Update project structure to org.onap.aaf
Update project structure of authz module in aaf from
com.att to org.onap.aaf and add distribution management
and repositories.
Issue-id: AAF-21
Change-Id: Ia2486954e99f2bd60f18122ed60d32d5590781e9
Signed-off-by: sg481n <sg481n@att.com>
diff --git a/authz-test/TestSuite/expected/TC_Cred1.expected b/authz-test/TestSuite/expected/TC_Cred1.expected
new file mode 100644
index 0000000..8d310d9
--- /dev/null
+++ b/authz-test/TestSuite/expected/TC_Cred1.expected
@@ -0,0 +1,269 @@
+set testid@aaf.att.com <pass>
+set testunused@aaf.att.com <pass>
+set bogus boguspass
+set XX@NS <pass>
+#delay 10
+set NFR 0
+as testid@aaf.att.com
+# TC_Cred1.10.0.POS List NS to prove ok
+ns list name com.test.TC_Cred1.@[user.name]
+** Expect 200 **
+
+List Namespaces by Name[com.test.TC_Cred1.@[THE_USER]]
+--------------------------------------------------------------------------------
+ *** Namespace Not Found ***
+
+# TC_Cred1.10.1.POS Create Personalized Namespace to add Credentials
+ns create com.test.TC_Cred1.@[user.name] @[user.name] testid@aaf.att.com
+** Expect 201 **
+Created Namespace
+
+# TC_Cred1.10.10.POS Create role to assign mechid perm to
+role create com.test.TC_Cred1.@[user.name].cred_admin testid@aaf.att.com
+** Expect 201 **
+Created Role
+Added User [testid@aaf.att.com] to Role [com.test.TC_Cred1.@[THE_USER].cred_admin]
+
+role create com.test.TC_Cred1.@[user.name].pw_reset
+** Expect 201 **
+Created Role
+
+# TC_Cred1.10.11.POS Assign roles to perms
+as XX@NS
+perm create com.att.aaf.password com.test reset com.test.TC_Cred1.@[user.name].pw_reset
+** Expect 201 **
+Created Permission
+Granted Permission [com.att.aaf.password|com.test|reset] to Role [com.test.TC_Cred1.@[THE_USER].pw_reset]
+
+perm create com.att.aaf.mechid com.test create com.test.TC_Cred1.@[user.name].cred_admin
+** Expect 201 **
+Created Permission
+Granted Permission [com.att.aaf.mechid|com.test|create] to Role [com.test.TC_Cred1.@[THE_USER].cred_admin]
+
+perm grant com.att.aaf.mechid com.att create com.test.TC_Cred1.@[user.name].cred_admin
+** Expect 201 **
+Granted Permission [com.att.aaf.mechid|com.att|create] to Role [com.test.TC_Cred1.@[THE_USER].cred_admin]
+
+as testid@aaf.att.com
+# TC_Cred1.10.30.POS Assign user for creating creds
+user cred add m99999@@[user.name].TC_Cred1.test.com password123
+** Expect 201 **
+Added Credential [m99999@@[THE_USER].TC_Cred1.test.com]
+
+set m99999@@[THE_USER].TC_Cred1.test.com password123
+# TC_Cred1.10.31.POS Credential used to similate non-admin Tier1 user with reset and create permissions
+user role add m99999@@[user.name].TC_Cred1.test.com com.test.TC_Cred1.@[user.name].pw_reset,com.test.TC_Cred1.@[user.name].cred_admin
+** Expect 201 **
+Added Role [com.test.TC_Cred1.@[THE_USER].pw_reset] to User [m99999@@[THE_USER].TC_Cred1.test.com]
+Added Role [com.test.TC_Cred1.@[THE_USER].cred_admin] to User [m99999@@[THE_USER].TC_Cred1.test.com]
+
+# TC_Cred1.10.32.POS Remove create rights for testing
+user role del testid@aaf.att.com com.test.TC_Cred1.@[user.name].cred_admin
+** Expect 200 **
+Removed Role [com.test.TC_Cred1.@[THE_USER].cred_admin] from User [testid@aaf.att.com]
+
+# TC_Cred1.15.1.NEG Non-Admin, no permission user cannot create mechID
+as testunused@aaf.att.com
+user cred add m99990@@[user.name].TC_Cred1.test.com password123
+** Expect 403 **
+Failed [SVC1403]: Forbidden - testunused@aaf.att.com does not have permission to create MechIDs at AT&T
+
+# TC_Cred1.15.3.POS Non-Admin, with create permission user can create mechID
+as m99999@@[THE_USER].TC_Cred1.test.com
+user cred add m99990@@[user.name].TC_Cred1.test.com password123
+** Expect 201 **
+Added Credential [m99990@@[THE_USER].TC_Cred1.test.com]
+
+# TC_Cred1.15.10.NEG Non-Admin, no reset permission cannot reset mechID
+as testunused@aaf.att.com
+user cred reset m99990@@[user.name].TC_Cred1.test.com password123
+** Expect 403 **
+Failed [SVC1403]: Forbidden - testunused@aaf.att.com is not allowed to change m99990@@[THE_USER].TC_Cred1.test.com in com.test.TC_Cred1.@[THE_USER]
+
+# TC_Cred1.15.11.POS Non-Admin, with reset permission can reset mechID
+as m99999@@[THE_USER].TC_Cred1.test.com
+user cred reset m99990@@[user.name].TC_Cred1.test.com password123
+** Expect 200 **
+Reset Credential [m99990@@[THE_USER].TC_Cred1.test.com]
+
+# TC_Cred1.15.12.POS Admin, without reset permission can reset Password
+as testid@aaf.att.com
+user cred reset m99990@@[user.name].TC_Cred1.test.com password123
+** Expect 200 **
+Reset Credential [m99990@@[THE_USER].TC_Cred1.test.com]
+
+# TC_Cred1.15.15.POS Admin, without reset permission can reset mechID
+user cred reset m99990@@[user.name].TC_Cred1.test.com password123 1
+** Expect 200 **
+Reset Credential [m99990@@[THE_USER].TC_Cred1.test.com]
+
+# TC_Cred1.15.20.POS Admin, delete
+user cred del m99990@@[user.name].TC_Cred1.test.com password123 1
+** Expect 200 **
+Deleted Credential [m99990@@[THE_USER].TC_Cred1.test.com]
+
+# TC_Cred1.30.1.NEG Multiple options available to delete
+as XX@NS
+user cred add m99990@@[user.name].TC_Cred1.test.com pass23Word
+** Expect 201 **
+Added Credential [m99990@@[THE_USER].TC_Cred1.test.com]
+
+as testid@aaf.att.com
+user cred add m99990@@[user.name].TC_Cred1.test.com pass23worD
+** Expect 201 **
+Added Credential [m99990@@[THE_USER].TC_Cred1.test.com]
+
+# TC_Cred1.30.2.POS Succeeds when we choose last option
+user cred del m99990@@[user.name].TC_Cred1.test.com 2
+** Expect 200 **
+Deleted Credential [m99990@@[THE_USER].TC_Cred1.test.com]
+
+# TC_Cred1.30.10.POS Add another credential
+user cred add m99990@@[user.name].TC_Cred1.test.com password123
+** Expect 201 **
+Added Credential [m99990@@[THE_USER].TC_Cred1.test.com]
+
+# TC_Cred1.30.11.NEG Multiple options available to reset
+user cred reset m99990@@[user.name].TC_Cred1.test.com password123
+** Expect 300 **
+Failed [SVC1300]: Choice - Select which cred to update:
+ Id Type Expires
+ 1) m99990@@[THE_USER].TC_Cred1.test.com 2 [Placeholder]
+ 2) m99990@@[THE_USER].TC_Cred1.test.com 2 [Placeholder]
+Run same command again with chosen entry as last parameter
+
+# TC_Cred1.30.12.NEG Fails when we choose a bad option
+user cred reset m99990@@[user.name].TC_Cred1.test.com password123 0
+** Expect 406 **
+Failed [SVC1406]: Not Acceptable - User chose invalid credential selection
+
+# TC_Cred1.30.13.POS Succeeds when we choose last option
+user cred reset m99990@@[user.name].TC_Cred1.test.com password123 2
+** Expect 200 **
+Reset Credential [m99990@@[THE_USER].TC_Cred1.test.com]
+
+#TC_Cred1.30.30.NEG Fails when we don't have specific property
+user cred extend m99990@@[user.name].TC_Cred1.test.com
+** Expect 403 **
+Failed [SVC3403]: Forbidden - testid@aaf.att.com does not have permission to extend passwords at AT&T
+
+#### EXTENDS behavior ####
+#TC_Cred1.30.32.POS Setup Temp Role for Extend Permission
+as XX@NS
+role create com.test.TC_Cred1.@[user.name].extendTemp
+** Expect 201 **
+Created Role
+
+#TC_Cred1.30.33.POS Grant Extends Permission to Role
+perm grant com.att.aaf.password com.att extend com.test.TC_Cred1.@[user.name].extendTemp
+** Expect 201 **
+Granted Permission [com.att.aaf.password|com.att|extend] to Role [com.test.TC_Cred1.@[THE_USER].extendTemp]
+
+#TC_Cred1.30.35.POS Add current User to Temp Role for Extend Permission
+role user add com.test.TC_Cred1.@[user.name].extendTemp XX@NS
+** Expect 201 **
+Added User [XX@NS] to Role [com.test.TC_Cred1.@[THE_USER].extendTemp]
+
+#TC_Cred1.30.36.POS Extend Password, expecting Single Response
+user cred extend m99990@@[user.name].TC_Cred1.test.com 1
+** Expect 200 **
+Extended Credential [m99990@@[THE_USER].TC_Cred1.test.com]
+
+#TC_Cred1.30.39.POS Remove Role
+set force true
+role delete com.test.TC_Cred1.@[user.name].extendTemp
+** Expect 200 **
+Deleted Role
+
+#### MULTI CLEANUP #####
+role list user m99990@@[user.name].TC_Cred1.test.com
+** Expect 200 **
+
+List Roles for User [m99990@@[THE_USER].TC_Cred1.test.com]
+--------------------------------------------------------------------------------
+ROLE Name
+ PERM Type Instance Action
+--------------------------------------------------------------------------------
+
+# TC_Cred1.30.80.POS Delete all entries for this cred
+set force true
+user cred del m99990@@[user.name].TC_Cred1.test.com
+** Expect 200 **
+Deleted Credential [m99990@@[THE_USER].TC_Cred1.test.com]
+
+# TC_Cred1.30.99.POS List ns shows no creds attached
+ns list name com.test.TC_Cred1.@[user.name]
+** Expect 200 **
+
+List Namespaces by Name[com.test.TC_Cred1.@[THE_USER]]
+--------------------------------------------------------------------------------
+com.test.TC_Cred1.@[THE_USER]
+ Administrators
+ testid@aaf.att.com
+ Responsible Parties
+ @[THE_USER]@csp.att.com
+ Roles
+ com.test.TC_Cred1.@[THE_USER].admin
+ com.test.TC_Cred1.@[THE_USER].cred_admin
+ com.test.TC_Cred1.@[THE_USER].owner
+ com.test.TC_Cred1.@[THE_USER].pw_reset
+ Permissions
+ com.test.TC_Cred1.@[THE_USER].access * *
+ com.test.TC_Cred1.@[THE_USER].access * read
+ Credentials
+ m99999@@[THE_USER].TC_Cred1.test.com
+
+as testid@aaf.att.com
+# TC_Cred1.99.1.POS Delete credentials
+force user cred del m99990@@[user.name].TC_Cred1.test.com
+** Expect 200,404 **
+Failed [SVC5404]: Not Found - Credential does not exist
+
+#TC_Cred1.99.2.POS Ensure Remove Role
+set force true
+role delete com.test.TC_Cred1.@[user.name].extendTemp
+** Expect 200,404 **
+Failed [SVC3404]: Not Found - Role [com.test.TC_Cred1.@[THE_USER].extendTemp] does not exist
+
+# TC_Cred1.99.10.POS Remove ability to create creds
+force user role del testid@aaf.att.com com.test.TC_Cred1.@[user.name].cred_admin
+** Expect 200,404 **
+Failed [SVC6404]: Not Found - User [ testid@aaf.att.com ] is not Assigned to the Role [ com.test.TC_Cred1.@[THE_USER].cred_admin ]
+
+as XX@NS
+perm ungrant com.att.aaf.mechid com.att create com.test.TC_Cred1.@[user.name].cred_admin
+** Expect 200,404 **
+UnGranted Permission [com.att.aaf.mechid|com.att|create] from Role [com.test.TC_Cred1.@[THE_USER].cred_admin]
+
+force perm delete com.att.aaf.password com.test reset
+** Expect 200,404 **
+Deleted Permission
+
+force perm delete com.att.aaf.mechid com.test create
+** Expect 200,404 **
+Deleted Permission
+
+as testid@aaf.att.com
+force role delete com.test.TC_Cred1.@[user.name].cred_admin
+** Expect 200,404 **
+Deleted Role
+
+force role delete com.test.TC_Cred1.@[user.name].pw_reset
+** Expect 200,404 **
+Deleted Role
+
+# TC_Cred1.99.99.POS Delete Namespace for TestSuite
+set force true
+set force=true ns delete com.test.TC_Cred1.@[user.name]
+** Expect 200,404 **
+Deleted Namespace
+
+as XX@NS
+force ns delete com.test.TC_Cred1.@[user.name]
+** Expect 200,404 **
+Failed [SVC2404]: Not Found - com.test.TC_Cred1.@[THE_USER] does not exist
+
+force ns delete com.test.TC_Cred1
+** Expect 200,404 **
+Failed [SVC2404]: Not Found - com.test.TC_Cred1 does not exist
+