blob: f8de45646bedc9b58225c69c2d0c3c16d51b25e2 [file] [log] [blame]
sg481nbd890c52017-08-28 12:11:35 -04001set XX@NS <pass>
2set testid@aaf.att.com <pass>
3set testunused@aaf.att.com <pass>
4set bogus@aaf.att.com boguspass
5#delay 10
6set NFR 0
7as testid@aaf.att.com
8# TC_NS2.10.0.POS Check for Existing Data
9ns list name com.test.TC_NS2.@[user.name]
10** Expect 200 **
11
12List Namespaces by Name[com.test.TC_NS2.@[THE_USER]]
13--------------------------------------------------------------------------------
14 *** Namespace Not Found ***
15
16# TC_NS2.10.1.POS Create Namespace with valid IDs and Responsible Parties
17ns create com.test.TC_NS2.@[user.name] @[user.name] testid@aaf.att.com
18** Expect 201 **
19Created Namespace
20
21ns create com.test.TC_NS2.@[user.name].project @[user.name] testunused@aaf.att.com
22** Expect 201 **
23Created Namespace
24
25# TC_NS2.10.10.POS Create role to assign mechid perm to
26role create com.test.TC_NS2.@[user.name].cred_admin testid@aaf.att.com
27** Expect 201 **
28Created Role
29Added User [testid@aaf.att.com] to Role [com.test.TC_NS2.@[THE_USER].cred_admin]
30
31as XX@NS
32# TC_NS2.10.11.POS Assign role to mechid perm
33perm grant com.att.aaf.mechid com.att create com.test.TC_NS2.@[user.name].cred_admin
34** Expect 201 **
35Granted Permission [com.att.aaf.mechid|com.att|create] to Role [com.test.TC_NS2.@[THE_USER].cred_admin]
36
37as testid@aaf.att.com
38# TC_NS2.10.70.POS Expect Namespace to be created
39ns list name com.test.TC_NS2.@[user.name]
40** Expect 200 **
41
42List Namespaces by Name[com.test.TC_NS2.@[THE_USER]]
43--------------------------------------------------------------------------------
44com.test.TC_NS2.@[THE_USER]
45 Administrators
46 testid@aaf.att.com
47 Responsible Parties
48 @[THE_USER]@csp.att.com
49 Roles
50 com.test.TC_NS2.@[THE_USER].admin
51 com.test.TC_NS2.@[THE_USER].cred_admin
52 com.test.TC_NS2.@[THE_USER].owner
53 Permissions
54 com.test.TC_NS2.@[THE_USER].access * *
55 com.test.TC_NS2.@[THE_USER].access * read
56
57as testid@aaf.att.com
58# TC_NS2.10.70.POS Expect Namespace to be created
59perm list role com.test.TC_NS2.@[user.name].admin
60** Expect 200 **
61
62List Perms by Role [com.test.TC_NS2.@[THE_USER].admin]
63--------------------------------------------------------------------------------
64PERM Type Instance Action
65--------------------------------------------------------------------------------
66com.test.TC_NS2.@[THE_USER].access * *
67
68
69as testid@aaf.att.com
70# TC_NS2.10.70.POS Expect Namespace to be created
71perm list role com.test.TC_NS2.@[user.name].owner
72** Expect 200 **
73
74List Perms by Role [com.test.TC_NS2.@[THE_USER].owner]
75--------------------------------------------------------------------------------
76PERM Type Instance Action
77--------------------------------------------------------------------------------
78com.test.TC_NS2.@[THE_USER].access * read
79
80
81as testid@aaf.att.com
82# TC_NS2.10.70.POS Expect Namespace to be created
83role list perm com.test.TC_NS2.@[user.name].access * *
84** Expect 200 **
85
86List Roles by Perm com.test.TC_NS2.@[THE_USER].access|*|*
87--------------------------------------------------------------------------------
88ROLE Name
89 PERM Type Instance Action
90--------------------------------------------------------------------------------
91com.test.TC_NS2.@[THE_USER].admin
92 com.test.TC_NS2.@[THE_USER].access * *
93
94as testid@aaf.att.com
95# TC_NS2.10.70.POS Expect Namespace to be created
96role list perm com.test.TC_NS2.@[user.name].access * read
97** Expect 200 **
98
99List Roles by Perm com.test.TC_NS2.@[THE_USER].access|*|read
100--------------------------------------------------------------------------------
101ROLE Name
102 PERM Type Instance Action
103--------------------------------------------------------------------------------
104com.test.TC_NS2.@[THE_USER].owner
105 com.test.TC_NS2.@[THE_USER].access * read
106
107as testid@aaf.att.com
108# TC_NS2.10.80.POS Expect Namespace to be created
109ns list name com.test.TC_NS2.@[user.name].project
110** Expect 200 **
111
112List Namespaces by Name[com.test.TC_NS2.@[THE_USER].project]
113--------------------------------------------------------------------------------
114com.test.TC_NS2.@[THE_USER].project
115 Administrators
116 testunused@aaf.att.com
117 Responsible Parties
118 @[THE_USER]@csp.att.com
119 Roles
120 com.test.TC_NS2.@[THE_USER].project.admin
121 com.test.TC_NS2.@[THE_USER].project.owner
122 Permissions
123 com.test.TC_NS2.@[THE_USER].project.access * *
124 com.test.TC_NS2.@[THE_USER].project.access * read
125
126as testid@aaf.att.com
127# TC_NS2.10.80.POS Expect Namespace to be created
128perm list role com.test.TC_NS2.@[user.name].project.admin
129** Expect 200 **
130
131List Perms by Role [com.test.TC_NS2.@[THE_USER].project.admin]
132--------------------------------------------------------------------------------
133PERM Type Instance Action
134--------------------------------------------------------------------------------
135com.test.TC_NS2.@[THE_USER].project.access * *
136
137
138as testid@aaf.att.com
139# TC_NS2.10.80.POS Expect Namespace to be created
140perm list role com.test.TC_NS2.@[user.name].project.owner
141** Expect 200 **
142
143List Perms by Role [com.test.TC_NS2.@[THE_USER].project.owner]
144--------------------------------------------------------------------------------
145PERM Type Instance Action
146--------------------------------------------------------------------------------
147com.test.TC_NS2.@[THE_USER].project.access * read
148
149
150as testid@aaf.att.com
151# TC_NS2.10.80.POS Expect Namespace to be created
152role list perm com.test.TC_NS2.@[user.name].project.access * *
153** Expect 200 **
154
155List Roles by Perm com.test.TC_NS2.@[THE_USER].project.access|*|*
156--------------------------------------------------------------------------------
157ROLE Name
158 PERM Type Instance Action
159--------------------------------------------------------------------------------
160com.test.TC_NS2.@[THE_USER].project.admin
161 com.test.TC_NS2.@[THE_USER].project.access * *
162
163as testid@aaf.att.com
164# TC_NS2.10.80.POS Expect Namespace to be created
165role list perm com.test.TC_NS2.@[user.name].project.access * read
166** Expect 200 **
167
168List Roles by Perm com.test.TC_NS2.@[THE_USER].project.access|*|read
169--------------------------------------------------------------------------------
170ROLE Name
171 PERM Type Instance Action
172--------------------------------------------------------------------------------
173com.test.TC_NS2.@[THE_USER].project.owner
174 com.test.TC_NS2.@[THE_USER].project.access * read
175
176as testid@aaf.att.com
177# TC_NS2.20.1.POS Create roles
178role create com.test.TC_NS2.@[user.name].watcher
179** Expect 201 **
180Created Role
181
182role create com.test.TC_NS2.@[user.name].myRole
183** Expect 201 **
184Created Role
185
186# TC_NS2.20.2.POS Create permissions
187perm create com.test.TC_NS2.@[user.name].myType myInstance myAction
188** Expect 201 **
189Created Permission
190
191perm create com.test.TC_NS2.@[user.name].myType * *
192** Expect 201 **
193Created Permission
194
195# TC_NS2.20.3.POS Create mechid
196user cred add m99990@@[user.name].TC_NS2.test.com password123
197** Expect 201 **
198Added Credential [m99990@@[THE_USER].TC_NS2.test.com]
199
200as XX@NS
201# TC_NS2.20.10.POS Grant view perms to watcher role
202perm create com.att.aaf.ns :com.test.TC_NS2.@[user.name]:ns read com.test.TC_NS2.@[user.name].watcher
203** Expect 201 **
204Created Permission
205Granted Permission [com.att.aaf.ns|:com.test.TC_NS2.@[THE_USER]:ns|read] to Role [com.test.TC_NS2.@[THE_USER].watcher]
206
207as testunused@aaf.att.com
208# TC_NS2.40.1.NEG Non-admin, not granted user should not view
209ns list name com.test.TC_NS2.@[user.name]
210** Expect 403 **
211Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read in NS [com.test.TC_NS2.@[THE_USER]]
212
213as testid@aaf.att.com
214# Tens test user granted to permission
215# TC_NS2.40.10.POS Add user to watcher role
216user role add testunused@aaf.att.com com.test.TC_NS2.@[user.name].watcher
217** Expect 201 **
218Added Role [com.test.TC_NS2.@[THE_USER].watcher] to User [testunused@aaf.att.com]
219
220as testunused@aaf.att.com
221# TC_NS2.40.11.POS Non-admin, granted user should view
222ns list name com.test.TC_NS2.@[user.name]
223** Expect 200 **
224
225List Namespaces by Name[com.test.TC_NS2.@[THE_USER]]
226--------------------------------------------------------------------------------
227com.test.TC_NS2.@[THE_USER]
228 Administrators
229 testid@aaf.att.com
230 Responsible Parties
231 @[THE_USER]@csp.att.com
232 Roles
233 com.test.TC_NS2.@[THE_USER].admin
234 com.test.TC_NS2.@[THE_USER].cred_admin
235 com.test.TC_NS2.@[THE_USER].myRole
236 com.test.TC_NS2.@[THE_USER].owner
237 com.test.TC_NS2.@[THE_USER].watcher
238 Permissions
239 com.test.TC_NS2.@[THE_USER].access * *
240 com.test.TC_NS2.@[THE_USER].access * read
241 com.test.TC_NS2.@[THE_USER].myType * *
242 com.test.TC_NS2.@[THE_USER].myType myInstance myAction
243 Credentials
244 m99990@@[THE_USER].TC_NS2.test.com
245
246as testid@aaf.att.com
247# TC_NS2.40.19.POS Remove user from watcher role
248user role del testunused@aaf.att.com com.test.TC_NS2.@[user.name].watcher
249** Expect 200 **
250Removed Role [com.test.TC_NS2.@[THE_USER].watcher] from User [testunused@aaf.att.com]
251
252# Thirties test admin user
253# TC_NS2.40.20.POS Admin should be able to view
254ns list name com.test.TC_NS2.@[user.name]
255** Expect 200 **
256
257List Namespaces by Name[com.test.TC_NS2.@[THE_USER]]
258--------------------------------------------------------------------------------
259com.test.TC_NS2.@[THE_USER]
260 Administrators
261 testid@aaf.att.com
262 Responsible Parties
263 @[THE_USER]@csp.att.com
264 Roles
265 com.test.TC_NS2.@[THE_USER].admin
266 com.test.TC_NS2.@[THE_USER].cred_admin
267 com.test.TC_NS2.@[THE_USER].myRole
268 com.test.TC_NS2.@[THE_USER].owner
269 com.test.TC_NS2.@[THE_USER].watcher
270 Permissions
271 com.test.TC_NS2.@[THE_USER].access * *
272 com.test.TC_NS2.@[THE_USER].access * read
273 com.test.TC_NS2.@[THE_USER].myType * *
274 com.test.TC_NS2.@[THE_USER].myType myInstance myAction
275 Credentials
276 m99990@@[THE_USER].TC_NS2.test.com
277
278# TC_NS2.40.21.POS Admin of parent NS should be able to view
279ns list name com.test.TC_NS2.@[user.name].project
280** Expect 200 **
281
282List Namespaces by Name[com.test.TC_NS2.@[THE_USER].project]
283--------------------------------------------------------------------------------
284com.test.TC_NS2.@[THE_USER].project
285 Administrators
286 testunused@aaf.att.com
287 Responsible Parties
288 @[THE_USER]@csp.att.com
289 Roles
290 com.test.TC_NS2.@[THE_USER].project.admin
291 com.test.TC_NS2.@[THE_USER].project.owner
292 Permissions
293 com.test.TC_NS2.@[THE_USER].project.access * *
294 com.test.TC_NS2.@[THE_USER].project.access * read
295
296# TC_NS2.41.10.POS List by User when Same as Caller
297as testunused@aaf.att.com
298ns list admin testunused@aaf.att.com
299** Expect 200 **
300
301List Namespaces with admin privileges for [testunused@aaf.att.com]
302--------------------------------------------------------------------------------
303com.test.TC_NS2.@[THE_USER].project
304
305# TC_NS2.41.15.POS List by User when not same as Caller, but own/admin namespace of Roles
306as testid@aaf.att.com
307ns list admin testunused@aaf.att.com
308** Expect 200 **
309
310List Namespaces with admin privileges for [testunused@aaf.att.com]
311--------------------------------------------------------------------------------
312com.test.TC_NS2.@[THE_USER].project
313
314# TC_NS2.41.20.POS List by User when not same as Caller, but parent owner of Namespace
315as XX@NS
316ns list admin testunused@aaf.att.com
317** Expect 200 **
318
319List Namespaces with admin privileges for [testunused@aaf.att.com]
320--------------------------------------------------------------------------------
321com.test.TC_NS2.@[THE_USER].project
322
323# TC_NS2.41.80.NEG List by User when not Caller nor associated to Namespace
324as testunused@aaf.att.com
325ns list admin XX@NS
326** Expect 200 **
327
328List Namespaces with admin privileges for [XX@NS]
329--------------------------------------------------------------------------------
330com
331com.att
332com.att.aaf
333com.test
334
335as testid@aaf.att.com
336# TC_NS2.99.1.POS Namespace Admin can delete Namepace defined Roles & Perms
337role delete com.test.TC_NS2.@[user.name].myRole
338** Expect 200,404 **
339Deleted Role
340
341role delete com.test.TC_NS2.@[user.name].watcher
342** Expect 200,404 **
343Deleted Role
344
345perm delete com.test.TC_NS2.@[user.name].myType myInstance myAction
346** Expect 200,404 **
347Deleted Permission
348
349perm delete com.test.TC_NS2.@[user.name].myType * *
350** Expect 200,404 **
351Deleted Permission
352
353user cred del m99990@@[user.name].TC_NS2.test.com
354** Expect 200,404 **
355Deleted Credential [m99990@@[THE_USER].TC_NS2.test.com]
356
357as XX@NS
358force perm delete com.att.aaf.ns :com.test.TC_NS2.@[user.name]:ns read
359** Expect 200,404 **
360Deleted Permission
361
362# TC_NS2.99.15.POS Remove ability to create creds
363perm ungrant com.att.aaf.mechid com.att create com.test.TC_NS2.@[user.name].cred_admin
364** Expect 200,404 **
365UnGranted Permission [com.att.aaf.mechid|com.att|create] from Role [com.test.TC_NS2.@[THE_USER].cred_admin]
366
367as testid@aaf.att.com
368force role delete com.test.TC_NS2.@[user.name].cred_admin
369** Expect 200,404 **
370Deleted Role
371
372# TC_NS2.99.90.POS Namespace Admin can delete Namespace
373force ns delete com.test.TC_NS2.@[user.name].project
374** Expect 200,404 **
375Deleted Namespace
376
377force ns delete com.test.TC_NS2.@[user.name]
378** Expect 200,404 **
379Deleted Namespace
380
381sleep 0
382# TC_NS2.99.99.POS Check Clean Namespace
383ns list name com.test.TC_NS2.@[user.name]
384** Expect 200,404 **
385
386List Namespaces by Name[com.test.TC_NS2.@[THE_USER]]
387--------------------------------------------------------------------------------
388 *** Namespace Not Found ***
389