1 set testid@aaf.att.com <pass>
2 set testunused@aaf.att.com <pass>
8 # TC_Cred1.10.0.POS List NS to prove ok
9 ns list name com.test.TC_Cred1.@[user.name]
12 List Namespaces by Name[com.test.TC_Cred1.@[THE_USER]]
13 --------------------------------------------------------------------------------
14 *** Namespace Not Found ***
16 # TC_Cred1.10.1.POS Create Personalized Namespace to add Credentials
17 ns create com.test.TC_Cred1.@[user.name] @[user.name] testid@aaf.att.com
21 # TC_Cred1.10.10.POS Create role to assign mechid perm to
22 role create com.test.TC_Cred1.@[user.name].cred_admin testid@aaf.att.com
25 Added User [testid@aaf.att.com] to Role [com.test.TC_Cred1.@[THE_USER].cred_admin]
27 role create com.test.TC_Cred1.@[user.name].pw_reset
31 # TC_Cred1.10.11.POS Assign roles to perms
33 perm create com.att.aaf.password com.test reset com.test.TC_Cred1.@[user.name].pw_reset
36 Granted Permission [com.att.aaf.password|com.test|reset] to Role [com.test.TC_Cred1.@[THE_USER].pw_reset]
38 perm create com.att.aaf.mechid com.test create com.test.TC_Cred1.@[user.name].cred_admin
41 Granted Permission [com.att.aaf.mechid|com.test|create] to Role [com.test.TC_Cred1.@[THE_USER].cred_admin]
43 perm grant com.att.aaf.mechid com.att create com.test.TC_Cred1.@[user.name].cred_admin
45 Granted Permission [com.att.aaf.mechid|com.att|create] to Role [com.test.TC_Cred1.@[THE_USER].cred_admin]
48 # TC_Cred1.10.30.POS Assign user for creating creds
49 user cred add m99999@@[user.name].TC_Cred1.test.com password123
51 Added Credential [m99999@@[THE_USER].TC_Cred1.test.com]
53 set m99999@@[THE_USER].TC_Cred1.test.com password123
54 # TC_Cred1.10.31.POS Credential used to similate non-admin Tier1 user with reset and create permissions
55 user role add m99999@@[user.name].TC_Cred1.test.com com.test.TC_Cred1.@[user.name].pw_reset,com.test.TC_Cred1.@[user.name].cred_admin
57 Added Role [com.test.TC_Cred1.@[THE_USER].pw_reset] to User [m99999@@[THE_USER].TC_Cred1.test.com]
58 Added Role [com.test.TC_Cred1.@[THE_USER].cred_admin] to User [m99999@@[THE_USER].TC_Cred1.test.com]
60 # TC_Cred1.10.32.POS Remove create rights for testing
61 user role del testid@aaf.att.com com.test.TC_Cred1.@[user.name].cred_admin
63 Removed Role [com.test.TC_Cred1.@[THE_USER].cred_admin] from User [testid@aaf.att.com]
65 # TC_Cred1.15.1.NEG Non-Admin, no permission user cannot create mechID
66 as testunused@aaf.att.com
67 user cred add m99990@@[user.name].TC_Cred1.test.com password123
69 Failed [SVC1403]: Forbidden - testunused@aaf.att.com does not have permission to create MechIDs at AT&T
71 # TC_Cred1.15.3.POS Non-Admin, with create permission user can create mechID
72 as m99999@@[THE_USER].TC_Cred1.test.com
73 user cred add m99990@@[user.name].TC_Cred1.test.com password123
75 Added Credential [m99990@@[THE_USER].TC_Cred1.test.com]
77 # TC_Cred1.15.10.NEG Non-Admin, no reset permission cannot reset mechID
78 as testunused@aaf.att.com
79 user cred reset m99990@@[user.name].TC_Cred1.test.com password123
81 Failed [SVC1403]: Forbidden - testunused@aaf.att.com is not allowed to change m99990@@[THE_USER].TC_Cred1.test.com in com.test.TC_Cred1.@[THE_USER]
83 # TC_Cred1.15.11.POS Non-Admin, with reset permission can reset mechID
84 as m99999@@[THE_USER].TC_Cred1.test.com
85 user cred reset m99990@@[user.name].TC_Cred1.test.com password123
87 Reset Credential [m99990@@[THE_USER].TC_Cred1.test.com]
89 # TC_Cred1.15.12.POS Admin, without reset permission can reset Password
91 user cred reset m99990@@[user.name].TC_Cred1.test.com password123
93 Reset Credential [m99990@@[THE_USER].TC_Cred1.test.com]
95 # TC_Cred1.15.15.POS Admin, without reset permission can reset mechID
96 user cred reset m99990@@[user.name].TC_Cred1.test.com password123 1
98 Reset Credential [m99990@@[THE_USER].TC_Cred1.test.com]
100 # TC_Cred1.15.20.POS Admin, delete
101 user cred del m99990@@[user.name].TC_Cred1.test.com password123 1
103 Deleted Credential [m99990@@[THE_USER].TC_Cred1.test.com]
105 # TC_Cred1.30.1.NEG Multiple options available to delete
107 user cred add m99990@@[user.name].TC_Cred1.test.com pass23Word
109 Added Credential [m99990@@[THE_USER].TC_Cred1.test.com]
111 as testid@aaf.att.com
112 user cred add m99990@@[user.name].TC_Cred1.test.com pass23worD
114 Added Credential [m99990@@[THE_USER].TC_Cred1.test.com]
116 # TC_Cred1.30.2.POS Succeeds when we choose last option
117 user cred del m99990@@[user.name].TC_Cred1.test.com 2
119 Deleted Credential [m99990@@[THE_USER].TC_Cred1.test.com]
121 # TC_Cred1.30.10.POS Add another credential
122 user cred add m99990@@[user.name].TC_Cred1.test.com password123
124 Added Credential [m99990@@[THE_USER].TC_Cred1.test.com]
126 # TC_Cred1.30.11.NEG Multiple options available to reset
127 user cred reset m99990@@[user.name].TC_Cred1.test.com password123
129 Failed [SVC1300]: Choice - Select which cred to update:
131 1) m99990@@[THE_USER].TC_Cred1.test.com 2 [Placeholder]
132 2) m99990@@[THE_USER].TC_Cred1.test.com 2 [Placeholder]
133 Run same command again with chosen entry as last parameter
135 # TC_Cred1.30.12.NEG Fails when we choose a bad option
136 user cred reset m99990@@[user.name].TC_Cred1.test.com password123 0
138 Failed [SVC1406]: Not Acceptable - User chose invalid credential selection
140 # TC_Cred1.30.13.POS Succeeds when we choose last option
141 user cred reset m99990@@[user.name].TC_Cred1.test.com password123 2
143 Reset Credential [m99990@@[THE_USER].TC_Cred1.test.com]
145 #TC_Cred1.30.30.NEG Fails when we don't have specific property
146 user cred extend m99990@@[user.name].TC_Cred1.test.com
148 Failed [SVC3403]: Forbidden - testid@aaf.att.com does not have permission to extend passwords at AT&T
150 #### EXTENDS behavior ####
151 #TC_Cred1.30.32.POS Setup Temp Role for Extend Permission
153 role create com.test.TC_Cred1.@[user.name].extendTemp
157 #TC_Cred1.30.33.POS Grant Extends Permission to Role
158 perm grant com.att.aaf.password com.att extend com.test.TC_Cred1.@[user.name].extendTemp
160 Granted Permission [com.att.aaf.password|com.att|extend] to Role [com.test.TC_Cred1.@[THE_USER].extendTemp]
162 #TC_Cred1.30.35.POS Add current User to Temp Role for Extend Permission
163 role user add com.test.TC_Cred1.@[user.name].extendTemp XX@NS
165 Added User [XX@NS] to Role [com.test.TC_Cred1.@[THE_USER].extendTemp]
167 #TC_Cred1.30.36.POS Extend Password, expecting Single Response
168 user cred extend m99990@@[user.name].TC_Cred1.test.com 1
170 Extended Credential [m99990@@[THE_USER].TC_Cred1.test.com]
172 #TC_Cred1.30.39.POS Remove Role
174 role delete com.test.TC_Cred1.@[user.name].extendTemp
178 #### MULTI CLEANUP #####
179 role list user m99990@@[user.name].TC_Cred1.test.com
182 List Roles for User [m99990@@[THE_USER].TC_Cred1.test.com]
183 --------------------------------------------------------------------------------
185 PERM Type Instance Action
186 --------------------------------------------------------------------------------
188 # TC_Cred1.30.80.POS Delete all entries for this cred
190 user cred del m99990@@[user.name].TC_Cred1.test.com
192 Deleted Credential [m99990@@[THE_USER].TC_Cred1.test.com]
194 # TC_Cred1.30.99.POS List ns shows no creds attached
195 ns list name com.test.TC_Cred1.@[user.name]
198 List Namespaces by Name[com.test.TC_Cred1.@[THE_USER]]
199 --------------------------------------------------------------------------------
200 com.test.TC_Cred1.@[THE_USER]
204 @[THE_USER]@csp.att.com
206 com.test.TC_Cred1.@[THE_USER].admin
207 com.test.TC_Cred1.@[THE_USER].cred_admin
208 com.test.TC_Cred1.@[THE_USER].owner
209 com.test.TC_Cred1.@[THE_USER].pw_reset
211 com.test.TC_Cred1.@[THE_USER].access * *
212 com.test.TC_Cred1.@[THE_USER].access * read
214 m99999@@[THE_USER].TC_Cred1.test.com
216 as testid@aaf.att.com
217 # TC_Cred1.99.1.POS Delete credentials
218 force user cred del m99990@@[user.name].TC_Cred1.test.com
220 Failed [SVC5404]: Not Found - Credential does not exist
222 #TC_Cred1.99.2.POS Ensure Remove Role
224 role delete com.test.TC_Cred1.@[user.name].extendTemp
226 Failed [SVC3404]: Not Found - Role [com.test.TC_Cred1.@[THE_USER].extendTemp] does not exist
228 # TC_Cred1.99.10.POS Remove ability to create creds
229 force user role del testid@aaf.att.com com.test.TC_Cred1.@[user.name].cred_admin
231 Failed [SVC6404]: Not Found - User [ testid@aaf.att.com ] is not Assigned to the Role [ com.test.TC_Cred1.@[THE_USER].cred_admin ]
234 perm ungrant com.att.aaf.mechid com.att create com.test.TC_Cred1.@[user.name].cred_admin
236 UnGranted Permission [com.att.aaf.mechid|com.att|create] from Role [com.test.TC_Cred1.@[THE_USER].cred_admin]
238 force perm delete com.att.aaf.password com.test reset
242 force perm delete com.att.aaf.mechid com.test create
246 as testid@aaf.att.com
247 force role delete com.test.TC_Cred1.@[user.name].cred_admin
251 force role delete com.test.TC_Cred1.@[user.name].pw_reset
255 # TC_Cred1.99.99.POS Delete Namespace for TestSuite
257 set force=true ns delete com.test.TC_Cred1.@[user.name]
262 force ns delete com.test.TC_Cred1.@[user.name]
264 Failed [SVC2404]: Not Found - com.test.TC_Cred1.@[THE_USER] does not exist
266 force ns delete com.test.TC_Cred1
268 Failed [SVC2404]: Not Found - com.test.TC_Cred1 does not exist