diff options
Diffstat (limited to 'authz-test/TestSuite/expected/TC_Perm3.expected')
-rw-r--r-- | authz-test/TestSuite/expected/TC_Perm3.expected | 136 |
1 files changed, 136 insertions, 0 deletions
diff --git a/authz-test/TestSuite/expected/TC_Perm3.expected b/authz-test/TestSuite/expected/TC_Perm3.expected new file mode 100644 index 00000000..6cdf2297 --- /dev/null +++ b/authz-test/TestSuite/expected/TC_Perm3.expected @@ -0,0 +1,136 @@ +set XX@NS <pass> +set testid@aaf.att.com <pass> +set testunused@aaf.att.com <pass> +set testid_1@test.com <pass> +set testid_2@test.com <pass> +set bogus boguspass +#delay 10 +set NFR 0 +as XX@NS +# TC_Perm3.10.0.POS Print NS to prove ok +ns list name com.test.TC_Perm3.@[user.name] +** Expect 200 ** + +List Namespaces by Name[com.test.TC_Perm3.@[THE_USER]] +-------------------------------------------------------------------------------- + *** Namespace Not Found *** + +# TC_Perm3.10.1.POS Create Namespace with User ID +ns create com.test.TC_Perm3.@[user.name]_1 @[user.name] testid_1@test.com +** Expect 201 ** +Created Namespace + +# TC_Perm3.10.2.POS Create Namespace with Different ID +ns create com.test.TC_Perm3.@[user.name]_2 @[user.name] testid_2@test.com +** Expect 201 ** +Created Namespace + +# TC_Perm3.10.3.POS Create Namespace in Different Company +ns create com.att.TC_Perm3.@[user.name] @[user.name] testunused@aaf.att.com +** Expect 201 ** +Created Namespace + +as testid_1@test.com +# TC_Perm3.20.0.POS User1 Create a Perm +perm create com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction +** Expect 201 ** +Created Permission + +# TC_Perm3.20.5.NEG User1 should not be able to create Role in other group +role create com.test.TC_Perm3.@[user.name]_2.dev.myRole_a +** Expect 403 ** +Failed [SVC1403]: Forbidden - [testid_1@test.com] may not write Role [com.test.TC_Perm3.@[THE_USER]_2.dev.myRole_a] + +# TC_Perm3.20.6.POS User2 should be able to create Role in own group +as testid_2@test.com +role create com.test.TC_Perm3.@[user.name]_2.dev.myRole_a +** Expect 201 ** +Created Role + +# TC_Perm3.20.7.NEG User2 should not be able to grant Perm to own Role +perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction com.test.TC_Perm3.@[user.name]_2.dev.myRole_a +** Expect 403 ** +Failed [SVC1403]: Forbidden - [testid_2@test.com] may not write Perm [com.test.TC_Perm3.@[THE_USER]_1.dev.myPerm_a|myInstance|myAction] + +# TC_Perm3.20.8.NEG User2 cannot create Role in NS 2 +as testid_2@test.com +perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction com.test.TC_Perm3.@[user.name]_2.dev.myRole_a +** Expect 403 ** +Failed [SVC1403]: Forbidden - [testid_2@test.com] may not write Perm [com.test.TC_Perm3.@[THE_USER]_1.dev.myPerm_a|myInstance|myAction] + +# TC_Perm3.20.9.POS Role created, but can't grant... has to be testid_1 +as testid_1@test.com +perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction com.test.TC_Perm3.@[user.name]_2.dev.myRole_a +** Expect 201 ** +Granted Permission [com.test.TC_Perm3.@[THE_USER]_1.dev.myPerm_a|myInstance|myAction] to Role [com.test.TC_Perm3.@[THE_USER]_2.dev.myRole_a] + +# TC_Perm3.30.0.POS User1 Create a Perm +as testid_1@test.com +perm create com.test.TC_Perm3.@[user.name]_1.dev.myPerm_b myInstance myAction +** Expect 201 ** +Created Permission + +# TC_Perm3.30.5.NEG User1 should not be able to create Role in other group +role create com.test.TC_Perm3.@[user.name]_2.dev.myRole_b +** Expect 403 ** +Failed [SVC1403]: Forbidden - [testid_1@test.com] may not write Role [com.test.TC_Perm3.@[THE_USER]_2.dev.myRole_b] + +# TC_Perm3.30.6.POS User2 should be able to create Role in own group +as testunused@aaf.att.com +role create com.att.TC_Perm3.@[user.name].dev.myRole_b +** Expect 201 ** +Created Role + +# TC_Perm3.30.7.NEG User2 should not be able to grant Perm to own Role +perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_b myInstance myAction com.att.TC_Perm3.@[user.name].dev.myRole_b +** Expect 403 ** +Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not write Perm [com.test.TC_Perm3.@[THE_USER]_1.dev.myPerm_b|myInstance|myAction] + +# TC_Perm3.30.8.POS User should be able to grant cross company only Double Perm +as testid_1@test.com +perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_b myInstance myAction com.att.TC_Perm3.@[user.name].dev.myRole_b +** Expect 403 ** +Failed [SVC1403]: Forbidden - [testid_1@test.com] may not write Role [com.att.TC_Perm3.@[THE_USER].dev.myRole_b] + +as testid_1@test.com +# TC_Perm3.99.2.POS Namespace Admin can delete Namespace +force ns delete com.test.TC_Perm3.@[user.name]_1 +** Expect 200,404 ** +Deleted Namespace + +# TC_Perm3.99.3.POS Print Namespaces +ns list name com.test.TC_Perm3.@[user.name]_1 +** Expect 200,404 ** + +List Namespaces by Name[com.test.TC_Perm3.@[THE_USER]_1] +-------------------------------------------------------------------------------- + *** Namespace Not Found *** + +as testid_2@test.com +# TC_Perm3.99.4.POS Namespace Admin can delete Namespace +force ns delete com.test.TC_Perm3.@[user.name]_2 +** Expect 200,404 ** +Deleted Namespace + +# TC_Perm3.99.5.POS Print Namespaces +ns list name com.test.TC_Perm3.@[user.name]_2 +** Expect 200,404 ** + +List Namespaces by Name[com.test.TC_Perm3.@[THE_USER]_2] +-------------------------------------------------------------------------------- + *** Namespace Not Found *** + +as testunused@aaf.att.com +# TC_Perm3.99.6.POS Remove Namespace from other company +force ns delete com.att.TC_Perm3.@[user.name] +** Expect 200,404 ** +Deleted Namespace + +# TC_Perm3.99.7.POS Print Namespace from other company +ns list name com.att.TC_Perm3.@[user.name] +** Expect 200,404 ** + +List Namespaces by Name[com.att.TC_Perm3.@[THE_USER]] +-------------------------------------------------------------------------------- + *** Namespace Not Found *** + |