Gitiles
Code Review Sign In
gerrit.nordix.org / onap / aaf / authz / bd890c575163e4d87ac24198b9c68a39cf4bbc4d / . / authz-test / TestSuite / expected / TC_Perm3.expected
blob: 6cdf2297010a5fbcc4666542276c260d76079fc9 [file] [log] [blame]
set XX@NS <pass>
set testid@aaf.att.com <pass>
set testunused@aaf.att.com <pass>
set testid_1@test.com <pass>
set testid_2@test.com <pass>
set bogus boguspass
#delay 10
set NFR 0
as XX@NS
# TC_Perm3.10.0.POS Print NS to prove ok
ns list name com.test.TC_Perm3.@[user.name]
** Expect 200 **
List Namespaces by Name[com.test.TC_Perm3.@[THE_USER]]
--------------------------------------------------------------------------------
*** Namespace Not Found ***
# TC_Perm3.10.1.POS Create Namespace with User ID
ns create com.test.TC_Perm3.@[user.name]_1 @[user.name] testid_1@test.com
** Expect 201 **
Created Namespace
# TC_Perm3.10.2.POS Create Namespace with Different ID
ns create com.test.TC_Perm3.@[user.name]_2 @[user.name] testid_2@test.com
** Expect 201 **
Created Namespace
# TC_Perm3.10.3.POS Create Namespace in Different Company
ns create com.att.TC_Perm3.@[user.name] @[user.name] testunused@aaf.att.com
** Expect 201 **
Created Namespace
as testid_1@test.com
# TC_Perm3.20.0.POS User1 Create a Perm
perm create com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction
** Expect 201 **
Created Permission
# TC_Perm3.20.5.NEG User1 should not be able to create Role in other group
role create com.test.TC_Perm3.@[user.name]_2.dev.myRole_a
** Expect 403 **
Failed [SVC1403]: Forbidden - [testid_1@test.com] may not write Role [com.test.TC_Perm3.@[THE_USER]_2.dev.myRole_a]
# TC_Perm3.20.6.POS User2 should be able to create Role in own group
as testid_2@test.com
role create com.test.TC_Perm3.@[user.name]_2.dev.myRole_a
** Expect 201 **
Created Role
# TC_Perm3.20.7.NEG User2 should not be able to grant Perm to own Role
perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction com.test.TC_Perm3.@[user.name]_2.dev.myRole_a
** Expect 403 **
Failed [SVC1403]: Forbidden - [testid_2@test.com] may not write Perm [com.test.TC_Perm3.@[THE_USER]_1.dev.myPerm_a|myInstance|myAction]
# TC_Perm3.20.8.NEG User2 cannot create Role in NS 2
as testid_2@test.com
perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction com.test.TC_Perm3.@[user.name]_2.dev.myRole_a
** Expect 403 **
Failed [SVC1403]: Forbidden - [testid_2@test.com] may not write Perm [com.test.TC_Perm3.@[THE_USER]_1.dev.myPerm_a|myInstance|myAction]
# TC_Perm3.20.9.POS Role created, but can't grant... has to be testid_1
as testid_1@test.com
perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction com.test.TC_Perm3.@[user.name]_2.dev.myRole_a
** Expect 201 **
Granted Permission [com.test.TC_Perm3.@[THE_USER]_1.dev.myPerm_a|myInstance|myAction] to Role [com.test.TC_Perm3.@[THE_USER]_2.dev.myRole_a]
# TC_Perm3.30.0.POS User1 Create a Perm
as testid_1@test.com
perm create com.test.TC_Perm3.@[user.name]_1.dev.myPerm_b myInstance myAction
** Expect 201 **
Created Permission
# TC_Perm3.30.5.NEG User1 should not be able to create Role in other group
role create com.test.TC_Perm3.@[user.name]_2.dev.myRole_b
** Expect 403 **
Failed [SVC1403]: Forbidden - [testid_1@test.com] may not write Role [com.test.TC_Perm3.@[THE_USER]_2.dev.myRole_b]
# TC_Perm3.30.6.POS User2 should be able to create Role in own group
as testunused@aaf.att.com
role create com.att.TC_Perm3.@[user.name].dev.myRole_b
** Expect 201 **
Created Role
# TC_Perm3.30.7.NEG User2 should not be able to grant Perm to own Role
perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_b myInstance myAction com.att.TC_Perm3.@[user.name].dev.myRole_b
** Expect 403 **
Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not write Perm [com.test.TC_Perm3.@[THE_USER]_1.dev.myPerm_b|myInstance|myAction]
# TC_Perm3.30.8.POS User should be able to grant cross company only Double Perm
as testid_1@test.com
perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_b myInstance myAction com.att.TC_Perm3.@[user.name].dev.myRole_b
** Expect 403 **
Failed [SVC1403]: Forbidden - [testid_1@test.com] may not write Role [com.att.TC_Perm3.@[THE_USER].dev.myRole_b]
as testid_1@test.com
# TC_Perm3.99.2.POS Namespace Admin can delete Namespace
force ns delete com.test.TC_Perm3.@[user.name]_1
** Expect 200,404 **
Deleted Namespace
# TC_Perm3.99.3.POS Print Namespaces
ns list name com.test.TC_Perm3.@[user.name]_1
** Expect 200,404 **
List Namespaces by Name[com.test.TC_Perm3.@[THE_USER]_1]
--------------------------------------------------------------------------------
*** Namespace Not Found ***
as testid_2@test.com
# TC_Perm3.99.4.POS Namespace Admin can delete Namespace
force ns delete com.test.TC_Perm3.@[user.name]_2
** Expect 200,404 **
Deleted Namespace
# TC_Perm3.99.5.POS Print Namespaces
ns list name com.test.TC_Perm3.@[user.name]_2
** Expect 200,404 **
List Namespaces by Name[com.test.TC_Perm3.@[THE_USER]_2]
--------------------------------------------------------------------------------
*** Namespace Not Found ***
as testunused@aaf.att.com
# TC_Perm3.99.6.POS Remove Namespace from other company
force ns delete com.att.TC_Perm3.@[user.name]
** Expect 200,404 **
Deleted Namespace
# TC_Perm3.99.7.POS Print Namespace from other company
ns list name com.att.TC_Perm3.@[user.name]
** Expect 200,404 **
List Namespaces by Name[com.att.TC_Perm3.@[THE_USER]]
--------------------------------------------------------------------------------
*** Namespace Not Found ***