8 files changed, 192 insertions, 0 deletions
diff --git a/authz-test/TestSuite/TC_UR1/00_ids b/authz-test/TestSuite/TC_UR1/00_ids
new file mode 100644
index 00000000..7fb0e054
--- /dev/null
+++ b/authz-test/TestSuite/TC_UR1/00_ids
@@ -0,0 +1,8 @@
+expect 0
+set testid@aaf.att.com=<pass>
+set testunused@aaf.att.com=<pass>
+set XX@NS=<pass>
+set bogus=boguspass
+
+#delay 10
+set NFR=0
diff --git a/authz-test/TestSuite/TC_UR1/10_init b/authz-test/TestSuite/TC_UR1/10_init
new file mode 100644
index 00000000..3709b5be
--- /dev/null
+++ b/authz-test/TestSuite/TC_UR1/10_init
@@ -0,0 +1,31 @@
+as testid@aaf.att.com
+# TC_UR1.10.0.POS Validate no NS
+expect 200
+ns list name com.test.TC_UR1.@[user.name] 
+
+# TC_UR1.10.1.POS Create Namespace to add IDs
+expect 201
+ns create com.test.TC_UR1.@[user.name] @[user.name] testid@aaf.att.com
+
+# TC_Role1.10.10.POS Create role to assign mechid perm to
+expect 201
+role create com.test.TC_UR1.@[user.name].cred_admin
+
+as XX@NS
+# TC_Role1.10.11.POS Assign role to mechid perm
+expect 201
+perm grant com.att.aaf.mechid com.att create com.test.TC_UR1.@[user.name].cred_admin
+
+as testid@aaf.att.com
+# TC_Role1.10.12.POS Assign user for creating creds
+expect 201
+user role add testid@aaf.att.com com.test.TC_UR1.@[user.name].cred_admin
+
+# TC_UR1.10.20.POS Create two Credentials
+user cred add m00001@@[user.name].TC_UR1.test.com "abc123sd"
+user cred add m00002@@[user.name].TC_UR1.test.com "abc123sd"
+
+# TC_UR1.10.21.POS Create two Roles
+role create com.test.TC_UR1.@[user.name].r1
+role create com.test.TC_UR1.@[user.name].r2
+
diff --git a/authz-test/TestSuite/TC_UR1/23_commands b/authz-test/TestSuite/TC_UR1/23_commands
new file mode 100644
index 00000000..b5345714
--- /dev/null
+++ b/authz-test/TestSuite/TC_UR1/23_commands
@@ -0,0 +1,10 @@
+# TC_UR1.23.1.NEG Too Few Args for User Role 1
+expect 0
+user 
+
+# TC_UR1.23.2.NEG Too Few Args for user role
+expect Exception
+user role
+
+# TC_UR1.23.3.NEG Too Few Args for user role add
+user role add
diff --git a/authz-test/TestSuite/TC_UR1/30_userrole b/authz-test/TestSuite/TC_UR1/30_userrole
new file mode 100644
index 00000000..f4c514e5
--- /dev/null
+++ b/authz-test/TestSuite/TC_UR1/30_userrole
@@ -0,0 +1,53 @@
+# TC_UR1.30.10.POS Create a UserRole
+expect 201
+user role add m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1
+
+# TC_UR1.30.11.NEG Created UserRole Exists
+expect 409
+user role add m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1
+
+# TC_UR1.30.13.POS Delete UserRole 
+sleep @[NFR]
+expect 200
+user role del m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1
+
+
+# TC_UR1.30.20.POS Create multiple UserRoles
+expect 201
+user role add m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1,com.test.TC_UR1.@[user.name].r2
+
+# TC_UR1.30.21.NEG Created UserRole Exists
+expect 409
+user role add m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1,com.test.TC_UR1.@[user.name].r2
+
+# TC_UR1.30.23.POS Delete UserRole 
+sleep @[NFR]
+expect 200
+user role del m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1,com.test.TC_UR1.@[user.name].r2
+
+# TC_UR1.30.30.POS Create a Role User
+expect 201
+role user add com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com 
+
+# TC_UR1.30.31.NEG Created Role User Exists
+expect 409
+role user add com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com 
+
+# TC_UR1.30.33.POS Delete Role User
+sleep @[NFR]
+expect 200
+role user del com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com
+
+# TC_UR1.30.40.POS Create multiple Role Users
+expect 201
+role user add com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com,m00002@@[user.name].TC_UR1.test.com
+
+# TC_UR1.30.41.NEG Created Role User Exists
+expect 409
+role user add com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com,m00002@@[user.name].TC_UR1.test.com
+
+# TC_UR1.30.43.POS Delete Role Users 
+sleep @[NFR]
+expect 200
+role user del com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com,m00002@@[user.name].TC_UR1.test.com
+
diff --git a/authz-test/TestSuite/TC_UR1/40_reset b/authz-test/TestSuite/TC_UR1/40_reset
new file mode 100644
index 00000000..66f8c172
--- /dev/null
+++ b/authz-test/TestSuite/TC_UR1/40_reset
@@ -0,0 +1,40 @@
+# TC_UR1.40.10.POS Create multiple UserRoles
+expect 200
+user role setTo m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1,com.test.TC_UR1.@[user.name].r2
+
+# TC_UR1.40.11.POS Reset userrole for a user
+expect 200
+user role setTo m00001@@[user.name].TC_UR1.test.com
+
+# TC_UR1.40.12.NEG Create userrole where Role doesn't exist
+expect 404
+user role setTo m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r5
+
+# TC_UR1.40.13.NEG Create userrole where User doesn't exist
+expect 403
+user role setTo m99999@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1
+
+as testunused@aaf.att.com
+# TC_UR1.40.19.NEG User without permission tries to add userrole
+expect 403
+user role setTo m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1
+
+# TC_UR1.40.20.NEG User without permission tries to add userrole
+expect 403
+role user setTo com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com
+
+as testid@aaf.att.com
+# TC_UR1.40.22.POS Reset userrole for a user
+expect 200
+role user setTo com.test.TC_UR1.@[user.name].r1
+
+sleep @[NFR]
+# TC_UR1.40.23.NEG Create UserRole where Role doesn't exist
+expect 404
+role user setTo com.test.TC_UR1.@[user.name].r5 m00001@@[user.name].TC_UR1.test.com
+
+sleep @[NFR]
+# TC_UR1.40.24.NEG Create UserRole where User doesn't exist
+expect 403
+role user setTo com.test.TC_UR1.@[user.name].r1 m99999@@[user.name].TC_UR1.test.com
+
diff --git a/authz-test/TestSuite/TC_UR1/90_wait b/authz-test/TestSuite/TC_UR1/90_wait
new file mode 100644
index 00000000..91d890f0
--- /dev/null
+++ b/authz-test/TestSuite/TC_UR1/90_wait
@@ -0,0 +1,2 @@
+# Need to let DB catch up on deletes
+sleep @[NFR]
diff --git a/authz-test/TestSuite/TC_UR1/99_cleanup b/authz-test/TestSuite/TC_UR1/99_cleanup
new file mode 100644
index 00000000..c5e1caf5
--- /dev/null
+++ b/authz-test/TestSuite/TC_UR1/99_cleanup
@@ -0,0 +1,32 @@
+expect 200,404
+as testid@aaf.att.com
+
+# TC_UR1.99.1.POS Remove User from Role
+role user del com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com,m00002@@[user.name].TC_UR1.test.com 
+role user del com.test.TC_UR1.@[user.name].r2 m00001@@[user.name].TC_UR1.test.com,m00002@@[user.name].TC_UR1.test.com 
+role user setTo com.test.TC_UR1.@[user.name].r1
+
+# TC_UR1.99.2.POS Remove ability to create creds
+user role del testid@aaf.att.com com.test.TC_UR1.@[user.name].cred_admin
+
+as XX@NS
+perm ungrant com.att.aaf.mechid com.att create com.test.TC_UR1.@[user.name].cred_admin
+
+as testid@aaf.att.com
+role delete com.test.TC_UR1.@[user.name].cred_admin
+
+# TC_UR1.99.3.POS Delete Creds
+set force=true
+user cred del m00001@@[user.name].TC_UR1.test.com
+set force=true
+user cred del m00002@@[user.name].TC_UR1.test.com
+
+# TC_UR1.99.4.POS Delete Roles
+set force=true role delete com.test.TC_UR1.@[user.name].r1
+set force=true role delete com.test.TC_UR1.@[user.name].r2
+
+# TC_UR1.99.5.POS Delete Namespace 
+set force=true ns delete com.test.TC_UR1.@[user.name]
+
+# TC_UR1.99.99.POS Verify Cleaned NS
+ns list name com.test.TC_UR1.@[user.name]
diff --git a/authz-test/TestSuite/TC_UR1/Description b/authz-test/TestSuite/TC_UR1/Description
new file mode 100644
index 00000000..24180f49
--- /dev/null
+++ b/authz-test/TestSuite/TC_UR1/Description
@@ -0,0 +1,16 @@
+This Testcase Tests the essentials of User Credentials
+
+APIs:	
+   POST /auth/cred
+   PUT /auth/cred
+   DELETE /auth/cred
+
+
+CLI:
+   Target
+	user cred add :user :password
+	user cred del :user 
+   Ancillary
+	ns create 
+	ns delete 
+