Gitiles
Code Review Sign In
gerrit.nordix.org / onap / aaf / authz / bd890c575163e4d87ac24198b9c68a39cf4bbc4d / . / authz-test / TestSuite / expected / TC_Perm3.expected
blob: 6cdf2297010a5fbcc4666542276c260d76079fc9 [file] [log] [blame]
sg481nbd890c52017-08-28 12:11:35 -0400[diff] [blame^]1set XX@NS <pass>
2set testid@aaf.att.com <pass>
3set testunused@aaf.att.com <pass>
4set testid_1@test.com <pass>
5set testid_2@test.com <pass>
6set bogus boguspass
7#delay 10
8set NFR 0
9as XX@NS
10# TC_Perm3.10.0.POS Print NS to prove ok
11ns list name com.test.TC_Perm3.@[user.name]
12** Expect 200 **
13
14List Namespaces by Name[com.test.TC_Perm3.@[THE_USER]]
15--------------------------------------------------------------------------------
16 *** Namespace Not Found ***
17
18# TC_Perm3.10.1.POS Create Namespace with User ID
19ns create com.test.TC_Perm3.@[user.name]_1 @[user.name] testid_1@test.com
20** Expect 201 **
21Created Namespace
22
23# TC_Perm3.10.2.POS Create Namespace with Different ID
24ns create com.test.TC_Perm3.@[user.name]_2 @[user.name] testid_2@test.com
25** Expect 201 **
26Created Namespace
27
28# TC_Perm3.10.3.POS Create Namespace in Different Company
29ns create com.att.TC_Perm3.@[user.name] @[user.name] testunused@aaf.att.com
30** Expect 201 **
31Created Namespace
32
33as testid_1@test.com
34# TC_Perm3.20.0.POS User1 Create a Perm
35perm create com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction
36** Expect 201 **
37Created Permission
38
39# TC_Perm3.20.5.NEG User1 should not be able to create Role in other group
40role create com.test.TC_Perm3.@[user.name]_2.dev.myRole_a
41** Expect 403 **
42Failed [SVC1403]: Forbidden - [testid_1@test.com] may not write Role [com.test.TC_Perm3.@[THE_USER]_2.dev.myRole_a]
43
44# TC_Perm3.20.6.POS User2 should be able to create Role in own group
45as testid_2@test.com
46role create com.test.TC_Perm3.@[user.name]_2.dev.myRole_a
47** Expect 201 **
48Created Role
49
50# TC_Perm3.20.7.NEG User2 should not be able to grant Perm to own Role
51perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction com.test.TC_Perm3.@[user.name]_2.dev.myRole_a
52** Expect 403 **
53Failed [SVC1403]: Forbidden - [testid_2@test.com] may not write Perm [com.test.TC_Perm3.@[THE_USER]_1.dev.myPerm_a|myInstance|myAction]
54
55# TC_Perm3.20.8.NEG User2 cannot create Role in NS 2
56as testid_2@test.com
57perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction com.test.TC_Perm3.@[user.name]_2.dev.myRole_a
58** Expect 403 **
59Failed [SVC1403]: Forbidden - [testid_2@test.com] may not write Perm [com.test.TC_Perm3.@[THE_USER]_1.dev.myPerm_a|myInstance|myAction]
60
61# TC_Perm3.20.9.POS Role created, but can't grant... has to be testid_1
62as testid_1@test.com
63perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_a myInstance myAction com.test.TC_Perm3.@[user.name]_2.dev.myRole_a
64** Expect 201 **
65Granted Permission [com.test.TC_Perm3.@[THE_USER]_1.dev.myPerm_a|myInstance|myAction] to Role [com.test.TC_Perm3.@[THE_USER]_2.dev.myRole_a]
66
67# TC_Perm3.30.0.POS User1 Create a Perm
68as testid_1@test.com
69perm create com.test.TC_Perm3.@[user.name]_1.dev.myPerm_b myInstance myAction
70** Expect 201 **
71Created Permission
72
73# TC_Perm3.30.5.NEG User1 should not be able to create Role in other group
74role create com.test.TC_Perm3.@[user.name]_2.dev.myRole_b
75** Expect 403 **
76Failed [SVC1403]: Forbidden - [testid_1@test.com] may not write Role [com.test.TC_Perm3.@[THE_USER]_2.dev.myRole_b]
77
78# TC_Perm3.30.6.POS User2 should be able to create Role in own group
79as testunused@aaf.att.com
80role create com.att.TC_Perm3.@[user.name].dev.myRole_b
81** Expect 201 **
82Created Role
83
84# TC_Perm3.30.7.NEG User2 should not be able to grant Perm to own Role
85perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_b myInstance myAction com.att.TC_Perm3.@[user.name].dev.myRole_b
86** Expect 403 **
87Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not write Perm [com.test.TC_Perm3.@[THE_USER]_1.dev.myPerm_b|myInstance|myAction]
88
89# TC_Perm3.30.8.POS User should be able to grant cross company only Double Perm
90as testid_1@test.com
91perm grant com.test.TC_Perm3.@[user.name]_1.dev.myPerm_b myInstance myAction com.att.TC_Perm3.@[user.name].dev.myRole_b
92** Expect 403 **
93Failed [SVC1403]: Forbidden - [testid_1@test.com] may not write Role [com.att.TC_Perm3.@[THE_USER].dev.myRole_b]
94
95as testid_1@test.com
96# TC_Perm3.99.2.POS Namespace Admin can delete Namespace
97force ns delete com.test.TC_Perm3.@[user.name]_1
98** Expect 200,404 **
99Deleted Namespace
100
101# TC_Perm3.99.3.POS Print Namespaces
102ns list name com.test.TC_Perm3.@[user.name]_1
103** Expect 200,404 **
104
105List Namespaces by Name[com.test.TC_Perm3.@[THE_USER]_1]
106--------------------------------------------------------------------------------
107 *** Namespace Not Found ***
108
109as testid_2@test.com
110# TC_Perm3.99.4.POS Namespace Admin can delete Namespace
111force ns delete com.test.TC_Perm3.@[user.name]_2
112** Expect 200,404 **
113Deleted Namespace
114
115# TC_Perm3.99.5.POS Print Namespaces
116ns list name com.test.TC_Perm3.@[user.name]_2
117** Expect 200,404 **
118
119List Namespaces by Name[com.test.TC_Perm3.@[THE_USER]_2]
120--------------------------------------------------------------------------------
121 *** Namespace Not Found ***
122
123as testunused@aaf.att.com
124# TC_Perm3.99.6.POS Remove Namespace from other company
125force ns delete com.att.TC_Perm3.@[user.name]
126** Expect 200,404 **
127Deleted Namespace
128
129# TC_Perm3.99.7.POS Print Namespace from other company
130ns list name com.att.TC_Perm3.@[user.name]
131** Expect 200,404 **
132
133List Namespaces by Name[com.att.TC_Perm3.@[THE_USER]]
134--------------------------------------------------------------------------------
135 *** Namespace Not Found ***
136