From d9cfae590b555d34a1a5d36153c460531f3653f0 Mon Sep 17 00:00:00 2001
From: Gildas Lanilis <gildas.lanilis@huawei.com>
Date: Tue, 29 May 2018 17:25:01 -0700
Subject: Document Security section of the Release Notes

Update with latest info
Change-Id: I30a95f8582822b917d383bf222973df13a333873
Issue-ID: DOC-271
Signed-off-by: Gildas Lanilis <gildas.lanilis@huawei.com>
---
 docs/sections/release-notes.rst | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/docs/sections/release-notes.rst b/docs/sections/release-notes.rst
index 1a5f163d..c3f74ade 100644
--- a/docs/sections/release-notes.rst
+++ b/docs/sections/release-notes.rst
@@ -11,7 +11,7 @@ Version: 2.1.0
 --------------
 
 
-:Release Date: 2018-04-18
+:Release Date: 2018-06-07
 
 
 
@@ -24,9 +24,16 @@ This release fixes the packaging and security issues.
 **Known Issues**
 	NA
 
-**Security Issues**
-	This release fixes the security vulnerabilities due to the opensourced libraries used in the project
+**Security Notes**
 
+AAF code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The AAF open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28380057>`_.
+
+Quick Links:
+ 	- `AAF project page <https://wiki.onap.org/display/DW/Application+Authorization+Framework+Project>`_
+ 	
+ 	- `Passing Badge information for AAF <https://bestpractices.coreinfrastructure.org/en/projects/1758>`_
+ 	
+ 	- `Project Vulnerability Review Table for AAF <https://wiki.onap.org/pages/viewpage.action?pageId=28380057>`_
 
 **Upgrade Notes**
   NA
-- 
cgit 1.2.3-korg


From b44ef5a2e5cdb27a250330bf9839dc174801d856 Mon Sep 17 00:00:00 2001
From: Sai Gandham <sg481n@att.com>
Date: Tue, 12 Jun 2018 20:18:28 +0000
Subject: Update error codes for AAF API

Issue-ID: AAF-359
Change-Id: Ie2106a5dada231ffa941762f05c40c7b61584064
Signed-off-by: Sai Gandham <sg481n@att.com>
---
 docs/sections/logging.rst | 48 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)

diff --git a/docs/sections/logging.rst b/docs/sections/logging.rst
index 89eddd53..cda20957 100644
--- a/docs/sections/logging.rst
+++ b/docs/sections/logging.rst
@@ -22,4 +22,52 @@ Error / Warning Messages
 ------------------------
 Following are the error codes
 
+| Create a Permission - Expected=200, Explicit=403, 404, 406, 409
+| Set Description for Permission - Expected=200, Explicit=404, 406
+| Delete a Permission Expected=200, Explicit=404, 406
+| Update a Permission - Expected=200, Explicit==04, 406, 409
+| Get Permissions by Type - Expected=200, Explicit=404, 406
+| Get Permissions by Key - Expected=200, Explicit=404, 406
+| Get PermsByNS - Expected=200, Explicit==404, 406
+| Get Permissions by Role - Expected=200, Explicit=404, 406
+| Get Permissions by User, Query AAF Perms - Expected=200, Explicit=404, 406
+| Get Permissions by User - Expected=200, Explicit=404, 406
+| Create Role - Expected=200, Explicit=403, 404, 406, 409
+| Set Description for role= - Expected=200, Explicit=404, 406
+| Delete Role - Expected=200, Explicit==404, 406
+| Delete Permission from Role - Expected=200, Explicit=404, 406
+| Add Permission to Role - Expected=200, Explicit=403, 404, 406, 409
+| Set a Permission's Roles - Expected=200, Explicit=403, 404, 406, 409
+| GetRolesByFullName - Expected=200, Explicit=404, 406
+| GetRolesByNameOnly - Expected=200, Explicit=404, 406
+| GetRolesByNS - Expected=200, Explicit=404, 406
+| GetRolesByPerm - Expected=200, Explicit=404, 406
+| GetRolesByUser - Expected=200, Explicit=404, 406
+| Request User Role Access - Expected=200, Explicit=403, 404, 406, 409
+| Get if User is In Role - Expected=200, Explicit=403, 404, 406
+| Delete User Role - Expected=200, Explicit=403, 404, 406
+| Update Users for a role - Expected=200, Explicit=403, 404, 406
+| Update Roles for a user - Expected=200, Explicit=403, 404, 406
+| Get UserRoles by Role - Expected=200, Explicit=404, 406
+| Get UserRoles by User - Expected=200, Explicit=404, 406
+| Create a Namespace - Expected=200, Explicit=403, 404, 406, 409	
+| Set a Description for a Namespace - Expected=200, Explicit=403, 404, 406
+| Delete a Namespace - Expected=200, Explicit=403, 404, 424
+| Add an Admin to a Namespace - Expected=200, Explicit=403, 404, 406, 409
+| Remove an Admin from a Namespace - Expected=200, Explicit=403, 404
+| Delete an Attribute from a Namespace - Expected=200, Explicit=403, 404
+| Add an Attribute from a Namespace - Expected=200, Explicit=403, 404, 406, 409
+| update an Attribute from a Namespace - Expected=200, Explicit=403, 404
+| Add a Responsible Identity to a Namespace - Expected=200, Explicit=403, 404, 406, 409
+| Remove a Responsible Identity from Namespace - Expected=200, Explicit=403, 404
+| get Ns Key List From Attribute - Expected=200, Explicit=403, 404
+| Return Information about Namespaces - Expected=200, Explicit=404, 406
+| Return Child Namespaces - Expected=200, Explicit=403, 404
+| Get Users By Permission - Expected=200, Explicit=404, 406
+| Get Users By Role - Expected=200, Explicit=403, 404, 406
+| Is given BasicAuth valid? - Expected=200, Explicit=403
+| Is given Credential valid? - Expected=200, Explicit=403
+| if the mechid/password configured in cadi.props is wrong, there will be a 401
+| Subsequent calls to cadi for perm look ups will return a 403 (since cadi can't talk to the server, the answer has to be 'no')
+
 
-- 
cgit 1.2.3-korg