set XX@NS set testid@aaf.att.com set testunused@aaf.att.com set bogus@aaf.att.com boguspass #delay 10 set NFR 0 as testid@aaf.att.com # TC_NS2.10.0.POS Check for Existing Data ns list name com.test.TC_NS2.@[user.name] ** Expect 200 ** List Namespaces by Name[com.test.TC_NS2.@[THE_USER]] -------------------------------------------------------------------------------- *** Namespace Not Found *** # TC_NS2.10.1.POS Create Namespace with valid IDs and Responsible Parties ns create com.test.TC_NS2.@[user.name] @[user.name] testid@aaf.att.com ** Expect 201 ** Created Namespace ns create com.test.TC_NS2.@[user.name].project @[user.name] testunused@aaf.att.com ** Expect 201 ** Created Namespace # TC_NS2.10.10.POS Create role to assign mechid perm to role create com.test.TC_NS2.@[user.name].cred_admin testid@aaf.att.com ** Expect 201 ** Created Role Added User [testid@aaf.att.com] to Role [com.test.TC_NS2.@[THE_USER].cred_admin] as XX@NS # TC_NS2.10.11.POS Assign role to mechid perm perm grant com.att.aaf.mechid com.att create com.test.TC_NS2.@[user.name].cred_admin ** Expect 201 ** Granted Permission [com.att.aaf.mechid|com.att|create] to Role [com.test.TC_NS2.@[THE_USER].cred_admin] as testid@aaf.att.com # TC_NS2.10.70.POS Expect Namespace to be created ns list name com.test.TC_NS2.@[user.name] ** Expect 200 ** List Namespaces by Name[com.test.TC_NS2.@[THE_USER]] -------------------------------------------------------------------------------- com.test.TC_NS2.@[THE_USER] Administrators testid@aaf.att.com Responsible Parties @[THE_USER]@csp.att.com Roles com.test.TC_NS2.@[THE_USER].admin com.test.TC_NS2.@[THE_USER].cred_admin com.test.TC_NS2.@[THE_USER].owner Permissions com.test.TC_NS2.@[THE_USER].access * * com.test.TC_NS2.@[THE_USER].access * read as testid@aaf.att.com # TC_NS2.10.70.POS Expect Namespace to be created perm list role com.test.TC_NS2.@[user.name].admin ** Expect 200 ** List Perms by Role [com.test.TC_NS2.@[THE_USER].admin] -------------------------------------------------------------------------------- PERM Type Instance Action -------------------------------------------------------------------------------- com.test.TC_NS2.@[THE_USER].access * * as testid@aaf.att.com # TC_NS2.10.70.POS Expect Namespace to be created perm list role com.test.TC_NS2.@[user.name].owner ** Expect 200 ** List Perms by Role [com.test.TC_NS2.@[THE_USER].owner] -------------------------------------------------------------------------------- PERM Type Instance Action -------------------------------------------------------------------------------- com.test.TC_NS2.@[THE_USER].access * read as testid@aaf.att.com # TC_NS2.10.70.POS Expect Namespace to be created role list perm com.test.TC_NS2.@[user.name].access * * ** Expect 200 ** List Roles by Perm com.test.TC_NS2.@[THE_USER].access|*|* -------------------------------------------------------------------------------- ROLE Name PERM Type Instance Action -------------------------------------------------------------------------------- com.test.TC_NS2.@[THE_USER].admin com.test.TC_NS2.@[THE_USER].access * * as testid@aaf.att.com # TC_NS2.10.70.POS Expect Namespace to be created role list perm com.test.TC_NS2.@[user.name].access * read ** Expect 200 ** List Roles by Perm com.test.TC_NS2.@[THE_USER].access|*|read -------------------------------------------------------------------------------- ROLE Name PERM Type Instance Action -------------------------------------------------------------------------------- com.test.TC_NS2.@[THE_USER].owner com.test.TC_NS2.@[THE_USER].access * read as testid@aaf.att.com # TC_NS2.10.80.POS Expect Namespace to be created ns list name com.test.TC_NS2.@[user.name].project ** Expect 200 ** List Namespaces by Name[com.test.TC_NS2.@[THE_USER].project] -------------------------------------------------------------------------------- com.test.TC_NS2.@[THE_USER].project Administrators testunused@aaf.att.com Responsible Parties @[THE_USER]@csp.att.com Roles com.test.TC_NS2.@[THE_USER].project.admin com.test.TC_NS2.@[THE_USER].project.owner Permissions com.test.TC_NS2.@[THE_USER].project.access * * com.test.TC_NS2.@[THE_USER].project.access * read as testid@aaf.att.com # TC_NS2.10.80.POS Expect Namespace to be created perm list role com.test.TC_NS2.@[user.name].project.admin ** Expect 200 ** List Perms by Role [com.test.TC_NS2.@[THE_USER].project.admin] -------------------------------------------------------------------------------- PERM Type Instance Action -------------------------------------------------------------------------------- com.test.TC_NS2.@[THE_USER].project.access * * as testid@aaf.att.com # TC_NS2.10.80.POS Expect Namespace to be created perm list role com.test.TC_NS2.@[user.name].project.owner ** Expect 200 ** List Perms by Role [com.test.TC_NS2.@[THE_USER].project.owner] -------------------------------------------------------------------------------- PERM Type Instance Action -------------------------------------------------------------------------------- com.test.TC_NS2.@[THE_USER].project.access * read as testid@aaf.att.com # TC_NS2.10.80.POS Expect Namespace to be created role list perm com.test.TC_NS2.@[user.name].project.access * * ** Expect 200 ** List Roles by Perm com.test.TC_NS2.@[THE_USER].project.access|*|* -------------------------------------------------------------------------------- ROLE Name PERM Type Instance Action -------------------------------------------------------------------------------- com.test.TC_NS2.@[THE_USER].project.admin com.test.TC_NS2.@[THE_USER].project.access * * as testid@aaf.att.com # TC_NS2.10.80.POS Expect Namespace to be created role list perm com.test.TC_NS2.@[user.name].project.access * read ** Expect 200 ** List Roles by Perm com.test.TC_NS2.@[THE_USER].project.access|*|read -------------------------------------------------------------------------------- ROLE Name PERM Type Instance Action -------------------------------------------------------------------------------- com.test.TC_NS2.@[THE_USER].project.owner com.test.TC_NS2.@[THE_USER].project.access * read as testid@aaf.att.com # TC_NS2.20.1.POS Create roles role create com.test.TC_NS2.@[user.name].watcher ** Expect 201 ** Created Role role create com.test.TC_NS2.@[user.name].myRole ** Expect 201 ** Created Role # TC_NS2.20.2.POS Create permissions perm create com.test.TC_NS2.@[user.name].myType myInstance myAction ** Expect 201 ** Created Permission perm create com.test.TC_NS2.@[user.name].myType * * ** Expect 201 ** Created Permission # TC_NS2.20.3.POS Create mechid user cred add m99990@@[user.name].TC_NS2.test.com password123 ** Expect 201 ** Added Credential [m99990@@[THE_USER].TC_NS2.test.com] as XX@NS # TC_NS2.20.10.POS Grant view perms to watcher role perm create com.att.aaf.ns :com.test.TC_NS2.@[user.name]:ns read com.test.TC_NS2.@[user.name].watcher ** Expect 201 ** Created Permission Granted Permission [com.att.aaf.ns|:com.test.TC_NS2.@[THE_USER]:ns|read] to Role [com.test.TC_NS2.@[THE_USER].watcher] as testunused@aaf.att.com # TC_NS2.40.1.NEG Non-admin, not granted user should not view ns list name com.test.TC_NS2.@[user.name] ** Expect 403 ** Failed [SVC1403]: Forbidden - [testunused@aaf.att.com] may not read in NS [com.test.TC_NS2.@[THE_USER]] as testid@aaf.att.com # Tens test user granted to permission # TC_NS2.40.10.POS Add user to watcher role user role add testunused@aaf.att.com com.test.TC_NS2.@[user.name].watcher ** Expect 201 ** Added Role [com.test.TC_NS2.@[THE_USER].watcher] to User [testunused@aaf.att.com] as testunused@aaf.att.com # TC_NS2.40.11.POS Non-admin, granted user should view ns list name com.test.TC_NS2.@[user.name] ** Expect 200 ** List Namespaces by Name[com.test.TC_NS2.@[THE_USER]] -------------------------------------------------------------------------------- com.test.TC_NS2.@[THE_USER] Administrators testid@aaf.att.com Responsible Parties @[THE_USER]@csp.att.com Roles com.test.TC_NS2.@[THE_USER].admin com.test.TC_NS2.@[THE_USER].cred_admin com.test.TC_NS2.@[THE_USER].myRole com.test.TC_NS2.@[THE_USER].owner com.test.TC_NS2.@[THE_USER].watcher Permissions com.test.TC_NS2.@[THE_USER].access * * com.test.TC_NS2.@[THE_USER].access * read com.test.TC_NS2.@[THE_USER].myType * * com.test.TC_NS2.@[THE_USER].myType myInstance myAction Credentials m99990@@[THE_USER].TC_NS2.test.com as testid@aaf.att.com # TC_NS2.40.19.POS Remove user from watcher role user role del testunused@aaf.att.com com.test.TC_NS2.@[user.name].watcher ** Expect 200 ** Removed Role [com.test.TC_NS2.@[THE_USER].watcher] from User [testunused@aaf.att.com] # Thirties test admin user # TC_NS2.40.20.POS Admin should be able to view ns list name com.test.TC_NS2.@[user.name] ** Expect 200 ** List Namespaces by Name[com.test.TC_NS2.@[THE_USER]] -------------------------------------------------------------------------------- com.test.TC_NS2.@[THE_USER] Administrators testid@aaf.att.com Responsible Parties @[THE_USER]@csp.att.com Roles com.test.TC_NS2.@[THE_USER].admin com.test.TC_NS2.@[THE_USER].cred_admin com.test.TC_NS2.@[THE_USER].myRole com.test.TC_NS2.@[THE_USER].owner com.test.TC_NS2.@[THE_USER].watcher Permissions com.test.TC_NS2.@[THE_USER].access * * com.test.TC_NS2.@[THE_USER].access * read com.test.TC_NS2.@[THE_USER].myType * * com.test.TC_NS2.@[THE_USER].myType myInstance myAction Credentials m99990@@[THE_USER].TC_NS2.test.com # TC_NS2.40.21.POS Admin of parent NS should be able to view ns list name com.test.TC_NS2.@[user.name].project ** Expect 200 ** List Namespaces by Name[com.test.TC_NS2.@[THE_USER].project] -------------------------------------------------------------------------------- com.test.TC_NS2.@[THE_USER].project Administrators testunused@aaf.att.com Responsible Parties @[THE_USER]@csp.att.com Roles com.test.TC_NS2.@[THE_USER].project.admin com.test.TC_NS2.@[THE_USER].project.owner Permissions com.test.TC_NS2.@[THE_USER].project.access * * com.test.TC_NS2.@[THE_USER].project.access * read # TC_NS2.41.10.POS List by User when Same as Caller as testunused@aaf.att.com ns list admin testunused@aaf.att.com ** Expect 200 ** List Namespaces with admin privileges for [testunused@aaf.att.com] -------------------------------------------------------------------------------- com.test.TC_NS2.@[THE_USER].project # TC_NS2.41.15.POS List by User when not same as Caller, but own/admin namespace of Roles as testid@aaf.att.com ns list admin testunused@aaf.att.com ** Expect 200 ** List Namespaces with admin privileges for [testunused@aaf.att.com] -------------------------------------------------------------------------------- com.test.TC_NS2.@[THE_USER].project # TC_NS2.41.20.POS List by User when not same as Caller, but parent owner of Namespace as XX@NS ns list admin testunused@aaf.att.com ** Expect 200 ** List Namespaces with admin privileges for [testunused@aaf.att.com] -------------------------------------------------------------------------------- com.test.TC_NS2.@[THE_USER].project # TC_NS2.41.80.NEG List by User when not Caller nor associated to Namespace as testunused@aaf.att.com ns list admin XX@NS ** Expect 200 ** List Namespaces with admin privileges for [XX@NS] -------------------------------------------------------------------------------- com com.att com.att.aaf com.test as testid@aaf.att.com # TC_NS2.99.1.POS Namespace Admin can delete Namepace defined Roles & Perms role delete com.test.TC_NS2.@[user.name].myRole ** Expect 200,404 ** Deleted Role role delete com.test.TC_NS2.@[user.name].watcher ** Expect 200,404 ** Deleted Role perm delete com.test.TC_NS2.@[user.name].myType myInstance myAction ** Expect 200,404 ** Deleted Permission perm delete com.test.TC_NS2.@[user.name].myType * * ** Expect 200,404 ** Deleted Permission user cred del m99990@@[user.name].TC_NS2.test.com ** Expect 200,404 ** Deleted Credential [m99990@@[THE_USER].TC_NS2.test.com] as XX@NS force perm delete com.att.aaf.ns :com.test.TC_NS2.@[user.name]:ns read ** Expect 200,404 ** Deleted Permission # TC_NS2.99.15.POS Remove ability to create creds perm ungrant com.att.aaf.mechid com.att create com.test.TC_NS2.@[user.name].cred_admin ** Expect 200,404 ** UnGranted Permission [com.att.aaf.mechid|com.att|create] from Role [com.test.TC_NS2.@[THE_USER].cred_admin] as testid@aaf.att.com force role delete com.test.TC_NS2.@[user.name].cred_admin ** Expect 200,404 ** Deleted Role # TC_NS2.99.90.POS Namespace Admin can delete Namespace force ns delete com.test.TC_NS2.@[user.name].project ** Expect 200,404 ** Deleted Namespace force ns delete com.test.TC_NS2.@[user.name] ** Expect 200,404 ** Deleted Namespace sleep 0 # TC_NS2.99.99.POS Check Clean Namespace ns list name com.test.TC_NS2.@[user.name] ** Expect 200,404 ** List Namespaces by Name[com.test.TC_NS2.@[THE_USER]] -------------------------------------------------------------------------------- *** Namespace Not Found ***