123
+
+# TC_NSdelete1.20.10.NEG Delete Program Should fail because of attached credential
+expect 424
+ns delete com.test.TC_NSdelete1.@[user.name].app
+
+# TC_NSdelete1.20.11.POS Delete Credential
+expect 200
+set force=true
+user cred del m99990@app.@[user.name].TC_NSdelete1.test.com
+
+# TC_NSdelete1.20.12.NEG Delete Program with role and permission attached
+expect 424
+ns delete com.test.TC_NSdelete1.@[user.name].app
+
+# TC_NSdelete1.20.20.POS Expect role and permission to move to parent ns
+expect 200
+set force=move ns list name com.test.TC_NSdelete1.@[user.name]
+
diff --git a/authz-test/TestSuite/TC_NSdelete1/30_DeleteCompany b/authz-test/TestSuite/TC_NSdelete1/30_DeleteCompany
new file mode 100644
index 00000000..6c69bb20
--- /dev/null
+++ b/authz-test/TestSuite/TC_NSdelete1/30_DeleteCompany
@@ -0,0 +1,42 @@
+as testid@aaf.att.com
+# TC_NSdelete1.30.1.POS Create valid Role in my Namespace
+expect 201
+role create com.@[user.name].r.A
+
+# TC_NSdelete1.30.2.NEG Delete Company with role attached
+expect 424
+ns delete com.@[user.name]
+
+# TC_NSdelete1.30.3.POS Namespace Admin can delete Namepace defined Roles
+expect 200
+role delete com.@[user.name].r.A
+
+# TC_NSdelete1.30.10.POS Create valid permission 
+expect 201
+perm create com.@[user.name].p.A myInstance myAction
+
+# TC_NSdelete1.30.11.NEG Delete Company with permission attached
+expect 424
+ns delete com.@[user.name]
+
+# TC_NSdelete1.30.12.POS Namespace Admin can delete Namepace defined Perms
+expect 200
+perm delete com.@[user.name].p.A myInstance myAction
+
+# TC_NSdelete1.30.20.POS Create valid Credential in my namespace 
+expect 201
+user cred add m99990@@[user.name].com password123
+
+# TC_NSdelete1.30.21.NEG Delete Company with credential attached
+expect 424
+ns delete com.@[user.name]
+
+# TC_NSdelete1.30.22.POS Namespace admin can remove Cred
+expect 200
+set force=true
+user cred del m99990@@[user.name].com
+
+# TC_NSdelete1.30.30.POS Delete Company with no roles or perms attached
+expect 200
+ns delete com.@[user.name]
+
diff --git a/authz-test/TestSuite/TC_NSdelete1/40_ForceDelete b/authz-test/TestSuite/TC_NSdelete1/40_ForceDelete
new file mode 100644
index 00000000..c4ae2bb7
--- /dev/null
+++ b/authz-test/TestSuite/TC_NSdelete1/40_ForceDelete
@@ -0,0 +1,26 @@
+# TC_NSdelete1.40.1.POS Create valid Role in my Namespace

+expect 201

+role create com.test.force.@[user.name].r.A

+

+# TC_NSdelete1.40.2.POS Create valid permission in my Namespace

+expect 201

+perm create com.test.force.@[user.name].p.A myInstance myAction

+

+# TC_NSdelete1.40.3.POS Add credential to my namespace

+expect 201

+user cred add m99990@@[user.name].force.test.com password123

+

+# TC_NSdelete1.40.10.POS Delete Program in my Namespace

+expect 200

+set force=true ns delete com.test.force.@[user.name]

+

+sleep @[NFR]

+# TC_NSdelete1.40.20.NEG Role and permission should not exist

+expect 200,404

+ns list name com.test.force.@[user.name]

+

+# TC_NSdelete1.40.22.NEG Credential should not exist

+expect 404

+set force=true

+user cred del m99990@@[user.name].force.test.com

+

diff --git a/authz-test/TestSuite/TC_NSdelete1/99_cleanup b/authz-test/TestSuite/TC_NSdelete1/99_cleanup
new file mode 100644
index 00000000..cb97bc03
--- /dev/null
+++ b/authz-test/TestSuite/TC_NSdelete1/99_cleanup
@@ -0,0 +1,36 @@
+expect 200,404
+as testid@aaf.att.com
+
+# TC_NSdelete1.99.1.POS Namespace Admin can delete Namepace defined Roles
+role delete com.test.TC_NSdelete1.@[user.name].app.r.A
+
+# TC_NSdelete1.99.2.POS Namespace Admin can delete Namepace defined Roles
+perm delete com.test.TC_NSdelete1.@[user.name].app.p.A myInstance myAction
+
+# TC_NSdelete1.99.3.POS Namespace Admin can remove Namepace defined Credentials
+set force=true user cred del m99990@@app.[user.name].TC_NSdelete1.test.com
+
+# TC_NSdelete1.99.10.POS Remove ability to create creds
+user role del testid@aaf.att.com com.test.TC_NSdelete1.@[user.name].cred_admin
+
+as XX@NS
+perm ungrant com.att.aaf.mechid com.att create com.test.TC_NSdelete1.@[user.name].cred_admin
+
+as testid@aaf.att.com
+set force=true role delete com.test.TC_NSdelete1.@[user.name].cred_admin
+
+# TC_NSdelete1.99.97.POS Clean Namespace
+set force=true ns delete com.test.TC_NSdelete1.@[user.name].app
+set force=true ns delete com.test.TC_NSdelete1.@[user.name]
+set force=true ns delete com.test.force.@[user.name]
+
+# TC_NSdelete1.99.98.POS Check Clean Namespace
+ns list name com.test.TC_NSdelete1.@[user.name].app
+ns list name com.test.TC_NSdelete1.@[user.name]
+ns list name com.test.force.@[user.name]
+
+# TC_NSdelete1.99.99.POS Clean and check Company Namespace
+as XX@NS
+set force=true ns delete com.@[user.name]
+ns list name com.@[user.name]
+
diff --git a/authz-test/TestSuite/TC_NSdelete1/Description b/authz-test/TestSuite/TC_NSdelete1/Description
new file mode 100644
index 00000000..be99e94f
--- /dev/null
+++ b/authz-test/TestSuite/TC_NSdelete1/Description
@@ -0,0 +1,15 @@
+This Testcase Tests the deletion of a Namespace with attached roles and permissions
+
+APIs:	POST /authz/ns
+	DELETE /authz/ns/:ns
+	GET /authz/roles/:role (where Role is NS + "*")
+
+CLI:
+   Target
+	ns create :ns :responsibleParty :admins
+	ns delete :ns
+	ns list :ns
+   Ancillary
+	role create :role
+	role list name :role.*
+