set testid@aaf.att.com set testunused@aaf.att.com set XX@NS set bogus boguspass #delay 10 set NFR 0 as testid@aaf.att.com # TC_UR1.10.0.POS Validate no NS ns list name com.test.TC_UR1.@[user.name] ** Expect 200 ** List Namespaces by Name[com.test.TC_UR1.@[THE_USER]] -------------------------------------------------------------------------------- *** Namespace Not Found *** # TC_UR1.10.1.POS Create Namespace to add IDs ns create com.test.TC_UR1.@[user.name] @[user.name] testid@aaf.att.com ** Expect 201 ** Created Namespace # TC_Role1.10.10.POS Create role to assign mechid perm to role create com.test.TC_UR1.@[user.name].cred_admin ** Expect 201 ** Created Role as XX@NS # TC_Role1.10.11.POS Assign role to mechid perm perm grant com.att.aaf.mechid com.att create com.test.TC_UR1.@[user.name].cred_admin ** Expect 201 ** Granted Permission [com.att.aaf.mechid|com.att|create] to Role [com.test.TC_UR1.@[THE_USER].cred_admin] as testid@aaf.att.com # TC_Role1.10.12.POS Assign user for creating creds user role add testid@aaf.att.com com.test.TC_UR1.@[user.name].cred_admin ** Expect 201 ** Added Role [com.test.TC_UR1.@[THE_USER].cred_admin] to User [testid@aaf.att.com] # TC_UR1.10.20.POS Create two Credentials user cred add m00001@@[user.name].TC_UR1.test.com "abc123sd" ** Expect 201 ** Added Credential [m00001@@[THE_USER].TC_UR1.test.com] user cred add m00002@@[user.name].TC_UR1.test.com "abc123sd" ** Expect 201 ** Added Credential [m00002@@[THE_USER].TC_UR1.test.com] # TC_UR1.10.21.POS Create two Roles role create com.test.TC_UR1.@[user.name].r1 ** Expect 201 ** Created Role role create com.test.TC_UR1.@[user.name].r2 ** Expect 201 ** Created Role # TC_UR1.23.1.NEG Too Few Args for User Role 1 user ** Expect 0 ** user role [role[,role]* (!REQ S)] cred [password (! D|E)] [entry# (if multi)] delegate [to REQ A&U] [until (YYYY-MM-DD) REQ A] list role perm cred delegates approvals activity # TC_UR1.23.2.NEG Too Few Args for user role user role ** Expect -1 ** Too few args: role [role[,role]* (!REQ S)] # TC_UR1.23.3.NEG Too Few Args for user role add user role add ** Expect -1 ** Too few args: role [role[,role]* (!REQ S)] # TC_UR1.30.10.POS Create a UserRole user role add m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1 ** Expect 201 ** Added Role [com.test.TC_UR1.@[THE_USER].r1] to User [m00001@@[THE_USER].TC_UR1.test.com] # TC_UR1.30.11.NEG Created UserRole Exists user role add m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1 ** Expect 409 ** Failed [SVC1409]: Conflict Already Exists - User Role exists # TC_UR1.30.13.POS Delete UserRole sleep 0 user role del m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1 ** Expect 200 ** Removed Role [com.test.TC_UR1.@[THE_USER].r1] from User [m00001@@[THE_USER].TC_UR1.test.com] # TC_UR1.30.20.POS Create multiple UserRoles user role add m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1,com.test.TC_UR1.@[user.name].r2 ** Expect 201 ** Added Role [com.test.TC_UR1.@[THE_USER].r1] to User [m00001@@[THE_USER].TC_UR1.test.com] Added Role [com.test.TC_UR1.@[THE_USER].r2] to User [m00001@@[THE_USER].TC_UR1.test.com] # TC_UR1.30.21.NEG Created UserRole Exists user role add m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1,com.test.TC_UR1.@[user.name].r2 ** Expect 409 ** Failed [SVC1409]: Conflict Already Exists - User Role exists Failed [SVC1409]: Conflict Already Exists - User Role exists # TC_UR1.30.23.POS Delete UserRole sleep 0 user role del m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1,com.test.TC_UR1.@[user.name].r2 ** Expect 200 ** Removed Role [com.test.TC_UR1.@[THE_USER].r1] from User [m00001@@[THE_USER].TC_UR1.test.com] Removed Role [com.test.TC_UR1.@[THE_USER].r2] from User [m00001@@[THE_USER].TC_UR1.test.com] # TC_UR1.30.30.POS Create a Role User role user add com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com ** Expect 201 ** Added User [m00001@@[THE_USER].TC_UR1.test.com] to Role [com.test.TC_UR1.@[THE_USER].r1] # TC_UR1.30.31.NEG Created Role User Exists role user add com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com ** Expect 409 ** Failed [SVC1409]: Conflict Already Exists - User Role exists # TC_UR1.30.33.POS Delete Role User sleep 0 role user del com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com ** Expect 200 ** Removed User [m00001@@[THE_USER].TC_UR1.test.com] from Role [com.test.TC_UR1.@[THE_USER].r1] # TC_UR1.30.40.POS Create multiple Role Users role user add com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com,m00002@@[user.name].TC_UR1.test.com ** Expect 201 ** Added User [m00001@@[THE_USER].TC_UR1.test.com] to Role [com.test.TC_UR1.@[THE_USER].r1] Added User [m00002@@[THE_USER].TC_UR1.test.com] to Role [com.test.TC_UR1.@[THE_USER].r1] # TC_UR1.30.41.NEG Created Role User Exists role user add com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com,m00002@@[user.name].TC_UR1.test.com ** Expect 409 ** Failed [SVC1409]: Conflict Already Exists - User Role exists Failed [SVC1409]: Conflict Already Exists - User Role exists # TC_UR1.30.43.POS Delete Role Users sleep 0 role user del com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com,m00002@@[user.name].TC_UR1.test.com ** Expect 200 ** Removed User [m00001@@[THE_USER].TC_UR1.test.com] from Role [com.test.TC_UR1.@[THE_USER].r1] Removed User [m00002@@[THE_USER].TC_UR1.test.com] from Role [com.test.TC_UR1.@[THE_USER].r1] # TC_UR1.40.10.POS Create multiple UserRoles user role setTo m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1,com.test.TC_UR1.@[user.name].r2 ** Expect 200 ** Set User's Roles to [com.test.TC_UR1.@[THE_USER].r1,com.test.TC_UR1.@[THE_USER].r2] # TC_UR1.40.11.POS Reset userrole for a user user role setTo m00001@@[user.name].TC_UR1.test.com ** Expect 200 ** Set User's Roles to [] # TC_UR1.40.12.NEG Create userrole where Role doesn't exist user role setTo m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r5 ** Expect 404 ** Failed [SVC3404]: Not Found - Role [com.test.TC_UR1.@[THE_USER].r5] does not exist # TC_UR1.40.13.NEG Create userrole where User doesn't exist user role setTo m99999@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1 ** Expect 403 ** Failed [SVC2403]: Forbidden - m99999@@[THE_USER].TC_UR1.test.com is not a valid AAF Credential as testunused@aaf.att.com # TC_UR1.40.19.NEG User without permission tries to add userrole user role setTo m00001@@[user.name].TC_UR1.test.com com.test.TC_UR1.@[user.name].r1 ** Expect 403 ** Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not write Role [com.test.TC_UR1.@[THE_USER].r1] # TC_UR1.40.20.NEG User without permission tries to add userrole role user setTo com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com ** Expect 403 ** Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not write Role [com.test.TC_UR1.@[THE_USER].r1] as testid@aaf.att.com # TC_UR1.40.22.POS Reset userrole for a user role user setTo com.test.TC_UR1.@[user.name].r1 ** Expect 200 ** Set the Role to Users [] sleep 0 # TC_UR1.40.23.NEG Create UserRole where Role doesn't exist role user setTo com.test.TC_UR1.@[user.name].r5 m00001@@[user.name].TC_UR1.test.com ** Expect 404 ** Failed [SVC3404]: Not Found - Role [com.test.TC_UR1.@[THE_USER].r5] does not exist sleep 0 # TC_UR1.40.24.NEG Create UserRole where User doesn't exist role user setTo com.test.TC_UR1.@[user.name].r1 m99999@@[user.name].TC_UR1.test.com ** Expect 403 ** Failed [SVC2403]: Forbidden - m99999@@[THE_USER].TC_UR1.test.com is not a valid AAF Credential # Need to let DB catch up on deletes sleep 0 as testid@aaf.att.com # TC_UR1.99.1.POS Remove User from Role role user del com.test.TC_UR1.@[user.name].r1 m00001@@[user.name].TC_UR1.test.com,m00002@@[user.name].TC_UR1.test.com ** Expect 200,404 ** Failed [SVC6404]: Not Found - User [ m00001@@[THE_USER].TC_UR1.test.com ] is not Assigned to the Role [ com.test.TC_UR1.@[THE_USER].r1 ] Failed [SVC6404]: Not Found - User [ m00002@@[THE_USER].TC_UR1.test.com ] is not Assigned to the Role [ com.test.TC_UR1.@[THE_USER].r1 ] role user del com.test.TC_UR1.@[user.name].r2 m00001@@[user.name].TC_UR1.test.com,m00002@@[user.name].TC_UR1.test.com ** Expect 200,404 ** Failed [SVC6404]: Not Found - User [ m00001@@[THE_USER].TC_UR1.test.com ] is not Assigned to the Role [ com.test.TC_UR1.@[THE_USER].r2 ] Failed [SVC6404]: Not Found - User [ m00002@@[THE_USER].TC_UR1.test.com ] is not Assigned to the Role [ com.test.TC_UR1.@[THE_USER].r2 ] role user setTo com.test.TC_UR1.@[user.name].r1 ** Expect 200,404 ** Set the Role to Users [] # TC_UR1.99.2.POS Remove ability to create creds user role del testid@aaf.att.com com.test.TC_UR1.@[user.name].cred_admin ** Expect 200,404 ** Removed Role [com.test.TC_UR1.@[THE_USER].cred_admin] from User [testid@aaf.att.com] as XX@NS perm ungrant com.att.aaf.mechid com.att create com.test.TC_UR1.@[user.name].cred_admin ** Expect 200,404 ** UnGranted Permission [com.att.aaf.mechid|com.att|create] from Role [com.test.TC_UR1.@[THE_USER].cred_admin] as testid@aaf.att.com role delete com.test.TC_UR1.@[user.name].cred_admin ** Expect 200,404 ** Deleted Role # TC_UR1.99.3.POS Delete Creds set force true user cred del m00001@@[user.name].TC_UR1.test.com ** Expect 200,404 ** Deleted Credential [m00001@@[THE_USER].TC_UR1.test.com] set force true user cred del m00002@@[user.name].TC_UR1.test.com ** Expect 200,404 ** Deleted Credential [m00002@@[THE_USER].TC_UR1.test.com] # TC_UR1.99.4.POS Delete Roles set force true set force=true role delete com.test.TC_UR1.@[user.name].r1 ** Expect 200,404 ** Deleted Role set force true set force=true role delete com.test.TC_UR1.@[user.name].r2 ** Expect 200,404 ** Deleted Role # TC_UR1.99.5.POS Delete Namespace set force true set force=true ns delete com.test.TC_UR1.@[user.name] ** Expect 200,404 ** Deleted Namespace # TC_UR1.99.99.POS Verify Cleaned NS ns list name com.test.TC_UR1.@[user.name] ** Expect 200,404 ** List Namespaces by Name[com.test.TC_UR1.@[THE_USER]] -------------------------------------------------------------------------------- *** Namespace Not Found ***