From 43854a9e3310ff7a92257d16c4fc0a8321eaec68 Mon Sep 17 00:00:00 2001 From: sg481n Date: Thu, 3 Aug 2017 17:27:34 -0400 Subject:  [AAF-21] Initial code import MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Change-Id: I63d7d499bbd46f500b5f5a4db966166f613f327a Signed-off-by: sg481n --- authz-test/TestSuite/TC_Cred1/00_ids | 8 +++ authz-test/TestSuite/TC_Cred1/10_init | 36 +++++++++++++ authz-test/TestSuite/TC_Cred1/15_create | 33 ++++++++++++ authz-test/TestSuite/TC_Cred1/30_multiple_creds | 69 +++++++++++++++++++++++++ authz-test/TestSuite/TC_Cred1/99_cleanup | 29 +++++++++++ authz-test/TestSuite/TC_Cred1/Description | 16 ++++++ 6 files changed, 191 insertions(+) create mode 100644 authz-test/TestSuite/TC_Cred1/00_ids create mode 100644 authz-test/TestSuite/TC_Cred1/10_init create mode 100644 authz-test/TestSuite/TC_Cred1/15_create create mode 100644 authz-test/TestSuite/TC_Cred1/30_multiple_creds create mode 100644 authz-test/TestSuite/TC_Cred1/99_cleanup create mode 100644 authz-test/TestSuite/TC_Cred1/Description (limited to 'authz-test/TestSuite/TC_Cred1') diff --git a/authz-test/TestSuite/TC_Cred1/00_ids b/authz-test/TestSuite/TC_Cred1/00_ids new file mode 100644 index 00000000..9f6ad902 --- /dev/null +++ b/authz-test/TestSuite/TC_Cred1/00_ids @@ -0,0 +1,8 @@ +expect 0 +set testid@aaf.att.com= +set testunused@aaf.att.com= +set bogus=boguspass +set XX@NS= + +#delay 10 +set NFR=0 diff --git a/authz-test/TestSuite/TC_Cred1/10_init b/authz-test/TestSuite/TC_Cred1/10_init new file mode 100644 index 00000000..18231c0d --- /dev/null +++ b/authz-test/TestSuite/TC_Cred1/10_init @@ -0,0 +1,36 @@ +as testid@aaf.att.com +# TC_Cred1.10.0.POS List NS to prove ok +expect 200 +ns list name com.test.TC_Cred1.@[user.name] + +# TC_Cred1.10.1.POS Create Personalized Namespace to add Credentials +expect 201 +ns create com.test.TC_Cred1.@[user.name] @[user.name] testid@aaf.att.com + +# TC_Cred1.10.10.POS Create role to assign mechid perm to +expect 201 +role create com.test.TC_Cred1.@[user.name].cred_admin testid@aaf.att.com +role create com.test.TC_Cred1.@[user.name].pw_reset + +# TC_Cred1.10.11.POS Assign roles to perms +as XX@NS +expect 201 +perm create com.att.aaf.password com.test reset com.test.TC_Cred1.@[user.name].pw_reset +perm create com.att.aaf.mechid com.test create com.test.TC_Cred1.@[user.name].cred_admin +perm grant com.att.aaf.mechid com.att create com.test.TC_Cred1.@[user.name].cred_admin + +as testid@aaf.att.com +# TC_Cred1.10.30.POS Assign user for creating creds +expect 201 +user cred add m99999@@[user.name].TC_Cred1.test.com password123 +set m99999@@[user.name].TC_Cred1.test.com=password123 + + +# TC_Cred1.10.31.POS Credential used to similate non-admin Tier1 user with reset and create permissions +expect 201 +user role add m99999@@[user.name].TC_Cred1.test.com com.test.TC_Cred1.@[user.name].pw_reset,com.test.TC_Cred1.@[user.name].cred_admin + +# TC_Cred1.10.32.POS Remove create rights for testing +expect 200 +user role del testid@aaf.att.com com.test.TC_Cred1.@[user.name].cred_admin + diff --git a/authz-test/TestSuite/TC_Cred1/15_create b/authz-test/TestSuite/TC_Cred1/15_create new file mode 100644 index 00000000..c862d980 --- /dev/null +++ b/authz-test/TestSuite/TC_Cred1/15_create @@ -0,0 +1,33 @@ +# TC_Cred1.15.1.NEG Non-Admin, no permission user cannot create mechID +as testunused@aaf.att.com +expect 403 +user cred add m99990@@[user.name].TC_Cred1.test.com password123 + +# TC_Cred1.15.3.POS Non-Admin, with create permission user can create mechID +as m99999@@[user.name].TC_Cred1.test.com +expect 201 +user cred add m99990@@[user.name].TC_Cred1.test.com password123 + +# TC_Cred1.15.10.NEG Non-Admin, no reset permission cannot reset mechID +as testunused@aaf.att.com +expect 403 +user cred reset m99990@@[user.name].TC_Cred1.test.com password123 + +# TC_Cred1.15.11.POS Non-Admin, with reset permission can reset mechID +as m99999@@[user.name].TC_Cred1.test.com:password123 +expect 200 +user cred reset m99990@@[user.name].TC_Cred1.test.com password123 + +# TC_Cred1.15.12.POS Admin, without reset permission can reset Password +as testid@aaf.att.com +expect 200 +user cred reset m99990@@[user.name].TC_Cred1.test.com password123 + +# TC_Cred1.15.15.POS Admin, without reset permission can reset mechID +expect 200 +user cred reset m99990@@[user.name].TC_Cred1.test.com password123 1 + +# TC_Cred1.15.20.POS Admin, delete +expect 200 +user cred del m99990@@[user.name].TC_Cred1.test.com password123 1 + diff --git a/authz-test/TestSuite/TC_Cred1/30_multiple_creds b/authz-test/TestSuite/TC_Cred1/30_multiple_creds new file mode 100644 index 00000000..689225e2 --- /dev/null +++ b/authz-test/TestSuite/TC_Cred1/30_multiple_creds @@ -0,0 +1,69 @@ +# TC_Cred1.30.1.NEG Multiple options available to delete +as XX@NS +expect 201 +user cred add m99990@@[user.name].TC_Cred1.test.com pass23Word + +as testid@aaf.att.com +expect 201 +user cred add m99990@@[user.name].TC_Cred1.test.com pass23worD + +# TC_Cred1.30.2.POS Succeeds when we choose last option +expect 200 +user cred del m99990@@[user.name].TC_Cred1.test.com 2 + +# TC_Cred1.30.10.POS Add another credential +expect 201 +user cred add m99990@@[user.name].TC_Cred1.test.com password123 + +# TC_Cred1.30.11.NEG Multiple options available to reset +expect 300 +user cred reset m99990@@[user.name].TC_Cred1.test.com password123 + +# TC_Cred1.30.12.NEG Fails when we choose a bad option +expect 406 +user cred reset m99990@@[user.name].TC_Cred1.test.com password123 0 + +# TC_Cred1.30.13.POS Succeeds when we choose last option +expect 200 +user cred reset m99990@@[user.name].TC_Cred1.test.com password123 2 + +#TC_Cred1.30.30.NEG Fails when we don't have specific property +expect 403 +user cred extend m99990@@[user.name].TC_Cred1.test.com + +#### EXTENDS behavior #### +#TC_Cred1.30.32.POS Setup Temp Role for Extend Permission +expect 201 +as XX@NS +role create com.test.TC_Cred1.@[user.name].extendTemp + +#TC_Cred1.30.33.POS Grant Extends Permission to Role +expect 201 +perm grant com.att.aaf.password com.att extend com.test.TC_Cred1.@[user.name].extendTemp + +#TC_Cred1.30.35.POS Add current User to Temp Role for Extend Permission +expect 201 +role user add com.test.TC_Cred1.@[user.name].extendTemp XX@NS + +#TC_Cred1.30.36.POS Extend Password, expecting Single Response +expect 200 +user cred extend m99990@@[user.name].TC_Cred1.test.com 1 + +#TC_Cred1.30.39.POS Remove Role +expect 200 +set force=true +role delete com.test.TC_Cred1.@[user.name].extendTemp + +#### MULTI CLEANUP ##### +expect 200 +role list user m99990@@[user.name].TC_Cred1.test.com + +# TC_Cred1.30.80.POS Delete all entries for this cred +expect 200 +set force=true +user cred del m99990@@[user.name].TC_Cred1.test.com + +# TC_Cred1.30.99.POS List ns shows no creds attached +expect 200 +ns list name com.test.TC_Cred1.@[user.name] + diff --git a/authz-test/TestSuite/TC_Cred1/99_cleanup b/authz-test/TestSuite/TC_Cred1/99_cleanup new file mode 100644 index 00000000..3af41749 --- /dev/null +++ b/authz-test/TestSuite/TC_Cred1/99_cleanup @@ -0,0 +1,29 @@ +as testid@aaf.att.com +# TC_Cred1.99.1.POS Delete credentials +expect 200,404 +force user cred del m99990@@[user.name].TC_Cred1.test.com + +#TC_Cred1.99.2.POS Ensure Remove Role +expect 200,404 +set force=true +role delete com.test.TC_Cred1.@[user.name].extendTemp + +# TC_Cred1.99.10.POS Remove ability to create creds +force user role del testid@aaf.att.com com.test.TC_Cred1.@[user.name].cred_admin + +as XX@NS +perm ungrant com.att.aaf.mechid com.att create com.test.TC_Cred1.@[user.name].cred_admin +force perm delete com.att.aaf.password com.test reset +force perm delete com.att.aaf.mechid com.test create + +as testid@aaf.att.com +force role delete com.test.TC_Cred1.@[user.name].cred_admin +force role delete com.test.TC_Cred1.@[user.name].pw_reset + +# TC_Cred1.99.99.POS Delete Namespace for TestSuite +set force=true ns delete com.test.TC_Cred1.@[user.name] + +as XX@NS +force ns delete com.test.TC_Cred1.@[user.name] +force ns delete com.test.TC_Cred1 + diff --git a/authz-test/TestSuite/TC_Cred1/Description b/authz-test/TestSuite/TC_Cred1/Description new file mode 100644 index 00000000..59af5e1d --- /dev/null +++ b/authz-test/TestSuite/TC_Cred1/Description @@ -0,0 +1,16 @@ +This Testcase Tests the essentials of User Credentials + +APIs: + POST /auth/cred + PUT /auth/cred + DELETE /auth/cred + + +CLI: + Target + user addCred :user :password + user delCred :user + Ancillary + ns create + ns delete + -- cgit 1.2.3-korg