summaryrefslogtreecommitdiffstats
path: root/authz-test/TestSuite/expected/TC_Realm1.expected
blob: 67232e2afdc3b2403aa13cd25a0929559b7fcb23 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210

set testid@aaf.att.com <pass>
set testunused@aaf.att.com <pass>
set XX@NS <pass>
set bogus boguspass
#delay 10
set NFR 0
as testid@aaf.att.com
# TC_Realm1.10.0.POS Validate no NS
ns list name com.test.TC_Realm1.@[user.name] 
** Expect 200,404 **

List Namespaces by Name[com.test.TC_Realm1.@[THE_USER]]
--------------------------------------------------------------------------------
    *** Namespace Not Found ***

# TC_Realm1.10.1.POS Create Namespace to add IDs
ns create com.test.TC_Realm1.@[user.name] @[user.name] testid@aaf.att.com
** Expect 201 **
Created Namespace

as XX@NS
# TC_Realm1.10.10.POS Grant ability to change delegates
force perm create com.att.aaf.delg com.att create com.test.TC_Realm1.@[user.name].change_delg
** Expect 201 **
Created Role [com.test.TC_Realm1.@[THE_USER].change_delg]
Created Permission
Granted Permission [com.att.aaf.delg|com.att|create] to Role [com.test.TC_Realm1.@[THE_USER].change_delg]

# TC_Realm1.10.11.POS Create user role to change delegates
user role add testid@aaf.att.com com.test.TC_Realm1.@[user.name].change_delg
** Expect 201 **
Added Role [com.test.TC_Realm1.@[THE_USER].change_delg] to User [testid@aaf.att.com]

as testid@aaf.att.com
# TC_Realm1.20.1.NEG Fail to create - default domain wrong
ns create com.test.TC_Realm1.@[user.name].project1 testunused
** Expect 403 **
Failed [SVC3403]: Forbidden - testunused@csp.att.com does not have permission to assume test status at AT&T

# TC_Realm1.20.2.POS Create - default domain appended
ns create com.test.TC_Realm1.@[user.name].project1 @[user.name] @[user.name]
** Expect 201 **
Created Namespace

# TC_Realm1.20.3.NEG Fail to create - default domain wrong
ns admin add com.test.TC_Realm1.@[user.name].project1 testunused
** Expect 403 **
Failed [SVC1403]: Forbidden - AT&T reports that testunused@csp.att.com is a faulty ID

# TC_Realm1.20.4.POS Create - full domain given
ns admin add com.test.TC_Realm1.@[user.name].project1 testid@aaf.att.com
** Expect 201 **
Admin testid@aaf.att.com added to com.test.TC_Realm1.@[THE_USER].project1

# TC_Realm1.20.5.POS Delete - default domain appended
ns admin del com.test.TC_Realm1.@[user.name].project1 @[user.name]
** Expect 200 **
Admin @[THE_USER]@csp.att.com deleted from com.test.TC_Realm1.@[THE_USER].project1

# TC_Realm1.20.6.POS Add admin - default domain appended
ns admin add com.test.TC_Realm1.@[user.name].project1 @[user.name]
** Expect 201 **
Admin @[THE_USER]@csp.att.com added to com.test.TC_Realm1.@[THE_USER].project1

# TC_Realm1.30.1.POS Create role to add to users
role create com.test.TC_Realm1.@[user.name].role1
** Expect 201 **
Created Role

# TC_Realm1.30.2.NEG Add user, but default domain wrong
role user add com.test.TC_Realm1.@[user.name].role1 testunused
** Expect 403 **
Failed [SVC1403]: Forbidden - AT&T reports that testunused@csp.att.com is a faulty ID

# TC_Realm1.30.3.POS Add user, with default domain appended
role user add com.test.TC_Realm1.@[user.name].role1 @[user.name]
** Expect 201 **
Added User [@[THE_USER]@csp.att.com] to Role [com.test.TC_Realm1.@[THE_USER].role1]

# TC_Realm1.30.10.POS Role list, with default domain added
role list user testunused
** Expect 200 **

List Roles for User [testunused@csp.att.com]
--------------------------------------------------------------------------------
ROLE Name                                         
   PERM Type                      Instance                       Action         
--------------------------------------------------------------------------------

# TC_Realm1.30.80.POS Delete user, with default domain appended
role user del com.test.TC_Realm1.@[user.name].role1 @[user.name]
** Expect 200 **
Removed User [@[THE_USER]@csp.att.com] from Role [com.test.TC_Realm1.@[THE_USER].role1]

# TC_Realm1.40.1.POS Create role to add to users
role create com.test.TC_Realm1.@[user.name].role2
** Expect 201 **
Created Role

# TC_Realm1.40.2.NEG Add user, but default domain wrong
user role add testunused com.test.TC_Realm1.@[user.name].role2
** Expect 403 **
Failed [SVC1403]: Forbidden - AT&T reports that testunused@csp.att.com is a faulty ID

# TC_Realm1.40.3.POS Add user, with default domain appended
user role add @[user.name] com.test.TC_Realm1.@[user.name].role2 
** Expect 201 **
Added Role [com.test.TC_Realm1.@[THE_USER].role2] to User [@[THE_USER]@csp.att.com]

# TC_Realm1.40.10.NEG Add delegate, but default domain wrong
user delegate add testunused testid 2099-01-01
** Expect 404 **
Failed [SVC5404]: Not Found - [testunused@csp.att.com] is not a user in the company database.

# TC_Realm1.40.11.POS Add delegate, with default domain appended
force user delegate add @[user.name] @[user.name] 2099-01-01
** Expect 201 **
Delegate Added

# TC_Realm1.40.12.POS Update delegate, with default domain appended
user delegate upd @[user.name] @[user.name] 2099-01-01
** Expect 200 **
Delegate Updated

as XX@NS
# TC_Realm1.40.20.POS List delegate, with default domain appended
user list delegates user @[user.name]
** Expect 200 **

List Delegates by user[@[THE_USER]@csp.att.com]
--------------------------------------------------------------------------------
 User                      Delegate                   Expires   
--------------------------------------------------------------------------------
 @[THE_USER]@csp.att.com        @[THE_USER]@csp.att.com         XXXX-XX-XX

# TC_Realm1.40.21.POS List delegate, with default domain appended
user list delegates delegate @[user.name]
** Expect 200 **

List Delegates by delegate[@[THE_USER]@csp.att.com]
--------------------------------------------------------------------------------
 User                      Delegate                   Expires   
--------------------------------------------------------------------------------
 @[THE_USER]@csp.att.com        @[THE_USER]@csp.att.com         XXXX-XX-XX

as testid@aaf.att.com
# TC_Realm1.40.80.POS Delete user, with default domain appended
user role del @[user.name] com.test.TC_Realm1.@[user.name].role2 
** Expect 200 **
Removed Role [com.test.TC_Realm1.@[THE_USER].role2] from User [@[THE_USER]@csp.att.com]

# TC_Realm1.40.81.POS Delete delegate, with default domain appended
user delegate del @[user.name] 
** Expect 200 **
Delegate Deleted

as testid@aaf.att.com
# TC_Realm1.99.1.POS Delete delgates
user delegate del @[user.name]
** Expect 200,404 **
Failed [SVC7404]: Not Found - Cannot delete non-existent Delegate

# TC_Realm1.99.2.POS Delete user roles
role user del com.test.TC_Realm1.@[user.name].role1 @[user.name]
** Expect 200,404 **
Failed [SVC6404]: Not Found - User [ @[THE_USER]@csp.att.com ] is not Assigned to the Role [ com.test.TC_Realm1.@[THE_USER].role1 ]

user role del @[user.name] com.test.TC_Realm1.@[user.name].role2 
** Expect 200,404 **
Failed [SVC6404]: Not Found - User [ @[THE_USER]@csp.att.com ] is not Assigned to the Role [ com.test.TC_Realm1.@[THE_USER].role2 ]

# TC_Realm1.99.3.POS Delete roles
role delete com.test.TC_Realm1.@[user.name].role1
** Expect 200,404 **
Deleted Role

role delete com.test.TC_Realm1.@[user.name].role2
** Expect 200,404 **
Deleted Role

as XX@NS
# TC_Realm1.99.10.POS UnGrant ability to change delegates
perm ungrant com.att.aaf.delg com.att change com.test.TC_Realm1.@[user.name].change_delg
** Expect 200,404 **
Failed [SVC4404]: Not Found - Permission [com.att.aaf.delg|com.att|change] not associated with any Role

as testid@aaf.att.com
# TC_Realm1.99.11.POS Delete role to change delegates
set force true
set force=true role delete com.test.TC_Realm1.@[user.name].change_delg
** Expect 200,404 **
Deleted Role

# TC_Realm1.99.98.POS Delete Namespaces
ns delete com.test.TC_Realm1.@[user.name]
** Expect 200,404 **
Deleted Namespace

ns delete com.test.TC_Realm1.@[user.name].project1
** Expect 200,404 **
Deleted Namespace

# TC_Realm1.99.99.POS Verify Cleaned NS
ns list name com.test.TC_Realm1.@[user.name]
** Expect 200,404 **

List Namespaces by Name[com.test.TC_Realm1.@[THE_USER]]
--------------------------------------------------------------------------------
    *** Namespace Not Found ***