summaryrefslogtreecommitdiffstats
path: root/authz-test/TestSuite/expected
diff options
context:
space:
mode:
Diffstat (limited to 'authz-test/TestSuite/expected')
-rw-r--r--authz-test/TestSuite/expected/MTC_Appr1.expected144
-rw-r--r--authz-test/TestSuite/expected/MTC_Appr2.expected24
-rw-r--r--authz-test/TestSuite/expected/TC_Cred1.expected269
-rw-r--r--authz-test/TestSuite/expected/TC_DELG1.expected223
-rw-r--r--authz-test/TestSuite/expected/TC_Link.expected253
-rw-r--r--authz-test/TestSuite/expected/TC_NS1.expected327
-rw-r--r--authz-test/TestSuite/expected/TC_NS2.expected389
-rw-r--r--authz-test/TestSuite/expected/TC_NS3.expected192
-rw-r--r--authz-test/TestSuite/expected/TC_NSdelete1.expected362
-rw-r--r--authz-test/TestSuite/expected/TC_PW1.expected170
-rw-r--r--authz-test/TestSuite/expected/TC_Perm1.expected963
-rw-r--r--authz-test/TestSuite/expected/TC_Perm2.expected554
-rw-r--r--authz-test/TestSuite/expected/TC_Perm3.expected136
-rw-r--r--authz-test/TestSuite/expected/TC_Realm1.expected210
-rw-r--r--authz-test/TestSuite/expected/TC_Role1.expected369
-rw-r--r--authz-test/TestSuite/expected/TC_Role2.expected447
-rw-r--r--authz-test/TestSuite/expected/TC_UR1.expected266
-rw-r--r--authz-test/TestSuite/expected/TC_User1.expected485
-rw-r--r--authz-test/TestSuite/expected/TC_Wild.expected520
19 files changed, 0 insertions, 6303 deletions
diff --git a/authz-test/TestSuite/expected/MTC_Appr1.expected b/authz-test/TestSuite/expected/MTC_Appr1.expected
deleted file mode 100644
index 269f7317..00000000
--- a/authz-test/TestSuite/expected/MTC_Appr1.expected
+++ /dev/null
@@ -1,144 +0,0 @@
-set testid@aaf.att.com <pass>
-set XX@NS <pass>
-set testunused@aaf.att.com <pass>
-set bogus boguspass
-#delay 10
-set NFR 0
-as testid@aaf.att.com
-# TC_Appr1.10.0.POS List NS to prove ok
-ns list name com.test.appr
-** Expect 200 **
-
-List Namespaces by Name[com.test.appr]
---------------------------------------------------------------------------------
-
-ns list name com.test.appr.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.appr.@[THE_USER]]
---------------------------------------------------------------------------------
-
-# TC_Appr1.10.1.POS Create Personalized Namespace to add Approvals
-ns create com.test.appr.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-# TC_Appr1.10.2.POS Create General Namespace to add Approvals
-ns create com.test.appr @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-# TC_Appr1.10.10.POS Create Roles in Namespace
-role create com.test.appr.@[user.name].addToUserRole
-** Expect 201 **
-Created Role
-
-role create com.test.appr.@[user.name].grantToPerm
-** Expect 201 **
-Created Role
-
-role create com.test.appr.@[user.name].ungrantFromPerm
-** Expect 201 **
-Created Role
-
-role create com.test.appr.@[user.name].grantFirstPerm
-** Expect 201 **
-Created Role
-
-role create com.test.appr.@[user.name].grantSecondPerm
-** Expect 201 **
-Created Role
-
-# TC_Appr1.10.12.POS Create Permissions in Namespace
-perm create com.test.appr.@[user.name].ungrantFromRole myInstance myAction com.test.appr.@[user.name].ungrantFromPerm
-** Expect 201 **
-Created Permission
-Granted Permission [com.test.appr.@[THE_USER].ungrantFromRole|myInstance|myAction] to Role [com.test.appr.@[THE_USER].ungrantFromPerm]
-
-perm create com.test.appr.@[user.name].grantToRole myInstance myAction
-** Expect 201 **
-Created Permission
-
-force perm create com.test.appr.@[user.name].deleteThisPerm myInstance myAction com.test.appr.@[user.name].grantedRole
-** Expect 201 **
-Created Permission
-Granted Permission [com.test.appr.@[THE_USER].deleteThisPerm|myInstance|myAction] to Role [com.test.appr.@[THE_USER].grantedRole] (Created)
-
-perm create com.test.appr.@[user.name].grantTwoRoles myInstance myAction
-** Expect 201 **
-Created Permission
-
-perm create com.test.appr.@[user.name].ungrantTwoRoles myInstance myAction com.test.appr.@[user.name].grantFirstPerm,com.test.appr.@[user.name].grantSecondPerm
-** Expect 201 **
-Created Permission
-Granted Permission [com.test.appr.@[THE_USER].ungrantTwoRoles|myInstance|myAction] to Role [com.test.appr.@[THE_USER].grantFirstPerm]
-Granted Permission [com.test.appr.@[THE_USER].ungrantTwoRoles|myInstance|myAction] to Role [com.test.appr.@[THE_USER].grantSecondPerm]
-
-as testunused@aaf.att.com
-# TC_Appr1.15.01.NEG Create Future and Approvals with non-admin request
-user role add @[user.name]@@[user.name].appr.test.com com.test.appr.@[user.name].addToUserRole
-** Expect 403 **
-Failed [SVC2403]: Approvals required, but not requested by Client
-
-# TC_Appr1.15.02.NEG Create Approval for NS create
-ns create com.test.appr.@[user.name].myProject @[user.name]
-** Expect 403 **
-Failed [SVC2403]: Approvals required, but not requested by Client
-
-# TC_Appr1.15.03.NEG Generate Approval for granting permission to role
-perm grant com.test.appr.@[user.name].grantToRole myInstance myAction com.test.appr.@[user.name].grantToPerm
-** Expect 403 **
-Failed [SVC2403]: Approvals required, but not requested by Client
-
-# TC_Appr1.15.04.NEG Generate Approval for ungranting permission from role
-perm ungrant com.test.appr.@[user.name].ungrantFromRole myInstance myAction com.test.appr.@[user.name].ungrantFromPerm
-** Expect 403 **
-Failed [SVC2403]: Approvals required, but not requested by Client
-
-# TC_Appr1.15.05.NEG Generate Approval for granting permission to role
-perm grant com.test.appr.@[user.name].grantTwoRoles myInstance myAction com.test.appr.@[user.name].grantFirstPerm,com.test.appr.@[user.name].grantSecondPerm
-** Expect 403 **
-Failed [SVC2403]: Approvals required, but not requested by Client
-Failed [SVC2403]: Approvals required, but not requested by Client
-
-# TC_Appr1.15.06.NEG Generate Approval for ungranting permission from role
-perm ungrant com.test.appr.@[user.name].ungrantTwoRoles myInstance myAction com.test.appr.@[user.name].grantFirstPerm,com.test.appr.@[user.name].grantSecondPerm
-** Expect 403 **
-Failed [SVC2403]: Approvals required, but not requested by Client
-Failed [SVC2403]: Approvals required, but not requested by Client
-
-# TC_Appr1.15.51.POS Create Future and Approvals with non-admin request
-set request true
-set request=true user role add @[user.name]@@[user.name].appr.test.com com.test.appr.@[user.name].addToUserRole
-** Expect 202 **
-UserRole Creation Accepted, but requires Approvals before actualizing
-
-# TC_Appr1.15.52.POS Create Approval for NS create
-set request true
-set request=true ns create com.test.appr.@[user.name].myProject @[user.name]
-** Expect 202 **
-Namespace Creation Accepted, but requires Approvals before actualizing
-
-# TC_Appr1.15.53.POS Generate Approval for granting permission to role
-set request true
-set request=true perm grant com.test.appr.@[user.name].grantToRole myInstance myAction com.test.appr.@[user.name].grantToPerm
-** Expect 202 **
-Permission Role Granted Accepted, but requires Approvals before actualizing
-
-# TC_Appr1.15.54.POS Generate Approval for ungranting permission from role
-request perm ungrant com.test.appr.@[user.name].ungrantFromRole myInstance myAction com.test.appr.@[user.name].ungrantFromPerm
-** Expect 202 **
-Permission Role Ungranted Accepted, but requires Approvals before actualizing
-
-# TC_Appr1.15.55.POS Generate Approval for granting permission to role
-request perm grant com.test.appr.@[user.name].grantTwoRoles myInstance myAction com.test.appr.@[user.name].grantFirstPerm,com.test.appr.@[user.name].grantSecondPerm
-** Expect 202 **
-Permission Role Granted Accepted, but requires Approvals before actualizing
-Permission Role Granted Accepted, but requires Approvals before actualizing
-
-# TC_Appr1.15.56.POS Generate Approval for ungranting permission from role
-request perm ungrant com.test.appr.@[user.name].ungrantTwoRoles myInstance myAction com.test.appr.@[user.name].grantFirstPerm,com.test.appr.@[user.name].grantSecondPerm
-** Expect 202 **
-Permission Role Ungranted Accepted, but requires Approvals before actualizing
-Permission Role Ungranted Accepted, but requires Approvals before actualizing
-
diff --git a/authz-test/TestSuite/expected/MTC_Appr2.expected b/authz-test/TestSuite/expected/MTC_Appr2.expected
deleted file mode 100644
index 7191a044..00000000
--- a/authz-test/TestSuite/expected/MTC_Appr2.expected
+++ /dev/null
@@ -1,24 +0,0 @@
-# TC_Appr2.99.1.POS Delete User Role, if exists
-user role del testunused@aaf.att.com com.test.appr.@[user.name].myRole
-** Expect 200,404 **
-Failed [SVC1404]: Cannot delete non-existent User Role
-
-# TC_Appr2.99.79.POS Delete Role
-role delete com.test.appr.@[user.name].myRole
-** Expect 200,404 **
-Deleted Role
-
-# TC_Appr2.99.80.POS Delete Namespaces for TestSuite
-ns delete com.test.appr
-** Expect 200,404 **
-Deleted Namespace
-
-ns delete com.test.appr.@[user.name]
-** Expect 200,404 **
-Deleted Namespace
-
-# TC_Appr2.99.81.POS Delete Credential used to generate approvals
-as XX@NS:<pass> user cred del testbatch@aaf.att.com
-** Expect 200,404 **
-Deleted Credential [testbatch@aaf.att.com]
-
diff --git a/authz-test/TestSuite/expected/TC_Cred1.expected b/authz-test/TestSuite/expected/TC_Cred1.expected
deleted file mode 100644
index 8d310d91..00000000
--- a/authz-test/TestSuite/expected/TC_Cred1.expected
+++ /dev/null
@@ -1,269 +0,0 @@
-set testid@aaf.att.com <pass>
-set testunused@aaf.att.com <pass>
-set bogus boguspass
-set XX@NS <pass>
-#delay 10
-set NFR 0
-as testid@aaf.att.com
-# TC_Cred1.10.0.POS List NS to prove ok
-ns list name com.test.TC_Cred1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Cred1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_Cred1.10.1.POS Create Personalized Namespace to add Credentials
-ns create com.test.TC_Cred1.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-# TC_Cred1.10.10.POS Create role to assign mechid perm to
-role create com.test.TC_Cred1.@[user.name].cred_admin testid@aaf.att.com
-** Expect 201 **
-Created Role
-Added User [testid@aaf.att.com] to Role [com.test.TC_Cred1.@[THE_USER].cred_admin]
-
-role create com.test.TC_Cred1.@[user.name].pw_reset
-** Expect 201 **
-Created Role
-
-# TC_Cred1.10.11.POS Assign roles to perms
-as XX@NS
-perm create com.att.aaf.password com.test reset com.test.TC_Cred1.@[user.name].pw_reset
-** Expect 201 **
-Created Permission
-Granted Permission [com.att.aaf.password|com.test|reset] to Role [com.test.TC_Cred1.@[THE_USER].pw_reset]
-
-perm create com.att.aaf.mechid com.test create com.test.TC_Cred1.@[user.name].cred_admin
-** Expect 201 **
-Created Permission
-Granted Permission [com.att.aaf.mechid|com.test|create] to Role [com.test.TC_Cred1.@[THE_USER].cred_admin]
-
-perm grant com.att.aaf.mechid com.att create com.test.TC_Cred1.@[user.name].cred_admin
-** Expect 201 **
-Granted Permission [com.att.aaf.mechid|com.att|create] to Role [com.test.TC_Cred1.@[THE_USER].cred_admin]
-
-as testid@aaf.att.com
-# TC_Cred1.10.30.POS Assign user for creating creds
-user cred add m99999@@[user.name].TC_Cred1.test.com password123
-** Expect 201 **
-Added Credential [m99999@@[THE_USER].TC_Cred1.test.com]
-
-set m99999@@[THE_USER].TC_Cred1.test.com password123
-# TC_Cred1.10.31.POS Credential used to similate non-admin Tier1 user with reset and create permissions
-user role add m99999@@[user.name].TC_Cred1.test.com com.test.TC_Cred1.@[user.name].pw_reset,com.test.TC_Cred1.@[user.name].cred_admin
-** Expect 201 **
-Added Role [com.test.TC_Cred1.@[THE_USER].pw_reset] to User [m99999@@[THE_USER].TC_Cred1.test.com]
-Added Role [com.test.TC_Cred1.@[THE_USER].cred_admin] to User [m99999@@[THE_USER].TC_Cred1.test.com]
-
-# TC_Cred1.10.32.POS Remove create rights for testing
-user role del testid@aaf.att.com com.test.TC_Cred1.@[user.name].cred_admin
-** Expect 200 **
-Removed Role [com.test.TC_Cred1.@[THE_USER].cred_admin] from User [testid@aaf.att.com]
-
-# TC_Cred1.15.1.NEG Non-Admin, no permission user cannot create mechID
-as testunused@aaf.att.com
-user cred add m99990@@[user.name].TC_Cred1.test.com password123
-** Expect 403 **
-Failed [SVC1403]: Forbidden - testunused@aaf.att.com does not have permission to create MechIDs at AT&T
-
-# TC_Cred1.15.3.POS Non-Admin, with create permission user can create mechID
-as m99999@@[THE_USER].TC_Cred1.test.com
-user cred add m99990@@[user.name].TC_Cred1.test.com password123
-** Expect 201 **
-Added Credential [m99990@@[THE_USER].TC_Cred1.test.com]
-
-# TC_Cred1.15.10.NEG Non-Admin, no reset permission cannot reset mechID
-as testunused@aaf.att.com
-user cred reset m99990@@[user.name].TC_Cred1.test.com password123
-** Expect 403 **
-Failed [SVC1403]: Forbidden - testunused@aaf.att.com is not allowed to change m99990@@[THE_USER].TC_Cred1.test.com in com.test.TC_Cred1.@[THE_USER]
-
-# TC_Cred1.15.11.POS Non-Admin, with reset permission can reset mechID
-as m99999@@[THE_USER].TC_Cred1.test.com
-user cred reset m99990@@[user.name].TC_Cred1.test.com password123
-** Expect 200 **
-Reset Credential [m99990@@[THE_USER].TC_Cred1.test.com]
-
-# TC_Cred1.15.12.POS Admin, without reset permission can reset Password
-as testid@aaf.att.com
-user cred reset m99990@@[user.name].TC_Cred1.test.com password123
-** Expect 200 **
-Reset Credential [m99990@@[THE_USER].TC_Cred1.test.com]
-
-# TC_Cred1.15.15.POS Admin, without reset permission can reset mechID
-user cred reset m99990@@[user.name].TC_Cred1.test.com password123 1
-** Expect 200 **
-Reset Credential [m99990@@[THE_USER].TC_Cred1.test.com]
-
-# TC_Cred1.15.20.POS Admin, delete
-user cred del m99990@@[user.name].TC_Cred1.test.com password123 1
-** Expect 200 **
-Deleted Credential [m99990@@[THE_USER].TC_Cred1.test.com]
-
-# TC_Cred1.30.1.NEG Multiple options available to delete
-as XX@NS
-user cred add m99990@@[user.name].TC_Cred1.test.com pass23Word
-** Expect 201 **
-Added Credential [m99990@@[THE_USER].TC_Cred1.test.com]
-
-as testid@aaf.att.com
-user cred add m99990@@[user.name].TC_Cred1.test.com pass23worD
-** Expect 201 **
-Added Credential [m99990@@[THE_USER].TC_Cred1.test.com]
-
-# TC_Cred1.30.2.POS Succeeds when we choose last option
-user cred del m99990@@[user.name].TC_Cred1.test.com 2
-** Expect 200 **
-Deleted Credential [m99990@@[THE_USER].TC_Cred1.test.com]
-
-# TC_Cred1.30.10.POS Add another credential
-user cred add m99990@@[user.name].TC_Cred1.test.com password123
-** Expect 201 **
-Added Credential [m99990@@[THE_USER].TC_Cred1.test.com]
-
-# TC_Cred1.30.11.NEG Multiple options available to reset
-user cred reset m99990@@[user.name].TC_Cred1.test.com password123
-** Expect 300 **
-Failed [SVC1300]: Choice - Select which cred to update:
- Id Type Expires
- 1) m99990@@[THE_USER].TC_Cred1.test.com 2 [Placeholder]
- 2) m99990@@[THE_USER].TC_Cred1.test.com 2 [Placeholder]
-Run same command again with chosen entry as last parameter
-
-# TC_Cred1.30.12.NEG Fails when we choose a bad option
-user cred reset m99990@@[user.name].TC_Cred1.test.com password123 0
-** Expect 406 **
-Failed [SVC1406]: Not Acceptable - User chose invalid credential selection
-
-# TC_Cred1.30.13.POS Succeeds when we choose last option
-user cred reset m99990@@[user.name].TC_Cred1.test.com password123 2
-** Expect 200 **
-Reset Credential [m99990@@[THE_USER].TC_Cred1.test.com]
-
-#TC_Cred1.30.30.NEG Fails when we don't have specific property
-user cred extend m99990@@[user.name].TC_Cred1.test.com
-** Expect 403 **
-Failed [SVC3403]: Forbidden - testid@aaf.att.com does not have permission to extend passwords at AT&T
-
-#### EXTENDS behavior ####
-#TC_Cred1.30.32.POS Setup Temp Role for Extend Permission
-as XX@NS
-role create com.test.TC_Cred1.@[user.name].extendTemp
-** Expect 201 **
-Created Role
-
-#TC_Cred1.30.33.POS Grant Extends Permission to Role
-perm grant com.att.aaf.password com.att extend com.test.TC_Cred1.@[user.name].extendTemp
-** Expect 201 **
-Granted Permission [com.att.aaf.password|com.att|extend] to Role [com.test.TC_Cred1.@[THE_USER].extendTemp]
-
-#TC_Cred1.30.35.POS Add current User to Temp Role for Extend Permission
-role user add com.test.TC_Cred1.@[user.name].extendTemp XX@NS
-** Expect 201 **
-Added User [XX@NS] to Role [com.test.TC_Cred1.@[THE_USER].extendTemp]
-
-#TC_Cred1.30.36.POS Extend Password, expecting Single Response
-user cred extend m99990@@[user.name].TC_Cred1.test.com 1
-** Expect 200 **
-Extended Credential [m99990@@[THE_USER].TC_Cred1.test.com]
-
-#TC_Cred1.30.39.POS Remove Role
-set force true
-role delete com.test.TC_Cred1.@[user.name].extendTemp
-** Expect 200 **
-Deleted Role
-
-#### MULTI CLEANUP #####
-role list user m99990@@[user.name].TC_Cred1.test.com
-** Expect 200 **
-
-List Roles for User [m99990@@[THE_USER].TC_Cred1.test.com]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-
-# TC_Cred1.30.80.POS Delete all entries for this cred
-set force true
-user cred del m99990@@[user.name].TC_Cred1.test.com
-** Expect 200 **
-Deleted Credential [m99990@@[THE_USER].TC_Cred1.test.com]
-
-# TC_Cred1.30.99.POS List ns shows no creds attached
-ns list name com.test.TC_Cred1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Cred1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Cred1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Cred1.@[THE_USER].admin
- com.test.TC_Cred1.@[THE_USER].cred_admin
- com.test.TC_Cred1.@[THE_USER].owner
- com.test.TC_Cred1.@[THE_USER].pw_reset
- Permissions
- com.test.TC_Cred1.@[THE_USER].access * *
- com.test.TC_Cred1.@[THE_USER].access * read
- Credentials
- m99999@@[THE_USER].TC_Cred1.test.com
-
-as testid@aaf.att.com
-# TC_Cred1.99.1.POS Delete credentials
-force user cred del m99990@@[user.name].TC_Cred1.test.com
-** Expect 200,404 **
-Failed [SVC5404]: Not Found - Credential does not exist
-
-#TC_Cred1.99.2.POS Ensure Remove Role
-set force true
-role delete com.test.TC_Cred1.@[user.name].extendTemp
-** Expect 200,404 **
-Failed [SVC3404]: Not Found - Role [com.test.TC_Cred1.@[THE_USER].extendTemp] does not exist
-
-# TC_Cred1.99.10.POS Remove ability to create creds
-force user role del testid@aaf.att.com com.test.TC_Cred1.@[user.name].cred_admin
-** Expect 200,404 **
-Failed [SVC6404]: Not Found - User [ testid@aaf.att.com ] is not Assigned to the Role [ com.test.TC_Cred1.@[THE_USER].cred_admin ]
-
-as XX@NS
-perm ungrant com.att.aaf.mechid com.att create com.test.TC_Cred1.@[user.name].cred_admin
-** Expect 200,404 **
-UnGranted Permission [com.att.aaf.mechid|com.att|create] from Role [com.test.TC_Cred1.@[THE_USER].cred_admin]
-
-force perm delete com.att.aaf.password com.test reset
-** Expect 200,404 **
-Deleted Permission
-
-force perm delete com.att.aaf.mechid com.test create
-** Expect 200,404 **
-Deleted Permission
-
-as testid@aaf.att.com
-force role delete com.test.TC_Cred1.@[user.name].cred_admin
-** Expect 200,404 **
-Deleted Role
-
-force role delete com.test.TC_Cred1.@[user.name].pw_reset
-** Expect 200,404 **
-Deleted Role
-
-# TC_Cred1.99.99.POS Delete Namespace for TestSuite
-set force true
-set force=true ns delete com.test.TC_Cred1.@[user.name]
-** Expect 200,404 **
-Deleted Namespace
-
-as XX@NS
-force ns delete com.test.TC_Cred1.@[user.name]
-** Expect 200,404 **
-Failed [SVC2404]: Not Found - com.test.TC_Cred1.@[THE_USER] does not exist
-
-force ns delete com.test.TC_Cred1
-** Expect 200,404 **
-Failed [SVC2404]: Not Found - com.test.TC_Cred1 does not exist
-
diff --git a/authz-test/TestSuite/expected/TC_DELG1.expected b/authz-test/TestSuite/expected/TC_DELG1.expected
deleted file mode 100644
index 962caf6a..00000000
--- a/authz-test/TestSuite/expected/TC_DELG1.expected
+++ /dev/null
@@ -1,223 +0,0 @@
-set testid@aaf.att.com <pass>
-set testunused@aaf.att.com <pass>
-set XX@NS <pass>
-set m99999@@[THE_USER].delg.test.com password123
-set bogus@aaf.att.com boguspass
-#delay 10
-set NFR 0
-# TC_DELG1.10.1.POS Check For Existing Data
-as testid@aaf.att.com
-ns list name com.test.delg.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.delg.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-as XX@NS
-perm create com.att.aaf.delg com.att * com.att.admin
-** Expect 201,409 **
-Failed [SVC1409]: Conflict Already Exists - Permission [com.att.aaf.delg|com.att|*] already exists.
-
-user list delegates delegate @[user.name]@csp.att.com
-** Expect 404 **
-Failed [SVC7404]: Not Found - Delegate [@[THE_USER]@csp.att.com] is not delegating for anyone.
-
-as testid@aaf.att.com
-# TC_DELG1.10.2.POS Create Namespace to add IDs
-ns create com.test.delg.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-as XX@NS
-# TC_DELG1.10.10.POS Grant ability to change delegates
-force perm grant com.att.aaf.mechid com.att create com.test.delg.@[user.name].change_delg
-** Expect 404 **
-Failed [SVC3404]: Not Found - Role [com.test.delg.@[THE_USER].change_delg] does not exist
-
-# TC_DELG1.10.11.POS Grant ability to change delegates
-role create com.test.delg.@[user.name].change_delg
-** Expect 201 **
-Created Role
-
-# TC_DELG1.10.12.POS Grant ability to change delegates
-force perm grant com.att.aaf.mechid com.att create com.test.delg.@[user.name].change_delg
-** Expect 201 **
-Granted Permission [com.att.aaf.mechid|com.att|create] to Role [com.test.delg.@[THE_USER].change_delg]
-
-# TC_DELG1.10.14.POS Create user role to change delegates
-user role add testid@aaf.att.com com.test.delg.@[user.name].change_delg
-** Expect 201 **
-Added Role [com.test.delg.@[THE_USER].change_delg] to User [testid@aaf.att.com]
-
-# TC_DELG1.10.15.POS Grant ability to create cred
-perm grant com.att.aaf.delg com.att create com.test.delg.@[user.name].change_delg
-** Expect 201 **
-Granted Permission [com.att.aaf.delg|com.att|create] to Role [com.test.delg.@[THE_USER].change_delg]
-
-as testid@aaf.att.com
-# TC_DELG1.10.30.POS Create cred that will change his own delg
-user cred add m99999@@[user.name].delg.test.com password123
-** Expect 201 **
-Added Credential [m99999@@[THE_USER].delg.test.com]
-
-as XX@NS
-Unknown Instruction "TC_DELG1.10.31.POS"
-perm ungrant com.att.aaf.mechid com.att create com.test.delg.@[user.name].change_delg
-** Expect 200 **
-UnGranted Permission [com.att.aaf.mechid|com.att|create] from Role [com.test.delg.@[THE_USER].change_delg]
-
-as testid@aaf.att.com
-# TC_DELG1.10.99.POS Check for Data as Correct
-ns list name com.test.delg.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.delg.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.delg.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.delg.@[THE_USER].admin
- com.test.delg.@[THE_USER].change_delg
- com.test.delg.@[THE_USER].owner
- Permissions
- com.test.delg.@[THE_USER].access * *
- com.test.delg.@[THE_USER].access * read
- Credentials
- m99999@@[THE_USER].delg.test.com
-
-# TC_DELG1.20.10.NEG Cannot create delegate with unknown user ID
-user delegate add aa111q@csp.att.com @[user.name]@csp.att.com '2099-12-31 06:00'
-** Expect 404 **
-Failed [SVC5404]: Not Found - [aa111q@csp.att.com] is not a user in the company database.
-
-# TC_DELG1.20.11.NEG Cannot Create Delegate with unknown delegate
-user delegate add @[user.name]@csp.att.com aa111q@csp.att.com '2099-12-31 06:00'
-** Expect 404 **
-Failed [SVC5404]: Not Found - [aa111q@csp.att.com] is not a user in the company database.
-
-# TC_DELG1.20.20.NEG May not change user, no delegate permission
-as m99999@@[THE_USER].delg.test.com
-force user delegate add @[user.name]@csp.att.com @[user.name]@csp.att.com '2099-12-31 06:00'
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [m99999@@[THE_USER].delg.test.com] may not create a delegate for [@[THE_USER]@csp.att.com]
-
-as testid@aaf.att.com
-# TC_DELG1.20.21.NEG Fail to Update Delegate that doesnt exist
-user delegate upd @[user.name]@csp.att.com @[user.name]@csp.att.com '2099-12-31 06:00'
-** Expect 404 **
-Failed [SVC1404]: Not Found - [@[THE_USER]@csp.att.com] does not have a Delegate Record to [write].
-
-# TC_DELG1.20.22.NEG May not create delegate for self.
-user delegate add @[user.name]@csp.att.com @[user.name]@csp.att.com '2099-12-31 06:00'
-** Expect 406 **
-Failed [SVC1406]: Not Acceptable - [@[THE_USER]@csp.att.com] cannot be a delegate for self
-
-# TC_DELG1.20.23.POS May create delegate for self for tests by forcing.
-force user delegate add @[user.name]@csp.att.com @[user.name]@csp.att.com '2099-12-31 06:00'
-** Expect 201 **
-Delegate Added
-
-as XX@NS
-# TC_DELG1.20.30.POS Expect Delegates for User
-user list delegates user @[user.name]@csp.att.com
-** Expect 200 **
-
-List Delegates by user[@[THE_USER]@csp.att.com]
---------------------------------------------------------------------------------
- User Delegate Expires
---------------------------------------------------------------------------------
- @[THE_USER]@csp.att.com @[THE_USER]@csp.att.com XXXX-XX-XX
-
-as testid@aaf.att.com
-# TC_DELG1.20.35.NEG Fail Create when exists
-user delegate add @[user.name]@csp.att.com @[user.name]@csp.att.com '2099-12-31 06:00'
-** Expect 409 **
-Failed [SVC1409]: Conflict Already Exists - [@[THE_USER]@csp.att.com] already delegates to [@[THE_USER]@csp.att.com]
-
-as XX@NS
-# TC_DELG1.20.40.POS Expect Delegates for User
-user list delegates user @[user.name]@csp.att.com
-** Expect 200 **
-
-List Delegates by user[@[THE_USER]@csp.att.com]
---------------------------------------------------------------------------------
- User Delegate Expires
---------------------------------------------------------------------------------
- @[THE_USER]@csp.att.com @[THE_USER]@csp.att.com XXXX-XX-XX
-
-as testid@aaf.att.com
-# TC_DELG1.20.46.POS Update Delegate with new Date
-user delegate upd @[user.name]@csp.att.com @[user.name]@csp.att.com '2999-01-01 06:00'
-** Expect 200 **
-Delegate Updated
-
-as XX@NS
-# TC_DELG1.20.82.POS Expect Delegates for User
-user list delegates user @[user.name]@csp.att.com
-** Expect 200 **
-
-List Delegates by user[@[THE_USER]@csp.att.com]
---------------------------------------------------------------------------------
- User Delegate Expires
---------------------------------------------------------------------------------
- @[THE_USER]@csp.att.com @[THE_USER]@csp.att.com XXXX-XX-XX
-
-# TC_DELG1.20.83.POS Expect Delegate to show up in list
-user list delegates delegate @[user.name]@csp.att.com
-** Expect 200 **
-
-List Delegates by delegate[@[THE_USER]@csp.att.com]
---------------------------------------------------------------------------------
- User Delegate Expires
---------------------------------------------------------------------------------
- @[THE_USER]@csp.att.com @[THE_USER]@csp.att.com XXXX-XX-XX
-
-as XX@NS
-# TC_DELG1.99.0.POS Check for Data as Correct
-ns list name com.test.delg.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.delg.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.delg.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.delg.@[THE_USER].admin
- com.test.delg.@[THE_USER].change_delg
- com.test.delg.@[THE_USER].owner
- Permissions
- com.test.delg.@[THE_USER].access * *
- com.test.delg.@[THE_USER].access * read
- Credentials
- m99999@@[THE_USER].delg.test.com
-
-# TC_DELG1.99.10.POS Delete Delegates
-user delegate del @[user.name]@csp.att.com
-** Expect 200,404 **
-Delegate Deleted
-
-# TC_DELG1.99.30.POS Delete Namespace com.att.test.id
-force ns delete com.test.delg.@[user.name]
-** Expect 200,404 **
-Deleted Namespace
-
-# TC_DELG1.99.98.POS Check for Delegate Data as Correct
-user list delegates user @[user.name]@csp.att.com
-** Expect 200,404 **
-Failed [SVC7404]: Not Found - No Delegate found for [@[THE_USER]@csp.att.com]
-
-# TC_DELG1.99.99.POS Check for NS Data as Correct
-ns list name com.test.delg.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.delg.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
diff --git a/authz-test/TestSuite/expected/TC_Link.expected b/authz-test/TestSuite/expected/TC_Link.expected
deleted file mode 100644
index 3c58002e..00000000
--- a/authz-test/TestSuite/expected/TC_Link.expected
+++ /dev/null
@@ -1,253 +0,0 @@
-set testid <pass>
-set testid@aaf.att.com <pass>
-set XX@NS <pass>
-set testunused <pass>
-set bogus boguspass
-#delay 10
-set NFR 0
-# TC_05
-ns list name com.test.TC_Link_1.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_Link_1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-ns list name com.test.TC_Link_2.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_Link_2.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-perm list role com.test.TC_Link_1.@[user.name].myRole
-** Expect 200,404 **
-
-List Perms by Role [com.test.TC_Link_1.@[THE_USER].myRole]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-
-
-role list perm com.test.TC_Link_2.@[user.name].myPerm myInstance myAction
-** Expect 200,404 **
-
-List Roles by Perm com.test.TC_Link_2.@[THE_USER].myPerm|myInstance|myAction
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-
-# TC_10
-as XX@NS
-ns create com.test.TC_Link_1.@[user.name] @[user.name] XX@NS
-** Expect 201 **
-Created Namespace
-
-ns create com.test.TC_Link_2.@[user.name] @[user.name] XX@NS
-** Expect 201 **
-Created Namespace
-
-role create com.test.TC_Link_1.@[user.name].myRole
-** Expect 201 **
-Created Role
-
-perm create com.test.TC_Link_2.@[user.name].myPerm myInstance myAction
-** Expect 201 **
-Created Permission
-
-perm grant com.test.TC_Link_2.@[user.name].myPerm myInstance myAction com.test.TC_Link_1.@[user.name].myRole
-** Expect 201 **
-Granted Permission [com.test.TC_Link_2.@[THE_USER].myPerm|myInstance|myAction] to Role [com.test.TC_Link_1.@[THE_USER].myRole]
-
-# 15_print
-ns list name com.test.TC_Link_1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Link_1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Link_1.@[THE_USER]
- Administrators
- XX@NS
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Link_1.@[THE_USER].admin
- com.test.TC_Link_1.@[THE_USER].myRole
- com.test.TC_Link_1.@[THE_USER].owner
- Permissions
- com.test.TC_Link_1.@[THE_USER].access * *
- com.test.TC_Link_1.@[THE_USER].access * read
-
-ns list name com.test.TC_Link_2.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Link_2.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Link_2.@[THE_USER]
- Administrators
- XX@NS
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Link_2.@[THE_USER].admin
- com.test.TC_Link_2.@[THE_USER].owner
- Permissions
- com.test.TC_Link_2.@[THE_USER].access * *
- com.test.TC_Link_2.@[THE_USER].access * read
- com.test.TC_Link_2.@[THE_USER].myPerm myInstance myAction
-
-perm list role com.test.TC_Link_1.@[user.name].myRole
-** Expect 200 **
-
-List Perms by Role [com.test.TC_Link_1.@[THE_USER].myRole]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Link_2.@[THE_USER].myPerm myInstance myAction
-
-
-role list perm com.test.TC_Link_2.@[user.name].myPerm myInstance myAction
-** Expect 200 **
-
-List Roles by Perm com.test.TC_Link_2.@[THE_USER].myPerm|myInstance|myAction
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Link_1.@[THE_USER].myRole
- com.test.TC_Link_2.@[THE_USER].myPerm myInstance myAction
-
-role delete com.test.TC_Link_1.@[user.name].myRole
-** Expect 200 **
-Deleted Role
-
-# 15_print
-ns list name com.test.TC_Link_1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Link_1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Link_1.@[THE_USER]
- Administrators
- XX@NS
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Link_1.@[THE_USER].admin
- com.test.TC_Link_1.@[THE_USER].owner
- Permissions
- com.test.TC_Link_1.@[THE_USER].access * *
- com.test.TC_Link_1.@[THE_USER].access * read
-
-ns list name com.test.TC_Link_2.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Link_2.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Link_2.@[THE_USER]
- Administrators
- XX@NS
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Link_2.@[THE_USER].admin
- com.test.TC_Link_2.@[THE_USER].owner
- Permissions
- com.test.TC_Link_2.@[THE_USER].access * *
- com.test.TC_Link_2.@[THE_USER].access * read
- com.test.TC_Link_2.@[THE_USER].myPerm myInstance myAction
-
-perm list role com.test.TC_Link_1.@[user.name].myRole
-** Expect 200 **
-
-List Perms by Role [com.test.TC_Link_1.@[THE_USER].myRole]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-
-
-role list perm com.test.TC_Link_2.@[user.name].myPerm myInstance myAction
-** Expect 200 **
-
-List Roles by Perm com.test.TC_Link_2.@[THE_USER].myPerm|myInstance|myAction
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-
-role create com.test.TC_Link_1.@[user.name].myRole
-** Expect 201 **
-Created Role
-
-perm grant com.test.TC_Link_2.@[user.name].myPerm myInstance myAction com.test.TC_Link_1.@[user.name].myRole
-** Expect 201 **
-Granted Permission [com.test.TC_Link_2.@[THE_USER].myPerm|myInstance|myAction] to Role [com.test.TC_Link_1.@[THE_USER].myRole]
-
-# 15_print
-ns list name com.test.TC_Link_1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Link_1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Link_1.@[THE_USER]
- Administrators
- XX@NS
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Link_1.@[THE_USER].admin
- com.test.TC_Link_1.@[THE_USER].myRole
- com.test.TC_Link_1.@[THE_USER].owner
- Permissions
- com.test.TC_Link_1.@[THE_USER].access * *
- com.test.TC_Link_1.@[THE_USER].access * read
-
-ns list name com.test.TC_Link_2.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Link_2.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Link_2.@[THE_USER]
- Administrators
- XX@NS
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Link_2.@[THE_USER].admin
- com.test.TC_Link_2.@[THE_USER].owner
- Permissions
- com.test.TC_Link_2.@[THE_USER].access * *
- com.test.TC_Link_2.@[THE_USER].access * read
- com.test.TC_Link_2.@[THE_USER].myPerm myInstance myAction
-
-perm list role com.test.TC_Link_1.@[user.name].myRole
-** Expect 200 **
-
-List Perms by Role [com.test.TC_Link_1.@[THE_USER].myRole]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Link_2.@[THE_USER].myPerm myInstance myAction
-
-
-role list perm com.test.TC_Link_2.@[user.name].myPerm myInstance myAction
-** Expect 200 **
-
-List Roles by Perm com.test.TC_Link_2.@[THE_USER].myPerm|myInstance|myAction
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Link_1.@[THE_USER].myRole
- com.test.TC_Link_2.@[THE_USER].myPerm myInstance myAction
-
-as XX@NS
-force ns delete com.test.TC_Link_2.@[user.name]
-** Expect 200,404 **
-Deleted Namespace
-
-force ns delete com.test.TC_Link_1.@[user.name]
-** Expect 200,404 **
-Deleted Namespace
-
diff --git a/authz-test/TestSuite/expected/TC_NS1.expected b/authz-test/TestSuite/expected/TC_NS1.expected
deleted file mode 100644
index 6c5a89ec..00000000
--- a/authz-test/TestSuite/expected/TC_NS1.expected
+++ /dev/null
@@ -1,327 +0,0 @@
-set testid@aaf.att.com <pass>
-set testunused@aaf.att.com <pass>
-set bogus@aaf.att.com boguspass
-#delay 10
-set NFR 0
-as testid@aaf.att.com
-# TC_NS1.01.0.POS Expect Clean Namespace to start
-ns list name com.test.TC_NS1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_NS1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_NS1.01.1.NEG Create Namespace with mechID as Responsible Party
-ns create com.test.TC_NS1.@[user.name] testunused@aaf.att.com testid@aaf.att.com,XX@NS
-** Expect 403 **
-Failed [SVC3403]: Forbidden - testunused@aaf.att.com does not have permission to assume test status at AT&T
-
-# TC_NS1.01.2.NEG Create Namespace with Bad ID for Admin
-ns create com.test.TC_NS1.@[user.name] @[user.name] bogus@aaf.att.com,XX@NS
-** Expect 403 **
-Failed [SVC2403]: Forbidden - bogus@aaf.att.com is not a valid AAF Credential
-
-as testid@aaf.att.com
-# TC_NS1.10.0.POS Check for Existing Data
-ns list name com.test.TC_NS1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_NS1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_NS1.10.1.POS Create Namespace with valid IDs and Responsible Parties
-ns create com.test.TC_NS1.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-# TC_NS1.10.40.POS Expect Namespace to be created
-ns list name com.test.TC_NS1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_NS1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_NS1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_NS1.@[THE_USER].admin
- com.test.TC_NS1.@[THE_USER].owner
- Permissions
- com.test.TC_NS1.@[THE_USER].access * *
- com.test.TC_NS1.@[THE_USER].access * read
-
-# TC_NS1.10.41.POS Expect Namespace to be created
-perm list role com.test.TC_NS1.@[user.name].admin
-** Expect 200 **
-
-List Perms by Role [com.test.TC_NS1.@[THE_USER].admin]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_NS1.@[THE_USER].access * *
-
-
-# TC_NS1.10.42.POS Expect Namespace to be created
-perm list role com.test.TC_NS1.@[user.name].owner
-** Expect 200 **
-
-List Perms by Role [com.test.TC_NS1.@[THE_USER].owner]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_NS1.@[THE_USER].access * read
-
-
-# TC_NS1.10.43.POS Expect Namespace to be created
-role list perm com.test.TC_NS1.@[user.name].access * *
-** Expect 200 **
-
-List Roles by Perm com.test.TC_NS1.@[THE_USER].access|*|*
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_NS1.@[THE_USER].admin
- com.test.TC_NS1.@[THE_USER].access * *
-
-# TC_NS1.10.44.POS Expect Namespace to be created
-role list perm com.test.TC_NS1.@[user.name].access * read
-** Expect 200 **
-
-List Roles by Perm com.test.TC_NS1.@[THE_USER].access|*|read
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_NS1.@[THE_USER].owner
- com.test.TC_NS1.@[THE_USER].access * read
-
-# TC_NS1.11.1.NEG Create Namespace when exists
-ns create com.test.TC_NS1.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 409 **
-Failed [SVC1409]: Conflict Already Exists - Target Namespace already exists
-
-# TC_NS1.20.1.NEG Too Few Args for Create 1
-ns create
-** Expect -1 **
-Too few args: create <name> <responsible (id[,id]*)> [admin (id[,id]*)]
-
-# TC_NS1.20.2.NEG Too Few Args for Create 2
-ns create bogus
-** Expect -1 **
-Too few args: create <name> <responsible (id[,id]*)> [admin (id[,id]*)]
-
-# TC_NS1.30.10.NEG Non-admins can't change description
-as testunused@aaf.att.com
-ns describe com.test.TC_NS1.@[user.name] Description for my Namespace
-** Expect 403 **
-Failed [SVC1403]: Forbidden - You do not have approval to change com.test.TC_NS1.@[THE_USER]
-
-# TC_NS1.30.11.NEG Namespace must exist to change description
-as testid@aaf.att.com
-ns describe com.test.TC_NS1.@[user.name].project1 Description for my project
-** Expect 404 **
-Failed [SVC1404]: Not Found - Namespace [com.test.TC_NS1.@[THE_USER].project1] does not exist
-
-# TC_NS1.30.12.POS Admin can change description
-ns describe com.test.TC_NS1.@[user.name] Description for my Namespace
-** Expect 200 **
-Description added to Namespace
-
-# TC_NS1.50.1.NEG Adding a Bogus ID
-ns admin add com.test.TC_NS1.@[user.name] bogus
-** Expect 403 **
-Failed [SVC1403]: Forbidden - AT&T reports that bogus@csp.att.com is a faulty ID
-
-# TC_NS1.50.2.NEG Adding a Bogus ID, full Domain
-ns admin add com.test.TC_NS1.@[user.name] bogus@csp.att.com
-** Expect 403 **
-Failed [SVC1403]: Forbidden - AT&T reports that bogus@csp.att.com is a faulty ID
-
-# TC_NS1.50.3.NEG Adding an OK ID, bad domain
-ns admin add com.test.TC_NS1.@[user.name] xz9914@bogus.test.com
-** Expect 403 **
-Failed [SVC2403]: Forbidden - xz9914@bogus.test.com is not a valid AAF Credential
-
-# TC_NS1.50.4.NEG Deleting an OK ID, but not an admin
-ns admin del com.test.TC_NS1.@[user.name] XX@NS
-** Expect 404 **
-Failed [SVC6404]: Not Found - UserRole [XX@NS] [com.test.TC_NS1.@[THE_USER].admin]
-
-sleep 0
-# TC_NS1.50.10.POS Adding an OK ID
-ns admin add com.test.TC_NS1.@[user.name] XX@NS
-** Expect 201 **
-Admin XX@NS added to com.test.TC_NS1.@[THE_USER]
-
-# TC_NS1.50.11.POS Deleting One of Two
-ns admin del com.test.TC_NS1.@[user.name] testid@aaf.att.com
-** Expect 200 **
-Admin testid@aaf.att.com deleted from com.test.TC_NS1.@[THE_USER]
-
-# TC_NS1.50.12.NEG testid@aaf.att.com no longer Admin
-ns admin del com.test.TC_NS1.@[user.name] testid@aaf.att.com
-** Expect 404 **
-Failed [SVC6404]: Not Found - UserRole [testid@aaf.att.com] [com.test.TC_NS1.@[THE_USER].admin]
-
-# TC_NS1.50.13.POS Add ID back in
-ns admin add com.test.TC_NS1.@[user.name] testid@aaf.att.com
-** Expect 201 **
-Admin testid@aaf.att.com added to com.test.TC_NS1.@[THE_USER]
-
-# TC_NS1.50.14.POS Deleting original
-ns admin del com.test.TC_NS1.@[user.name] XX@NS
-** Expect 200 **
-Admin XX@NS deleted from com.test.TC_NS1.@[THE_USER]
-
-# TC_NS1.50.15.NEG Can't remove twice
-ns admin del com.test.TC_NS1.@[user.name] XX@NS
-** Expect 404 **
-Failed [SVC6404]: Not Found - UserRole [XX@NS] [com.test.TC_NS1.@[THE_USER].admin]
-
-# TC_NS1.50.20.NEG User Role Add should obey same "addAdmin" restrictions
-role user add com.test.TC_NS1.@[user.name].admin m88888@i.have.no.domain
-** Expect 403 **
-Failed [SVC2403]: Forbidden - m88888@i.have.no.domain is not a valid AAF Credential
-
-# TC_NS1.50.21.NEG Role User Add should obey same "addAdmin" restrictions
-user role add m88888@i.have.no.domain com.test.TC_NS1.@[user.name].admin
-** Expect 403 **
-Failed [SVC2403]: Forbidden - m88888@i.have.no.domain is not a valid AAF Credential
-
-# TC_NS1.60.1.NEG Adding a Bogus ID
-ns responsible add com.test.TC_NS1.@[user.name] bogus
-** Expect 403 **
-Failed [SVC3403]: Forbidden - AT&T reports that this is not a valid credential
-
-# TC_NS1.60.2.NEG Adding a Bogus ID, full Domain
-ns responsible add com.test.TC_NS1.@[user.name] bogus@csp.att.com
-** Expect 403 **
-Failed [SVC3403]: Forbidden - AT&T reports that this is not a valid credential
-
-# TC_NS1.60.3.NEG Adding an OK ID, bad domain
-ns responsible add com.test.TC_NS1.@[user.name] xz9914@bogus.test.com
-** Expect 403 **
-Failed [SVC3403]: Forbidden - AT&T reports that this is not a valid credential
-
-# TC_NS1.60.4.NEG Deleting an OK ID, short, but not existent
-ns responsible del com.test.TC_NS1.@[user.name] testid
-** Expect 404 **
-Failed [SVC6404]: Not Found - UserRole [testid@csp.att.com] [com.test.TC_NS1.@[THE_USER].owner]
-
-# TC_NS1.60.5.NEG Deleting an OK ID, long, but not existent
-ns responsible del com.test.TC_NS1.@[user.name] testid@aaf.att.com
-** Expect 404 **
-Failed [SVC6404]: Not Found - UserRole [testid@aaf.att.com] [com.test.TC_NS1.@[THE_USER].owner]
-
-sleep 0
-# TC_NS1.60.10.POS Adding an OK ID
-# Note: mw9749 used because we must have employee as responsible
-ns responsible add com.test.TC_NS1.@[user.name] mw9749
-** Expect 201 **
-mw9749@csp.att.com is now responsible for com.test.TC_NS1.@[THE_USER]
-
-# TC_NS1.60.11.POS Deleting One of Two
-ns responsible del com.test.TC_NS1.@[user.name] mw9749
-** Expect 200 **
-mw9749@csp.att.com is no longer responsible for com.test.TC_NS1.@[THE_USER]
-
-# TC_NS1.60.12.NEG mw9749 no longer Admin
-ns responsible del com.test.TC_NS1.@[user.name] mw9749
-** Expect 404 **
-Failed [SVC6404]: Not Found - UserRole [mw9749@csp.att.com] [com.test.TC_NS1.@[THE_USER].owner]
-
-# TC_NS1.60.20.NEG User Role Add should obey same "addResponsible" restrictions
-role user add com.test.TC_NS1.@[user.name].owner m88888@i.have.no.domain
-** Expect 403 **
-Failed [SVC3403]: Forbidden - AT&T reports that this is not a valid credential
-
-# TC_NS1.60.21.NEG Role User Add should obey same "addResponsible" restrictions
-user role add m88888@i.have.no.domain com.test.TC_NS1.@[user.name].owner
-** Expect 403 **
-Failed [SVC3403]: Forbidden - AT&T reports that this is not a valid credential
-
-sleep 0
-# TC_NS1.80.1.POS List Data on Empty NS
-as testid@aaf.att.com
-ns list name com.test.TC_NS1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_NS1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_NS1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_NS1.@[THE_USER].admin
- com.test.TC_NS1.@[THE_USER].owner
- Permissions
- com.test.TC_NS1.@[THE_USER].access * *
- com.test.TC_NS1.@[THE_USER].access * read
-
-# TC_NS1.80.2.POS Add Roles to NS for Listing
-role create com.test.TC_NS1.@[user.name].r.A
-** Expect 201 **
-Created Role
-
-role create com.test.TC_NS1.@[user.name].r.B
-** Expect 201 **
-Created Role
-
-# TC_NS1.80.3.POS List Data on non-Empty NS
-ns list name com.test.TC_NS1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_NS1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_NS1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_NS1.@[THE_USER].admin
- com.test.TC_NS1.@[THE_USER].owner
- com.test.TC_NS1.@[THE_USER].r.A
- com.test.TC_NS1.@[THE_USER].r.B
- Permissions
- com.test.TC_NS1.@[THE_USER].access * *
- com.test.TC_NS1.@[THE_USER].access * read
-
-# TC_NS1.90.1.NEG Non Namespace Admin Delete Namespace
-as testunused@aaf.att.com
-ns delete com.test.TC_NS1.@[user.name]
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not write in NS [com.test.TC_NS1.@[THE_USER]]
-
-sleep 0
-as testid@aaf.att.com
-# TC_NS1.99.1.POS Namespace Admin can delete Namepace defined Roles
-role delete com.test.TC_NS1.@[user.name].r.A
-** Expect 200,404 **
-Deleted Role
-
-role delete com.test.TC_NS1.@[user.name].r.B
-** Expect 200,404 **
-Deleted Role
-
-# TC_NS1.99.2.POS Namespace Admin can delete Namespace
-ns delete com.test.TC_NS1.@[user.name]
-** Expect 200,404 **
-Deleted Namespace
-
-sleep 0
-# TC_NS1.99.99.POS Check Clean Namespace
-ns list name com.test.TC_NS1.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_NS1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
diff --git a/authz-test/TestSuite/expected/TC_NS2.expected b/authz-test/TestSuite/expected/TC_NS2.expected
deleted file mode 100644
index f8de4564..00000000
--- a/authz-test/TestSuite/expected/TC_NS2.expected
+++ /dev/null
@@ -1,389 +0,0 @@
-set XX@NS <pass>
-set testid@aaf.att.com <pass>
-set testunused@aaf.att.com <pass>
-set bogus@aaf.att.com boguspass
-#delay 10
-set NFR 0
-as testid@aaf.att.com
-# TC_NS2.10.0.POS Check for Existing Data
-ns list name com.test.TC_NS2.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_NS2.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_NS2.10.1.POS Create Namespace with valid IDs and Responsible Parties
-ns create com.test.TC_NS2.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-ns create com.test.TC_NS2.@[user.name].project @[user.name] testunused@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-# TC_NS2.10.10.POS Create role to assign mechid perm to
-role create com.test.TC_NS2.@[user.name].cred_admin testid@aaf.att.com
-** Expect 201 **
-Created Role
-Added User [testid@aaf.att.com] to Role [com.test.TC_NS2.@[THE_USER].cred_admin]
-
-as XX@NS
-# TC_NS2.10.11.POS Assign role to mechid perm
-perm grant com.att.aaf.mechid com.att create com.test.TC_NS2.@[user.name].cred_admin
-** Expect 201 **
-Granted Permission [com.att.aaf.mechid|com.att|create] to Role [com.test.TC_NS2.@[THE_USER].cred_admin]
-
-as testid@aaf.att.com
-# TC_NS2.10.70.POS Expect Namespace to be created
-ns list name com.test.TC_NS2.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_NS2.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_NS2.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_NS2.@[THE_USER].admin
- com.test.TC_NS2.@[THE_USER].cred_admin
- com.test.TC_NS2.@[THE_USER].owner
- Permissions
- com.test.TC_NS2.@[THE_USER].access * *
- com.test.TC_NS2.@[THE_USER].access * read
-
-as testid@aaf.att.com
-# TC_NS2.10.70.POS Expect Namespace to be created
-perm list role com.test.TC_NS2.@[user.name].admin
-** Expect 200 **
-
-List Perms by Role [com.test.TC_NS2.@[THE_USER].admin]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_NS2.@[THE_USER].access * *
-
-
-as testid@aaf.att.com
-# TC_NS2.10.70.POS Expect Namespace to be created
-perm list role com.test.TC_NS2.@[user.name].owner
-** Expect 200 **
-
-List Perms by Role [com.test.TC_NS2.@[THE_USER].owner]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_NS2.@[THE_USER].access * read
-
-
-as testid@aaf.att.com
-# TC_NS2.10.70.POS Expect Namespace to be created
-role list perm com.test.TC_NS2.@[user.name].access * *
-** Expect 200 **
-
-List Roles by Perm com.test.TC_NS2.@[THE_USER].access|*|*
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_NS2.@[THE_USER].admin
- com.test.TC_NS2.@[THE_USER].access * *
-
-as testid@aaf.att.com
-# TC_NS2.10.70.POS Expect Namespace to be created
-role list perm com.test.TC_NS2.@[user.name].access * read
-** Expect 200 **
-
-List Roles by Perm com.test.TC_NS2.@[THE_USER].access|*|read
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_NS2.@[THE_USER].owner
- com.test.TC_NS2.@[THE_USER].access * read
-
-as testid@aaf.att.com
-# TC_NS2.10.80.POS Expect Namespace to be created
-ns list name com.test.TC_NS2.@[user.name].project
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_NS2.@[THE_USER].project]
---------------------------------------------------------------------------------
-com.test.TC_NS2.@[THE_USER].project
- Administrators
- testunused@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_NS2.@[THE_USER].project.admin
- com.test.TC_NS2.@[THE_USER].project.owner
- Permissions
- com.test.TC_NS2.@[THE_USER].project.access * *
- com.test.TC_NS2.@[THE_USER].project.access * read
-
-as testid@aaf.att.com
-# TC_NS2.10.80.POS Expect Namespace to be created
-perm list role com.test.TC_NS2.@[user.name].project.admin
-** Expect 200 **
-
-List Perms by Role [com.test.TC_NS2.@[THE_USER].project.admin]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_NS2.@[THE_USER].project.access * *
-
-
-as testid@aaf.att.com
-# TC_NS2.10.80.POS Expect Namespace to be created
-perm list role com.test.TC_NS2.@[user.name].project.owner
-** Expect 200 **
-
-List Perms by Role [com.test.TC_NS2.@[THE_USER].project.owner]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_NS2.@[THE_USER].project.access * read
-
-
-as testid@aaf.att.com
-# TC_NS2.10.80.POS Expect Namespace to be created
-role list perm com.test.TC_NS2.@[user.name].project.access * *
-** Expect 200 **
-
-List Roles by Perm com.test.TC_NS2.@[THE_USER].project.access|*|*
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_NS2.@[THE_USER].project.admin
- com.test.TC_NS2.@[THE_USER].project.access * *
-
-as testid@aaf.att.com
-# TC_NS2.10.80.POS Expect Namespace to be created
-role list perm com.test.TC_NS2.@[user.name].project.access * read
-** Expect 200 **
-
-List Roles by Perm com.test.TC_NS2.@[THE_USER].project.access|*|read
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_NS2.@[THE_USER].project.owner
- com.test.TC_NS2.@[THE_USER].project.access * read
-
-as testid@aaf.att.com
-# TC_NS2.20.1.POS Create roles
-role create com.test.TC_NS2.@[user.name].watcher
-** Expect 201 **
-Created Role
-
-role create com.test.TC_NS2.@[user.name].myRole
-** Expect 201 **
-Created Role
-
-# TC_NS2.20.2.POS Create permissions
-perm create com.test.TC_NS2.@[user.name].myType myInstance myAction
-** Expect 201 **
-Created Permission
-
-perm create com.test.TC_NS2.@[user.name].myType * *
-** Expect 201 **
-Created Permission
-
-# TC_NS2.20.3.POS Create mechid
-user cred add m99990@@[user.name].TC_NS2.test.com password123
-** Expect 201 **
-Added Credential [m99990@@[THE_USER].TC_NS2.test.com]
-
-as XX@NS
-# TC_NS2.20.10.POS Grant view perms to watcher role
-perm create com.att.aaf.ns :com.test.TC_NS2.@[user.name]:ns read com.test.TC_NS2.@[user.name].watcher
-** Expect 201 **
-Created Permission
-Granted Permission [com.att.aaf.ns|:com.test.TC_NS2.@[THE_USER]:ns|read] to Role [com.test.TC_NS2.@[THE_USER].watcher]
-
-as testunused@aaf.att.com
-# TC_NS2.40.1.NEG Non-admin, not granted user should not view
-ns list name com.test.TC_NS2.@[user.name]
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read in NS [com.test.TC_NS2.@[THE_USER]]
-
-as testid@aaf.att.com
-# Tens test user granted to permission
-# TC_NS2.40.10.POS Add user to watcher role
-user role add testunused@aaf.att.com com.test.TC_NS2.@[user.name].watcher
-** Expect 201 **
-Added Role [com.test.TC_NS2.@[THE_USER].watcher] to User [testunused@aaf.att.com]
-
-as testunused@aaf.att.com
-# TC_NS2.40.11.POS Non-admin, granted user should view
-ns list name com.test.TC_NS2.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_NS2.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_NS2.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_NS2.@[THE_USER].admin
- com.test.TC_NS2.@[THE_USER].cred_admin
- com.test.TC_NS2.@[THE_USER].myRole
- com.test.TC_NS2.@[THE_USER].owner
- com.test.TC_NS2.@[THE_USER].watcher
- Permissions
- com.test.TC_NS2.@[THE_USER].access * *
- com.test.TC_NS2.@[THE_USER].access * read
- com.test.TC_NS2.@[THE_USER].myType * *
- com.test.TC_NS2.@[THE_USER].myType myInstance myAction
- Credentials
- m99990@@[THE_USER].TC_NS2.test.com
-
-as testid@aaf.att.com
-# TC_NS2.40.19.POS Remove user from watcher role
-user role del testunused@aaf.att.com com.test.TC_NS2.@[user.name].watcher
-** Expect 200 **
-Removed Role [com.test.TC_NS2.@[THE_USER].watcher] from User [testunused@aaf.att.com]
-
-# Thirties test admin user
-# TC_NS2.40.20.POS Admin should be able to view
-ns list name com.test.TC_NS2.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_NS2.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_NS2.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_NS2.@[THE_USER].admin
- com.test.TC_NS2.@[THE_USER].cred_admin
- com.test.TC_NS2.@[THE_USER].myRole
- com.test.TC_NS2.@[THE_USER].owner
- com.test.TC_NS2.@[THE_USER].watcher
- Permissions
- com.test.TC_NS2.@[THE_USER].access * *
- com.test.TC_NS2.@[THE_USER].access * read
- com.test.TC_NS2.@[THE_USER].myType * *
- com.test.TC_NS2.@[THE_USER].myType myInstance myAction
- Credentials
- m99990@@[THE_USER].TC_NS2.test.com
-
-# TC_NS2.40.21.POS Admin of parent NS should be able to view
-ns list name com.test.TC_NS2.@[user.name].project
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_NS2.@[THE_USER].project]
---------------------------------------------------------------------------------
-com.test.TC_NS2.@[THE_USER].project
- Administrators
- testunused@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_NS2.@[THE_USER].project.admin
- com.test.TC_NS2.@[THE_USER].project.owner
- Permissions
- com.test.TC_NS2.@[THE_USER].project.access * *
- com.test.TC_NS2.@[THE_USER].project.access * read
-
-# TC_NS2.41.10.POS List by User when Same as Caller
-as testunused@aaf.att.com
-ns list admin testunused@aaf.att.com
-** Expect 200 **
-
-List Namespaces with admin privileges for [testunused@aaf.att.com]
---------------------------------------------------------------------------------
-com.test.TC_NS2.@[THE_USER].project
-
-# TC_NS2.41.15.POS List by User when not same as Caller, but own/admin namespace of Roles
-as testid@aaf.att.com
-ns list admin testunused@aaf.att.com
-** Expect 200 **
-
-List Namespaces with admin privileges for [testunused@aaf.att.com]
---------------------------------------------------------------------------------
-com.test.TC_NS2.@[THE_USER].project
-
-# TC_NS2.41.20.POS List by User when not same as Caller, but parent owner of Namespace
-as XX@NS
-ns list admin testunused@aaf.att.com
-** Expect 200 **
-
-List Namespaces with admin privileges for [testunused@aaf.att.com]
---------------------------------------------------------------------------------
-com.test.TC_NS2.@[THE_USER].project
-
-# TC_NS2.41.80.NEG List by User when not Caller nor associated to Namespace
-as testunused@aaf.att.com
-ns list admin XX@NS
-** Expect 200 **
-
-List Namespaces with admin privileges for [XX@NS]
---------------------------------------------------------------------------------
-com
-com.att
-com.att.aaf
-com.test
-
-as testid@aaf.att.com
-# TC_NS2.99.1.POS Namespace Admin can delete Namepace defined Roles & Perms
-role delete com.test.TC_NS2.@[user.name].myRole
-** Expect 200,404 **
-Deleted Role
-
-role delete com.test.TC_NS2.@[user.name].watcher
-** Expect 200,404 **
-Deleted Role
-
-perm delete com.test.TC_NS2.@[user.name].myType myInstance myAction
-** Expect 200,404 **
-Deleted Permission
-
-perm delete com.test.TC_NS2.@[user.name].myType * *
-** Expect 200,404 **
-Deleted Permission
-
-user cred del m99990@@[user.name].TC_NS2.test.com
-** Expect 200,404 **
-Deleted Credential [m99990@@[THE_USER].TC_NS2.test.com]
-
-as XX@NS
-force perm delete com.att.aaf.ns :com.test.TC_NS2.@[user.name]:ns read
-** Expect 200,404 **
-Deleted Permission
-
-# TC_NS2.99.15.POS Remove ability to create creds
-perm ungrant com.att.aaf.mechid com.att create com.test.TC_NS2.@[user.name].cred_admin
-** Expect 200,404 **
-UnGranted Permission [com.att.aaf.mechid|com.att|create] from Role [com.test.TC_NS2.@[THE_USER].cred_admin]
-
-as testid@aaf.att.com
-force role delete com.test.TC_NS2.@[user.name].cred_admin
-** Expect 200,404 **
-Deleted Role
-
-# TC_NS2.99.90.POS Namespace Admin can delete Namespace
-force ns delete com.test.TC_NS2.@[user.name].project
-** Expect 200,404 **
-Deleted Namespace
-
-force ns delete com.test.TC_NS2.@[user.name]
-** Expect 200,404 **
-Deleted Namespace
-
-sleep 0
-# TC_NS2.99.99.POS Check Clean Namespace
-ns list name com.test.TC_NS2.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_NS2.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
diff --git a/authz-test/TestSuite/expected/TC_NS3.expected b/authz-test/TestSuite/expected/TC_NS3.expected
deleted file mode 100644
index 8ac3afcf..00000000
--- a/authz-test/TestSuite/expected/TC_NS3.expected
+++ /dev/null
@@ -1,192 +0,0 @@
-set XX@NS <pass>
-set testid@aaf.att.com <pass>
-set testunused@aaf.att.com <pass>
-set testid_1@test.com <pass>
-set testid_2@test.com <pass>
-set bogus boguspass
-#delay 10
-set NFR 0
-as XX@NS
-ns list name com.test.TC_NS3.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_NS3.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_NS3.10.1.POS Create Namespace with User ID
-ns create com.test.TC_NS3.@[user.name]_1 @[user.name] testid_1@test.com
-** Expect 201 **
-Created Namespace
-
-as testid_1@test.com
-# TC_NS3.20.0.NEG Too short
-ns attrib
-** Expect -1 **
-Too few args: attrib <add|upd|del> <ns> <key> [value]
-
-# TC_NS3.20.1.NEG Wrong command
-ns attrib xyz
-** Expect -1 **
-Too few args: attrib <add|upd|del> <ns> <key> [value]
-
-# TC_NS3.20.2.NEG Too Short after Command
-ns attrib add
-** Expect -1 **
-Too few args: attrib <add|upd|del> <ns> <key> [value]
-
-# TC_NS3.20.3.NEG Too Short after Namespace
-ns attrib add com.test.TC_NS3.@[user.name]
-** Expect -1 **
-Too few args: attrib <add|upd|del> <ns> <key> [value]
-
-# TC_NS3.20.4.NEG Too Short after Key
-ns attrib add com.test.TC_NS3.@[user.name] TC_NS3_swm
-** Expect -1 **
-Not added: Need more Data
-
-# TC_NS3.20.5.NEG No Permission
-ns attrib add com.test.TC_NS3.@[user.name]_1 TC_NS3_swm v1
-** Expect 403 **
-Failed [SVC1403]: Forbidden - testid_1@test.com may not create NS Attrib [com.test.TC_NS3.@[THE_USER]_1:TC_NS3_swm]
-
-# TC_NS3.20.6.POS Create Permission to write Attrib
-as XX@NS
-perm create com.att.aaf.attrib :com.att.*:TC_NS3_swm write com.test.TC_NS3.@[user.name]_1.admin
-** Expect 201 **
-Created Permission
-Granted Permission [com.att.aaf.attrib|:com.att.*:TC_NS3_swm|write] to Role [com.test.TC_NS3.@[THE_USER]_1.admin]
-
-# TC_NS3.20.6.POS Create Permission
-perm create com.att.aaf.attrib :com.att.*:* read com.test.TC_NS3.@[user.name]_1.admin
-** Expect 201 **
-Created Permission
-Granted Permission [com.att.aaf.attrib|:com.att.*:*|read] to Role [com.test.TC_NS3.@[THE_USER]_1.admin]
-
-# TC_NS3.20.10.POS Attribute added
-as testid_1@test.com
-ns attrib add com.test.TC_NS3.@[user.name]_1 TC_NS3_swm v1
-** Expect 201 **
-Add Attrib TC_NS3_swm=v1 to com.test.TC_NS3.@[THE_USER]_1
-
-# TC_NS3.20.30.POS List NS by Attrib
-ns list keys TC_NS3_swm
-** Expect 200 **
-
-List Namespace Names by Attribute
---------------------------------------------------------------------------------
- com.test.TC_NS3.@[THE_USER]_1
-
-# TC_NS3.20.40.POS List NS (shows Attrib)
-ns list name com.test.TC_NS3.@[user.name]_1
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_NS3.@[THE_USER]_1]
---------------------------------------------------------------------------------
-com.test.TC_NS3.@[THE_USER]_1
- Administrators
- testid_1@test.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Namespace Attributes
- TC_NS3_swm=v1
- Roles
- com.test.TC_NS3.@[THE_USER]_1.admin
- com.test.TC_NS3.@[THE_USER]_1.owner
- Permissions
- com.test.TC_NS3.@[THE_USER]_1.access * *
- com.test.TC_NS3.@[THE_USER]_1.access * read
-
-# TC_NS3.20.42.POS Change Attrib
-ns attrib upd com.test.TC_NS3.@[user.name]_1 TC_NS3_swm Version1
-** Expect 200 **
-Update Attrib TC_NS3_swm=Version1 for com.test.TC_NS3.@[THE_USER]_1
-
-# TC_NS3.20.49.POS List NS (shows new Attrib)
-ns list name com.test.TC_NS3.@[user.name]_1
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_NS3.@[THE_USER]_1]
---------------------------------------------------------------------------------
-com.test.TC_NS3.@[THE_USER]_1
- Administrators
- testid_1@test.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Namespace Attributes
- TC_NS3_swm=Version1
- Roles
- com.test.TC_NS3.@[THE_USER]_1.admin
- com.test.TC_NS3.@[THE_USER]_1.owner
- Permissions
- com.test.TC_NS3.@[THE_USER]_1.access * *
- com.test.TC_NS3.@[THE_USER]_1.access * read
-
-# TC_NS3.20.80.POS Remove write Permission
-perm ungrant com.att.aaf.attrib :com.att.*:TC_NS3_swm write com.test.TC_NS3.@[user.name]_1.admin
-** Expect 200 **
-UnGranted Permission [com.att.aaf.attrib|:com.att.*:TC_NS3_swm|write] from Role [com.test.TC_NS3.@[THE_USER]_1.admin]
-
-# TC_NS3.20.83.POS Remove read Permission
-perm ungrant com.att.aaf.attrib :com.att.*:* read com.test.TC_NS3.@[user.name]_1.admin
-** Expect 200 **
-UnGranted Permission [com.att.aaf.attrib|:com.att.*:*|read] from Role [com.test.TC_NS3.@[THE_USER]_1.admin]
-
-as testid_1@test.com
-# TC_NS3.50.2.NEG Too Short after Command
-ns attrib del
-** Expect -1 **
-Too few args: attrib <add|upd|del> <ns> <key> [value]
-
-# TC_NS3.50.3.NEG Too Short after Namespace
-ns attrib del com.test.TC_NS3.@[user.name]
-** Expect -1 **
-Too few args: attrib <add|upd|del> <ns> <key> [value]
-
-# TC_NS3.50.5.NEG No Permission
-ns attrib del com.test.TC_NS3.@[user.name]_1 TC_NS3_swm
-** Expect 403 **
-Failed [SVC1403]: Forbidden - testid_1@test.com may not delete NS Attrib [com.test.TC_NS3.@[THE_USER]_1:TC_NS3_swm]
-
-# TC_NS3.50.6.POS Create Permission
-as XX@NS
-perm grant com.att.aaf.attrib :com.att.*:TC_NS3_swm write com.test.TC_NS3.@[user.name]_1.admin
-** Expect 201 **
-Granted Permission [com.att.aaf.attrib|:com.att.*:TC_NS3_swm|write] to Role [com.test.TC_NS3.@[THE_USER]_1.admin]
-
-# TC_NS3.50.7.POS Attribute added
-as testid_1@test.com
-ns attrib del com.test.TC_NS3.@[user.name]_1 TC_NS3_swm
-** Expect 200 **
-Attrib TC_NS3_swm deleted from com.test.TC_NS3.@[THE_USER]_1
-
-# TC_NS3.50.8.POS Remove Permission
-as XX@NS
-perm ungrant com.att.aaf.attrib :com.att.*:TC_NS3_swm write com.test.TC_NS3.@[user.name]_1.admin
-** Expect 200 **
-UnGranted Permission [com.att.aaf.attrib|:com.att.*:TC_NS3_swm|write] from Role [com.test.TC_NS3.@[THE_USER]_1.admin]
-
-as testid_1@test.com
-# TC_NS3.99.2.POS Namespace Admin can delete Namespace
-force ns delete com.test.TC_NS3.@[user.name]_1
-** Expect 200,404 **
-Deleted Namespace
-
-# TC_NS3.99.3.POS Print Namespaces
-ns list name com.test.TC_NS3.@[user.name]_1
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_NS3.@[THE_USER]_1]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_NS3.99.10.POS Remove Special Permissions
-as XX@NS
-force perm delete com.att.aaf.attrib :com.att.*:TC_NS3_swm write
-** Expect 200,404 **
-Deleted Permission
-
-force perm delete com.att.aaf.attrib :com.att.*:* read
-** Expect 200,404 **
-Deleted Permission
-
diff --git a/authz-test/TestSuite/expected/TC_NSdelete1.expected b/authz-test/TestSuite/expected/TC_NSdelete1.expected
deleted file mode 100644
index 29732c5d..00000000
--- a/authz-test/TestSuite/expected/TC_NSdelete1.expected
+++ /dev/null
@@ -1,362 +0,0 @@
-set XX@NS <pass>
-set testid@aaf.att.com <pass>
-set testunused@aaf.att.com <pass>
-set bogus@aaf.att.com boguspass
-#delay 10
-set NFR 0
-as testid@aaf.att.com
-# TC_NSdelete1.10.0.POS Check for Existing Data
-ns list name com.test.TC_NSdelete1.@[user.name].app
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_NSdelete1.@[THE_USER].app]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-ns list name com.test.force.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.force.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-ns list name com.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-as XX@NS
-# TC_NSdelete1.10.1.POS Create Namespaces with valid IDs and Responsible Parties
-ns create com.test.TC_NSdelete1.@[user.name].app @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-ns create com.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-ns create com.test.force.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-ns create com.test.TC_NSdelete1.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-# TC_NSdelete1.10.2.POS Expect Namespace to be created
-ns list name com.test.TC_NSdelete1.@[user.name].app
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_NSdelete1.@[THE_USER].app]
---------------------------------------------------------------------------------
-com.test.TC_NSdelete1.@[THE_USER].app
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_NSdelete1.@[THE_USER].app.admin
- com.test.TC_NSdelete1.@[THE_USER].app.owner
- Permissions
- com.test.TC_NSdelete1.@[THE_USER].app.access * *
- com.test.TC_NSdelete1.@[THE_USER].app.access * read
-
-ns list name com.test.TC_NSdelete1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_NSdelete1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_NSdelete1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_NSdelete1.@[THE_USER].admin
- com.test.TC_NSdelete1.@[THE_USER].owner
- Permissions
- com.test.TC_NSdelete1.@[THE_USER].access * *
- com.test.TC_NSdelete1.@[THE_USER].access * read
-
-ns list name com.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.@[THE_USER]]
---------------------------------------------------------------------------------
-com.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.@[THE_USER].admin
- com.@[THE_USER].owner
- Permissions
- com.@[THE_USER].access * *
- com.@[THE_USER].access * read
-
-ns list name com.test.force.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.force.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.force.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.force.@[THE_USER].admin
- com.test.force.@[THE_USER].owner
- Permissions
- com.test.force.@[THE_USER].access * *
- com.test.force.@[THE_USER].access * read
-
-# TC_NSdelete1.10.10.POS Create role to assign mechid perm to
-role create com.test.TC_NSdelete1.@[user.name].cred_admin
-** Expect 201 **
-Created Role
-
-# TC_NSdelete1.10.11.POS Assign role to mechid perm
-perm grant com.att.aaf.mechid com.att create com.test.TC_NSdelete1.@[user.name].cred_admin
-** Expect 201 **
-Granted Permission [com.att.aaf.mechid|com.att|create] to Role [com.test.TC_NSdelete1.@[THE_USER].cred_admin]
-
-as testid@aaf.att.com
-# TC_NSdelete1.10.12.POS Assign user for creating creds
-user role add testid@aaf.att.com com.test.TC_NSdelete1.@[user.name].cred_admin
-** Expect 201 **
-Added Role [com.test.TC_NSdelete1.@[THE_USER].cred_admin] to User [testid@aaf.att.com]
-
-as testid@aaf.att.com
-# TC_NSdelete1.20.1.POS Create valid Role in my Namespace
-role create com.test.TC_NSdelete1.@[user.name].app.r.A
-** Expect 201 **
-Created Role
-
-# TC_NSdelete1.20.2.POS Create valid permission
-perm create com.test.TC_NSdelete1.@[user.name].app.p.A myInstance myAction
-** Expect 201 **
-Created Permission
-
-# TC_NSdelete1.20.3.POS Add credential to my namespace
-user cred add m99990@app.@[user.name].TC_NSdelete1.test.com password123
-** Expect 201 **
-Added Credential [m99990@app.@[THE_USER].TC_NSdelete1.test.com]
-
-# TC_NSdelete1.20.10.NEG Delete Program Should fail because of attached credential
-ns delete com.test.TC_NSdelete1.@[user.name].app
-** Expect 424 **
-Failed [SVC1424]: Failed Dependency - [com.test.TC_NSdelete1.@[THE_USER].app] contains users, permissions, roles.
- Delete dependencies and try again. Note: using force=true will delete all. force=move will delete Creds, but move Roles and Perms to parent.
-
-# TC_NSdelete1.20.11.POS Delete Credential
-set force true
-user cred del m99990@app.@[user.name].TC_NSdelete1.test.com
-** Expect 200 **
-Deleted Credential [m99990@app.@[THE_USER].TC_NSdelete1.test.com]
-
-# TC_NSdelete1.20.12.NEG Delete Program with role and permission attached
-ns delete com.test.TC_NSdelete1.@[user.name].app
-** Expect 424 **
-Failed [SVC1424]: Failed Dependency - [com.test.TC_NSdelete1.@[THE_USER].app] contains permissions, roles.
- Delete dependencies and try again. Note: using force=true will delete all. force=move will delete Creds, but move Roles and Perms to parent.
-
-# TC_NSdelete1.20.20.POS Expect role and permission to move to parent ns
-set force move
-set force=move ns list name com.test.TC_NSdelete1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_NSdelete1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_NSdelete1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_NSdelete1.@[THE_USER].admin
- com.test.TC_NSdelete1.@[THE_USER].cred_admin
- com.test.TC_NSdelete1.@[THE_USER].owner
- Permissions
- com.test.TC_NSdelete1.@[THE_USER].access * *
- com.test.TC_NSdelete1.@[THE_USER].access * read
-
-as testid@aaf.att.com
-# TC_NSdelete1.30.1.POS Create valid Role in my Namespace
-role create com.@[user.name].r.A
-** Expect 201 **
-Created Role
-
-# TC_NSdelete1.30.2.NEG Delete Company with role attached
-ns delete com.@[user.name]
-** Expect 424 **
-Failed [SVC1424]: Failed Dependency - [com.@[THE_USER]] contains roles.
- Delete dependencies and try again. Note: using force=true will delete all. force=move will delete Creds, but move Roles and Perms to parent.
-
-# TC_NSdelete1.30.3.POS Namespace Admin can delete Namepace defined Roles
-role delete com.@[user.name].r.A
-** Expect 200 **
-Deleted Role
-
-# TC_NSdelete1.30.10.POS Create valid permission
-perm create com.@[user.name].p.A myInstance myAction
-** Expect 201 **
-Created Permission
-
-# TC_NSdelete1.30.11.NEG Delete Company with permission attached
-ns delete com.@[user.name]
-** Expect 424 **
-Failed [SVC1424]: Failed Dependency - [com.@[THE_USER]] contains permissions.
- Delete dependencies and try again. Note: using force=true will delete all. force=move will delete Creds, but move Roles and Perms to parent.
-
-# TC_NSdelete1.30.12.POS Namespace Admin can delete Namepace defined Perms
-perm delete com.@[user.name].p.A myInstance myAction
-** Expect 200 **
-Deleted Permission
-
-# TC_NSdelete1.30.20.POS Create valid Credential in my namespace
-user cred add m99990@@[user.name].com password123
-** Expect 201 **
-Added Credential [m99990@@[THE_USER].com]
-
-# TC_NSdelete1.30.21.NEG Delete Company with credential attached
-ns delete com.@[user.name]
-** Expect 424 **
-Failed [SVC1424]: Failed Dependency - [com.@[THE_USER]] contains users.
- Delete dependencies and try again. Note: using force=true will delete all. force=move will delete Creds, but move Roles and Perms to parent.
-
-# TC_NSdelete1.30.22.POS Namespace admin can remove Cred
-set force true
-user cred del m99990@@[user.name].com
-** Expect 200 **
-Deleted Credential [m99990@@[THE_USER].com]
-
-# TC_NSdelete1.30.30.POS Delete Company with no roles or perms attached
-ns delete com.@[user.name]
-** Expect 200 **
-Deleted Namespace
-
-# TC_NSdelete1.40.1.POS Create valid Role in my Namespace
-role create com.test.force.@[user.name].r.A
-** Expect 201 **
-Created Role
-
-# TC_NSdelete1.40.2.POS Create valid permission in my Namespace
-perm create com.test.force.@[user.name].p.A myInstance myAction
-** Expect 201 **
-Created Permission
-
-# TC_NSdelete1.40.3.POS Add credential to my namespace
-user cred add m99990@@[user.name].force.test.com password123
-** Expect 201 **
-Added Credential [m99990@@[THE_USER].force.test.com]
-
-# TC_NSdelete1.40.10.POS Delete Program in my Namespace
-set force true
-set force=true ns delete com.test.force.@[user.name]
-** Expect 200 **
-Deleted Namespace
-
-sleep 0
-# TC_NSdelete1.40.20.NEG Role and permission should not exist
-ns list name com.test.force.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.force.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_NSdelete1.40.22.NEG Credential should not exist
-set force true
-user cred del m99990@@[user.name].force.test.com
-** Expect 404 **
-Failed [SVC5404]: Not Found - Credential does not exist
-
-as testid@aaf.att.com
-# TC_NSdelete1.99.1.POS Namespace Admin can delete Namepace defined Roles
-role delete com.test.TC_NSdelete1.@[user.name].app.r.A
-** Expect 200,404 **
-Deleted Role
-
-# TC_NSdelete1.99.2.POS Namespace Admin can delete Namepace defined Roles
-perm delete com.test.TC_NSdelete1.@[user.name].app.p.A myInstance myAction
-** Expect 200,404 **
-Deleted Permission
-
-# TC_NSdelete1.99.3.POS Namespace Admin can remove Namepace defined Credentials
-set force true
-set force=true user cred del m99990@@app.[user.name].TC_NSdelete1.test.com
-** Expect 200,404 **
-Failed [SVC5404]: Not Found - Credential does not exist
-
-# TC_NSdelete1.99.10.POS Remove ability to create creds
-user role del testid@aaf.att.com com.test.TC_NSdelete1.@[user.name].cred_admin
-** Expect 200,404 **
-Removed Role [com.test.TC_NSdelete1.@[THE_USER].cred_admin] from User [testid@aaf.att.com]
-
-as XX@NS
-perm ungrant com.att.aaf.mechid com.att create com.test.TC_NSdelete1.@[user.name].cred_admin
-** Expect 200,404 **
-UnGranted Permission [com.att.aaf.mechid|com.att|create] from Role [com.test.TC_NSdelete1.@[THE_USER].cred_admin]
-
-as testid@aaf.att.com
-set force true
-set force=true role delete com.test.TC_NSdelete1.@[user.name].cred_admin
-** Expect 200,404 **
-Deleted Role
-
-# TC_NSdelete1.99.97.POS Clean Namespace
-set force true
-set force=true ns delete com.test.TC_NSdelete1.@[user.name].app
-** Expect 200,404 **
-Deleted Namespace
-
-set force true
-set force=true ns delete com.test.TC_NSdelete1.@[user.name]
-** Expect 200,404 **
-Deleted Namespace
-
-set force true
-set force=true ns delete com.test.force.@[user.name]
-** Expect 200,404 **
-Failed [SVC2404]: Not Found - com.test.force.@[THE_USER] does not exist
-
-# TC_NSdelete1.99.98.POS Check Clean Namespace
-ns list name com.test.TC_NSdelete1.@[user.name].app
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_NSdelete1.@[THE_USER].app]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-ns list name com.test.TC_NSdelete1.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_NSdelete1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-ns list name com.test.force.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.force.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_NSdelete1.99.99.POS Clean and check Company Namespace
-as XX@NS
-set force true
-set force=true ns delete com.@[user.name]
-** Expect 200,404 **
-Failed [SVC2404]: Not Found - com.@[THE_USER] does not exist
-
-ns list name com.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
diff --git a/authz-test/TestSuite/expected/TC_PW1.expected b/authz-test/TestSuite/expected/TC_PW1.expected
deleted file mode 100644
index b167edbb..00000000
--- a/authz-test/TestSuite/expected/TC_PW1.expected
+++ /dev/null
@@ -1,170 +0,0 @@
-set testid@aaf.att.com <pass>
-set testunused@aaf.att.com <pass>
-set XX@NS <pass>
-set bogus boguspass
-#delay 10
-set NFR 0
-as testid@aaf.att.com
-# TC_PW1.10.0.POS Validate no NS
-ns list name com.test.TC_PW1.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_PW1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_PW1.10.1.POS Create Namespace to add IDs
-ns create com.test.TC_PW1.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-# TC_PW1.10.10.POS Create role to assign mechid perm to
-role create com.test.TC_PW1.@[user.name].cred_admin
-** Expect 201 **
-Created Role
-
-as XX@NS
-# TC_PW1.10.11.POS Assign role to mechid perm
-perm grant com.att.aaf.mechid com.att create com.test.TC_PW1.@[user.name].cred_admin
-** Expect 201 **
-Granted Permission [com.att.aaf.mechid|com.att|create] to Role [com.test.TC_PW1.@[THE_USER].cred_admin]
-
-as testid@aaf.att.com
-# TC_PW1.10.12.POS Assign user for creating creds
-user role add testid@aaf.att.com com.test.TC_PW1.@[user.name].cred_admin
-** Expect 201 **
-Added Role [com.test.TC_PW1.@[THE_USER].cred_admin] to User [testid@aaf.att.com]
-
-# TC_PW1.20.1.NEG ASPR 1010 Passwords must be at least 8 characters in length
-user cred add m12345@TC_PW1.test.com 12
-** Expect 406 **
-Failed [SVC1406]: Not Acceptable - Password must be 8 chars or greater in length (ASPR-1010),
-Passwords must include characters from at least two of these groupings: alpha, numeric and one of these special chars: !@#$%^*()-+?/,:;. (ASPR-1010)
-
-# TC_PW1.20.2.NEG ASPR 1010 Passwords must be at least 8 characters in length
-user cred add m12345@TC_PW1.test.com 1
-** Expect 406 **
-Failed [SVC1406]: Not Acceptable - Password must be 8 chars or greater in length (ASPR-1010),
-Passwords must include characters from at least two of these groupings: alpha, numeric and one of these special chars: !@#$%^*()-+?/,:;. (ASPR-1010)
-
-# TC_PW1.20.3.NEG ASPR 1010 Passwords must be at least 8 characters in length
-user cred add m12345@TC_PW1.test.com 1234567
-** Expect 406 **
-Failed [SVC1406]: Not Acceptable - Password must be 8 chars or greater in length (ASPR-1010),
-Passwords must include characters from at least two of these groupings: alpha, numeric and one of these special chars: !@#$%^*()-+?/,:;. (ASPR-1010)
-
-# TC_PW1.21.1.NEG ASPR 1010 Passwords must include chars from 2 groupings, alpha, numeric and special
-user cred add m12345@@[user.name].TC_PW1.test.com 12345678
-** Expect 406 **
-Failed [SVC1406]: Not Acceptable - Passwords must include characters from at least two of these groupings: alpha, numeric and one of these special chars: !@#$%^*()-+?/,:;. (ASPR-1010)
-
-# TC_PW1.21.2.NEG ASPR 1010 Passwords must include chars from 2 groupings, alpha, numeric and special
-user cred add m12345@@[user.name].TC_PW1.test.com abcdefgh
-** Expect 406 **
-Failed [SVC1406]: Not Acceptable - Passwords must include characters from at least two of these groupings: alpha, numeric and one of these special chars: !@#$%^*()-+?/,:;. (ASPR-1010)
-
-# TC_PW1.21.3.NEG ASPR 1010 Passwords must include chars from 2 groupings, alpha, numeric and special
-user cred add m12345@@[user.name].TC_PW1.test.com "!@#%^()*"
-** Expect 406 **
-Failed [SVC1406]: Not Acceptable - Passwords must include characters from at least two of these groupings: alpha, numeric and one of these special chars: !@#$%^*()-+?/,:;. (ASPR-1010)
-
-# TC_PW1.21.4.POS ASPR 1010 Passwords must include chars from 2 groupings, alpha, numeric and special
-user cred add m12345@@[user.name].TC_PW1.test.com "!@#a%^()*"
-** Expect 201 **
-Added Credential [m12345@@[THE_USER].TC_PW1.test.com]
-
-sleep 0
-user cred del m12345@@[user.name].TC_PW1.test.com
-** Expect 200 **
-Deleted Credential [m12345@@[THE_USER].TC_PW1.test.com]
-
-# TC_PW1.21.5.POS ASPR 1010 Passwords must include chars from 2 groupings, alpha, numeric and special
-user cred add m12345@@[user.name].TC_PW1.test.com "!@#2%^()*"
-** Expect 201 **
-Added Credential [m12345@@[THE_USER].TC_PW1.test.com]
-
-sleep 0
-user cred del m12345@@[user.name].TC_PW1.test.com
-** Expect 200 **
-Deleted Credential [m12345@@[THE_USER].TC_PW1.test.com]
-
-# TC_PW1.21.6.POS ASPR 1010 Passwords must include chars from 2 groupings, alpha, numeric and special
-user cred add m12345@@[user.name].TC_PW1.test.com "abc123sd"
-** Expect 201 **
-Added Credential [m12345@@[THE_USER].TC_PW1.test.com]
-
-sleep 0
-user cred del m12345@@[user.name].TC_PW1.test.com
-** Expect 200 **
-Deleted Credential [m12345@@[THE_USER].TC_PW1.test.com]
-
-# TC_PW1.21.10.NEG ASPR 1010 Passwords cannot be the same as the User ID
-user cred add m12345@@[user.name].TC_PW1.test.com m12345
-** Expect 406 **
-Failed [SVC1406]: Not Acceptable - Password must be 8 chars or greater in length (ASPR-1010)
-
-# TC_PW1.23.1.NEG Too Few Args for User Cred 1
-user cred
-** Expect -1 **
-Too few args: cred <add|del|reset|extend> <id> [password (! D|E)] [entry# (if multi)]
-
-# TC_PW1.23.2.NEG Too Few Args for User Cred add
-user cred add
-** Expect -1 **
-Too few args: cred <add|del|reset|extend> <id> [password (! D|E)] [entry# (if multi)]
-
-# TC_PW1.30.1.POS Create a Credential, with Temporary Time
-user cred add m12345@@[user.name].TC_PW1.test.com "abc123sd"
-** Expect 201 **
-Added Credential [m12345@@[THE_USER].TC_PW1.test.com]
-
-# TC_PW1.30.3.NEG Credential Exists
-user cred add m12345@@[user.name].TC_PW1.test.com "abc123sf"
-** Expect 409 **
-Failed [SVC1409]: Conflict Already Exists - Credential with same Expiration Date exists, use 'reset'
-
-# TC_PW1.30.8.POS Reset this Password
-user cred reset m12345@@[user.name].TC_PW1.test.com "ABC123SD" 1
-** Expect 200 **
-Reset Credential [m12345@@[THE_USER].TC_PW1.test.com]
-
-# TC_PW1.30.9.POS Delete a Credential
-user cred del m12345@@[user.name].TC_PW1.test.com 1
-** Expect 200 **
-Deleted Credential [m12345@@[THE_USER].TC_PW1.test.com]
-
-as testid@aaf.att.com
-# TC_PW1.99.1.NEG Delete ID m12345@@[user.name].TC_PW1.test.com
-set force true
-user cred del m12345@@[user.name].TC_PW1.test.com
-** Expect 200,404 **
-Failed [SVC5404]: Not Found - Credential does not exist
-
-# TC_PW1.99.2.POS Remove ability to create creds
-user role del testid@aaf.att.com com.test.TC_PW1.@[user.name].cred_admin
-** Expect 200,404 **
-Removed Role [com.test.TC_PW1.@[THE_USER].cred_admin] from User [testid@aaf.att.com]
-
-as XX@NS
-perm ungrant com.att.aaf.mechid com.att create com.test.TC_PW1.@[user.name].cred_admin
-** Expect 200,404 **
-UnGranted Permission [com.att.aaf.mechid|com.att|create] from Role [com.test.TC_PW1.@[THE_USER].cred_admin]
-
-as testid@aaf.att.com
-role delete com.test.TC_PW1.@[user.name].cred_admin
-** Expect 200,404 **
-Deleted Role
-
-# TC_PW1.99.98.POS Delete Namespace com..test.TC_PW1
-ns delete com.test.TC_PW1.@[user.name]
-** Expect 200,404 **
-Deleted Namespace
-
-# TC_PW1.99.99.POS Verify Cleaned NS
-ns list name com.test.TC_PW1.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_PW1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
diff --git a/authz-test/TestSuite/expected/TC_Perm1.expected b/authz-test/TestSuite/expected/TC_Perm1.expected
deleted file mode 100644
index d099990c..00000000
--- a/authz-test/TestSuite/expected/TC_Perm1.expected
+++ /dev/null
@@ -1,963 +0,0 @@
-set testid <pass>
-set testid@aaf.att.com <pass>
-set XX@NS <pass>
-set testunused <pass>
-set bogus boguspass
-#delay 10
-set NFR 0
-# TC_Perm1.10.0.POS Validate Namespace is empty first
-as testid@aaf.att.com
-ns list name com.test.TC_Perm1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_Perm1.10.1.POS Create Namespace with valid IDs and Responsible Parties
-ns create com.test.TC_Perm1.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-# TC_Perm1.10.10.POS Create role to assign mechid perm to
-role create com.test.TC_Perm1.@[user.name].cred_admin
-** Expect 201 **
-Created Role
-
-as XX@NS
-# TC_Perm1.10.11.POS Assign role to mechid perm
-perm grant com.att.aaf.mechid com.att create com.test.TC_Perm1.@[user.name].cred_admin
-** Expect 201 **
-Granted Permission [com.att.aaf.mechid|com.att|create] to Role [com.test.TC_Perm1.@[THE_USER].cred_admin]
-
-as testid@aaf.att.com
-# TC_Perm1.10.12.POS Assign user for creating creds
-user role add XX@NS com.test.TC_Perm1.@[user.name].cred_admin
-** Expect 201 **
-Added Role [com.test.TC_Perm1.@[THE_USER].cred_admin] to User [XX@NS]
-
-# TC_Perm1.20.1.POS List Data on non-Empty NS
-ns list name com.test.TC_Perm1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Perm1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm1.@[THE_USER].admin
- com.test.TC_Perm1.@[THE_USER].cred_admin
- com.test.TC_Perm1.@[THE_USER].owner
- Permissions
- com.test.TC_Perm1.@[THE_USER].access * *
- com.test.TC_Perm1.@[THE_USER].access * read
-
-# TC_Perm1.20.2.POS Add Perm
-perm create com.test.TC_Perm1.@[user.name].p.A myInstance myAction
-** Expect 201 **
-Created Permission
-
-# TC_Perm1.20.3.NEG Already Added Perm
-perm create com.test.TC_Perm1.@[user.name].p.A myInstance myAction
-** Expect 409 **
-Failed [SVC1409]: Conflict Already Exists - Permission [com.test.TC_Perm1.@[THE_USER].p.A|myInstance|myAction] already exists.
-
-# TC_Perm1.20.4.POS Add Perm with non-existent Roles as well
-force perm create com.test.TC_Perm1.@[user.name].p.B myInstance myAction com.test.TC_Perm1.@[user.name].r.A,com.test.TC_Perm1.@[user.name].r.B
-** Expect 201 **
-Created Role [com.test.TC_Perm1.@[THE_USER].r.A]
-Created Role [com.test.TC_Perm1.@[THE_USER].r.B]
-Created Permission
-Granted Permission [com.test.TC_Perm1.@[THE_USER].p.B|myInstance|myAction] to Role [com.test.TC_Perm1.@[THE_USER].r.A]
-Granted Permission [com.test.TC_Perm1.@[THE_USER].p.B|myInstance|myAction] to Role [com.test.TC_Perm1.@[THE_USER].r.B]
-
-# TC_Perm1.20.8.POS Print Info for Validation
-ns list name com.test.TC_Perm1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Perm1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm1.@[THE_USER].admin
- com.test.TC_Perm1.@[THE_USER].cred_admin
- com.test.TC_Perm1.@[THE_USER].owner
- com.test.TC_Perm1.@[THE_USER].r.A
- com.test.TC_Perm1.@[THE_USER].r.B
- Permissions
- com.test.TC_Perm1.@[THE_USER].access * *
- com.test.TC_Perm1.@[THE_USER].access * read
- com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
- com.test.TC_Perm1.@[THE_USER].p.B myInstance myAction
-
-# TC_Perm1.20.9.NEG Already Added Perm with some Roles as well
-perm create com.test.TC_Perm1.@[user.name].p.B myInstance myAction com.test.TC_Perm1.@[user.name].r.A,com.test.TC_Perm1.@[user.name].r.B
-** Expect 409 **
-Failed [SVC1409]: Conflict Already Exists - Permission [com.test.TC_Perm1.@[THE_USER].p.B|myInstance|myAction] already exists.
-
-# TC_Perm1.20.10.NEG Non-admins can't change description
-as testunused
-perm describe com.test.TC_Perm1.@[user.name].p.A myInstance myAction Description for A
-** Expect 403 **
-Failed [SVC1403]: Forbidden - You do not have approval to change Permission [com.test.TC_Perm1.@[THE_USER].p.A|myInstance|myAction]
-
-# TC_Perm1.20.11.NEG Permission must exist to change description
-as testid
-perm describe com.test.TC_Perm1.@[user.name].p.C myInstance myAction Description for C
-** Expect 404 **
-Failed [SVC1404]: Not Found - Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] does not exist
-
-# TC_Perm1.20.12.POS Admin can change description
-perm describe com.test.TC_Perm1.@[user.name].p.A myInstance myAction Description for A
-** Expect 200 **
-Description added to Permission
-
-# TC_Perm1.22.1.NEG Try to rename permission without changing anything
-perm rename com.test.TC_Perm1.@[user.name].p.B myInstance myAction com.test.TC_Perm1.@[user.name].p.B myInstance myAction
-** Expect 409 **
-Failed [SVC1409]: Conflict Already Exists - New Permission must be different than original permission
-
-# TC_Perm1.22.2.NEG Try to rename parent ns
-perm rename com.test.TC_Perm1.@[user.name].p.B myInstance myAction com.att.TC_Perm1.@[user.name].p.C myInstance myAction
-** Expect 403 **
-Failed [SVC1403]: Forbidden - You do not have approval to change Permission [com.att.TC_Perm1.@[THE_USER].p.C|myInstance|myAction]
-
-# TC_Perm1.22.10.POS View permission in original state
-ns list name com.test.TC_Perm1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Perm1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm1.@[THE_USER].admin
- com.test.TC_Perm1.@[THE_USER].cred_admin
- com.test.TC_Perm1.@[THE_USER].owner
- com.test.TC_Perm1.@[THE_USER].r.A
- com.test.TC_Perm1.@[THE_USER].r.B
- Permissions
- com.test.TC_Perm1.@[THE_USER].access * *
- com.test.TC_Perm1.@[THE_USER].access * read
- com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
- com.test.TC_Perm1.@[THE_USER].p.B myInstance myAction
-
-# TC_Perm1.22.11.POS Rename permission instance
-perm rename com.test.TC_Perm1.@[user.name].p.B myInstance myAction com.test.TC_Perm1.@[user.name].p.B yourInstance myAction
-** Expect 200 **
-Updated Permission
-
-# TC_Perm1.22.12.POS Verify change in permission instance
-ns list name com.test.TC_Perm1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Perm1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm1.@[THE_USER].admin
- com.test.TC_Perm1.@[THE_USER].cred_admin
- com.test.TC_Perm1.@[THE_USER].owner
- com.test.TC_Perm1.@[THE_USER].r.A
- com.test.TC_Perm1.@[THE_USER].r.B
- Permissions
- com.test.TC_Perm1.@[THE_USER].access * *
- com.test.TC_Perm1.@[THE_USER].access * read
- com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
- com.test.TC_Perm1.@[THE_USER].p.B yourInstance myAction
-
-# TC_Perm1.22.13.POS Rename permission action
-perm rename com.test.TC_Perm1.@[user.name].p.B yourInstance myAction com.test.TC_Perm1.@[user.name].p.B yourInstance yourAction
-** Expect 200 **
-Updated Permission
-
-# TC_Perm1.22.14.POS Verify change in permission action
-ns list name com.test.TC_Perm1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Perm1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm1.@[THE_USER].admin
- com.test.TC_Perm1.@[THE_USER].cred_admin
- com.test.TC_Perm1.@[THE_USER].owner
- com.test.TC_Perm1.@[THE_USER].r.A
- com.test.TC_Perm1.@[THE_USER].r.B
- Permissions
- com.test.TC_Perm1.@[THE_USER].access * *
- com.test.TC_Perm1.@[THE_USER].access * read
- com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
- com.test.TC_Perm1.@[THE_USER].p.B yourInstance yourAction
-
-# TC_Perm1.22.15.POS Rename permission type
-perm rename com.test.TC_Perm1.@[user.name].p.B yourInstance yourAction com.test.TC_Perm1.@[user.name].p.yourB yourInstance yourAction
-** Expect 200 **
-Updated Permission
-
-# TC_Perm1.22.16.POS Verify change in permission type
-ns list name com.test.TC_Perm1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Perm1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm1.@[THE_USER].admin
- com.test.TC_Perm1.@[THE_USER].cred_admin
- com.test.TC_Perm1.@[THE_USER].owner
- com.test.TC_Perm1.@[THE_USER].r.A
- com.test.TC_Perm1.@[THE_USER].r.B
- Permissions
- com.test.TC_Perm1.@[THE_USER].access * *
- com.test.TC_Perm1.@[THE_USER].access * read
- com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
- com.test.TC_Perm1.@[THE_USER].p.yourB yourInstance yourAction
-
-# TC_Perm1.22.20.POS See permission is attached to this role
-role list role com.test.TC_Perm1.@[user.name].r.A
-** Expect 200 **
-
-List Roles for Role[com.test.TC_Perm1.@[THE_USER].r.A]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Perm1.@[THE_USER].r.A
- com.test.TC_Perm1.@[THE_USER].p.yourB yourInstance yourAction
-
-# TC_Perm1.22.21.POS Rename permission type, instance and action
-perm rename com.test.TC_Perm1.@[user.name].p.yourB yourInstance yourAction com.test.TC_Perm1.@[user.name].p.B myInstance myAction
-** Expect 200 **
-Updated Permission
-
-# TC_Perm1.22.22.POS See permission stays attached after rename
-role list role com.test.TC_Perm1.@[user.name].r.A
-** Expect 200 **
-
-List Roles for Role[com.test.TC_Perm1.@[THE_USER].r.A]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Perm1.@[THE_USER].r.A
- com.test.TC_Perm1.@[THE_USER].p.B myInstance myAction
-
-# TC_Perm1.22.23.POS Verify permission is back to original state
-ns list name com.test.TC_Perm1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Perm1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm1.@[THE_USER].admin
- com.test.TC_Perm1.@[THE_USER].cred_admin
- com.test.TC_Perm1.@[THE_USER].owner
- com.test.TC_Perm1.@[THE_USER].r.A
- com.test.TC_Perm1.@[THE_USER].r.B
- Permissions
- com.test.TC_Perm1.@[THE_USER].access * *
- com.test.TC_Perm1.@[THE_USER].access * read
- com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
- com.test.TC_Perm1.@[THE_USER].p.B myInstance myAction
-
-# TC_Perm1.25.1.POS Create another Role in This namespace
-role create com.test.TC_Perm1.@[user.name].r.C
-** Expect 201 **
-Created Role
-
-# TC_Perm1.25.2.POS Create another Perm in This namespace
-perm create com.test.TC_Perm1.@[user.name].p.C myInstance myAction
-** Expect 201 **
-Created Permission
-
-# TC_Perm1.25.3.NEG Permission must Exist to Add to Role
-perm grant com.test.TC_Perm1.@[user.name].p.NO myInstance myAction com.test.TC_Perm1.@[user.name].r.C
-** Expect 404 **
-Failed [SVC4404]: Not Found - Permission [com.test.TC_Perm1.@[THE_USER].p.NO|myInstance|myAction] does not exist
-
-# TC_Perm1.25.4.POS Grant individual new Perm to new Role
-perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.C
-** Expect 201 **
-Granted Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] to Role [com.test.TC_Perm1.@[THE_USER].r.C]
-
-# TC_Perm1.25.5.NEG Already Granted Perm
-perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.C
-** Expect 409 **
-Failed [SVC1409]: Conflict Already Exists - Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] already granted to Role [com.test.TC_Perm1.@[THE_USER].r.C]
-
-# TC_Perm1.25.6.POS Print Info for Validation
-ns list name com.test.TC_Perm1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Perm1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm1.@[THE_USER].admin
- com.test.TC_Perm1.@[THE_USER].cred_admin
- com.test.TC_Perm1.@[THE_USER].owner
- com.test.TC_Perm1.@[THE_USER].r.A
- com.test.TC_Perm1.@[THE_USER].r.B
- com.test.TC_Perm1.@[THE_USER].r.C
- Permissions
- com.test.TC_Perm1.@[THE_USER].access * *
- com.test.TC_Perm1.@[THE_USER].access * read
- com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
- com.test.TC_Perm1.@[THE_USER].p.B myInstance myAction
- com.test.TC_Perm1.@[THE_USER].p.C myInstance myAction
-
-# TC_Perm1.25.10.POS UnGrant individual new Perm to new Role
-perm ungrant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.C
-** Expect 200 **
-UnGranted Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] from Role [com.test.TC_Perm1.@[THE_USER].r.C]
-
-# TC_Perm1.25.11.NEG Already UnGranted Perm
-perm ungrant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.C
-** Expect 404 **
-Failed [SVC4404]: Not Found - Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] not associated with any Role
-
-# TC_Perm1.25.20.POS Reset roles attached to permision with setTo
-perm setTo com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.C,com.test.TC_Perm1.@[user.name].r.A
-** Expect 200 **
-Set Permission's Roles to [com.test.TC_Perm1.@[THE_USER].r.C,com.test.TC_Perm1.@[THE_USER].r.A]
-
-# TC_Perm1.25.21.POS Owner of permission can reset roles
-perm setTo com.test.TC_Perm1.@[user.name].p.C myInstance myAction
-** Expect 200 **
-Set Permission's Roles to []
-
-# TC_Perm1.26.1.POS Create another Namespace, not owned by testid, one in company, one not
-as XX@NS
-ns create com.test2.TC_Perm1.@[user.name] @[user.name] XX@NS
-** Expect 201 **
-Created Namespace
-
-ns create com.test.TC_Perm1.@[user.name]_2 @[user.name] XX@NS
-** Expect 201 **
-Created Namespace
-
-# TC_Perm1.26.2.POS Create ID in other Namespace
-user cred add m99990@@[user.name].TC_Perm1.test2.com aRealPass7
-** Expect 201 **
-Added Credential [m99990@@[THE_USER].TC_Perm1.test2.com]
-
-# TC_Perm1.26.3.POS Create a Role in other Namespaces, not owned by testid
-role create com.test2.TC_Perm1.@[user.name].r.C
-** Expect 201 **
-Created Role
-
-role create com.test2.TC_Perm1.@[user.name]_2.r.C
-** Expect 201 **
-Created Role
-
-# TC_Perm1.26.11.NEG Grant Perm to Role in Other Namespace, when Role ID
-as m99990@@[THE_USER].TC_Perm1.test2.com
-perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test2.TC_Perm1.@[user.name].r.C
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [m99990@@[THE_USER].TC_Perm1.test2.com] may not write Perm [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction]
-
-# TC_Perm1.26.11a.NEG Grant Perm to Role in Other Namespace, when Role ID
-as m99990@@[THE_USER].TC_Perm1.test2.com
-set request true
-perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test2.TC_Perm1.@[user.name].r.C
-** Expect 202 **
-Permission Role Granted Accepted, but requires Approvals before actualizing
-
-# TC_Perm1.26.12.NEG Grant Perm to Role in Other Namespace, when Perm ID, but different Company
-as testid@aaf.att.com
-perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test2.TC_Perm1.@[user.name].r.C
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testid@aaf.att.com] may not write Role [com.test2.TC_Perm1.@[THE_USER].r.C]
-
-# TC_Perm1.26.13.NEG Fail Grant Perm to Role in Other Namespace, when Perm ID, but same Company
-as testid@aaf.att.com
-perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name]_2.r.C
-** Expect 404 **
-Failed [SVC3404]: Not Found - Role [com.test.TC_Perm1.@[THE_USER]_2.r.C] does not exist
-
-# TC_Perm1.26.14.POS Create Role
-as testid@aaf.att.com
-role create com.test.TC_Perm1.@[user.name]_2.r.C
-** Expect 201 **
-Created Role
-
-# TC_Perm1.26.15.POS Fail Create/Grant Perm to Role in Other Namespace, when Perm ID, but same Company
-perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name]_2.r.C
-** Expect 201 **
-Granted Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] to Role [com.test.TC_Perm1.@[THE_USER]_2.r.C]
-
-# TC_Perm1.26.16.POS Print Info for Validation
-ns list name com.test.TC_Perm1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Perm1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm1.@[THE_USER].admin
- com.test.TC_Perm1.@[THE_USER].cred_admin
- com.test.TC_Perm1.@[THE_USER].owner
- com.test.TC_Perm1.@[THE_USER].r.A
- com.test.TC_Perm1.@[THE_USER].r.B
- com.test.TC_Perm1.@[THE_USER].r.C
- Permissions
- com.test.TC_Perm1.@[THE_USER].access * *
- com.test.TC_Perm1.@[THE_USER].access * read
- com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
- com.test.TC_Perm1.@[THE_USER].p.B myInstance myAction
- com.test.TC_Perm1.@[THE_USER].p.C myInstance myAction
-
-# TC_Perm1.26.17.POS Grant individual new Perm to new Role
-perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.C
-** Expect 201 **
-Granted Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] to Role [com.test.TC_Perm1.@[THE_USER].r.C]
-
-# TC_Perm1.26.18.NEG Already Granted Perm
-perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.C
-** Expect 409 **
-Failed [SVC1409]: Conflict Already Exists - Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] already granted to Role [com.test.TC_Perm1.@[THE_USER].r.C]
-
-# TC_Perm1.26.19.POS UnGrant Perm from Role in Other Namespace, when Perm ID
-perm ungrant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name]_2.r.C
-** Expect 200 **
-UnGranted Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] from Role [com.test.TC_Perm1.@[THE_USER]_2.r.C]
-
-# TC_Perm1.26.21.NEG No Permission to Grant Perm to Role with Unrelated ID
-as m99990@@[THE_USER].TC_Perm1.test2.com
-perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test2.TC_Perm1.@[user.name].r.C
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [m99990@@[THE_USER].TC_Perm1.test2.com] may not write Perm [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction]
-
-# TC_Perm1.26.22.NEG No Permission to Grant Perm to Role with Unrelated ID
-set request true
-as m99990@@[THE_USER].TC_Perm1.test2.com
-perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test2.TC_Perm1.@[user.name].r.C
-** Expect 202 **
-Permission Role Granted Accepted, but requires Approvals before actualizing
-
-# TC_Perm1.26.25.NEG No Permission to UnGrant with Unrelated ID
-perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.B
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [m99990@@[THE_USER].TC_Perm1.test2.com] may not write Perm [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction]
-
-# TC_Perm1.26.26.NEG No Permission to UnGrant with Unrelated ID
-set request true
-perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.B
-** Expect 202 **
-Permission Role Granted Accepted, but requires Approvals before actualizing
-
-# TC_Perm1.26.30.POS Add ID to Role
-as XX@NS
-ns admin add com.test2.TC_Perm1.@[user.name] m99990@@[user.name].TC_Perm1.test2.com
-** Expect 201 **
-Admin m99990@@[THE_USER].TC_Perm1.test2.com added to com.test2.TC_Perm1.@[THE_USER]
-
-as m99990@@[THE_USER].TC_Perm1.test2.com
-sleep 0
-# TC_Perm1.26.31.NEG No Permission Grant Perm to Role if not Perm Owner
-perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test2.TC_Perm1.@[user.name].r.C
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [m99990@@[THE_USER].TC_Perm1.test2.com] may not write Perm [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction]
-
-# TC_Perm1.26.31.NEG No Permission Grant Perm to Role if not Perm Owner
-set request true
-perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test2.TC_Perm1.@[user.name].r.C
-** Expect 202 **
-Permission Role Granted Accepted, but requires Approvals before actualizing
-
-# TC_Perm1.26.32.POS Grant individual new Perm to Role in Other Namespace
-as testid@aaf.att.com
-perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name]_2.r.C
-** Expect 201 **
-Granted Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] to Role [com.test.TC_Perm1.@[THE_USER]_2.r.C]
-
-# TC_Perm1.26.34.POS Print Info for Validation
-ns list name com.test.TC_Perm1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Perm1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm1.@[THE_USER].admin
- com.test.TC_Perm1.@[THE_USER].cred_admin
- com.test.TC_Perm1.@[THE_USER].owner
- com.test.TC_Perm1.@[THE_USER].r.A
- com.test.TC_Perm1.@[THE_USER].r.B
- com.test.TC_Perm1.@[THE_USER].r.C
- Permissions
- com.test.TC_Perm1.@[THE_USER].access * *
- com.test.TC_Perm1.@[THE_USER].access * read
- com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
- com.test.TC_Perm1.@[THE_USER].p.B myInstance myAction
- com.test.TC_Perm1.@[THE_USER].p.C myInstance myAction
-
-as XX@NS
-# TC_Perm1.26.35.POS Print Info for Validation
-ns list name com.test2.TC_Perm1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test2.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test2.TC_Perm1.@[THE_USER]
- Administrators
- XX@NS
- m99990@@[THE_USER].TC_Perm1.test2.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test2.TC_Perm1.@[THE_USER].admin
- com.test2.TC_Perm1.@[THE_USER].owner
- com.test2.TC_Perm1.@[THE_USER].r.C
- Permissions
- com.test2.TC_Perm1.@[THE_USER].access * *
- com.test2.TC_Perm1.@[THE_USER].access * read
- Credentials
- m99990@@[THE_USER].TC_Perm1.test2.com
-
-as testid@aaf.att.com
-# TC_Perm1.26.36.POS UnGrant individual new Perm to new Role
-as testid@aaf.att.com
-perm ungrant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name]_2.r.C
-** Expect 200 **
-UnGranted Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] from Role [com.test.TC_Perm1.@[THE_USER]_2.r.C]
-
-# TC_Perm1.26.37.NEG Already UnGranted Perm
-perm ungrant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name]_2.r.C
-** Expect 404 **
-Failed [SVC4404]: Not Found - Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] not associated with any Role
-
-# TC_Perm1.26.40.POS Reset roles attached to permision with setTo
-perm setTo com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.C,com.test.TC_Perm1.@[user.name].r.A
-** Expect 200 **
-Set Permission's Roles to [com.test.TC_Perm1.@[THE_USER].r.C,com.test.TC_Perm1.@[THE_USER].r.A]
-
-# TC_Perm1.26.41.NEG Non-owner of permission cannot reset roles
-as m99990@@[THE_USER].TC_Perm1.test2.com
-perm setTo com.test.TC_Perm1.@[user.name].p.C myInstance myAction
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [m99990@@[THE_USER].TC_Perm1.test2.com] may not write Perm [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction]
-
-# TC_Perm1.26.42.NEG Non-owner of permission cannot ungrant
-perm ungrant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.C
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [m99990@@[THE_USER].TC_Perm1.test2.com] may not write Perm [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction]
-
-# TC_Perm1.26.43.NEG Non-owner of permission cannot delete
-perm delete com.test.TC_Perm1.@[user.name].p.C myInstance myAction
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [m99990@@[THE_USER].TC_Perm1.test2.com] may not write Perm [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction]
-
-# TC_Perm1.26.45.POS Owner of permission can reset roles
-as testid@aaf.att.com
-perm setTo com.test.TC_Perm1.@[user.name].p.C myInstance myAction
-** Expect 200 **
-Set Permission's Roles to []
-
-as XX@NS
-# TC_Perm1.26.97.POS List the Namespaces
-ns list name com.test.TC_Perm1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Perm1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm1.@[THE_USER].admin
- com.test.TC_Perm1.@[THE_USER].cred_admin
- com.test.TC_Perm1.@[THE_USER].owner
- com.test.TC_Perm1.@[THE_USER].r.A
- com.test.TC_Perm1.@[THE_USER].r.B
- com.test.TC_Perm1.@[THE_USER].r.C
- Permissions
- com.test.TC_Perm1.@[THE_USER].access * *
- com.test.TC_Perm1.@[THE_USER].access * read
- com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
- com.test.TC_Perm1.@[THE_USER].p.B myInstance myAction
- com.test.TC_Perm1.@[THE_USER].p.C myInstance myAction
-
-ns list name com.test2.TC_Perm1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test2.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test2.TC_Perm1.@[THE_USER]
- Administrators
- XX@NS
- m99990@@[THE_USER].TC_Perm1.test2.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test2.TC_Perm1.@[THE_USER].admin
- com.test2.TC_Perm1.@[THE_USER].owner
- com.test2.TC_Perm1.@[THE_USER].r.C
- Permissions
- com.test2.TC_Perm1.@[THE_USER].access * *
- com.test2.TC_Perm1.@[THE_USER].access * read
- Credentials
- m99990@@[THE_USER].TC_Perm1.test2.com
-
-as testid@aaf.att.com
-# TC_Perm1.26.98.POS Cleanup
-role delete com.test.TC_Perm1.@[user.name].r.A
-** Expect 200 **
-Deleted Role
-
-role delete com.test.TC_Perm1.@[user.name].r.B
-** Expect 200 **
-Deleted Role
-
-role delete com.test.TC_Perm1.@[user.name].r.C
-** Expect 200 **
-Deleted Role
-
-role delete com.test.TC_Perm1.@[user.name]_2.r.C
-** Expect 200 **
-Deleted Role
-
-as XX@NS
-role delete com.test2.TC_Perm1.@[user.name]_2.r.C
-** Expect 200 **
-Deleted Role
-
-role delete com.test2.TC_Perm1.@[user.name].r.C
-** Expect 200 **
-Deleted Role
-
-as testid@aaf.att.com
-perm delete com.test.TC_Perm1.@[user.name].p.A myInstance myAction
-** Expect 200 **
-Deleted Permission
-
-perm delete com.test.TC_Perm1.@[user.name].p.B myInstance myAction
-** Expect 200 **
-Deleted Permission
-
-perm delete com.test.TC_Perm1.@[user.name].p.C myInstance myAction
-** Expect 200 **
-Deleted Permission
-
-force ns delete com.test.TC_Perm1.@[user.name]_2
-** Expect 200 **
-Deleted Namespace
-
-as XX@NS
-set force true
-set force=true user cred del m99990@@[user.name].TC_Perm1.test2.com
-** Expect 200 **
-Deleted Credential [m99990@@[THE_USER].TC_Perm1.test2.com]
-
-ns delete com.test2.TC_Perm1.@[user.name]
-** Expect 200 **
-Deleted Namespace
-
-# TC_Perm1.26.99.POS List the Now Empty Namespaces
-ns list name com.test.TC_Perm1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Perm1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm1.@[THE_USER].admin
- com.test.TC_Perm1.@[THE_USER].cred_admin
- com.test.TC_Perm1.@[THE_USER].owner
- Permissions
- com.test.TC_Perm1.@[THE_USER].access * *
- com.test.TC_Perm1.@[THE_USER].access * read
-
-ns list name com.test2.TC_Perm1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test2.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_Perm1.27.1.POS Create Permission
-perm create com.test.TC_Perm1.@[user.name].p.A myInstance myAction
-** Expect 201 **
-Created Permission
-
-# TC_Perm1.27.2.POS Create Role
-role create com.test.TC_Perm1.@[user.name].r.A
-** Expect 201 **
-Created Role
-
-# TC_Perm1.27.10.NEG Role must Exist to Add to Role without force
-perm grant com.test.TC_Perm1.@[user.name].p.A myInstance myAction com.test.TC_Perm1.@[user.name].r.unknown
-** Expect 404 **
-Failed [SVC3404]: Not Found - Role [com.test.TC_Perm1.@[THE_USER].r.unknown] does not exist
-
-# TC_Perm1.27.11.POS Role is created with force
-force perm create com.test.TC_Perm1.@[user.name].p.A myInstance myAction com.test.TC_Perm1.@[user.name].r.unknown
-** Expect 201 **
-Created Role [com.test.TC_Perm1.@[THE_USER].r.unknown]
-Created Permission
-Granted Permission [com.test.TC_Perm1.@[THE_USER].p.A|myInstance|myAction] to Role [com.test.TC_Perm1.@[THE_USER].r.unknown]
-
-# TC_Perm1.27.12.NEG Perm must Exist to Grant without force
-perm grant com.test.TC_Perm1.@[user.name].p.unknown myInstance myAction com.test.TC_Perm1.@[user.name].r.A
-** Expect 404 **
-Failed [SVC4404]: Not Found - Permission [com.test.TC_Perm1.@[THE_USER].p.unknown|myInstance|myAction] does not exist
-
-# TC_Perm1.27.13.POS Perm is created with force
-force perm grant com.test.TC_Perm1.@[user.name].p.unknown myInstance myAction com.test.TC_Perm1.@[user.name].r.A
-** Expect 201 **
-Granted Permission [com.test.TC_Perm1.@[THE_USER].p.unknown|myInstance|myAction] to Role [com.test.TC_Perm1.@[THE_USER].r.A]
-
-# TC_Perm1.27.14.POS Role and perm are created with force
-force perm create com.test.TC_Perm1.@[user.name].p.unknown2 myInstance myAction com.test.TC_Perm1.@[user.name].r.unknown2
-** Expect 201 **
-Created Role [com.test.TC_Perm1.@[THE_USER].r.unknown2]
-Created Permission
-Granted Permission [com.test.TC_Perm1.@[THE_USER].p.unknown2|myInstance|myAction] to Role [com.test.TC_Perm1.@[THE_USER].r.unknown2]
-
-# TC_Perm1.30.1.POS List Data on non-Empty NS
-as testid
-ns list name com.test.TC_Perm1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Perm1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm1.@[THE_USER].admin
- com.test.TC_Perm1.@[THE_USER].cred_admin
- com.test.TC_Perm1.@[THE_USER].owner
- com.test.TC_Perm1.@[THE_USER].r.A
- com.test.TC_Perm1.@[THE_USER].r.unknown
- com.test.TC_Perm1.@[THE_USER].r.unknown2
- Permissions
- com.test.TC_Perm1.@[THE_USER].access * *
- com.test.TC_Perm1.@[THE_USER].access * read
- com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
- com.test.TC_Perm1.@[THE_USER].p.unknown myInstance myAction
- com.test.TC_Perm1.@[THE_USER].p.unknown2 myInstance myAction
-
-# TC_Perm1.30.2.POS Create Sub-ns when Roles that exist
-ns create com.test.TC_Perm1.@[user.name].r @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-# TC_Perm1.30.3.POS List Data on NS with sub-roles
-ns list name com.test.TC_Perm1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Perm1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm1.@[THE_USER].admin
- com.test.TC_Perm1.@[THE_USER].cred_admin
- com.test.TC_Perm1.@[THE_USER].owner
- Permissions
- com.test.TC_Perm1.@[THE_USER].access * *
- com.test.TC_Perm1.@[THE_USER].access * read
- com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
- com.test.TC_Perm1.@[THE_USER].p.unknown myInstance myAction
- com.test.TC_Perm1.@[THE_USER].p.unknown2 myInstance myAction
-
-ns list name com.test.TC_Perm1.@[user.name].r
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER].r]
---------------------------------------------------------------------------------
-com.test.TC_Perm1.@[THE_USER].r
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm1.@[THE_USER].r.A
- com.test.TC_Perm1.@[THE_USER].r.admin
- com.test.TC_Perm1.@[THE_USER].r.owner
- com.test.TC_Perm1.@[THE_USER].r.unknown
- com.test.TC_Perm1.@[THE_USER].r.unknown2
- Permissions
- com.test.TC_Perm1.@[THE_USER].r.access * *
- com.test.TC_Perm1.@[THE_USER].r.access * read
-
-as XX@NS
-# TC_Perm1.99.1.POS Namespace Admin can delete Namepace defined Roles
-set force true
-set force=true perm delete com.test.TC_Perm1.@[user.name].p.A myInstance myAction
-** Expect 200,404 **
-Deleted Permission
-
-set force true
-set force=true perm delete com.test.TC_Perm1.@[user.name].p.B myInstance myAction
-** Expect 200,404 **
-Failed [SVC4404]: Not Found - Permission [com.test.TC_Perm1.@[THE_USER].p.B|myInstance|myAction] does not exist
-
-set force true
-set force=true perm delete com.test.TC_Perm1.@[user.name].p.C myInstance myAction
-** Expect 200,404 **
-Failed [SVC4404]: Not Found - Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] does not exist
-
-set force true
-set force=true perm delete com.test.TC_Perm1.@[user.name].p.unknown myInstance myAction
-** Expect 200,404 **
-Deleted Permission
-
-set force true
-set force=true perm delete com.test.TC_Perm1.@[user.name].p.unknown2 myInstance myAction
-** Expect 200,404 **
-Deleted Permission
-
-role delete com.test.TC_Perm1.@[user.name].r.A
-** Expect 200,404 **
-Deleted Role
-
-role delete com.test.TC_Perm1.@[user.name].r.B
-** Expect 200,404 **
-Failed [SVC3404]: Not Found - Role [com.test.TC_Perm1.@[THE_USER].r.B] does not exist
-
-role delete com.test.TC_Perm1.@[user.name].r.C
-** Expect 200,404 **
-Failed [SVC3404]: Not Found - Role [com.test.TC_Perm1.@[THE_USER].r.C] does not exist
-
-role delete com.test.TC_Perm1.@[user.name].r.unknown
-** Expect 200,404 **
-Deleted Role
-
-role delete com.test.TC_Perm1.@[user.name].r.unknown2
-** Expect 200,404 **
-Deleted Role
-
-role delete com.test2.TC_Perm1.@[user.name].r.C
-** Expect 200,404 **
-Failed [SVC3404]: Not Found - Role [com.test2.TC_Perm1.@[THE_USER].r.C] does not exist
-
-role delete com.test.TC_Perm1.@[user.name]_2.r.C
-** Expect 200,404 **
-Failed [SVC3404]: Not Found - Role [com.test.TC_Perm1.@[THE_USER]_2.r.C] does not exist
-
-role delete com.test2.TC_Perm1.@[user.name]_2.r.C
-** Expect 200,404 **
-Failed [SVC3404]: Not Found - Role [com.test2.TC_Perm1.@[THE_USER]_2.r.C] does not exist
-
-# TC_Perm1.99.2.POS Remove ability to create creds
-user role del XX@NS com.test.TC_Perm1.@[user.name].cred_admin
-** Expect 200,404 **
-Removed Role [com.test.TC_Perm1.@[THE_USER].cred_admin] from User [XX@NS]
-
-as XX@NS
-perm ungrant com.att.aaf.mechid com.att create com.test.TC_Perm1.@[user.name].cred_admin
-** Expect 200,404 **
-UnGranted Permission [com.att.aaf.mechid|com.att|create] from Role [com.test.TC_Perm1.@[THE_USER].cred_admin]
-
-as testid@aaf.att.com
-role delete com.test.TC_Perm1.@[user.name].cred_admin
-** Expect 200,404 **
-Deleted Role
-
-sleep 0
-as XX@NS
-# TC_Perm1.99.98.POS Namespace Admin can delete Namespace
-set force true
-set force=true ns delete com.test2.TC_Perm1.@[user.name]
-** Expect 200,404 **
-Failed [SVC2404]: Not Found - com.test2.TC_Perm1.@[THE_USER] does not exist
-
-as testid
-force ns delete com.test.TC_Perm1.@[user.name].r
-** Expect 200,404 **
-Deleted Namespace
-
-force ns delete com.test.TC_Perm1.@[user.name]_2
-** Expect 200,404 **
-Failed [SVC2404]: Not Found - com.test.TC_Perm1.@[THE_USER]_2 does not exist
-
-force ns delete com.test.TC_Perm1.@[user.name]
-** Expect 200,404 **
-Deleted Namespace
-
-force ns delete com.test2.TC_Perm1.@[user.name]
-** Expect 200,404 **
-Failed [SVC2404]: Not Found - com.test2.TC_Perm1.@[THE_USER] does not exist
-
-# TC_Perm1.99.99.POS List to prove removed
-ns list name com.test.TC_Perm1.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-ns list name com.test.TC_Perm1.@[user.name].r
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER].r]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-ns list name com.test.TC_Perm1.@[user.name]_2
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]_2]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-ns list name com.test2.TC_Perm1.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test2.TC_Perm1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
diff --git a/authz-test/TestSuite/expected/TC_Perm2.expected b/authz-test/TestSuite/expected/TC_Perm2.expected
deleted file mode 100644
index dadff03b..00000000
--- a/authz-test/TestSuite/expected/TC_Perm2.expected
+++ /dev/null
@@ -1,554 +0,0 @@
-set XX@NS <pass>
-set testid@aaf.att.com <pass>
-set testunused@aaf.att.com <pass>
-set bogus boguspass
-#delay 10
-set NFR 0
-as testid@aaf.att.com
-# TC_Perm2.10.0.POS Print NS to prove ok
-ns list name com.test.TC_Perm2.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm2.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_Perm2.10.1.POS Create Namespace with valid IDs and Responsible Parties
-ns create com.test.TC_Perm2.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-as testid@aaf.att.com
-# TC_Perm2.20.1.POS List Data on non-Empty NS
-ns list name com.test.TC_Perm2.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm2.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Perm2.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm2.@[THE_USER].admin
- com.test.TC_Perm2.@[THE_USER].owner
- Permissions
- com.test.TC_Perm2.@[THE_USER].access * *
- com.test.TC_Perm2.@[THE_USER].access * read
-
-# TC_Perm2.20.10.POS Add Perms with specific Instance and Action
-perm create com.test.TC_Perm2.@[user.name].p.A myInstance myAction
-** Expect 201 **
-Created Permission
-
-# TC_Perm2.20.11.POS Add Perms with specific Instance and Star
-perm create com.test.TC_Perm2.@[user.name].p.A myInstance *
-** Expect 201 **
-Created Permission
-
-# TC_Perm2.20.12.POS Add Perms with Stars for Instance and Action
-perm create com.test.TC_Perm2.@[user.name].p.A * *
-** Expect 201 **
-Created Permission
-
-perm create com.test.TC_Perm2.@[user.name].p.phoneCalls * spy
-** Expect 201 **
-Created Permission
-
-# TC_Perm2.20.20.POS Create role
-role create com.test.TC_Perm2.@[user.name].p.superUser
-** Expect 201 **
-Created Role
-
-role create com.test.TC_Perm2.@[user.name].p.secret
-** Expect 201 **
-Created Role
-
-# TC_Perm2.20.21.POS Grant sub-NS perms to role
-perm grant com.test.TC_Perm2.@[user.name].p.A myInstance myAction com.test.TC_Perm2.@[user.name].p.superUser
-** Expect 201 **
-Granted Permission [com.test.TC_Perm2.@[THE_USER].p.A|myInstance|myAction] to Role [com.test.TC_Perm2.@[THE_USER].p.superUser]
-
-perm grant com.test.TC_Perm2.@[user.name].p.A myInstance * com.test.TC_Perm2.@[user.name].p.superUser
-** Expect 201 **
-Granted Permission [com.test.TC_Perm2.@[THE_USER].p.A|myInstance|*] to Role [com.test.TC_Perm2.@[THE_USER].p.superUser]
-
-perm grant com.test.TC_Perm2.@[user.name].p.A * * com.test.TC_Perm2.@[user.name].p.superUser
-** Expect 201 **
-Granted Permission [com.test.TC_Perm2.@[THE_USER].p.A|*|*] to Role [com.test.TC_Perm2.@[THE_USER].p.superUser]
-
-perm grant com.test.TC_Perm2.@[user.name].p.phoneCalls * spy com.test.TC_Perm2.@[user.name].p.secret
-** Expect 201 **
-Granted Permission [com.test.TC_Perm2.@[THE_USER].p.phoneCalls|*|spy] to Role [com.test.TC_Perm2.@[THE_USER].p.secret]
-
-# TC_Perm2.20.30.POS List Data on non-Empty NS
-ns list name com.test.TC_Perm2.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm2.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Perm2.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm2.@[THE_USER].admin
- com.test.TC_Perm2.@[THE_USER].owner
- com.test.TC_Perm2.@[THE_USER].p.secret
- com.test.TC_Perm2.@[THE_USER].p.superUser
- Permissions
- com.test.TC_Perm2.@[THE_USER].access * *
- com.test.TC_Perm2.@[THE_USER].access * read
- com.test.TC_Perm2.@[THE_USER].p.A * *
- com.test.TC_Perm2.@[THE_USER].p.A myInstance *
- com.test.TC_Perm2.@[THE_USER].p.A myInstance myAction
- com.test.TC_Perm2.@[THE_USER].p.phoneCalls * spy
-
-# TC_Perm2.20.40.POS Create role
-role create com.test.TC_Perm2.@[user.name].p.watcher
-** Expect 201 **
-Created Role
-
-as XX@NS
-# TC_Perm2.20.50.POS Grant view perms to watcher role
-perm create com.att.aaf.perm :com.test.TC_Perm2.@[user.name].p.A:myInstance:myAction view com.test.TC_Perm2.@[user.name].p.watcher
-** Expect 201 **
-Created Permission
-Granted Permission [com.att.aaf.perm|:com.test.TC_Perm2.@[THE_USER].p.A:myInstance:myAction|view] to Role [com.test.TC_Perm2.@[THE_USER].p.watcher]
-
-perm create com.att.aaf.perm :com.test.TC_Perm2.@[user.name].p.A:*:* view com.test.TC_Perm2.@[user.name].p.watcher
-** Expect 201 **
-Created Permission
-Granted Permission [com.att.aaf.perm|:com.test.TC_Perm2.@[THE_USER].p.A:*:*|view] to Role [com.test.TC_Perm2.@[THE_USER].p.watcher]
-
-as testid@aaf.att.com
-# TC_Perm2.30.1.POS List Data on non-Empty NS
-ns list name com.test.TC_Perm2.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm2.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Perm2.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm2.@[THE_USER].admin
- com.test.TC_Perm2.@[THE_USER].owner
- com.test.TC_Perm2.@[THE_USER].p.secret
- com.test.TC_Perm2.@[THE_USER].p.superUser
- com.test.TC_Perm2.@[THE_USER].p.watcher
- Permissions
- com.test.TC_Perm2.@[THE_USER].access * *
- com.test.TC_Perm2.@[THE_USER].access * read
- com.test.TC_Perm2.@[THE_USER].p.A * *
- com.test.TC_Perm2.@[THE_USER].p.A myInstance *
- com.test.TC_Perm2.@[THE_USER].p.A myInstance myAction
- com.test.TC_Perm2.@[THE_USER].p.phoneCalls * spy
-
-# TC_Perm2.30.2.POS Create Sub-ns when Roles that exist
-ns create com.test.TC_Perm2.@[user.name].p @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-# TC_Perm2.30.3.POS List Data on NS with sub-roles
-ns list name com.test.TC_Perm2.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm2.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Perm2.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm2.@[THE_USER].admin
- com.test.TC_Perm2.@[THE_USER].owner
- Permissions
- com.test.TC_Perm2.@[THE_USER].access * *
- com.test.TC_Perm2.@[THE_USER].access * read
-
-ns list name com.test.TC_Perm2.@[user.name].p
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm2.@[THE_USER].p]
---------------------------------------------------------------------------------
-com.test.TC_Perm2.@[THE_USER].p
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Perm2.@[THE_USER].p.admin
- com.test.TC_Perm2.@[THE_USER].p.owner
- com.test.TC_Perm2.@[THE_USER].p.secret
- com.test.TC_Perm2.@[THE_USER].p.superUser
- com.test.TC_Perm2.@[THE_USER].p.watcher
- Permissions
- com.test.TC_Perm2.@[THE_USER].p.A * *
- com.test.TC_Perm2.@[THE_USER].p.A myInstance *
- com.test.TC_Perm2.@[THE_USER].p.A myInstance myAction
- com.test.TC_Perm2.@[THE_USER].p.access * *
- com.test.TC_Perm2.@[THE_USER].p.access * read
- com.test.TC_Perm2.@[THE_USER].p.phoneCalls * spy
-
-as testunused@aaf.att.com
-# TC_Perm2.40.1.NEG Non-admin, not granted user should not view
-perm list name com.test.TC_Perm2.@[user.name].p.A
-** Expect 200 **
-
-List Child Permissions[com.test.TC_Perm2.@[THE_USER].p.A]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-
-
-as testid@aaf.att.com
-# Tens test user granted to permission
-# TC_Perm2.40.10.POS Add user to superUser role
-user role add testunused@aaf.att.com com.test.TC_Perm2.@[user.name].p.superUser
-** Expect 201 **
-Added Role [com.test.TC_Perm2.@[THE_USER].p.superUser] to User [testunused@aaf.att.com]
-
-as testunused@aaf.att.com
-# TC_Perm2.40.11.POS Non-admin, granted user should view
-perm list name com.test.TC_Perm2.@[user.name].p.A
-** Expect 200 **
-
-List Child Permissions[com.test.TC_Perm2.@[THE_USER].p.A]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Perm2.@[THE_USER].p.A * *
-com.test.TC_Perm2.@[THE_USER].p.A myInstance *
-com.test.TC_Perm2.@[THE_USER].p.A myInstance myAction
-
-
-as testid@aaf.att.com
-# TC_Perm2.40.12.POS Ungrant perm with wildcards
-perm ungrant com.test.TC_Perm2.@[user.name].p.A * * com.test.TC_Perm2.@[user.name].p.superUser
-** Expect 200 **
-UnGranted Permission [com.test.TC_Perm2.@[THE_USER].p.A|*|*] from Role [com.test.TC_Perm2.@[THE_USER].p.superUser]
-
-as testunused@aaf.att.com
-# TC_Perm2.40.13.POS Non-admin, granted user should view
-perm list name com.test.TC_Perm2.@[user.name].p.A
-** Expect 200 **
-
-List Child Permissions[com.test.TC_Perm2.@[THE_USER].p.A]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Perm2.@[THE_USER].p.A myInstance *
-com.test.TC_Perm2.@[THE_USER].p.A myInstance myAction
-
-
-as testid@aaf.att.com
-# TC_Perm2.40.19.POS Remove user from superUser role
-user role del testunused@aaf.att.com com.test.TC_Perm2.@[user.name].p.superUser
-** Expect 200 **
-Removed Role [com.test.TC_Perm2.@[THE_USER].p.superUser] from User [testunused@aaf.att.com]
-
-# Twenties test user granted explicit view permission
-# TC_Perm2.40.20.POS Add user to watcher role
-user role add testunused@aaf.att.com com.test.TC_Perm2.@[user.name].p.watcher
-** Expect 201 **
-Added Role [com.test.TC_Perm2.@[THE_USER].p.watcher] to User [testunused@aaf.att.com]
-
-as testunused@aaf.att.com
-# TC_Perm2.40.21.NEG Non-admin, granted explicit view perm user should view
-perm list name com.test.TC_Perm2.@[user.name].p.A
-** Expect 200 **
-
-List Child Permissions[com.test.TC_Perm2.@[THE_USER].p.A]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-
-
-as XX@NS
-# TC_Perm2.40.22.POS Ungrant perm with wildcards
-perm ungrant com.att.aaf.perm :com.test.TC_Perm2.@[user.name].p.A:*:* view com.test.TC_Perm2.@[user.name].p.watcher
-** Expect 200 **
-UnGranted Permission [com.att.aaf.perm|:com.test.TC_Perm2.@[THE_USER].p.A:*:*|view] from Role [com.test.TC_Perm2.@[THE_USER].p.watcher]
-
-as testunused@aaf.att.com
-# TC_Perm2.40.23.POS Non-admin, granted user should view
-perm list name com.test.TC_Perm2.@[user.name].p.A
-** Expect 200 **
-
-List Child Permissions[com.test.TC_Perm2.@[THE_USER].p.A]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-
-
-as testid@aaf.att.com
-# TC_Perm2.40.29.POS Remove user from watcher role
-user role del testunused@aaf.att.com com.test.TC_Perm2.@[user.name].p.watcher
-** Expect 200 **
-Removed Role [com.test.TC_Perm2.@[THE_USER].p.watcher] from User [testunused@aaf.att.com]
-
-# Thirties test admin user
-# TC_Perm2.40.30.POS Admin should be able to view
-perm list name com.test.TC_Perm2.@[user.name].p.A
-** Expect 200 **
-
-List Child Permissions[com.test.TC_Perm2.@[THE_USER].p.A]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Perm2.@[THE_USER].p.A * *
-com.test.TC_Perm2.@[THE_USER].p.A myInstance *
-com.test.TC_Perm2.@[THE_USER].p.A myInstance myAction
-
-
-# TC_Perm2.40.31.POS Add new admin for sub-NS
-ns admin add com.test.TC_Perm2.@[user.name].p testunused@aaf.att.com
-** Expect 201 **
-Admin testunused@aaf.att.com added to com.test.TC_Perm2.@[THE_USER].p
-
-# TC_Perm2.40.32.POS Remove admin from sub-NS
-ns admin del com.test.TC_Perm2.@[user.name].p testid@aaf.att.com
-** Expect 200 **
-Admin testid@aaf.att.com deleted from com.test.TC_Perm2.@[THE_USER].p
-
-# TC_Perm2.40.34.POS Admin of parent NS should be able to view
-perm list name com.test.TC_Perm2.@[user.name].p.A
-** Expect 200 **
-
-List Child Permissions[com.test.TC_Perm2.@[THE_USER].p.A]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Perm2.@[THE_USER].p.A * *
-com.test.TC_Perm2.@[THE_USER].p.A myInstance *
-com.test.TC_Perm2.@[THE_USER].p.A myInstance myAction
-
-
-# TC_Perm2.40.80.POS Add new admin for sub-NS
-ns admin add com.test.TC_Perm2.@[user.name].p testid@aaf.att.com
-** Expect 201 **
-Admin testid@aaf.att.com added to com.test.TC_Perm2.@[THE_USER].p
-
-# TC_Perm2.40.81.POS Remove admin from sub-NS
-ns admin del com.test.TC_Perm2.@[user.name].p testunused@aaf.att.com
-** Expect 200 **
-Admin testunused@aaf.att.com deleted from com.test.TC_Perm2.@[THE_USER].p
-
-# TC_Perm2.41.1.POS Add user to some roles with perms attached
-as testid@aaf.att.com
-user role add testunused@aaf.att.com com.test.TC_Perm2.@[user.name].p.superUser
-** Expect 201 **
-Added Role [com.test.TC_Perm2.@[THE_USER].p.superUser] to User [testunused@aaf.att.com]
-
-user role add testunused@aaf.att.com com.test.TC_Perm2.@[user.name].p.watcher
-** Expect 201 **
-Added Role [com.test.TC_Perm2.@[THE_USER].p.watcher] to User [testunused@aaf.att.com]
-
-user role add XX@NS com.test.TC_Perm2.@[user.name].p.secret
-** Expect 201 **
-Added Role [com.test.TC_Perm2.@[THE_USER].p.secret] to User [XX@NS]
-
-# TC_Perm2.41.10.POS List by User when Same as Caller
-as testunused@aaf.att.com
-perm list user testunused@aaf.att.com
-** Expect 200 **
-
-List Permissions by User[testunused@aaf.att.com]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.att.aaf.perm :com.test.TC_Perm2.@[THE_USER].p.A:myInstance:myAction view
-com.test.TC_Perm2.@[THE_USER].p.A myInstance *
-com.test.TC_Perm2.@[THE_USER].p.A myInstance myAction
-
-
-# TC_NS2.41.15.POS List by User when not same as Caller, but own/admin namespace of Roles
-as testid@aaf.att.com
-perm list user testunused@aaf.att.com
-** Expect 200 **
-
-List Permissions by User[testunused@aaf.att.com]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Perm2.@[THE_USER].p.A myInstance *
-com.test.TC_Perm2.@[THE_USER].p.A myInstance myAction
-
-
-# TC_Perm2.41.20.POS List by User when not same as Caller, but parent owner/admin of Namespace
-as XX@NS
-perm list user testunused@aaf.att.com
-** Expect 200 **
-
-List Permissions by User[testunused@aaf.att.com]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.att.aaf.perm :com.test.TC_Perm2.@[THE_USER].p.A:myInstance:myAction view
-com.test.TC_Perm2.@[THE_USER].p.A myInstance *
-com.test.TC_Perm2.@[THE_USER].p.A myInstance myAction
-
-
-# TC_Perm2.41.80.NEG List by User when not Caller nor associated to Namespace (nothing should be shown)
-as testunused@aaf.att.com
-perm list user XX@NS
-** Expect 200 **
-
-List Permissions by User[XX@NS]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-
-
-# TC_Perm2.41.99.POS Remove users from roles for later test
-as testid@aaf.att.com
-user role del testunused@aaf.att.com com.test.TC_Perm2.@[user.name].p.superUser
-** Expect 200 **
-Removed Role [com.test.TC_Perm2.@[THE_USER].p.superUser] from User [testunused@aaf.att.com]
-
-user role del testunused@aaf.att.com com.test.TC_Perm2.@[user.name].p.watcher
-** Expect 200 **
-Removed Role [com.test.TC_Perm2.@[THE_USER].p.watcher] from User [testunused@aaf.att.com]
-
-user role del XX@NS com.test.TC_Perm2.@[user.name].p.secret
-** Expect 200 **
-Removed Role [com.test.TC_Perm2.@[THE_USER].p.secret] from User [XX@NS]
-
-# TC_Perm2.42.10.POS List Roles from NS when not allowed to see NS
-as testid@aaf.att.com
-perm list ns com.test.TC_Perm2.@[user.name].p
-** Expect 200 **
-
-List Perms by NS [com.test.TC_Perm2.@[THE_USER].p]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Perm2.@[THE_USER].p.A * *
-com.test.TC_Perm2.@[THE_USER].p.A myInstance *
-com.test.TC_Perm2.@[THE_USER].p.A myInstance myAction
-com.test.TC_Perm2.@[THE_USER].p.access * *
-com.test.TC_Perm2.@[THE_USER].p.access * read
-com.test.TC_Perm2.@[THE_USER].p.phoneCalls * spy
-
-
-# TC_Perm2.42.20.NEG Don't List Roles from NS when not allowed to see NS
-as testunused@aaf.att.com
-perm list ns com.test.TC_Perm2.@[user.name].p
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read in NS [com.test.TC_Perm2.@[THE_USER].p]
-
-# TC_Perm2.43.10.POS List perms when allowed to see Role
-as testid@aaf.att.com
-perm list role com.test.TC_Perm2.@[user.name].p.superUser
-** Expect 200 **
-
-List Perms by Role [com.test.TC_Perm2.@[THE_USER].p.superUser]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Perm2.@[THE_USER].p.A myInstance *
-com.test.TC_Perm2.@[THE_USER].p.A myInstance myAction
-
-
-perm list role com.test.TC_Perm2.@[user.name].p.watcher
-** Expect 200 **
-
-List Perms by Role [com.test.TC_Perm2.@[THE_USER].p.watcher]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-
-
-perm list role com.test.TC_Perm2.@[user.name].p.secret
-** Expect 200 **
-
-List Perms by Role [com.test.TC_Perm2.@[THE_USER].p.secret]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Perm2.@[THE_USER].p.phoneCalls * spy
-
-
-# TC_Perm2.43.20.NEG Don't List perms when not allowed to see Role
-as testunused@aaf.att.com
-perm list role com.test.TC_Perm2.@[user.name].p.superUser
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read Role [com.test.TC_Perm2.@[THE_USER].p.superUser]
-
-perm list role com.test.TC_Perm2.@[user.name].p.watcher
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read Role [com.test.TC_Perm2.@[THE_USER].p.watcher]
-
-perm list role com.test.TC_Perm2.@[user.name].p.secret
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read Role [com.test.TC_Perm2.@[THE_USER].p.secret]
-
-as testid@aaf.att.com
-# TC_Perm2.99.1.POS Namespace Admin can delete Namepace defined Roles
-force perm delete com.test.TC_Perm2.@[user.name].p.A myInstance myAction
-** Expect 200,404 **
-Deleted Permission
-
-force perm delete com.test.TC_Perm2.@[user.name].p.A myInstance *
-** Expect 200,404 **
-Deleted Permission
-
-force perm delete com.test.TC_Perm2.@[user.name].p.A * *
-** Expect 200,404 **
-Deleted Permission
-
-force perm delete com.test.TC_Perm2.@[user.name].p.phoneCalls * spy
-** Expect 200,404 **
-Deleted Permission
-
-force role delete com.test.TC_Perm2.@[user.name].p.watcher
-** Expect 200,404 **
-Deleted Role
-
-force role delete com.test.TC_Perm2.@[user.name].p.superUser
-** Expect 200,404 **
-Deleted Role
-
-force role delete com.test.TC_Perm2.@[user.name].p.secret
-** Expect 200,404 **
-Deleted Role
-
-as XX@NS
-force perm delete com.att.aaf.perm :com.test.TC_Perm2.@[user.name].p.A:*:* view
-** Expect 200,404 **
-Deleted Permission
-
-force perm delete com.att.aaf.perm :com.test.TC_Perm2.@[user.name].p.A:myInstance:myAction view
-** Expect 200,404 **
-Deleted Permission
-
-# TC_Perm2.99.2.POS Namespace Admin can delete Namespace
-force ns delete com.test.TC_Perm2.@[user.name].p
-** Expect 200,404 **
-Deleted Namespace
-
-force ns delete com.test.TC_Perm2.@[user.name]
-** Expect 200,404 **
-Deleted Namespace
-
-# TC_Perm2.99.3.POS Print Namespaces
-ns list name com.test.TC_Perm2.@[user.name].p
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_Perm2.@[THE_USER].p]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-ns list name com.test.TC_Perm2.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_Perm2.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
diff --git a/authz-test/TestSuite/expected/TC_Perm3.expected b/authz-test/TestSuite/expected/TC_Perm3.expected
deleted file mode 100644
index 6cdf2297..00000000
--- a/authz-test/TestSuite/expected/TC_Perm3.expected
+++ /dev/null
@@ -1,136 +0,0 @@
-set XX@NS <pass>
-set testid@aaf.att.com <pass>
-set testunused@aaf.att.com <pass>
-set testid_1@test.com <pass>
-set testid_2@test.com <pass>
-set bogus boguspass
-#delay 10
-set NFR 0
-as XX@NS
-# TC_Perm3.10.0.POS Print NS to prove ok
-ns list name com.test.TC_Perm3.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Perm3.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_Perm3.10.1.POS Create Namespace with User ID
-ns create com.test.TC_Perm3.@[user.name]_1 @[user.name] testid_1@test.com
-** Expect 201 **
-Created Namespace
-
-# TC_Perm3.10.2.POS Create Namespace with Different ID
-ns create com.test.TC_Perm3.@[user.name]_2 @[user.name] testid_2@test.com
-** Expect 201 **
-Created Namespace
-
-# TC_Perm3.10.3.POS Create Namespace in Different Company
-ns create com.att.TC_Perm3.@[user.name] @[user.name] testunused@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-as testid_1@test.com
-# TC_Perm3.20.0.POS User1 Create a Perm
-perm create com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction
-** Expect 201 **
-Created Permission
-
-# TC_Perm3.20.5.NEG User1 should not be able to create Role in other group
-role create com.test.TC_Perm3.@[user.name]_2.dev.myRole_a
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testid_1@test.com] may not write Role [com.test.TC_Perm3.@[THE_USER]_2.dev.myRole_a]
-
-# TC_Perm3.20.6.POS User2 should be able to create Role in own group
-as testid_2@test.com
-role create com.test.TC_Perm3.@[user.name]_2.dev.myRole_a
-** Expect 201 **
-Created Role
-
-# TC_Perm3.20.7.NEG User2 should not be able to grant Perm to own Role
-perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction com.test.TC_Perm3.@[user.name]_2.dev.myRole_a
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testid_2@test.com] may not write Perm [com.test.TC_Perm3.@[THE_USER]_1.dev.myPerm_a|myInstance|myAction]
-
-# TC_Perm3.20.8.NEG User2 cannot create Role in NS 2
-as testid_2@test.com
-perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction com.test.TC_Perm3.@[user.name]_2.dev.myRole_a
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testid_2@test.com] may not write Perm [com.test.TC_Perm3.@[THE_USER]_1.dev.myPerm_a|myInstance|myAction]
-
-# TC_Perm3.20.9.POS Role created, but can't grant... has to be testid_1
-as testid_1@test.com
-perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction com.test.TC_Perm3.@[user.name]_2.dev.myRole_a
-** Expect 201 **
-Granted Permission [com.test.TC_Perm3.@[THE_USER]_1.dev.myPerm_a|myInstance|myAction] to Role [com.test.TC_Perm3.@[THE_USER]_2.dev.myRole_a]
-
-# TC_Perm3.30.0.POS User1 Create a Perm
-as testid_1@test.com
-perm create com.test.TC_Perm3.@[user.name]_1.dev.myPerm_b myInstance myAction
-** Expect 201 **
-Created Permission
-
-# TC_Perm3.30.5.NEG User1 should not be able to create Role in other group
-role create com.test.TC_Perm3.@[user.name]_2.dev.myRole_b
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testid_1@test.com] may not write Role [com.test.TC_Perm3.@[THE_USER]_2.dev.myRole_b]
-
-# TC_Perm3.30.6.POS User2 should be able to create Role in own group
-as testunused@aaf.att.com
-role create com.att.TC_Perm3.@[user.name].dev.myRole_b
-** Expect 201 **
-Created Role
-
-# TC_Perm3.30.7.NEG User2 should not be able to grant Perm to own Role
-perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_b myInstance myAction com.att.TC_Perm3.@[user.name].dev.myRole_b
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not write Perm [com.test.TC_Perm3.@[THE_USER]_1.dev.myPerm_b|myInstance|myAction]
-
-# TC_Perm3.30.8.POS User should be able to grant cross company only Double Perm
-as testid_1@test.com
-perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_b myInstance myAction com.att.TC_Perm3.@[user.name].dev.myRole_b
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testid_1@test.com] may not write Role [com.att.TC_Perm3.@[THE_USER].dev.myRole_b]
-
-as testid_1@test.com
-# TC_Perm3.99.2.POS Namespace Admin can delete Namespace
-force ns delete com.test.TC_Perm3.@[user.name]_1
-** Expect 200,404 **
-Deleted Namespace
-
-# TC_Perm3.99.3.POS Print Namespaces
-ns list name com.test.TC_Perm3.@[user.name]_1
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_Perm3.@[THE_USER]_1]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-as testid_2@test.com
-# TC_Perm3.99.4.POS Namespace Admin can delete Namespace
-force ns delete com.test.TC_Perm3.@[user.name]_2
-** Expect 200,404 **
-Deleted Namespace
-
-# TC_Perm3.99.5.POS Print Namespaces
-ns list name com.test.TC_Perm3.@[user.name]_2
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_Perm3.@[THE_USER]_2]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-as testunused@aaf.att.com
-# TC_Perm3.99.6.POS Remove Namespace from other company
-force ns delete com.att.TC_Perm3.@[user.name]
-** Expect 200,404 **
-Deleted Namespace
-
-# TC_Perm3.99.7.POS Print Namespace from other company
-ns list name com.att.TC_Perm3.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.att.TC_Perm3.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
diff --git a/authz-test/TestSuite/expected/TC_Realm1.expected b/authz-test/TestSuite/expected/TC_Realm1.expected
deleted file mode 100644
index 67232e2a..00000000
--- a/authz-test/TestSuite/expected/TC_Realm1.expected
+++ /dev/null
@@ -1,210 +0,0 @@
-set testid@aaf.att.com <pass>
-set testunused@aaf.att.com <pass>
-set XX@NS <pass>
-set bogus boguspass
-#delay 10
-set NFR 0
-as testid@aaf.att.com
-# TC_Realm1.10.0.POS Validate no NS
-ns list name com.test.TC_Realm1.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_Realm1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_Realm1.10.1.POS Create Namespace to add IDs
-ns create com.test.TC_Realm1.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-as XX@NS
-# TC_Realm1.10.10.POS Grant ability to change delegates
-force perm create com.att.aaf.delg com.att create com.test.TC_Realm1.@[user.name].change_delg
-** Expect 201 **
-Created Role [com.test.TC_Realm1.@[THE_USER].change_delg]
-Created Permission
-Granted Permission [com.att.aaf.delg|com.att|create] to Role [com.test.TC_Realm1.@[THE_USER].change_delg]
-
-# TC_Realm1.10.11.POS Create user role to change delegates
-user role add testid@aaf.att.com com.test.TC_Realm1.@[user.name].change_delg
-** Expect 201 **
-Added Role [com.test.TC_Realm1.@[THE_USER].change_delg] to User [testid@aaf.att.com]
-
-as testid@aaf.att.com
-# TC_Realm1.20.1.NEG Fail to create - default domain wrong
-ns create com.test.TC_Realm1.@[user.name].project1 testunused
-** Expect 403 **
-Failed [SVC3403]: Forbidden - testunused@csp.att.com does not have permission to assume test status at AT&T
-
-# TC_Realm1.20.2.POS Create - default domain appended
-ns create com.test.TC_Realm1.@[user.name].project1 @[user.name] @[user.name]
-** Expect 201 **
-Created Namespace
-
-# TC_Realm1.20.3.NEG Fail to create - default domain wrong
-ns admin add com.test.TC_Realm1.@[user.name].project1 testunused
-** Expect 403 **
-Failed [SVC1403]: Forbidden - AT&T reports that testunused@csp.att.com is a faulty ID
-
-# TC_Realm1.20.4.POS Create - full domain given
-ns admin add com.test.TC_Realm1.@[user.name].project1 testid@aaf.att.com
-** Expect 201 **
-Admin testid@aaf.att.com added to com.test.TC_Realm1.@[THE_USER].project1
-
-# TC_Realm1.20.5.POS Delete - default domain appended
-ns admin del com.test.TC_Realm1.@[user.name].project1 @[user.name]
-** Expect 200 **
-Admin @[THE_USER]@csp.att.com deleted from com.test.TC_Realm1.@[THE_USER].project1
-
-# TC_Realm1.20.6.POS Add admin - default domain appended
-ns admin add com.test.TC_Realm1.@[user.name].project1 @[user.name]
-** Expect 201 **
-Admin @[THE_USER]@csp.att.com added to com.test.TC_Realm1.@[THE_USER].project1
-
-# TC_Realm1.30.1.POS Create role to add to users
-role create com.test.TC_Realm1.@[user.name].role1
-** Expect 201 **
-Created Role
-
-# TC_Realm1.30.2.NEG Add user, but default domain wrong
-role user add com.test.TC_Realm1.@[user.name].role1 testunused
-** Expect 403 **
-Failed [SVC1403]: Forbidden - AT&T reports that testunused@csp.att.com is a faulty ID
-
-# TC_Realm1.30.3.POS Add user, with default domain appended
-role user add com.test.TC_Realm1.@[user.name].role1 @[user.name]
-** Expect 201 **
-Added User [@[THE_USER]@csp.att.com] to Role [com.test.TC_Realm1.@[THE_USER].role1]
-
-# TC_Realm1.30.10.POS Role list, with default domain added
-role list user testunused
-** Expect 200 **
-
-List Roles for User [testunused@csp.att.com]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-
-# TC_Realm1.30.80.POS Delete user, with default domain appended
-role user del com.test.TC_Realm1.@[user.name].role1 @[user.name]
-** Expect 200 **
-Removed User [@[THE_USER]@csp.att.com] from Role [com.test.TC_Realm1.@[THE_USER].role1]
-
-# TC_Realm1.40.1.POS Create role to add to users
-role create com.test.TC_Realm1.@[user.name].role2
-** Expect 201 **
-Created Role
-
-# TC_Realm1.40.2.NEG Add user, but default domain wrong
-user role add testunused com.test.TC_Realm1.@[user.name].role2
-** Expect 403 **
-Failed [SVC1403]: Forbidden - AT&T reports that testunused@csp.att.com is a faulty ID
-
-# TC_Realm1.40.3.POS Add user, with default domain appended
-user role add @[user.name] com.test.TC_Realm1.@[user.name].role2
-** Expect 201 **
-Added Role [com.test.TC_Realm1.@[THE_USER].role2] to User [@[THE_USER]@csp.att.com]
-
-# TC_Realm1.40.10.NEG Add delegate, but default domain wrong
-user delegate add testunused testid 2099-01-01
-** Expect 404 **
-Failed [SVC5404]: Not Found - [testunused@csp.att.com] is not a user in the company database.
-
-# TC_Realm1.40.11.POS Add delegate, with default domain appended
-force user delegate add @[user.name] @[user.name] 2099-01-01
-** Expect 201 **
-Delegate Added
-
-# TC_Realm1.40.12.POS Update delegate, with default domain appended
-user delegate upd @[user.name] @[user.name] 2099-01-01
-** Expect 200 **
-Delegate Updated
-
-as XX@NS
-# TC_Realm1.40.20.POS List delegate, with default domain appended
-user list delegates user @[user.name]
-** Expect 200 **
-
-List Delegates by user[@[THE_USER]@csp.att.com]
---------------------------------------------------------------------------------
- User Delegate Expires
---------------------------------------------------------------------------------
- @[THE_USER]@csp.att.com @[THE_USER]@csp.att.com XXXX-XX-XX
-
-# TC_Realm1.40.21.POS List delegate, with default domain appended
-user list delegates delegate @[user.name]
-** Expect 200 **
-
-List Delegates by delegate[@[THE_USER]@csp.att.com]
---------------------------------------------------------------------------------
- User Delegate Expires
---------------------------------------------------------------------------------
- @[THE_USER]@csp.att.com @[THE_USER]@csp.att.com XXXX-XX-XX
-
-as testid@aaf.att.com
-# TC_Realm1.40.80.POS Delete user, with default domain appended
-user role del @[user.name] com.test.TC_Realm1.@[user.name].role2
-** Expect 200 **
-Removed Role [com.test.TC_Realm1.@[THE_USER].role2] from User [@[THE_USER]@csp.att.com]
-
-# TC_Realm1.40.81.POS Delete delegate, with default domain appended
-user delegate del @[user.name]
-** Expect 200 **
-Delegate Deleted
-
-as testid@aaf.att.com
-# TC_Realm1.99.1.POS Delete delgates
-user delegate del @[user.name]
-** Expect 200,404 **
-Failed [SVC7404]: Not Found - Cannot delete non-existent Delegate
-
-# TC_Realm1.99.2.POS Delete user roles
-role user del com.test.TC_Realm1.@[user.name].role1 @[user.name]
-** Expect 200,404 **
-Failed [SVC6404]: Not Found - User [ @[THE_USER]@csp.att.com ] is not Assigned to the Role [ com.test.TC_Realm1.@[THE_USER].role1 ]
-
-user role del @[user.name] com.test.TC_Realm1.@[user.name].role2
-** Expect 200,404 **
-Failed [SVC6404]: Not Found - User [ @[THE_USER]@csp.att.com ] is not Assigned to the Role [ com.test.TC_Realm1.@[THE_USER].role2 ]
-
-# TC_Realm1.99.3.POS Delete roles
-role delete com.test.TC_Realm1.@[user.name].role1
-** Expect 200,404 **
-Deleted Role
-
-role delete com.test.TC_Realm1.@[user.name].role2
-** Expect 200,404 **
-Deleted Role
-
-as XX@NS
-# TC_Realm1.99.10.POS UnGrant ability to change delegates
-perm ungrant com.att.aaf.delg com.att change com.test.TC_Realm1.@[user.name].change_delg
-** Expect 200,404 **
-Failed [SVC4404]: Not Found - Permission [com.att.aaf.delg|com.att|change] not associated with any Role
-
-as testid@aaf.att.com
-# TC_Realm1.99.11.POS Delete role to change delegates
-set force true
-set force=true role delete com.test.TC_Realm1.@[user.name].change_delg
-** Expect 200,404 **
-Deleted Role
-
-# TC_Realm1.99.98.POS Delete Namespaces
-ns delete com.test.TC_Realm1.@[user.name]
-** Expect 200,404 **
-Deleted Namespace
-
-ns delete com.test.TC_Realm1.@[user.name].project1
-** Expect 200,404 **
-Deleted Namespace
-
-# TC_Realm1.99.99.POS Verify Cleaned NS
-ns list name com.test.TC_Realm1.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_Realm1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
diff --git a/authz-test/TestSuite/expected/TC_Role1.expected b/authz-test/TestSuite/expected/TC_Role1.expected
deleted file mode 100644
index 5cb610fb..00000000
--- a/authz-test/TestSuite/expected/TC_Role1.expected
+++ /dev/null
@@ -1,369 +0,0 @@
-set testid@aaf.att.com <pass>
-set testunused@aaf.att.com <pass>
-set XX@NS <pass>
-set bogus boguspass
-#delay 10
-set NFR 0
-as testid@aaf.att.com
-# TC_Role1.10.0.POS Validate NS ok
-ns list name com.test.TC_Role1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Role1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_Role1.10.1.POS Create Namespace with valid IDs and Responsible Parties
-ns create com.test.TC_Role1.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-# TC_Role1.10.10.POS Create role to assign mechid perm to
-role create com.test.TC_Role1.@[user.name].cred_admin
-** Expect 201 **
-Created Role
-
-as XX@NS
-# TC_Role1.10.11.POS Assign role to mechid perm
-perm grant com.att.aaf.mechid com.att create com.test.TC_Role1.@[user.name].cred_admin
-** Expect 201 **
-Granted Permission [com.att.aaf.mechid|com.att|create] to Role [com.test.TC_Role1.@[THE_USER].cred_admin]
-
-as testid@aaf.att.com
-# TC_Role1.10.12.POS Assign user for creating creds
-user role add testid@aaf.att.com com.test.TC_Role1.@[user.name].cred_admin
-** Expect 201 **
-Added Role [com.test.TC_Role1.@[THE_USER].cred_admin] to User [testid@aaf.att.com]
-
-# TC_Role1.20.1.POS List Data on non-Empty NS
-ns list name com.test.TC_Role1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Role1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Role1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Role1.@[THE_USER].admin
- com.test.TC_Role1.@[THE_USER].cred_admin
- com.test.TC_Role1.@[THE_USER].owner
- Permissions
- com.test.TC_Role1.@[THE_USER].access * *
- com.test.TC_Role1.@[THE_USER].access * read
-
-# TC_Role1.20.2.POS Add Roles
-role create com.test.TC_Role1.@[user.name].r.A
-** Expect 201 **
-Created Role
-
-role create com.test.TC_Role1.@[user.name].r.B
-** Expect 201 **
-Created Role
-
-# TC_Role1.20.3.POS List Data on non-Empty NS
-ns list name com.test.TC_Role1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Role1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Role1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Role1.@[THE_USER].admin
- com.test.TC_Role1.@[THE_USER].cred_admin
- com.test.TC_Role1.@[THE_USER].owner
- com.test.TC_Role1.@[THE_USER].r.A
- com.test.TC_Role1.@[THE_USER].r.B
- Permissions
- com.test.TC_Role1.@[THE_USER].access * *
- com.test.TC_Role1.@[THE_USER].access * read
-
-# TC_Role1.20.4.NEG Don't write over Role
-role create com.test.TC_Role1.@[user.name].r.A
-** Expect 409 **
-Failed [SVC1409]: Conflict Already Exists - Role [com.test.TC_Role1.@[THE_USER].r.A] already exists
-
-# TC_Role1.20.5.NEG Don't allow non-user to create
-as bogus
-role create com.test.TC_Role1.@[user.name].r.No
-** Expect 401 **
-Failed with code 401, Unauthorized
-
-# TC_Role1.20.6.NEG Don't allow non-user to create without Approval
-as testunused@aaf.att.com
-role create com.test.TC_Role1.@[user.name].r.No
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not write Role [com.test.TC_Role1.@[THE_USER].r.No]
-
-# TC_Role1.20.10.NEG Non-admins can't change description
-as testunused@aaf.att.com
-role describe com.test.TC_Role1.@[user.name].r.A Description A
-** Expect 403 **
-Failed [SVC1403]: Forbidden - You do not have approval to change com.test.TC_Role1.@[THE_USER].r.A
-
-# TC_Role1.20.11.NEG Role must exist to change description
-as testid@aaf.att.com
-role describe com.test.TC_Role1.@[user.name].r.C Description C
-** Expect 404 **
-Failed [SVC1404]: Not Found - Role [com.test.TC_Role1.@[THE_USER].r.C] does not exist
-
-# TC_Role1.20.12.POS Admin can change description
-role describe com.test.TC_Role1.@[user.name].r.A Description A
-** Expect 200 **
-Description added to role
-
-# TC_Role1.30.1.POS List Data on non-Empty NS
-as testid@aaf.att.com
-ns list name com.test.TC_Role1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Role1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Role1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Role1.@[THE_USER].admin
- com.test.TC_Role1.@[THE_USER].cred_admin
- com.test.TC_Role1.@[THE_USER].owner
- com.test.TC_Role1.@[THE_USER].r.A
- com.test.TC_Role1.@[THE_USER].r.B
- Permissions
- com.test.TC_Role1.@[THE_USER].access * *
- com.test.TC_Role1.@[THE_USER].access * read
-
-# TC_Role1.30.2.POS Create Sub-ns when Roles that exist
-ns create com.test.TC_Role1.@[user.name].r @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-# TC_Role1.30.3.POS List Data on NS with sub-roles
-ns list name com.test.TC_Role1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Role1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Role1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Role1.@[THE_USER].admin
- com.test.TC_Role1.@[THE_USER].cred_admin
- com.test.TC_Role1.@[THE_USER].owner
- Permissions
- com.test.TC_Role1.@[THE_USER].access * *
- com.test.TC_Role1.@[THE_USER].access * read
-
-ns list name com.test.TC_Role1.@[user.name].r
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Role1.@[THE_USER].r]
---------------------------------------------------------------------------------
-com.test.TC_Role1.@[THE_USER].r
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Role1.@[THE_USER].r.A
- com.test.TC_Role1.@[THE_USER].r.B
- com.test.TC_Role1.@[THE_USER].r.admin
- com.test.TC_Role1.@[THE_USER].r.owner
- Permissions
- com.test.TC_Role1.@[THE_USER].r.access * *
- com.test.TC_Role1.@[THE_USER].r.access * read
-
-# TC_Role1.40.01.POS List Data on non-Empty NS
-role list role com.test.TC_Role1.@[user.name].r.A
-** Expect 200 **
-
-List Roles for Role[com.test.TC_Role1.@[THE_USER].r.A]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Role1.@[THE_USER].r.A
-
-# TC_Role1.40.20.POS Create a Perm, and add to Role
-perm create com.test.TC_Role1.@[user.name].samplePerm1 some.long(involved).text SELECT com.test.TC_Role1.@[user.name].r.A
-** Expect 201 **
-Created Permission
-Granted Permission [com.test.TC_Role1.@[THE_USER].samplePerm1|some.long(involved).text|SELECT] to Role [com.test.TC_Role1.@[THE_USER].r.A]
-
-# TC_Role1.40.25.POS List
-role list role com.test.TC_Role1.@[user.name].r.A
-** Expect 200 **
-
-List Roles for Role[com.test.TC_Role1.@[THE_USER].r.A]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Role1.@[THE_USER].r.A
- com.test.TC_Role1.@[THE_USER].samplePerm1 some.long(involved).text SELECT
-
-# TC_Role1.40.30.POS Create a Perm
-perm create com.test.TC_Role1.@[user.name].samplePerm1 some.other_long(less.involved).text lower_case
-** Expect 201 **
-Created Permission
-
-# TC_Role1.40.32.POS Separately Grant Perm
-perm grant com.test.TC_Role1.@[user.name].samplePerm1 some.other_long(less.involved).text lower_case com.test.TC_Role1.@[user.name].r.A
-** Expect 201 **
-Granted Permission [com.test.TC_Role1.@[THE_USER].samplePerm1|some.other_long(less.involved).text|lower_case] to Role [com.test.TC_Role1.@[THE_USER].r.A]
-
-# TC_Role1.40.35.POS List
-role list role com.test.TC_Role1.@[user.name].r.A
-** Expect 200 **
-
-List Roles for Role[com.test.TC_Role1.@[THE_USER].r.A]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Role1.@[THE_USER].r.A
- com.test.TC_Role1.@[THE_USER].samplePerm1 some.long(involved).text SELECT
- com.test.TC_Role1.@[THE_USER].samplePerm1 some.other_long(less.involved).text lower_case
-
-# TC_Role1.50.1.POS Create user to attach to role
-user cred add m00001@@[user.name].TC_Role1.test.com password123
-** Expect 201 **
-Added Credential [m00001@@[THE_USER].TC_Role1.test.com]
-
-# TC_Role1.50.2.POS Create new role
-role create com.test.TC_Role1.@[user.name].r.C
-** Expect 201 **
-Created Role
-
-# TC_Role1.50.3.POS Attach user to role
-user role add m00001@@[user.name].TC_Role1.test.com com.test.TC_Role1.@[user.name].r.C
-** Expect 201 **
-Added Role [com.test.TC_Role1.@[THE_USER].r.C] to User [m00001@@[THE_USER].TC_Role1.test.com]
-
-# TC_Role1.50.4.POS Create permission and attach to role
-perm create com.test.TC_Role1.@[user.name].p.C myInstance myAction com.test.TC_Role1.@[user.name].r.C
-** Expect 201 **
-Created Permission
-Granted Permission [com.test.TC_Role1.@[THE_USER].p.C|myInstance|myAction] to Role [com.test.TC_Role1.@[THE_USER].r.C]
-
-# TC_Role1.50.20.NEG Delete role with permission and user attached should fail
-role delete com.test.TC_Role1.@[user.name].r.C
-** Expect 424 **
-Failed [SVC1424]: Failed Dependency - Role [com.test.TC_Role1.@[THE_USER].r.C] cannot be deleted as it is used by 1 or more Users.
-
-# TC_Role1.50.21.POS Force delete role should work
-set force true
-set force=true role delete com.test.TC_Role1.@[user.name].r.C
-** Expect 200 **
-Deleted Role
-
-# TC_Role1.50.30.POS List Data on non-Empty NS
-ns list name com.test.TC_Role1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Role1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Role1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Role1.@[THE_USER].admin
- com.test.TC_Role1.@[THE_USER].cred_admin
- com.test.TC_Role1.@[THE_USER].owner
- Permissions
- com.test.TC_Role1.@[THE_USER].access * *
- com.test.TC_Role1.@[THE_USER].access * read
- com.test.TC_Role1.@[THE_USER].p.C myInstance myAction
- com.test.TC_Role1.@[THE_USER].samplePerm1 some.long(involved).text SELECT
- com.test.TC_Role1.@[THE_USER].samplePerm1 some.other_long(less.involved).text lower_case
- Credentials
- m00001@@[THE_USER].TC_Role1.test.com
-
-# Need to let DB catch up on deletes
-sleep 0
-as testid@aaf.att.com
-# TC_Role1.99.05.POS Remove Permissions from "40_reports"
-set force true
-set force=true perm delete com.test.TC_Role1.@[user.name].samplePerm1 some.long(involved).text SELECT
-** Expect 200,404 **
-Deleted Permission
-
-set force true
-set force=true perm delete com.test.TC_Role1.@[user.name].samplePerm1 some.other_long(less.involved).text lower_case
-** Expect 200,404 **
-Deleted Permission
-
-# TC_Role1.99.10.POS Namespace Admin can delete Namepace defined Roles
-force role delete com.test.TC_Role1.@[user.name].r.A
-** Expect 200,404 **
-Deleted Role
-
-force role delete com.test.TC_Role1.@[user.name].r.B
-** Expect 200,404 **
-Deleted Role
-
-force role delete com.test.TC_Role1.@[user.name].r.C
-** Expect 200,404 **
-Failed [SVC3404]: Not Found - Role [com.test.TC_Role1.@[THE_USER].r.C] does not exist
-
-# TC_Role1.99.15.POS Remove ability to create creds
-user role del testid@aaf.att.com com.test.TC_Role1.@[user.name].cred_admin
-** Expect 200,404 **
-Removed Role [com.test.TC_Role1.@[THE_USER].cred_admin] from User [testid@aaf.att.com]
-
-as XX@NS
-perm ungrant com.att.aaf.mechid com.att create com.test.TC_Role1.@[user.name].cred_admin
-** Expect 200,404 **
-UnGranted Permission [com.att.aaf.mechid|com.att|create] from Role [com.test.TC_Role1.@[THE_USER].cred_admin]
-
-as testid@aaf.att.com
-role delete com.test.TC_Role1.@[user.name].cred_admin
-** Expect 200,404 **
-Deleted Role
-
-# TC_Role1.99.20.POS Namespace Admin can delete permissions and credentials
-perm delete com.test.TC_Role1.@[user.name].p.C myInstance myAction
-** Expect 200,404 **
-Deleted Permission
-
-set force true
-user cred del m00001@@[user.name].TC_Role1.test.com
-** Expect 200,404 **
-Deleted Credential [m00001@@[THE_USER].TC_Role1.test.com]
-
-# TC_Role1.99.90.POS Namespace Admin can delete Namespace
-force ns delete com.test.TC_Role1.@[user.name].r
-** Expect 200,404 **
-Deleted Namespace
-
-force ns delete com.test.TC_Role1.@[user.name]
-** Expect 200,404 **
-Deleted Namespace
-
-# TC_Role1.99.99.POS List to prove clean Namespaces
-ns list name com.test.TC_Role1.@[user.name].r
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_Role1.@[THE_USER].r]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-ns list name com.test.TC_Role1.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_Role1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
diff --git a/authz-test/TestSuite/expected/TC_Role2.expected b/authz-test/TestSuite/expected/TC_Role2.expected
deleted file mode 100644
index 45abf9fd..00000000
--- a/authz-test/TestSuite/expected/TC_Role2.expected
+++ /dev/null
@@ -1,447 +0,0 @@
-set XX@NS <pass>
-set testid@aaf.att.com <pass>
-set testunused@aaf.att.com <pass>
-set bogus boguspass
-#delay 10
-set NFR 0
-as testid@aaf.att.com
-# TC_Role2.10.0.POS Print NS to prove ok
-ns list name com.test.TC_Role2.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Role2.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_Role2.10.1.POS Create Namespace with valid IDs and Responsible Parties
-ns create com.test.TC_Role2.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-##############
-# Testing Model
-# We are making a Testing model based loosely on George Orwell's Animal Farm
-# In Animal Farm, Animals did all the work but didn't get any priviledges.
-# In our test, the animals can't see anything but their own role, etc
-# Dogs were supervisors, and ostensibly did something, though mostly laid around
-# In our test, they have Implicit Permissions by being Admins
-# Pigs were the Elite. They did nothing, but watch everyone and eat the produce
-# In our test, they have Explicit Permissions to see everything they want
-##############
-as testid@aaf.att.com
-# TC_Role2.20.1.POS List Data on non-Empty NS
-ns list name com.test.TC_Role2.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Role2.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Role2.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Role2.@[THE_USER].admin
- com.test.TC_Role2.@[THE_USER].owner
- Permissions
- com.test.TC_Role2.@[THE_USER].access * *
- com.test.TC_Role2.@[THE_USER].access * read
-
-# TC_Role2.20.10.POS Create Orwellian Roles
-role create com.test.TC_Role2.@[user.name].r.animals
-** Expect 201 **
-Created Role
-
-role create com.test.TC_Role2.@[user.name].r.dogs
-** Expect 201 **
-Created Role
-
-role create com.test.TC_Role2.@[user.name].r.pigs
-** Expect 201 **
-Created Role
-
-# TC_Role2.20.20.POS Create and Grant Perms to Dog Roles
-perm create com.test.TC_Role2.@[user.name].r.A garbage eat com.test.TC_Role2.@[user.name].r.animals
-** Expect 201 **
-Created Permission
-Granted Permission [com.test.TC_Role2.@[THE_USER].r.A|garbage|eat] to Role [com.test.TC_Role2.@[THE_USER].r.animals]
-
-perm create com.test.TC_Role2.@[user.name].r.A grain eat com.test.TC_Role2.@[user.name].r.dogs
-** Expect 201 **
-Created Permission
-Granted Permission [com.test.TC_Role2.@[THE_USER].r.A|grain|eat] to Role [com.test.TC_Role2.@[THE_USER].r.dogs]
-
-perm create com.test.TC_Role2.@[user.name].r.A grain * com.test.TC_Role2.@[user.name].r.dogs
-** Expect 201 **
-Created Permission
-Granted Permission [com.test.TC_Role2.@[THE_USER].r.A|grain|*] to Role [com.test.TC_Role2.@[THE_USER].r.dogs]
-
-perm create com.test.TC_Role2.@[user.name].r.A * * com.test.TC_Role2.@[user.name].r.dogs
-** Expect 201 **
-Created Permission
-Granted Permission [com.test.TC_Role2.@[THE_USER].r.A|*|*] to Role [com.test.TC_Role2.@[THE_USER].r.dogs]
-
-# TC_Role2.20.25.POS Create and Grant Animal Farm Priviledges to Pigs
-as XX@NS
-perm create com.att.aaf.role com.test.TC_Role2.@[user.name].r.animals view com.test.TC_Role2.@[user.name].r.pigs
-** Expect 201 **
-Created Permission
-Granted Permission [com.att.aaf.role|com.test.TC_Role2.@[THE_USER].r.animals|view] to Role [com.test.TC_Role2.@[THE_USER].r.pigs]
-
-perm create com.att.aaf.role com.test.TC_Role2.@[user.name].r.dogs view com.test.TC_Role2.@[user.name].r.pigs
-** Expect 201 **
-Created Permission
-Granted Permission [com.att.aaf.role|com.test.TC_Role2.@[THE_USER].r.dogs|view] to Role [com.test.TC_Role2.@[THE_USER].r.pigs]
-
-# TC_Role2.20.60.POS List Data on non-Empty NS
-as testid@aaf.att.com
-ns list name com.test.TC_Role2.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Role2.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Role2.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Role2.@[THE_USER].admin
- com.test.TC_Role2.@[THE_USER].owner
- com.test.TC_Role2.@[THE_USER].r.animals
- com.test.TC_Role2.@[THE_USER].r.dogs
- com.test.TC_Role2.@[THE_USER].r.pigs
- Permissions
- com.test.TC_Role2.@[THE_USER].access * *
- com.test.TC_Role2.@[THE_USER].access * read
- com.test.TC_Role2.@[THE_USER].r.A * *
- com.test.TC_Role2.@[THE_USER].r.A garbage eat
- com.test.TC_Role2.@[THE_USER].r.A grain *
- com.test.TC_Role2.@[THE_USER].r.A grain eat
-
-as XX@NS
-# TC_Role2.40.1.POS List Data on Role
-role list role com.test.TC_Role2.@[user.name].r.animals
-** Expect 200 **
-
-List Roles for Role[com.test.TC_Role2.@[THE_USER].r.animals]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Role2.@[THE_USER].r.animals
- com.test.TC_Role2.@[THE_USER].r.A garbage eat
-
-role list role com.test.TC_Role2.@[user.name].r.dogs
-** Expect 200 **
-
-List Roles for Role[com.test.TC_Role2.@[THE_USER].r.dogs]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Role2.@[THE_USER].r.dogs
- com.test.TC_Role2.@[THE_USER].r.A * *
- com.test.TC_Role2.@[THE_USER].r.A grain *
- com.test.TC_Role2.@[THE_USER].r.A grain eat
-
-role list role com.test.TC_Role2.@[user.name].r.pigs
-** Expect 200 **
-
-List Roles for Role[com.test.TC_Role2.@[THE_USER].r.pigs]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Role2.@[THE_USER].r.pigs
- com.att.aaf.role com.test.TC_Role2.@[THE_USER].r.animals view
- com.att.aaf.role com.test.TC_Role2.@[THE_USER].r.dogs view
-
-# TC_Role2.40.10.POS Add testunused to animals
-as testid@aaf.att.com
-user role add testunused@aaf.att.com com.test.TC_Role2.@[user.name].r.animals
-** Expect 201 **
-Added Role [com.test.TC_Role2.@[THE_USER].r.animals] to User [testunused@aaf.att.com]
-
-# TC_Role2.40.11.POS List by Name when part of role
-as testunused@aaf.att.com
-role list role com.test.TC_Role2.@[user.name].r.animals
-** Expect 200 **
-
-List Roles for Role[com.test.TC_Role2.@[THE_USER].r.animals]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Role2.@[THE_USER].r.animals
- com.test.TC_Role2.@[THE_USER].r.A garbage eat
-
-# TC_Role2.40.12.NEG List by Name when not part of Role
-role list role com.test.TC_Role2.@[user.name].r.dogs
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read Role [com.test.TC_Role2.@[THE_USER].r.dogs]
-
-role list role com.test.TC_Role2.@[user.name].r.pigs
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read Role [com.test.TC_Role2.@[THE_USER].r.pigs]
-
-# TC_Role2.40.30.POS Read various Roles based on being Admin in Namespace
-as testid@aaf.att.com
-role list role com.test.TC_Role2.@[user.name].r.animals
-** Expect 200 **
-
-List Roles for Role[com.test.TC_Role2.@[THE_USER].r.animals]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Role2.@[THE_USER].r.animals
- com.test.TC_Role2.@[THE_USER].r.A garbage eat
-
-role list role com.test.TC_Role2.@[user.name].r.dogs
-** Expect 200 **
-
-List Roles for Role[com.test.TC_Role2.@[THE_USER].r.dogs]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Role2.@[THE_USER].r.dogs
- com.test.TC_Role2.@[THE_USER].r.A * *
- com.test.TC_Role2.@[THE_USER].r.A grain *
- com.test.TC_Role2.@[THE_USER].r.A grain eat
-
-role list role com.test.TC_Role2.@[user.name].r.pigs
-** Expect 200 **
-
-List Roles for Role[com.test.TC_Role2.@[THE_USER].r.pigs]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Role2.@[THE_USER].r.pigs
- com.att.aaf.role com.test.TC_Role2.@[THE_USER].r.animals view
- com.att.aaf.role com.test.TC_Role2.@[THE_USER].r.dogs view
-
-# TC_Role2.40.50.POS Change testunused to Pigs
-as testid@aaf.att.com
-user role del testunused@aaf.att.com com.test.TC_Role2.@[user.name].r.animals
-** Expect 200 **
-Removed Role [com.test.TC_Role2.@[THE_USER].r.animals] from User [testunused@aaf.att.com]
-
-user role add testunused@aaf.att.com com.test.TC_Role2.@[user.name].r.pigs
-** Expect 201 **
-Added Role [com.test.TC_Role2.@[THE_USER].r.pigs] to User [testunused@aaf.att.com]
-
-# TC_Role2.40.51.POS Read various Roles based on having Explicit Permissions
-as testunused@aaf.att.com
-role list role com.test.TC_Role2.@[user.name].r.animals
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read Role [com.test.TC_Role2.@[THE_USER].r.animals]
-
-role list role com.test.TC_Role2.@[user.name].r.dogs
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read Role [com.test.TC_Role2.@[THE_USER].r.dogs]
-
-role list role com.test.TC_Role2.@[user.name].r.pigs
-** Expect 200 **
-
-List Roles for Role[com.test.TC_Role2.@[THE_USER].r.pigs]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Role2.@[THE_USER].r.pigs
- com.att.aaf.role com.test.TC_Role2.@[THE_USER].r.animals view
- com.att.aaf.role com.test.TC_Role2.@[THE_USER].r.dogs view
-
-# TC_Role2.41.10.POS List by User when Same as Caller
-as testunused@aaf.att.com
-role list user testunused@aaf.att.com
-** Expect 200 **
-
-List Roles for User [testunused@aaf.att.com]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Role2.@[THE_USER].r.pigs
- com.att.aaf.role com.test.TC_Role2.@[THE_USER].r.animals view
- com.att.aaf.role com.test.TC_Role2.@[THE_USER].r.dogs view
-
-# TC_Role2.41.15.POS List by User when not same as Caller, but own/admin namespace of Roles
-as testid@aaf.att.com
-role list user testunused@aaf.att.com
-** Expect 200 **
-
-List Roles for User [testunused@aaf.att.com]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Role2.@[THE_USER].r.pigs
- com.att.aaf.role com.test.TC_Role2.@[THE_USER].r.animals view
- com.att.aaf.role com.test.TC_Role2.@[THE_USER].r.dogs view
-
-# TC_Role2.41.20.POS List by User when not same as Caller, but parent owner of Namespace
-as XX@NS
-role list user testunused@aaf.att.com
-** Expect 200 **
-
-List Roles for User [testunused@aaf.att.com]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Role2.@[THE_USER].r.pigs
- com.att.aaf.role com.test.TC_Role2.@[THE_USER].r.animals view
- com.att.aaf.role com.test.TC_Role2.@[THE_USER].r.dogs view
-
-# TC_Role2.41.80.NEG List by User when not Caller nor associated to Namespace (nothing should be shown)
-as testunused@aaf.att.com
-role list user XX@NS
-** Expect 200 **
-
-List Roles for User [XX@NS]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-
-# TC_Role2.42.10.POS List Roles from NS when not allowed to see NS
-as testid@aaf.att.com
-role list ns com.test.TC_Role2.@[user.name]
-** Expect 200 **
-
-List Roles by NS [com.test.TC_Role2.@[THE_USER]]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Role2.@[THE_USER].admin
- com.test.TC_Role2.@[THE_USER].access * *
-com.test.TC_Role2.@[THE_USER].owner
- com.test.TC_Role2.@[THE_USER].access * read
-com.test.TC_Role2.@[THE_USER].r.animals
- com.test.TC_Role2.@[THE_USER].r.A garbage eat
-com.test.TC_Role2.@[THE_USER].r.dogs
- com.test.TC_Role2.@[THE_USER].r.A * *
- com.test.TC_Role2.@[THE_USER].r.A grain *
- com.test.TC_Role2.@[THE_USER].r.A grain eat
-com.test.TC_Role2.@[THE_USER].r.pigs
- com.att.aaf.role com.test.TC_Role2.@[THE_USER].r.animals view
- com.att.aaf.role com.test.TC_Role2.@[THE_USER].r.dogs view
-
-# TC_Role2.42.20.NEG Don't List Roles from NS when not allowed to see NS
-as testunused@aaf.att.com
-role list ns com.test.TC_Role2.@[user.name]
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read in NS [com.test.TC_Role2.@[THE_USER]]
-
-# TC_Role2.43.10.POS List Roles when allowed to see Perm
-as testid@aaf.att.com
-role list perm com.test.TC_Role2.@[user.name].r.A grain eat
-** Expect 200 **
-
-List Roles by Perm com.test.TC_Role2.@[THE_USER].r.A|grain|eat
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Role2.@[THE_USER].r.dogs
- com.test.TC_Role2.@[THE_USER].r.A * *
- com.test.TC_Role2.@[THE_USER].r.A grain *
- com.test.TC_Role2.@[THE_USER].r.A grain eat
-
-role list perm com.test.TC_Role2.@[user.name].r.A grain *
-** Expect 200 **
-
-List Roles by Perm com.test.TC_Role2.@[THE_USER].r.A|grain|*
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Role2.@[THE_USER].r.dogs
- com.test.TC_Role2.@[THE_USER].r.A * *
- com.test.TC_Role2.@[THE_USER].r.A grain *
- com.test.TC_Role2.@[THE_USER].r.A grain eat
-
-role list perm com.test.TC_Role2.@[user.name].r.A * *
-** Expect 200 **
-
-List Roles by Perm com.test.TC_Role2.@[THE_USER].r.A|*|*
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.test.TC_Role2.@[THE_USER].r.dogs
- com.test.TC_Role2.@[THE_USER].r.A * *
- com.test.TC_Role2.@[THE_USER].r.A grain *
- com.test.TC_Role2.@[THE_USER].r.A grain eat
-
-# TC_Role2.43.15.NEG Don't List Roles when not allowed to see Perm
-as testunused@aaf.att.com
-role list perm com.test.TC_Role2.@[user.name].r.A grain eat
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read Perm [com.test.TC_Role2.@[THE_USER].r.A|grain|eat]
-
-role list perm com.test.TC_Role2.@[user.name].r.A grain *
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read Perm [com.test.TC_Role2.@[THE_USER].r.A|grain|*]
-
-role list perm com.test.TC_Role2.@[user.name].r.A * *
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read Perm [com.test.TC_Role2.@[THE_USER].r.A|*|*]
-
-as XX@NS
-# TC_Role2.99.1.POS Delete Roles
-force role delete com.test.TC_Role2.@[user.name].r.animals
-** Expect 200,404 **
-Deleted Role
-
-force role delete com.test.TC_Role2.@[user.name].r.dogs
-** Expect 200,404 **
-Deleted Role
-
-force role delete com.test.TC_Role2.@[user.name].r.pigs
-** Expect 200,404 **
-Deleted Role
-
-# TC_Role2.99.2.POS Delete Perms
-force perm delete com.test.TC_Role2.@[user.name].r.A garbage eat
-** Expect 200,404 **
-Deleted Permission
-
-force perm delete com.test.TC_Role2.@[user.name].r.A grain eat
-** Expect 200,404 **
-Deleted Permission
-
-force perm delete com.test.TC_Role2.@[user.name].r.A grain *
-** Expect 200,404 **
-Deleted Permission
-
-force perm delete com.test.TC_Role2.@[user.name].r.A * *
-** Expect 200,404 **
-Deleted Permission
-
-force perm delete com.att.aaf.role com.test.TC_Role2.@[user.name].r.animals view
-** Expect 200,404 **
-Deleted Permission
-
-force perm delete com.att.aaf.role com.test.TC_Role2.@[user.name].r.dogs view
-** Expect 200,404 **
-Deleted Permission
-
-# TC_Role2.99.2.POS Namespace Admin can delete Namespace
-force ns delete com.test.TC_Role2.@[user.name]
-** Expect 200,404 **
-Deleted Namespace
-
-# TC_Role2.99.3.POS Print Namespaces
-ns list name com.test.TC_Role2.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_Role2.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
diff --git a/authz-test/TestSuite/expected/TC_UR1.expected b/authz-test/TestSuite/expected/TC_UR1.expected
deleted file mode 100644
index 7630488f..00000000
--- a/authz-test/TestSuite/expected/TC_UR1.expected
+++ /dev/null
@@ -1,266 +0,0 @@
-set testid@aaf.att.com <pass>
-set testunused@aaf.att.com <pass>
-set XX@NS <pass>
-set bogus boguspass
-#delay 10
-set NFR 0
-as testid@aaf.att.com
-# TC_UR1.10.0.POS Validate no NS
-ns list name com.test.TC_UR1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_UR1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_UR1.10.1.POS Create Namespace to add IDs
-ns create com.test.TC_UR1.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-# TC_Role1.10.10.POS Create role to assign mechid perm to
-role create com.test.TC_UR1.@[user.name].cred_admin
-** Expect 201 **
-Created Role
-
-as XX@NS
-# TC_Role1.10.11.POS Assign role to mechid perm
-perm grant com.att.aaf.mechid com.att create com.test.TC_UR1.@[user.name].cred_admin
-** Expect 201 **
-Granted Permission [com.att.aaf.mechid|com.att|create] to Role [com.test.TC_UR1.@[THE_USER].cred_admin]
-
-as testid@aaf.att.com
-# TC_Role1.10.12.POS Assign user for creating creds
-user role add testid@aaf.att.com com.test.TC_UR1.@[user.name].cred_admin
-** Expect 201 **
-Added Role [com.test.TC_UR1.@[THE_USER].cred_admin] to User [testid@aaf.att.com]
-
-# TC_UR1.10.20.POS Create two Credentials
-user cred add m00001@@[user.name].TC_UR1.test.com "abc123sd"
-** Expect 201 **
-Added Credential [m00001@@[THE_USER].TC_UR1.test.com]
-
-user cred add m00002@@[user.name].TC_UR1.test.com "abc123sd"
-** Expect 201 **
-Added Credential [m00002@@[THE_USER].TC_UR1.test.com]
-
-# TC_UR1.10.21.POS Create two Roles
-role create com.test.TC_UR1.@[user.name].r1
-** Expect 201 **
-Created Role
-
-role create com.test.TC_UR1.@[user.name].r2
-** Expect 201 **
-Created Role
-
-# TC_UR1.23.1.NEG Too Few Args for User Role 1
-user
-** Expect 0 **
-user role <add|del|setTo|extend> <user> [role[,role]* (!REQ S)]
- cred <add|del|reset|extend> <id> [password (! D|E)] [entry# (if multi)]
- delegate <add|upd|del> <from> [to REQ A&U] [until (YYYY-MM-DD) REQ A]
- list role <role>
- perm <type> <instance> <action>
- cred <ns|id> <value>
- delegates <user|delegate> <id>
- approvals <user|approver|ticket> <value>
- activity <user>
-
-# TC_UR1.23.2.NEG Too Few Args for user role
-user role
-** Expect -1 **
-Too few args: role <add|del|setTo|extend> <user> [role[,role]* (!REQ S)]
-
-# TC_UR1.23.3.NEG Too Few Args for user role add
-user role add
-** Expect -1 **
-Too few args: role <add|del|setTo|extend> <user> [role[,role]* (!REQ S)]
-
-# TC_UR1.30.10.POS Create a UserRole
-user role add m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1
-** Expect 201 **
-Added Role [com.test.TC_UR1.@[THE_USER].r1] to User [m00001@@[THE_USER].TC_UR1.test.com]
-
-# TC_UR1.30.11.NEG Created UserRole Exists
-user role add m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1
-** Expect 409 **
-Failed [SVC1409]: Conflict Already Exists - User Role exists
-
-# TC_UR1.30.13.POS Delete UserRole
-sleep 0
-user role del m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1
-** Expect 200 **
-Removed Role [com.test.TC_UR1.@[THE_USER].r1] from User [m00001@@[THE_USER].TC_UR1.test.com]
-
-# TC_UR1.30.20.POS Create multiple UserRoles
-user role add m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1,com.test.TC_UR1.@[user.name].r2
-** Expect 201 **
-Added Role [com.test.TC_UR1.@[THE_USER].r1] to User [m00001@@[THE_USER].TC_UR1.test.com]
-Added Role [com.test.TC_UR1.@[THE_USER].r2] to User [m00001@@[THE_USER].TC_UR1.test.com]
-
-# TC_UR1.30.21.NEG Created UserRole Exists
-user role add m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1,com.test.TC_UR1.@[user.name].r2
-** Expect 409 **
-Failed [SVC1409]: Conflict Already Exists - User Role exists
-Failed [SVC1409]: Conflict Already Exists - User Role exists
-
-# TC_UR1.30.23.POS Delete UserRole
-sleep 0
-user role del m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1,com.test.TC_UR1.@[user.name].r2
-** Expect 200 **
-Removed Role [com.test.TC_UR1.@[THE_USER].r1] from User [m00001@@[THE_USER].TC_UR1.test.com]
-Removed Role [com.test.TC_UR1.@[THE_USER].r2] from User [m00001@@[THE_USER].TC_UR1.test.com]
-
-# TC_UR1.30.30.POS Create a Role User
-role user add com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com
-** Expect 201 **
-Added User [m00001@@[THE_USER].TC_UR1.test.com] to Role [com.test.TC_UR1.@[THE_USER].r1]
-
-# TC_UR1.30.31.NEG Created Role User Exists
-role user add com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com
-** Expect 409 **
-Failed [SVC1409]: Conflict Already Exists - User Role exists
-
-# TC_UR1.30.33.POS Delete Role User
-sleep 0
-role user del com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com
-** Expect 200 **
-Removed User [m00001@@[THE_USER].TC_UR1.test.com] from Role [com.test.TC_UR1.@[THE_USER].r1]
-
-# TC_UR1.30.40.POS Create multiple Role Users
-role user add com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com,m00002@@[user.name].TC_UR1.test.com
-** Expect 201 **
-Added User [m00001@@[THE_USER].TC_UR1.test.com] to Role [com.test.TC_UR1.@[THE_USER].r1]
-Added User [m00002@@[THE_USER].TC_UR1.test.com] to Role [com.test.TC_UR1.@[THE_USER].r1]
-
-# TC_UR1.30.41.NEG Created Role User Exists
-role user add com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com,m00002@@[user.name].TC_UR1.test.com
-** Expect 409 **
-Failed [SVC1409]: Conflict Already Exists - User Role exists
-Failed [SVC1409]: Conflict Already Exists - User Role exists
-
-# TC_UR1.30.43.POS Delete Role Users
-sleep 0
-role user del com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com,m00002@@[user.name].TC_UR1.test.com
-** Expect 200 **
-Removed User [m00001@@[THE_USER].TC_UR1.test.com] from Role [com.test.TC_UR1.@[THE_USER].r1]
-Removed User [m00002@@[THE_USER].TC_UR1.test.com] from Role [com.test.TC_UR1.@[THE_USER].r1]
-
-# TC_UR1.40.10.POS Create multiple UserRoles
-user role setTo m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1,com.test.TC_UR1.@[user.name].r2
-** Expect 200 **
-Set User's Roles to [com.test.TC_UR1.@[THE_USER].r1,com.test.TC_UR1.@[THE_USER].r2]
-
-# TC_UR1.40.11.POS Reset userrole for a user
-user role setTo m00001@@[user.name].TC_UR1.test.com
-** Expect 200 **
-Set User's Roles to []
-
-# TC_UR1.40.12.NEG Create userrole where Role doesn't exist
-user role setTo m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r5
-** Expect 404 **
-Failed [SVC3404]: Not Found - Role [com.test.TC_UR1.@[THE_USER].r5] does not exist
-
-# TC_UR1.40.13.NEG Create userrole where User doesn't exist
-user role setTo m99999@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1
-** Expect 403 **
-Failed [SVC2403]: Forbidden - m99999@@[THE_USER].TC_UR1.test.com is not a valid AAF Credential
-
-as testunused@aaf.att.com
-# TC_UR1.40.19.NEG User without permission tries to add userrole
-user role setTo m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not write Role [com.test.TC_UR1.@[THE_USER].r1]
-
-# TC_UR1.40.20.NEG User without permission tries to add userrole
-role user setTo com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not write Role [com.test.TC_UR1.@[THE_USER].r1]
-
-as testid@aaf.att.com
-# TC_UR1.40.22.POS Reset userrole for a user
-role user setTo com.test.TC_UR1.@[user.name].r1
-** Expect 200 **
-Set the Role to Users []
-
-sleep 0
-# TC_UR1.40.23.NEG Create UserRole where Role doesn't exist
-role user setTo com.test.TC_UR1.@[user.name].r5 m00001@@[user.name].TC_UR1.test.com
-** Expect 404 **
-Failed [SVC3404]: Not Found - Role [com.test.TC_UR1.@[THE_USER].r5] does not exist
-
-sleep 0
-# TC_UR1.40.24.NEG Create UserRole where User doesn't exist
-role user setTo com.test.TC_UR1.@[user.name].r1 m99999@@[user.name].TC_UR1.test.com
-** Expect 403 **
-Failed [SVC2403]: Forbidden - m99999@@[THE_USER].TC_UR1.test.com is not a valid AAF Credential
-
-# Need to let DB catch up on deletes
-sleep 0
-as testid@aaf.att.com
-# TC_UR1.99.1.POS Remove User from Role
-role user del com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com,m00002@@[user.name].TC_UR1.test.com
-** Expect 200,404 **
-Failed [SVC6404]: Not Found - User [ m00001@@[THE_USER].TC_UR1.test.com ] is not Assigned to the Role [ com.test.TC_UR1.@[THE_USER].r1 ]
-Failed [SVC6404]: Not Found - User [ m00002@@[THE_USER].TC_UR1.test.com ] is not Assigned to the Role [ com.test.TC_UR1.@[THE_USER].r1 ]
-
-role user del com.test.TC_UR1.@[user.name].r2 m00001@@[user.name].TC_UR1.test.com,m00002@@[user.name].TC_UR1.test.com
-** Expect 200,404 **
-Failed [SVC6404]: Not Found - User [ m00001@@[THE_USER].TC_UR1.test.com ] is not Assigned to the Role [ com.test.TC_UR1.@[THE_USER].r2 ]
-Failed [SVC6404]: Not Found - User [ m00002@@[THE_USER].TC_UR1.test.com ] is not Assigned to the Role [ com.test.TC_UR1.@[THE_USER].r2 ]
-
-role user setTo com.test.TC_UR1.@[user.name].r1
-** Expect 200,404 **
-Set the Role to Users []
-
-# TC_UR1.99.2.POS Remove ability to create creds
-user role del testid@aaf.att.com com.test.TC_UR1.@[user.name].cred_admin
-** Expect 200,404 **
-Removed Role [com.test.TC_UR1.@[THE_USER].cred_admin] from User [testid@aaf.att.com]
-
-as XX@NS
-perm ungrant com.att.aaf.mechid com.att create com.test.TC_UR1.@[user.name].cred_admin
-** Expect 200,404 **
-UnGranted Permission [com.att.aaf.mechid|com.att|create] from Role [com.test.TC_UR1.@[THE_USER].cred_admin]
-
-as testid@aaf.att.com
-role delete com.test.TC_UR1.@[user.name].cred_admin
-** Expect 200,404 **
-Deleted Role
-
-# TC_UR1.99.3.POS Delete Creds
-set force true
-user cred del m00001@@[user.name].TC_UR1.test.com
-** Expect 200,404 **
-Deleted Credential [m00001@@[THE_USER].TC_UR1.test.com]
-
-set force true
-user cred del m00002@@[user.name].TC_UR1.test.com
-** Expect 200,404 **
-Deleted Credential [m00002@@[THE_USER].TC_UR1.test.com]
-
-# TC_UR1.99.4.POS Delete Roles
-set force true
-set force=true role delete com.test.TC_UR1.@[user.name].r1
-** Expect 200,404 **
-Deleted Role
-
-set force true
-set force=true role delete com.test.TC_UR1.@[user.name].r2
-** Expect 200,404 **
-Deleted Role
-
-# TC_UR1.99.5.POS Delete Namespace
-set force true
-set force=true ns delete com.test.TC_UR1.@[user.name]
-** Expect 200,404 **
-Deleted Namespace
-
-# TC_UR1.99.99.POS Verify Cleaned NS
-ns list name com.test.TC_UR1.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_UR1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
diff --git a/authz-test/TestSuite/expected/TC_User1.expected b/authz-test/TestSuite/expected/TC_User1.expected
deleted file mode 100644
index e1d304f5..00000000
--- a/authz-test/TestSuite/expected/TC_User1.expected
+++ /dev/null
@@ -1,485 +0,0 @@
-set XX@NS <pass>
-set testid@aaf.att.com <pass>
-set testunused@aaf.att.com <pass>
-set bogus@aaf.att.com boguspass
-set m99990@@[THE_USER].TC_User1.test.com password123
-set m99995@@[THE_USER].TC_User1.test.com password123
-#delay 10
-set NFR 0
-as testid@aaf.att.com
-# TC_User1.10.0.POS Check for Existing Data
-ns list name com.test.TC_User1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_User1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_User1.10.1.POS Create Namespace with valid IDs and Responsible Parties
-ns create com.test.TC_User1.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-# TC_User1.10.10.POS Create role to assign mechid perm to
-role create com.test.TC_User1.@[user.name].cred_admin testid@aaf.att.com
-** Expect 201 **
-Created Role
-Added User [testid@aaf.att.com] to Role [com.test.TC_User1.@[THE_USER].cred_admin]
-
-as XX@NS
-# TC_User1.10.11.POS Assign role to mechid perm
-perm grant com.att.aaf.mechid com.att create com.test.TC_User1.@[user.name].cred_admin
-** Expect 201 **
-Granted Permission [com.att.aaf.mechid|com.att|create] to Role [com.test.TC_User1.@[THE_USER].cred_admin]
-
-perm grant com.att.aaf.delg com.att change com.test.TC_User1.@[user.name].cred_admin
-** Expect 201 **
-Granted Permission [com.att.aaf.delg|com.att|change] to Role [com.test.TC_User1.@[THE_USER].cred_admin]
-
-as testid@aaf.att.com
-# TC_User1.01.99.POS Expect Namespace to be created
-ns list name com.test.TC_User1.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_User1.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_User1.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_User1.@[THE_USER].admin
- com.test.TC_User1.@[THE_USER].cred_admin
- com.test.TC_User1.@[THE_USER].owner
- Permissions
- com.test.TC_User1.@[THE_USER].access * *
- com.test.TC_User1.@[THE_USER].access * read
-
-as testid@aaf.att.com
-# TC_User1.20.1.POS Create roles
-role create com.test.TC_User1.@[user.name].manager
-** Expect 201 **
-Created Role
-
-role create com.test.TC_User1.@[user.name].worker
-** Expect 201 **
-Created Role
-
-# TC_User1.20.2.POS Create permissions
-perm create com.test.TC_User1.@[user.name].supplies * move com.test.TC_User1.@[user.name].worker
-** Expect 201 **
-Created Permission
-Granted Permission [com.test.TC_User1.@[THE_USER].supplies|*|move] to Role [com.test.TC_User1.@[THE_USER].worker]
-
-perm create com.test.TC_User1.@[user.name].supplies * stock com.test.TC_User1.@[user.name].worker
-** Expect 201 **
-Created Permission
-Granted Permission [com.test.TC_User1.@[THE_USER].supplies|*|stock] to Role [com.test.TC_User1.@[THE_USER].worker]
-
-perm create com.test.TC_User1.@[user.name].schedule worker create com.test.TC_User1.@[user.name].manager
-** Expect 201 **
-Created Permission
-Granted Permission [com.test.TC_User1.@[THE_USER].schedule|worker|create] to Role [com.test.TC_User1.@[THE_USER].manager]
-
-perm create com.test.TC_User1.@[user.name].worker * annoy com.test.TC_User1.@[user.name].manager
-** Expect 201 **
-Created Permission
-Granted Permission [com.test.TC_User1.@[THE_USER].worker|*|annoy] to Role [com.test.TC_User1.@[THE_USER].manager]
-
-# TC_User1.20.3.POS Create mechid
-user cred add m99990@@[user.name].TC_User1.test.com password123
-** Expect 201 **
-Added Credential [m99990@@[THE_USER].TC_User1.test.com]
-
-user cred add m99995@@[user.name].TC_User1.test.com password123
-** Expect 201 **
-Added Credential [m99995@@[THE_USER].TC_User1.test.com]
-
-as XX@NS
-# TC_User1.20.10.POS Add users to roles
-user role add @[user.name] com.test.TC_User1.@[user.name].manager
-** Expect 201 **
-Added Role [com.test.TC_User1.@[THE_USER].manager] to User [@[THE_USER]@csp.att.com]
-
-user role add m99990@@[user.name].TC_User1.test.com com.test.TC_User1.@[user.name].worker
-** Expect 201 **
-Added Role [com.test.TC_User1.@[THE_USER].worker] to User [m99990@@[THE_USER].TC_User1.test.com]
-
-# TC_User1.20.20.POS Add Delegate
-as XX@NS
-# TC_User1.20.20.POS Create delegates
-force user delegate add @[user.name] @[user.name]
-** Expect 201 **
-Delegate Added
-
-# TC_User1.40.1.NEG Non-admin, user not in role should not view
-as testunused@aaf.att.com
-user list role com.test.TC_User1.@[user.name].manager
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read Role [com.test.TC_User1.@[THE_USER].manager]
-
-user list role com.test.TC_User1.@[user.name].worker
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read Role [com.test.TC_User1.@[THE_USER].worker]
-
-as m99990@@[THE_USER].TC_User1.test.com
-# TC_User1.40.2.NEG Non-admin, user in role should not view
-user list role com.test.TC_User1.@[user.name].manager
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [m99990@@[THE_USER].TC_User1.test.com] may not read Role [com.test.TC_User1.@[THE_USER].manager]
-
-sleep 0
-# TC_User1.40.3.POS Non-admin, user in role can view himself
-user list role com.test.TC_User1.@[user.name].worker
-** Expect 200 **
-
-List Users for Role[com.test.TC_User1.@[THE_USER].worker]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-m99990@@[THE_USER].TC_User1.test.com XXXX-XX-XX
-
-
-as testid@aaf.att.com
-# TC_User1.40.10.POS admin should view
-user list role com.test.TC_User1.@[user.name].manager
-** Expect 200 **
-
-List Users for Role[com.test.TC_User1.@[THE_USER].manager]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-@[THE_USER]@csp.att.com XXXX-XX-XX
-
-
-user list role com.test.TC_User1.@[user.name].worker
-** Expect 200 **
-
-List Users for Role[com.test.TC_User1.@[THE_USER].worker]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-m99990@@[THE_USER].TC_User1.test.com XXXX-XX-XX
-
-
-as testunused@aaf.att.com
-# TC_User1.41.1.NEG Non-admin, user not in perm should not view
-user list perm com.test.TC_User1.@[user.name].supplies * move
-** Expect 200 **
-
-List Users for Permission[com.test.TC_User1.@[THE_USER].supplies|*|move]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-
-
-user list perm com.test.TC_User1.@[user.name].supplies * stock
-** Expect 200 **
-
-List Users for Permission[com.test.TC_User1.@[THE_USER].supplies|*|stock]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-
-
-user list perm com.test.TC_User1.@[user.name].schedule worker create
-** Expect 200 **
-
-List Users for Permission[com.test.TC_User1.@[THE_USER].schedule|worker|create]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-
-
-user list perm com.test.TC_User1.@[user.name].worker * annoy
-** Expect 200 **
-
-List Users for Permission[com.test.TC_User1.@[THE_USER].worker|*|annoy]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-
-
-as m99990@@[THE_USER].TC_User1.test.com
-# TC_User1.41.2.POS Non-admin, user in perm can view himself
-user list perm com.test.TC_User1.@[user.name].supplies * move
-** Expect 200 **
-
-List Users for Permission[com.test.TC_User1.@[THE_USER].supplies|*|move]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-m99990@@[THE_USER].TC_User1.test.com XXXX-XX-XX
-
-
-user list perm com.test.TC_User1.@[user.name].supplies * stock
-** Expect 200 **
-
-List Users for Permission[com.test.TC_User1.@[THE_USER].supplies|*|stock]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-m99990@@[THE_USER].TC_User1.test.com XXXX-XX-XX
-
-
-as m99990@@[THE_USER].TC_User1.test.com
-# TC_User1.41.3.NEG Non-admin, user in perm should not view
-user list perm com.test.TC_User1.@[user.name].schedule worker create
-** Expect 200 **
-
-List Users for Permission[com.test.TC_User1.@[THE_USER].schedule|worker|create]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-
-
-user list perm com.test.TC_User1.@[user.name].worker * annoy
-** Expect 200 **
-
-List Users for Permission[com.test.TC_User1.@[THE_USER].worker|*|annoy]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-
-
-as testid@aaf.att.com
-# TC_User1.41.10.POS admin should view
-user list perm com.test.TC_User1.@[user.name].supplies * move
-** Expect 200 **
-
-List Users for Permission[com.test.TC_User1.@[THE_USER].supplies|*|move]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-m99990@@[THE_USER].TC_User1.test.com XXXX-XX-XX
-
-
-user list perm com.test.TC_User1.@[user.name].supplies * stock
-** Expect 200 **
-
-List Users for Permission[com.test.TC_User1.@[THE_USER].supplies|*|stock]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-m99990@@[THE_USER].TC_User1.test.com XXXX-XX-XX
-
-
-user list perm com.test.TC_User1.@[user.name].schedule worker create
-** Expect 200 **
-
-List Users for Permission[com.test.TC_User1.@[THE_USER].schedule|worker|create]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-@[THE_USER]@csp.att.com XXXX-XX-XX
-
-
-user list perm com.test.TC_User1.@[user.name].worker * annoy
-** Expect 200 **
-
-List Users for Permission[com.test.TC_User1.@[THE_USER].worker|*|annoy]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-@[THE_USER]@csp.att.com XXXX-XX-XX
-
-
-as testunused@aaf.att.com
-# TC_User1.42.1.NEG Unrelated user can't view delegates
-user list delegates user m99990@@[user.name].TC_User1.test.com
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read delegates for [m99990@@[THE_USER].TC_User1.test.com]
-
-user list delegates delegate m99995@@[user.name].TC_User1.test.com
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read delegates for [m99995@@[THE_USER].TC_User1.test.com]
-
-as XX@NS
-# TC_User1.42.10.POS Admin of domain NS can view
-user list delegates user @[user.name]
-** Expect 200 **
-
-List Delegates by user[@[THE_USER]@csp.att.com]
---------------------------------------------------------------------------------
- User Delegate Expires
---------------------------------------------------------------------------------
- @[THE_USER]@csp.att.com @[THE_USER]@csp.att.com XXXX-XX-XX
-
-user list delegates delegate @[user.name]
-** Expect 200 **
-
-List Delegates by delegate[@[THE_USER]@csp.att.com]
---------------------------------------------------------------------------------
- User Delegate Expires
---------------------------------------------------------------------------------
- @[THE_USER]@csp.att.com @[THE_USER]@csp.att.com XXXX-XX-XX
-
-as testid@aaf.att.com
-# TC_User1.43.1.POS Add another user to worker role
-user role add m99995@@[user.name].TC_User1.test.com com.test.TC_User1.@[user.name].worker
-** Expect 201 **
-Added Role [com.test.TC_User1.@[THE_USER].worker] to User [m99995@@[THE_USER].TC_User1.test.com]
-
-as m99990@@[THE_USER].TC_User1.test.com
-# TC_User1.43.2.POS User should only see himself here
-user list role com.test.TC_User1.@[user.name].worker
-** Expect 200 **
-
-List Users for Role[com.test.TC_User1.@[THE_USER].worker]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-m99990@@[THE_USER].TC_User1.test.com XXXX-XX-XX
-m99995@@[THE_USER].TC_User1.test.com XXXX-XX-XX
-
-
-user list perm com.test.TC_User1.@[user.name].supplies * move
-** Expect 200 **
-
-List Users for Permission[com.test.TC_User1.@[THE_USER].supplies|*|move]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-m99990@@[THE_USER].TC_User1.test.com XXXX-XX-XX
-m99995@@[THE_USER].TC_User1.test.com XXXX-XX-XX
-
-
-user list perm com.test.TC_User1.@[user.name].supplies * stock
-** Expect 200 **
-
-List Users for Permission[com.test.TC_User1.@[THE_USER].supplies|*|stock]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-m99990@@[THE_USER].TC_User1.test.com XXXX-XX-XX
-m99995@@[THE_USER].TC_User1.test.com XXXX-XX-XX
-
-
-as XX@NS
-# TC_User1.43.10.POS Grant explicit user perm to user
-perm create com.att.aaf.user :com.test.TC_User1.@[user.name] view com.test.TC_User1.@[user.name].worker
-** Expect 201 **
-Created Permission
-Granted Permission [com.att.aaf.user|:com.test.TC_User1.@[THE_USER]|view] to Role [com.test.TC_User1.@[THE_USER].worker]
-
-as m99990@@[THE_USER].TC_User1.test.com
-# TC_User1.43.11.POS User should see all users of test domain now
-user list role com.test.TC_User1.@[user.name].worker
-** Expect 200 **
-
-List Users for Role[com.test.TC_User1.@[THE_USER].worker]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-m99990@@[THE_USER].TC_User1.test.com XXXX-XX-XX
-m99995@@[THE_USER].TC_User1.test.com XXXX-XX-XX
-
-
-user list perm com.test.TC_User1.@[user.name].supplies * move
-** Expect 200 **
-
-List Users for Permission[com.test.TC_User1.@[THE_USER].supplies|*|move]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-m99990@@[THE_USER].TC_User1.test.com XXXX-XX-XX
-m99995@@[THE_USER].TC_User1.test.com XXXX-XX-XX
-
-
-user list perm com.test.TC_User1.@[user.name].supplies * stock
-** Expect 200 **
-
-List Users for Permission[com.test.TC_User1.@[THE_USER].supplies|*|stock]
---------------------------------------------------------------------------------
-User Expires
---------------------------------------------------------------------------------
-m99990@@[THE_USER].TC_User1.test.com XXXX-XX-XX
-m99995@@[THE_USER].TC_User1.test.com XXXX-XX-XX
-
-
-as testid@aaf.att.com
-# TC_User1.99.0.POS Remove user roles
-user role del @[user.name] com.test.TC_User1.@[user.name].manager
-** Expect 200,404 **
-Removed Role [com.test.TC_User1.@[THE_USER].manager] from User [@[THE_USER]@csp.att.com]
-
-user role del m99990@@[user.name].TC_User1.test.com com.test.TC_User1.@[user.name].worker
-** Expect 200,404 **
-Removed Role [com.test.TC_User1.@[THE_USER].worker] from User [m99990@@[THE_USER].TC_User1.test.com]
-
-user role del m99995@@[user.name].TC_User1.test.com com.test.TC_User1.@[user.name].worker
-** Expect 200,404 **
-Removed Role [com.test.TC_User1.@[THE_USER].worker] from User [m99995@@[THE_USER].TC_User1.test.com]
-
-# TC_User1.99.1.POS Namespace Admin can delete Namepace defined Roles & Perms
-force perm delete com.test.TC_User1.@[user.name].supplies * move
-** Expect 200,404 **
-Deleted Permission
-
-force perm delete com.test.TC_User1.@[user.name].supplies * stock
-** Expect 200,404 **
-Deleted Permission
-
-force perm delete com.test.TC_User1.@[user.name].schedule worker create
-** Expect 200,404 **
-Deleted Permission
-
-force perm delete com.test.TC_User1.@[user.name].worker * annoy
-** Expect 200,404 **
-Deleted Permission
-
-force role delete com.test.TC_User1.@[user.name].manager
-** Expect 200,404 **
-Deleted Role
-
-force role delete com.test.TC_User1.@[user.name].worker
-** Expect 200,404 **
-Deleted Role
-
-# TC_User1.99.10.POS Creds and delegate
-user delegate del @[user.name]
-** Expect 200,404 **
-Delegate Deleted
-
-user cred del m99990@@[user.name].TC_User1.test.com
-** Expect 200,404 **
-Deleted Credential [m99990@@[THE_USER].TC_User1.test.com]
-
-user cred del m99995@@[user.name].TC_User1.test.com
-** Expect 200,404 **
-Deleted Credential [m99995@@[THE_USER].TC_User1.test.com]
-
-as XX@NS
-# TC_User1.99.15.POS Remove ability to create creds
-perm ungrant com.att.aaf.mechid com.att create com.test.TC_User1.@[user.name].cred_admin
-** Expect 200,404 **
-UnGranted Permission [com.att.aaf.mechid|com.att|create] from Role [com.test.TC_User1.@[THE_USER].cred_admin]
-
-perm ungrant com.att.aaf.delg com.att change com.test.TC_User1.@[user.name].cred_admin
-** Expect 200,404 **
-UnGranted Permission [com.att.aaf.delg|com.att|change] from Role [com.test.TC_User1.@[THE_USER].cred_admin]
-
-perm delete com.att.aaf.user :com.test.TC_User1.@[user.name] view
-** Expect 200,404 **
-Deleted Permission
-
-as testid@aaf.att.com
-force role delete com.test.TC_User1.@[user.name].cred_admin
-** Expect 200,404 **
-Deleted Role
-
-# TC_User1.99.90.POS Namespace Admin can delete Namespace
-force ns delete com.test.TC_User1.@[user.name]
-** Expect 200,404 **
-Deleted Namespace
-
-sleep 0
-# TC_User1.99.99.POS Check Clean Namespace
-ns list name com.test.TC_User1.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_User1.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
diff --git a/authz-test/TestSuite/expected/TC_Wild.expected b/authz-test/TestSuite/expected/TC_Wild.expected
deleted file mode 100644
index 448efa1d..00000000
--- a/authz-test/TestSuite/expected/TC_Wild.expected
+++ /dev/null
@@ -1,520 +0,0 @@
-set testid@aaf.att.com <pass>
-set testunused@aaf.att.com <pass>
-set XX@NS <pass>
-set bogus boguspass
-#delay 10
-set NFR 0
-as XX@NS
-# TC_Wild.10.0.POS Validate NS ok
-ns list name com.att.test.TC_Wild.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.att.test.TC_Wild.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-# TC_Wild.10.1.POS Create Namespace with valid IDs and Responsible Parties
-ns create com.att.TC_Wild.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-# TC_Wild.10.10.POS Create a clean MechID
-user cred add m99999@@[user.name].TC_Wild.att.com aNewPass8
-** Expect 201 **
-Added Credential [m99999@@[THE_USER].TC_Wild.att.com]
-
-set m99999@@[THE_USER].TC_Wild.att.com aNewPass8
-as XX@NS
-# TC_Wild.10.11.POS Create role and assign MechID to
-role create com.att.TC_Wild.@[user.name].service m99999@@[user.name].TC_Wild.att.com
-** Expect 201 **
-Created Role
-Added User [m99999@@[THE_USER].TC_Wild.att.com] to Role [com.att.TC_Wild.@[THE_USER].service]
-
-as m99999@@[THE_USER].TC_Wild.att.com
-# TC_Wild.20.1.NEG Fail to create a perm in NS
-perm create com.att.TC_Wild.@[user.name].myType myInstance myAction
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [m99999@@[THE_USER].TC_Wild.att.com] may not write Perm [com.att.TC_Wild.@[THE_USER].myType|myInstance|myAction]
-
-# TC_Wild.20.3.POS Add "access perm" based Wild Card with specific Action
-as XX@NS
-perm create com.att.TC_Wild.@[user.name].access :perm:myType:*:myAction write com.att.TC_Wild.@[user.name].service
-** Expect 201 **
-Created Permission
-Granted Permission [com.att.TC_Wild.@[THE_USER].access|:perm:myType:*:myAction|write] to Role [com.att.TC_Wild.@[THE_USER].service]
-
-# TC_Wild.20.5.POS Print Perms
-perm list user m99999@@[user.name].TC_Wild.att.com
-** Expect 200 **
-
-List Permissions by User[m99999@@[THE_USER].TC_Wild.att.com]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.att.TC_Wild.@[THE_USER].access :perm:myType:*:myAction write
-
-
-# TC_Wild.20.7.POS Now able to create a perm in NS
-as m99999@@[THE_USER].TC_Wild.att.com
-perm create com.att.TC_Wild.@[user.name].myType myInstance myAction
-** Expect 201 **
-Created Permission
-
-# TC_Wild.20.8.POS Print Perms
-as XX@NS
-perm list ns com.att.TC_Wild.@[user.name]
-** Expect 200 **
-
-List Perms by NS [com.att.TC_Wild.@[THE_USER]]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.att.TC_Wild.@[THE_USER].access * *
-com.att.TC_Wild.@[THE_USER].access * read
-com.att.TC_Wild.@[THE_USER].access :perm:myType:*:myAction write
-com.att.TC_Wild.@[THE_USER].myType myInstance myAction
-
-
-# TC_Wild.20.10.POS Delete Perms Created
-force perm delete com.att.TC_Wild.@[user.name].access :perm:myType:*:myAction write
-** Expect 200 **
-Deleted Permission
-
-force perm delete com.att.TC_Wild.@[user.name].myType myInstance myAction
-** Expect 200 **
-Deleted Permission
-
-as m99999@@[THE_USER].TC_Wild.att.com
-# TC_Wild.21.1.NEG Fail to create a perm in NS
-perm create com.att.TC_Wild.@[user.name].myType myInstance myAction
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [m99999@@[THE_USER].TC_Wild.att.com] may not write Perm [com.att.TC_Wild.@[THE_USER].myType|myInstance|myAction]
-
-# TC_Wild.21.3.POS Add "access perm" based Wild Card with specific Action
-as XX@NS
-perm create com.att.TC_Wild.@[user.name].access :perm:myType:*:* write com.att.TC_Wild.@[user.name].service
-** Expect 201 **
-Created Permission
-Granted Permission [com.att.TC_Wild.@[THE_USER].access|:perm:myType:*:*|write] to Role [com.att.TC_Wild.@[THE_USER].service]
-
-# TC_Wild.21.5.POS Print Perms
-perm list user m99999@@[user.name].TC_Wild.att.com
-** Expect 200 **
-
-List Permissions by User[m99999@@[THE_USER].TC_Wild.att.com]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.att.TC_Wild.@[THE_USER].access :perm:myType:*:* write
-
-
-# TC_Wild.21.7.POS Now able to create a perm in NS
-as m99999@@[THE_USER].TC_Wild.att.com
-perm create com.att.TC_Wild.@[user.name].myType myInstance myAction
-** Expect 201 **
-Created Permission
-
-# TC_Wild.21.8.POS Print Perms
-as XX@NS
-perm list ns com.att.TC_Wild.@[user.name]
-** Expect 200 **
-
-List Perms by NS [com.att.TC_Wild.@[THE_USER]]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.att.TC_Wild.@[THE_USER].access * *
-com.att.TC_Wild.@[THE_USER].access * read
-com.att.TC_Wild.@[THE_USER].access :perm:myType:*:* write
-com.att.TC_Wild.@[THE_USER].myType myInstance myAction
-
-
-# TC_Wild.21.10.POS Delete Perms Created
-force perm delete com.att.TC_Wild.@[user.name].access :perm:myType:*:* write
-** Expect 200 **
-Deleted Permission
-
-force perm delete com.att.TC_Wild.@[user.name].myType myInstance myAction
-** Expect 200 **
-Deleted Permission
-
-as m99999@@[THE_USER].TC_Wild.att.com
-# TC_Wild.30.1.NEG Fail to create a role in NS
-role create com.att.TC_Wild.@[user.name].tool.myRole
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [m99999@@[THE_USER].TC_Wild.att.com] may not write Role [com.att.TC_Wild.@[THE_USER].tool.myRole]
-
-# TC_Wild.30.3.POS Add "access role" based Wild Card with specific Action
-as XX@NS
-perm create com.att.TC_Wild.@[user.name].access :role:tool.* write com.att.TC_Wild.@[user.name].service
-** Expect 201 **
-Created Permission
-Granted Permission [com.att.TC_Wild.@[THE_USER].access|:role:tool.*|write] to Role [com.att.TC_Wild.@[THE_USER].service]
-
-# TC_Wild.30.5.POS Print Perms
-perm list user m99999@@[user.name].TC_Wild.att.com
-** Expect 200 **
-
-List Permissions by User[m99999@@[THE_USER].TC_Wild.att.com]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.att.TC_Wild.@[THE_USER].access :role:tool.* write
-
-
-# TC_Wild.30.7.POS Now able to create a role in NS
-as m99999@@[THE_USER].TC_Wild.att.com
-role create com.att.TC_Wild.@[user.name].tool.myRole
-** Expect 201 **
-Created Role
-
-# TC_Wild.30.8.POS Print Perms
-as XX@NS
-role list ns com.att.TC_Wild.@[user.name]
-** Expect 200 **
-
-List Roles by NS [com.att.TC_Wild.@[THE_USER]]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.att.TC_Wild.@[THE_USER].admin
- com.att.TC_Wild.@[THE_USER].access * *
-com.att.TC_Wild.@[THE_USER].owner
- com.att.TC_Wild.@[THE_USER].access * read
-com.att.TC_Wild.@[THE_USER].service
- com.att.TC_Wild.@[THE_USER].access :role:tool.* write
-com.att.TC_Wild.@[THE_USER].tool.myRole
-
-# TC_Wild.30.10.POS Delete Perms Created
-force perm delete com.att.TC_Wild.@[user.name].access :role:tool.* write
-** Expect 200 **
-Deleted Permission
-
-force role delete com.att.TC_Wild.@[user.name].tool.myRole
-** Expect 200 **
-Deleted Role
-
-as m99999@@[THE_USER].TC_Wild.att.com
-# TC_Wild.31.1.NEG Fail to create a role in NS
-role create com.att.TC_Wild.@[user.name].tool.myRole
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [m99999@@[THE_USER].TC_Wild.att.com] may not write Role [com.att.TC_Wild.@[THE_USER].tool.myRole]
-
-# TC_Wild.31.3.POS Add "access role" based Wild Card with specific Action
-as XX@NS
-perm create com.att.TC_Wild.@[user.name].access :role:* write com.att.TC_Wild.@[user.name].service
-** Expect 201 **
-Created Permission
-Granted Permission [com.att.TC_Wild.@[THE_USER].access|:role:*|write] to Role [com.att.TC_Wild.@[THE_USER].service]
-
-# TC_Wild.31.5.POS Print Perms
-perm list user m99999@@[user.name].TC_Wild.att.com
-** Expect 200 **
-
-List Permissions by User[m99999@@[THE_USER].TC_Wild.att.com]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.att.TC_Wild.@[THE_USER].access :role:* write
-
-
-# TC_Wild.31.7.POS Now able to create a role in NS
-as m99999@@[THE_USER].TC_Wild.att.com
-role create com.att.TC_Wild.@[user.name].tool.myRole
-** Expect 201 **
-Created Role
-
-# TC_Wild.31.8.POS Print Perms
-as XX@NS
-role list ns com.att.TC_Wild.@[user.name]
-** Expect 200 **
-
-List Roles by NS [com.att.TC_Wild.@[THE_USER]]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.att.TC_Wild.@[THE_USER].admin
- com.att.TC_Wild.@[THE_USER].access * *
-com.att.TC_Wild.@[THE_USER].owner
- com.att.TC_Wild.@[THE_USER].access * read
-com.att.TC_Wild.@[THE_USER].service
- com.att.TC_Wild.@[THE_USER].access :role:* write
-com.att.TC_Wild.@[THE_USER].tool.myRole
-
-# TC_Wild.31.10.POS Delete Perms Created
-force perm delete com.att.TC_Wild.@[user.name].access :role:* write
-** Expect 200 **
-Deleted Permission
-
-force role delete com.att.TC_Wild.@[user.name].tool.myRole
-** Expect 200 **
-Deleted Role
-
-as m99999@@[THE_USER].TC_Wild.att.com
-# TC_Wild.32.1.NEG Fail to create a role in NS
-role create com.att.TC_Wild.@[user.name].tool.myRole
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [m99999@@[THE_USER].TC_Wild.att.com] may not write Role [com.att.TC_Wild.@[THE_USER].tool.myRole]
-
-# TC_Wild.32.3.POS Add "access role" based Wild Card with specific Action
-as XX@NS
-perm create com.att.TC_Wild.@[user.name].access :role:* * com.att.TC_Wild.@[user.name].service
-** Expect 201 **
-Created Permission
-Granted Permission [com.att.TC_Wild.@[THE_USER].access|:role:*|*] to Role [com.att.TC_Wild.@[THE_USER].service]
-
-# TC_Wild.32.5.POS Print Perms
-as m99999@@[THE_USER].TC_Wild.att.com
-perm list user m99999@@[user.name].TC_Wild.att.com
-** Expect 200 **
-
-List Permissions by User[m99999@@[THE_USER].TC_Wild.att.com]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.att.TC_Wild.@[THE_USER].access :role:* *
-
-
-# TC_Wild.32.7.POS Now able to create a role in NS
-role create com.att.TC_Wild.@[user.name].tool.myRole
-** Expect 201 **
-Created Role
-
-# TC_Wild.32.8.POS May Print Role
-role list role com.att.TC_Wild.@[user.name].tool.myRole
-** Expect 200 **
-
-List Roles for Role[com.att.TC_Wild.@[THE_USER].tool.myRole]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.att.TC_Wild.@[THE_USER].tool.myRole
-
-as XX@NS
-# TC_Wild.32.10.POS Delete Perms Created
-force perm delete com.att.TC_Wild.@[user.name].access :role:* *
-** Expect 200 **
-Deleted Permission
-
-force role delete com.att.TC_Wild.@[user.name].tool.myRole
-** Expect 200 **
-Deleted Role
-
-as m99999@@[THE_USER].TC_Wild.att.com
-# TC_Wild.50.1.NEG Fail to create a perm in NS
-perm create com.att.TC_Wild.@[user.name].myType myInstance myAction
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [m99999@@[THE_USER].TC_Wild.att.com] may not write Perm [com.att.TC_Wild.@[THE_USER].myType|myInstance|myAction]
-
-# TC_Wild.50.3.POS Add "access perm" based Wild Card with specific Action
-as XX@NS
-perm create com.att.aaf.ns :com.att.*:perm:myType:*:* write com.att.TC_Wild.@[user.name].service
-** Expect 201 **
-Created Permission
-Granted Permission [com.att.aaf.ns|:com.att.*:perm:myType:*:*|write] to Role [com.att.TC_Wild.@[THE_USER].service]
-
-# TC_Wild.50.5.POS Print Perms
-perm list user m99999@@[user.name].TC_Wild.att.com
-** Expect 200 **
-
-List Permissions by User[m99999@@[THE_USER].TC_Wild.att.com]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.att.aaf.ns :com.att.*:perm:myType:*:* write
-
-
-# TC_Wild.50.7.POS Now able to create a perm in NS
-as m99999@@[THE_USER].TC_Wild.att.com
-perm create com.att.TC_Wild.@[user.name].myType myInstance myAction
-** Expect 201 **
-Created Permission
-
-# TC_Wild.50.8.POS Print Perms
-as XX@NS
-perm list ns com.att.TC_Wild.@[user.name]
-** Expect 200 **
-
-List Perms by NS [com.att.TC_Wild.@[THE_USER]]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.att.TC_Wild.@[THE_USER].access * *
-com.att.TC_Wild.@[THE_USER].access * read
-com.att.TC_Wild.@[THE_USER].myType myInstance myAction
-
-
-# TC_Wild.50.10.POS Delete Perms Created
-force perm delete com.att.aaf.ns :com.att.*:perm:myType:*:* write
-** Expect 200 **
-Deleted Permission
-
-force perm delete com.att.TC_Wild.@[user.name].myType myInstance myAction
-** Expect 200 **
-Deleted Permission
-
-as m99999@@[THE_USER].TC_Wild.att.com
-# TC_Wild.51.1.NEG Fail to create a role in NS
-role create com.att.TC_Wild.@[user.name].tool.myRole
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [m99999@@[THE_USER].TC_Wild.att.com] may not write Role [com.att.TC_Wild.@[THE_USER].tool.myRole]
-
-# TC_Wild.51.3.POS Add "access role" based Wild Card with specific Action
-as XX@NS
-perm create com.att.aaf.ns :com.att.*:role:tool.* write com.att.TC_Wild.@[user.name].service
-** Expect 201 **
-Created Permission
-Granted Permission [com.att.aaf.ns|:com.att.*:role:tool.*|write] to Role [com.att.TC_Wild.@[THE_USER].service]
-
-# TC_Wild.51.5.POS Print Perms
-perm list user m99999@@[user.name].TC_Wild.att.com
-** Expect 200 **
-
-List Permissions by User[m99999@@[THE_USER].TC_Wild.att.com]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.att.aaf.ns :com.att.*:role:tool.* write
-
-
-# TC_Wild.51.7.POS Now able to create a role in NS
-as m99999@@[THE_USER].TC_Wild.att.com
-role create com.att.TC_Wild.@[user.name].tool.myRole
-** Expect 201 **
-Created Role
-
-# TC_Wild.51.8.POS Print Perms
-as XX@NS
-role list ns com.att.TC_Wild.@[user.name]
-** Expect 200 **
-
-List Roles by NS [com.att.TC_Wild.@[THE_USER]]
---------------------------------------------------------------------------------
-ROLE Name
- PERM Type Instance Action
---------------------------------------------------------------------------------
-com.att.TC_Wild.@[THE_USER].admin
- com.att.TC_Wild.@[THE_USER].access * *
-com.att.TC_Wild.@[THE_USER].owner
- com.att.TC_Wild.@[THE_USER].access * read
-com.att.TC_Wild.@[THE_USER].service
- com.att.aaf.ns :com.att.*:role:tool.* write
-com.att.TC_Wild.@[THE_USER].tool.myRole
-
-# TC_Wild.51.10.POS Delete Perms Created
-force perm delete com.att.aaf.ns :com.att.*:role:tool.* write
-** Expect 200 **
-Deleted Permission
-
-force role delete com.att.TC_Wild.@[user.name].tool.myRole
-** Expect 200 **
-Deleted Role
-
-as m99999@@[THE_USER].TC_Wild.att.com
-# TC_Wild.52.1.NEG Fail to create a NS
-ns create com.test.TC_Wild.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 403 **
-Failed [SVC1403]: Forbidden - [m99999@@[THE_USER].TC_Wild.att.com] may not write in NS [com.test]
-
-# TC_Wild.52.3.POS Add "access role" based Wild Card with specific Action
-as XX@NS
-perm create com.att.aaf.ns :com.test:ns write com.att.TC_Wild.@[user.name].service
-** Expect 201 **
-Created Permission
-Granted Permission [com.att.aaf.ns|:com.test:ns|write] to Role [com.att.TC_Wild.@[THE_USER].service]
-
-# TC_Wild.52.5.POS Print Perms
-perm list user m99999@@[user.name].TC_Wild.att.com
-** Expect 200 **
-
-List Permissions by User[m99999@@[THE_USER].TC_Wild.att.com]
---------------------------------------------------------------------------------
-PERM Type Instance Action
---------------------------------------------------------------------------------
-com.att.aaf.ns :com.test:ns write
-
-
-# TC_Wild.52.7.POS Now able to create an NS
-as m99999@@[THE_USER].TC_Wild.att.com
-ns create com.test.TC_Wild.@[user.name] @[user.name] testid@aaf.att.com
-** Expect 201 **
-Created Namespace
-
-# TC_Wild.52.8.POS Print Perms
-as XX@NS
-ns list name com.test.TC_Wild.@[user.name]
-** Expect 200 **
-
-List Namespaces by Name[com.test.TC_Wild.@[THE_USER]]
---------------------------------------------------------------------------------
-com.test.TC_Wild.@[THE_USER]
- Administrators
- testid@aaf.att.com
- Responsible Parties
- @[THE_USER]@csp.att.com
- Roles
- com.test.TC_Wild.@[THE_USER].admin
- com.test.TC_Wild.@[THE_USER].owner
- Permissions
- com.test.TC_Wild.@[THE_USER].access * *
- com.test.TC_Wild.@[THE_USER].access * read
-
-# TC_Wild.52.10.POS Delete Perms Created
-force perm delete com.att.aaf.ns :com.test:ns write
-** Expect 200 **
-Deleted Permission
-
-force ns delete com.test.TC_Wild.@[user.name]
-** Expect 200 **
-Deleted Namespace
-
-as XX@NS
-# TC_Wild.99.80.POS Cleanup
-force perm delete com.att.aaf.ns :com.att.*:perm:*:* write
-** Expect 200,404 **
-Failed [SVC4404]: Not Found - Permission [com.att.aaf.ns|:com.att.*:perm:*:*|write] does not exist
-
-# TC_Wild.99.81.POS Cleanup
-force perm delete com.att.aaf.ns :com.att.*:perm:*:* *
-** Expect 200,404 **
-Failed [SVC4404]: Not Found - Permission [com.att.aaf.ns|:com.att.*:perm:*:*|*] does not exist
-
-# TC_Wild.99.82.POS Cleanup
-force perm delete com.att.aaf.ns :com.att.*:role:* write
-** Expect 200,404 **
-Failed [SVC4404]: Not Found - Permission [com.att.aaf.ns|:com.att.*:role:*|write] does not exist
-
-# TC_Wild.99.83.POS Cleanup
-force perm delete com.att.aaf.ns :com.test:ns write
-** Expect 200,404 **
-Failed [SVC4404]: Not Found - Permission [com.att.aaf.ns|:com.test:ns|write] does not exist
-
-# TC_Wild.99.90.POS Cleanup
-force ns delete com.test.TC_Wild.@[user.name]
-** Expect 200,404 **
-Failed [SVC2404]: Not Found - com.test.TC_Wild.@[THE_USER] does not exist
-
-# TC_Wild.99.91.POS Cleanup
-force ns delete com.att.TC_Wild.@[user.name]
-** Expect 200,404 **
-Deleted Namespace
-
-# TC_Wild.99.99.POS List to prove clean Namespaces
-ns list name com.att.TC_Wild.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.att.TC_Wild.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-
-ns list name com.test.TC_Wild.@[user.name]
-** Expect 200,404 **
-
-List Namespaces by Name[com.test.TC_Wild.@[THE_USER]]
---------------------------------------------------------------------------------
- *** Namespace Not Found ***
-