2 set testid@aaf.att.com <pass>
8 # TC_Perm1.10.0.POS Validate Namespace is empty first
10 ns list name com.test.TC_Perm1.@[user.name]
13 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
14 --------------------------------------------------------------------------------
15 *** Namespace Not Found ***
17 # TC_Perm1.10.1.POS Create Namespace with valid IDs and Responsible Parties
18 ns create com.test.TC_Perm1.@[user.name] @[user.name] testid@aaf.att.com
22 # TC_Perm1.10.10.POS Create role to assign mechid perm to
23 role create com.test.TC_Perm1.@[user.name].cred_admin
28 # TC_Perm1.10.11.POS Assign role to mechid perm
29 perm grant com.att.aaf.mechid com.att create com.test.TC_Perm1.@[user.name].cred_admin
31 Granted Permission [com.att.aaf.mechid|com.att|create] to Role [com.test.TC_Perm1.@[THE_USER].cred_admin]
34 # TC_Perm1.10.12.POS Assign user for creating creds
35 user role add XX@NS com.test.TC_Perm1.@[user.name].cred_admin
37 Added Role [com.test.TC_Perm1.@[THE_USER].cred_admin] to User [XX@NS]
39 # TC_Perm1.20.1.POS List Data on non-Empty NS
40 ns list name com.test.TC_Perm1.@[user.name]
43 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
44 --------------------------------------------------------------------------------
45 com.test.TC_Perm1.@[THE_USER]
49 @[THE_USER]@csp.att.com
51 com.test.TC_Perm1.@[THE_USER].admin
52 com.test.TC_Perm1.@[THE_USER].cred_admin
53 com.test.TC_Perm1.@[THE_USER].owner
55 com.test.TC_Perm1.@[THE_USER].access * *
56 com.test.TC_Perm1.@[THE_USER].access * read
58 # TC_Perm1.20.2.POS Add Perm
59 perm create com.test.TC_Perm1.@[user.name].p.A myInstance myAction
63 # TC_Perm1.20.3.NEG Already Added Perm
64 perm create com.test.TC_Perm1.@[user.name].p.A myInstance myAction
66 Failed [SVC1409]: Conflict Already Exists - Permission [com.test.TC_Perm1.@[THE_USER].p.A|myInstance|myAction] already exists.
68 # TC_Perm1.20.4.POS Add Perm with non-existent Roles as well
69 force perm create com.test.TC_Perm1.@[user.name].p.B myInstance myAction com.test.TC_Perm1.@[user.name].r.A,com.test.TC_Perm1.@[user.name].r.B
71 Created Role [com.test.TC_Perm1.@[THE_USER].r.A]
72 Created Role [com.test.TC_Perm1.@[THE_USER].r.B]
74 Granted Permission [com.test.TC_Perm1.@[THE_USER].p.B|myInstance|myAction] to Role [com.test.TC_Perm1.@[THE_USER].r.A]
75 Granted Permission [com.test.TC_Perm1.@[THE_USER].p.B|myInstance|myAction] to Role [com.test.TC_Perm1.@[THE_USER].r.B]
77 # TC_Perm1.20.8.POS Print Info for Validation
78 ns list name com.test.TC_Perm1.@[user.name]
81 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
82 --------------------------------------------------------------------------------
83 com.test.TC_Perm1.@[THE_USER]
87 @[THE_USER]@csp.att.com
89 com.test.TC_Perm1.@[THE_USER].admin
90 com.test.TC_Perm1.@[THE_USER].cred_admin
91 com.test.TC_Perm1.@[THE_USER].owner
92 com.test.TC_Perm1.@[THE_USER].r.A
93 com.test.TC_Perm1.@[THE_USER].r.B
95 com.test.TC_Perm1.@[THE_USER].access * *
96 com.test.TC_Perm1.@[THE_USER].access * read
97 com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
98 com.test.TC_Perm1.@[THE_USER].p.B myInstance myAction
100 # TC_Perm1.20.9.NEG Already Added Perm with some Roles as well
101 perm create com.test.TC_Perm1.@[user.name].p.B myInstance myAction com.test.TC_Perm1.@[user.name].r.A,com.test.TC_Perm1.@[user.name].r.B
103 Failed [SVC1409]: Conflict Already Exists - Permission [com.test.TC_Perm1.@[THE_USER].p.B|myInstance|myAction] already exists.
105 # TC_Perm1.20.10.NEG Non-admins can't change description
107 perm describe com.test.TC_Perm1.@[user.name].p.A myInstance myAction Description for A
109 Failed [SVC1403]: Forbidden - You do not have approval to change Permission [com.test.TC_Perm1.@[THE_USER].p.A|myInstance|myAction]
111 # TC_Perm1.20.11.NEG Permission must exist to change description
113 perm describe com.test.TC_Perm1.@[user.name].p.C myInstance myAction Description for C
115 Failed [SVC1404]: Not Found - Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] does not exist
117 # TC_Perm1.20.12.POS Admin can change description
118 perm describe com.test.TC_Perm1.@[user.name].p.A myInstance myAction Description for A
120 Description added to Permission
122 # TC_Perm1.22.1.NEG Try to rename permission without changing anything
123 perm rename com.test.TC_Perm1.@[user.name].p.B myInstance myAction com.test.TC_Perm1.@[user.name].p.B myInstance myAction
125 Failed [SVC1409]: Conflict Already Exists - New Permission must be different than original permission
127 # TC_Perm1.22.2.NEG Try to rename parent ns
128 perm rename com.test.TC_Perm1.@[user.name].p.B myInstance myAction com.att.TC_Perm1.@[user.name].p.C myInstance myAction
130 Failed [SVC1403]: Forbidden - You do not have approval to change Permission [com.att.TC_Perm1.@[THE_USER].p.C|myInstance|myAction]
132 # TC_Perm1.22.10.POS View permission in original state
133 ns list name com.test.TC_Perm1.@[user.name]
136 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
137 --------------------------------------------------------------------------------
138 com.test.TC_Perm1.@[THE_USER]
142 @[THE_USER]@csp.att.com
144 com.test.TC_Perm1.@[THE_USER].admin
145 com.test.TC_Perm1.@[THE_USER].cred_admin
146 com.test.TC_Perm1.@[THE_USER].owner
147 com.test.TC_Perm1.@[THE_USER].r.A
148 com.test.TC_Perm1.@[THE_USER].r.B
150 com.test.TC_Perm1.@[THE_USER].access * *
151 com.test.TC_Perm1.@[THE_USER].access * read
152 com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
153 com.test.TC_Perm1.@[THE_USER].p.B myInstance myAction
155 # TC_Perm1.22.11.POS Rename permission instance
156 perm rename com.test.TC_Perm1.@[user.name].p.B myInstance myAction com.test.TC_Perm1.@[user.name].p.B yourInstance myAction
160 # TC_Perm1.22.12.POS Verify change in permission instance
161 ns list name com.test.TC_Perm1.@[user.name]
164 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
165 --------------------------------------------------------------------------------
166 com.test.TC_Perm1.@[THE_USER]
170 @[THE_USER]@csp.att.com
172 com.test.TC_Perm1.@[THE_USER].admin
173 com.test.TC_Perm1.@[THE_USER].cred_admin
174 com.test.TC_Perm1.@[THE_USER].owner
175 com.test.TC_Perm1.@[THE_USER].r.A
176 com.test.TC_Perm1.@[THE_USER].r.B
178 com.test.TC_Perm1.@[THE_USER].access * *
179 com.test.TC_Perm1.@[THE_USER].access * read
180 com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
181 com.test.TC_Perm1.@[THE_USER].p.B yourInstance myAction
183 # TC_Perm1.22.13.POS Rename permission action
184 perm rename com.test.TC_Perm1.@[user.name].p.B yourInstance myAction com.test.TC_Perm1.@[user.name].p.B yourInstance yourAction
188 # TC_Perm1.22.14.POS Verify change in permission action
189 ns list name com.test.TC_Perm1.@[user.name]
192 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
193 --------------------------------------------------------------------------------
194 com.test.TC_Perm1.@[THE_USER]
198 @[THE_USER]@csp.att.com
200 com.test.TC_Perm1.@[THE_USER].admin
201 com.test.TC_Perm1.@[THE_USER].cred_admin
202 com.test.TC_Perm1.@[THE_USER].owner
203 com.test.TC_Perm1.@[THE_USER].r.A
204 com.test.TC_Perm1.@[THE_USER].r.B
206 com.test.TC_Perm1.@[THE_USER].access * *
207 com.test.TC_Perm1.@[THE_USER].access * read
208 com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
209 com.test.TC_Perm1.@[THE_USER].p.B yourInstance yourAction
211 # TC_Perm1.22.15.POS Rename permission type
212 perm rename com.test.TC_Perm1.@[user.name].p.B yourInstance yourAction com.test.TC_Perm1.@[user.name].p.yourB yourInstance yourAction
216 # TC_Perm1.22.16.POS Verify change in permission type
217 ns list name com.test.TC_Perm1.@[user.name]
220 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
221 --------------------------------------------------------------------------------
222 com.test.TC_Perm1.@[THE_USER]
226 @[THE_USER]@csp.att.com
228 com.test.TC_Perm1.@[THE_USER].admin
229 com.test.TC_Perm1.@[THE_USER].cred_admin
230 com.test.TC_Perm1.@[THE_USER].owner
231 com.test.TC_Perm1.@[THE_USER].r.A
232 com.test.TC_Perm1.@[THE_USER].r.B
234 com.test.TC_Perm1.@[THE_USER].access * *
235 com.test.TC_Perm1.@[THE_USER].access * read
236 com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
237 com.test.TC_Perm1.@[THE_USER].p.yourB yourInstance yourAction
239 # TC_Perm1.22.20.POS See permission is attached to this role
240 role list role com.test.TC_Perm1.@[user.name].r.A
243 List Roles for Role[com.test.TC_Perm1.@[THE_USER].r.A]
244 --------------------------------------------------------------------------------
246 PERM Type Instance Action
247 --------------------------------------------------------------------------------
248 com.test.TC_Perm1.@[THE_USER].r.A
249 com.test.TC_Perm1.@[THE_USER].p.yourB yourInstance yourAction
251 # TC_Perm1.22.21.POS Rename permission type, instance and action
252 perm rename com.test.TC_Perm1.@[user.name].p.yourB yourInstance yourAction com.test.TC_Perm1.@[user.name].p.B myInstance myAction
256 # TC_Perm1.22.22.POS See permission stays attached after rename
257 role list role com.test.TC_Perm1.@[user.name].r.A
260 List Roles for Role[com.test.TC_Perm1.@[THE_USER].r.A]
261 --------------------------------------------------------------------------------
263 PERM Type Instance Action
264 --------------------------------------------------------------------------------
265 com.test.TC_Perm1.@[THE_USER].r.A
266 com.test.TC_Perm1.@[THE_USER].p.B myInstance myAction
268 # TC_Perm1.22.23.POS Verify permission is back to original state
269 ns list name com.test.TC_Perm1.@[user.name]
272 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
273 --------------------------------------------------------------------------------
274 com.test.TC_Perm1.@[THE_USER]
278 @[THE_USER]@csp.att.com
280 com.test.TC_Perm1.@[THE_USER].admin
281 com.test.TC_Perm1.@[THE_USER].cred_admin
282 com.test.TC_Perm1.@[THE_USER].owner
283 com.test.TC_Perm1.@[THE_USER].r.A
284 com.test.TC_Perm1.@[THE_USER].r.B
286 com.test.TC_Perm1.@[THE_USER].access * *
287 com.test.TC_Perm1.@[THE_USER].access * read
288 com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
289 com.test.TC_Perm1.@[THE_USER].p.B myInstance myAction
291 # TC_Perm1.25.1.POS Create another Role in This namespace
292 role create com.test.TC_Perm1.@[user.name].r.C
296 # TC_Perm1.25.2.POS Create another Perm in This namespace
297 perm create com.test.TC_Perm1.@[user.name].p.C myInstance myAction
301 # TC_Perm1.25.3.NEG Permission must Exist to Add to Role
302 perm grant com.test.TC_Perm1.@[user.name].p.NO myInstance myAction com.test.TC_Perm1.@[user.name].r.C
304 Failed [SVC4404]: Not Found - Permission [com.test.TC_Perm1.@[THE_USER].p.NO|myInstance|myAction] does not exist
306 # TC_Perm1.25.4.POS Grant individual new Perm to new Role
307 perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.C
309 Granted Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] to Role [com.test.TC_Perm1.@[THE_USER].r.C]
311 # TC_Perm1.25.5.NEG Already Granted Perm
312 perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.C
314 Failed [SVC1409]: Conflict Already Exists - Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] already granted to Role [com.test.TC_Perm1.@[THE_USER].r.C]
316 # TC_Perm1.25.6.POS Print Info for Validation
317 ns list name com.test.TC_Perm1.@[user.name]
320 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
321 --------------------------------------------------------------------------------
322 com.test.TC_Perm1.@[THE_USER]
326 @[THE_USER]@csp.att.com
328 com.test.TC_Perm1.@[THE_USER].admin
329 com.test.TC_Perm1.@[THE_USER].cred_admin
330 com.test.TC_Perm1.@[THE_USER].owner
331 com.test.TC_Perm1.@[THE_USER].r.A
332 com.test.TC_Perm1.@[THE_USER].r.B
333 com.test.TC_Perm1.@[THE_USER].r.C
335 com.test.TC_Perm1.@[THE_USER].access * *
336 com.test.TC_Perm1.@[THE_USER].access * read
337 com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
338 com.test.TC_Perm1.@[THE_USER].p.B myInstance myAction
339 com.test.TC_Perm1.@[THE_USER].p.C myInstance myAction
341 # TC_Perm1.25.10.POS UnGrant individual new Perm to new Role
342 perm ungrant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.C
344 UnGranted Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] from Role [com.test.TC_Perm1.@[THE_USER].r.C]
346 # TC_Perm1.25.11.NEG Already UnGranted Perm
347 perm ungrant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.C
349 Failed [SVC4404]: Not Found - Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] not associated with any Role
351 # TC_Perm1.25.20.POS Reset roles attached to permision with setTo
352 perm setTo com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.C,com.test.TC_Perm1.@[user.name].r.A
354 Set Permission's Roles to [com.test.TC_Perm1.@[THE_USER].r.C,com.test.TC_Perm1.@[THE_USER].r.A]
356 # TC_Perm1.25.21.POS Owner of permission can reset roles
357 perm setTo com.test.TC_Perm1.@[user.name].p.C myInstance myAction
359 Set Permission's Roles to []
361 # TC_Perm1.26.1.POS Create another Namespace, not owned by testid, one in company, one not
363 ns create com.test2.TC_Perm1.@[user.name] @[user.name] XX@NS
367 ns create com.test.TC_Perm1.@[user.name]_2 @[user.name] XX@NS
371 # TC_Perm1.26.2.POS Create ID in other Namespace
372 user cred add m99990@@[user.name].TC_Perm1.test2.com aRealPass7
374 Added Credential [m99990@@[THE_USER].TC_Perm1.test2.com]
376 # TC_Perm1.26.3.POS Create a Role in other Namespaces, not owned by testid
377 role create com.test2.TC_Perm1.@[user.name].r.C
381 role create com.test2.TC_Perm1.@[user.name]_2.r.C
385 # TC_Perm1.26.11.NEG Grant Perm to Role in Other Namespace, when Role ID
386 as m99990@@[THE_USER].TC_Perm1.test2.com
387 perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test2.TC_Perm1.@[user.name].r.C
389 Failed [SVC1403]: Forbidden - [m99990@@[THE_USER].TC_Perm1.test2.com] may not write Perm [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction]
391 # TC_Perm1.26.11a.NEG Grant Perm to Role in Other Namespace, when Role ID
392 as m99990@@[THE_USER].TC_Perm1.test2.com
394 perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test2.TC_Perm1.@[user.name].r.C
396 Permission Role Granted Accepted, but requires Approvals before actualizing
398 # TC_Perm1.26.12.NEG Grant Perm to Role in Other Namespace, when Perm ID, but different Company
399 as testid@aaf.att.com
400 perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test2.TC_Perm1.@[user.name].r.C
402 Failed [SVC1403]: Forbidden - [testid@aaf.att.com] may not write Role [com.test2.TC_Perm1.@[THE_USER].r.C]
404 # TC_Perm1.26.13.NEG Fail Grant Perm to Role in Other Namespace, when Perm ID, but same Company
405 as testid@aaf.att.com
406 perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name]_2.r.C
408 Failed [SVC3404]: Not Found - Role [com.test.TC_Perm1.@[THE_USER]_2.r.C] does not exist
410 # TC_Perm1.26.14.POS Create Role
411 as testid@aaf.att.com
412 role create com.test.TC_Perm1.@[user.name]_2.r.C
416 # TC_Perm1.26.15.POS Fail Create/Grant Perm to Role in Other Namespace, when Perm ID, but same Company
417 perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name]_2.r.C
419 Granted Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] to Role [com.test.TC_Perm1.@[THE_USER]_2.r.C]
421 # TC_Perm1.26.16.POS Print Info for Validation
422 ns list name com.test.TC_Perm1.@[user.name]
425 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
426 --------------------------------------------------------------------------------
427 com.test.TC_Perm1.@[THE_USER]
431 @[THE_USER]@csp.att.com
433 com.test.TC_Perm1.@[THE_USER].admin
434 com.test.TC_Perm1.@[THE_USER].cred_admin
435 com.test.TC_Perm1.@[THE_USER].owner
436 com.test.TC_Perm1.@[THE_USER].r.A
437 com.test.TC_Perm1.@[THE_USER].r.B
438 com.test.TC_Perm1.@[THE_USER].r.C
440 com.test.TC_Perm1.@[THE_USER].access * *
441 com.test.TC_Perm1.@[THE_USER].access * read
442 com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
443 com.test.TC_Perm1.@[THE_USER].p.B myInstance myAction
444 com.test.TC_Perm1.@[THE_USER].p.C myInstance myAction
446 # TC_Perm1.26.17.POS Grant individual new Perm to new Role
447 perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.C
449 Granted Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] to Role [com.test.TC_Perm1.@[THE_USER].r.C]
451 # TC_Perm1.26.18.NEG Already Granted Perm
452 perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.C
454 Failed [SVC1409]: Conflict Already Exists - Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] already granted to Role [com.test.TC_Perm1.@[THE_USER].r.C]
456 # TC_Perm1.26.19.POS UnGrant Perm from Role in Other Namespace, when Perm ID
457 perm ungrant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name]_2.r.C
459 UnGranted Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] from Role [com.test.TC_Perm1.@[THE_USER]_2.r.C]
461 # TC_Perm1.26.21.NEG No Permission to Grant Perm to Role with Unrelated ID
462 as m99990@@[THE_USER].TC_Perm1.test2.com
463 perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test2.TC_Perm1.@[user.name].r.C
465 Failed [SVC1403]: Forbidden - [m99990@@[THE_USER].TC_Perm1.test2.com] may not write Perm [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction]
467 # TC_Perm1.26.22.NEG No Permission to Grant Perm to Role with Unrelated ID
469 as m99990@@[THE_USER].TC_Perm1.test2.com
470 perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test2.TC_Perm1.@[user.name].r.C
472 Permission Role Granted Accepted, but requires Approvals before actualizing
474 # TC_Perm1.26.25.NEG No Permission to UnGrant with Unrelated ID
475 perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.B
477 Failed [SVC1403]: Forbidden - [m99990@@[THE_USER].TC_Perm1.test2.com] may not write Perm [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction]
479 # TC_Perm1.26.26.NEG No Permission to UnGrant with Unrelated ID
481 perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.B
483 Permission Role Granted Accepted, but requires Approvals before actualizing
485 # TC_Perm1.26.30.POS Add ID to Role
487 ns admin add com.test2.TC_Perm1.@[user.name] m99990@@[user.name].TC_Perm1.test2.com
489 Admin m99990@@[THE_USER].TC_Perm1.test2.com added to com.test2.TC_Perm1.@[THE_USER]
491 as m99990@@[THE_USER].TC_Perm1.test2.com
493 # TC_Perm1.26.31.NEG No Permission Grant Perm to Role if not Perm Owner
494 perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test2.TC_Perm1.@[user.name].r.C
496 Failed [SVC1403]: Forbidden - [m99990@@[THE_USER].TC_Perm1.test2.com] may not write Perm [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction]
498 # TC_Perm1.26.31.NEG No Permission Grant Perm to Role if not Perm Owner
500 perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test2.TC_Perm1.@[user.name].r.C
502 Permission Role Granted Accepted, but requires Approvals before actualizing
504 # TC_Perm1.26.32.POS Grant individual new Perm to Role in Other Namespace
505 as testid@aaf.att.com
506 perm grant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name]_2.r.C
508 Granted Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] to Role [com.test.TC_Perm1.@[THE_USER]_2.r.C]
510 # TC_Perm1.26.34.POS Print Info for Validation
511 ns list name com.test.TC_Perm1.@[user.name]
514 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
515 --------------------------------------------------------------------------------
516 com.test.TC_Perm1.@[THE_USER]
520 @[THE_USER]@csp.att.com
522 com.test.TC_Perm1.@[THE_USER].admin
523 com.test.TC_Perm1.@[THE_USER].cred_admin
524 com.test.TC_Perm1.@[THE_USER].owner
525 com.test.TC_Perm1.@[THE_USER].r.A
526 com.test.TC_Perm1.@[THE_USER].r.B
527 com.test.TC_Perm1.@[THE_USER].r.C
529 com.test.TC_Perm1.@[THE_USER].access * *
530 com.test.TC_Perm1.@[THE_USER].access * read
531 com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
532 com.test.TC_Perm1.@[THE_USER].p.B myInstance myAction
533 com.test.TC_Perm1.@[THE_USER].p.C myInstance myAction
536 # TC_Perm1.26.35.POS Print Info for Validation
537 ns list name com.test2.TC_Perm1.@[user.name]
540 List Namespaces by Name[com.test2.TC_Perm1.@[THE_USER]]
541 --------------------------------------------------------------------------------
542 com.test2.TC_Perm1.@[THE_USER]
545 m99990@@[THE_USER].TC_Perm1.test2.com
547 @[THE_USER]@csp.att.com
549 com.test2.TC_Perm1.@[THE_USER].admin
550 com.test2.TC_Perm1.@[THE_USER].owner
551 com.test2.TC_Perm1.@[THE_USER].r.C
553 com.test2.TC_Perm1.@[THE_USER].access * *
554 com.test2.TC_Perm1.@[THE_USER].access * read
556 m99990@@[THE_USER].TC_Perm1.test2.com
558 as testid@aaf.att.com
559 # TC_Perm1.26.36.POS UnGrant individual new Perm to new Role
560 as testid@aaf.att.com
561 perm ungrant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name]_2.r.C
563 UnGranted Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] from Role [com.test.TC_Perm1.@[THE_USER]_2.r.C]
565 # TC_Perm1.26.37.NEG Already UnGranted Perm
566 perm ungrant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name]_2.r.C
568 Failed [SVC4404]: Not Found - Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] not associated with any Role
570 # TC_Perm1.26.40.POS Reset roles attached to permision with setTo
571 perm setTo com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.C,com.test.TC_Perm1.@[user.name].r.A
573 Set Permission's Roles to [com.test.TC_Perm1.@[THE_USER].r.C,com.test.TC_Perm1.@[THE_USER].r.A]
575 # TC_Perm1.26.41.NEG Non-owner of permission cannot reset roles
576 as m99990@@[THE_USER].TC_Perm1.test2.com
577 perm setTo com.test.TC_Perm1.@[user.name].p.C myInstance myAction
579 Failed [SVC1403]: Forbidden - [m99990@@[THE_USER].TC_Perm1.test2.com] may not write Perm [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction]
581 # TC_Perm1.26.42.NEG Non-owner of permission cannot ungrant
582 perm ungrant com.test.TC_Perm1.@[user.name].p.C myInstance myAction com.test.TC_Perm1.@[user.name].r.C
584 Failed [SVC1403]: Forbidden - [m99990@@[THE_USER].TC_Perm1.test2.com] may not write Perm [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction]
586 # TC_Perm1.26.43.NEG Non-owner of permission cannot delete
587 perm delete com.test.TC_Perm1.@[user.name].p.C myInstance myAction
589 Failed [SVC1403]: Forbidden - [m99990@@[THE_USER].TC_Perm1.test2.com] may not write Perm [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction]
591 # TC_Perm1.26.45.POS Owner of permission can reset roles
592 as testid@aaf.att.com
593 perm setTo com.test.TC_Perm1.@[user.name].p.C myInstance myAction
595 Set Permission's Roles to []
598 # TC_Perm1.26.97.POS List the Namespaces
599 ns list name com.test.TC_Perm1.@[user.name]
602 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
603 --------------------------------------------------------------------------------
604 com.test.TC_Perm1.@[THE_USER]
608 @[THE_USER]@csp.att.com
610 com.test.TC_Perm1.@[THE_USER].admin
611 com.test.TC_Perm1.@[THE_USER].cred_admin
612 com.test.TC_Perm1.@[THE_USER].owner
613 com.test.TC_Perm1.@[THE_USER].r.A
614 com.test.TC_Perm1.@[THE_USER].r.B
615 com.test.TC_Perm1.@[THE_USER].r.C
617 com.test.TC_Perm1.@[THE_USER].access * *
618 com.test.TC_Perm1.@[THE_USER].access * read
619 com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
620 com.test.TC_Perm1.@[THE_USER].p.B myInstance myAction
621 com.test.TC_Perm1.@[THE_USER].p.C myInstance myAction
623 ns list name com.test2.TC_Perm1.@[user.name]
626 List Namespaces by Name[com.test2.TC_Perm1.@[THE_USER]]
627 --------------------------------------------------------------------------------
628 com.test2.TC_Perm1.@[THE_USER]
631 m99990@@[THE_USER].TC_Perm1.test2.com
633 @[THE_USER]@csp.att.com
635 com.test2.TC_Perm1.@[THE_USER].admin
636 com.test2.TC_Perm1.@[THE_USER].owner
637 com.test2.TC_Perm1.@[THE_USER].r.C
639 com.test2.TC_Perm1.@[THE_USER].access * *
640 com.test2.TC_Perm1.@[THE_USER].access * read
642 m99990@@[THE_USER].TC_Perm1.test2.com
644 as testid@aaf.att.com
645 # TC_Perm1.26.98.POS Cleanup
646 role delete com.test.TC_Perm1.@[user.name].r.A
650 role delete com.test.TC_Perm1.@[user.name].r.B
654 role delete com.test.TC_Perm1.@[user.name].r.C
658 role delete com.test.TC_Perm1.@[user.name]_2.r.C
663 role delete com.test2.TC_Perm1.@[user.name]_2.r.C
667 role delete com.test2.TC_Perm1.@[user.name].r.C
671 as testid@aaf.att.com
672 perm delete com.test.TC_Perm1.@[user.name].p.A myInstance myAction
676 perm delete com.test.TC_Perm1.@[user.name].p.B myInstance myAction
680 perm delete com.test.TC_Perm1.@[user.name].p.C myInstance myAction
684 force ns delete com.test.TC_Perm1.@[user.name]_2
690 set force=true user cred del m99990@@[user.name].TC_Perm1.test2.com
692 Deleted Credential [m99990@@[THE_USER].TC_Perm1.test2.com]
694 ns delete com.test2.TC_Perm1.@[user.name]
698 # TC_Perm1.26.99.POS List the Now Empty Namespaces
699 ns list name com.test.TC_Perm1.@[user.name]
702 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
703 --------------------------------------------------------------------------------
704 com.test.TC_Perm1.@[THE_USER]
708 @[THE_USER]@csp.att.com
710 com.test.TC_Perm1.@[THE_USER].admin
711 com.test.TC_Perm1.@[THE_USER].cred_admin
712 com.test.TC_Perm1.@[THE_USER].owner
714 com.test.TC_Perm1.@[THE_USER].access * *
715 com.test.TC_Perm1.@[THE_USER].access * read
717 ns list name com.test2.TC_Perm1.@[user.name]
720 List Namespaces by Name[com.test2.TC_Perm1.@[THE_USER]]
721 --------------------------------------------------------------------------------
722 *** Namespace Not Found ***
724 # TC_Perm1.27.1.POS Create Permission
725 perm create com.test.TC_Perm1.@[user.name].p.A myInstance myAction
729 # TC_Perm1.27.2.POS Create Role
730 role create com.test.TC_Perm1.@[user.name].r.A
734 # TC_Perm1.27.10.NEG Role must Exist to Add to Role without force
735 perm grant com.test.TC_Perm1.@[user.name].p.A myInstance myAction com.test.TC_Perm1.@[user.name].r.unknown
737 Failed [SVC3404]: Not Found - Role [com.test.TC_Perm1.@[THE_USER].r.unknown] does not exist
739 # TC_Perm1.27.11.POS Role is created with force
740 force perm create com.test.TC_Perm1.@[user.name].p.A myInstance myAction com.test.TC_Perm1.@[user.name].r.unknown
742 Created Role [com.test.TC_Perm1.@[THE_USER].r.unknown]
744 Granted Permission [com.test.TC_Perm1.@[THE_USER].p.A|myInstance|myAction] to Role [com.test.TC_Perm1.@[THE_USER].r.unknown]
746 # TC_Perm1.27.12.NEG Perm must Exist to Grant without force
747 perm grant com.test.TC_Perm1.@[user.name].p.unknown myInstance myAction com.test.TC_Perm1.@[user.name].r.A
749 Failed [SVC4404]: Not Found - Permission [com.test.TC_Perm1.@[THE_USER].p.unknown|myInstance|myAction] does not exist
751 # TC_Perm1.27.13.POS Perm is created with force
752 force perm grant com.test.TC_Perm1.@[user.name].p.unknown myInstance myAction com.test.TC_Perm1.@[user.name].r.A
754 Granted Permission [com.test.TC_Perm1.@[THE_USER].p.unknown|myInstance|myAction] to Role [com.test.TC_Perm1.@[THE_USER].r.A]
756 # TC_Perm1.27.14.POS Role and perm are created with force
757 force perm create com.test.TC_Perm1.@[user.name].p.unknown2 myInstance myAction com.test.TC_Perm1.@[user.name].r.unknown2
759 Created Role [com.test.TC_Perm1.@[THE_USER].r.unknown2]
761 Granted Permission [com.test.TC_Perm1.@[THE_USER].p.unknown2|myInstance|myAction] to Role [com.test.TC_Perm1.@[THE_USER].r.unknown2]
763 # TC_Perm1.30.1.POS List Data on non-Empty NS
765 ns list name com.test.TC_Perm1.@[user.name]
768 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
769 --------------------------------------------------------------------------------
770 com.test.TC_Perm1.@[THE_USER]
774 @[THE_USER]@csp.att.com
776 com.test.TC_Perm1.@[THE_USER].admin
777 com.test.TC_Perm1.@[THE_USER].cred_admin
778 com.test.TC_Perm1.@[THE_USER].owner
779 com.test.TC_Perm1.@[THE_USER].r.A
780 com.test.TC_Perm1.@[THE_USER].r.unknown
781 com.test.TC_Perm1.@[THE_USER].r.unknown2
783 com.test.TC_Perm1.@[THE_USER].access * *
784 com.test.TC_Perm1.@[THE_USER].access * read
785 com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
786 com.test.TC_Perm1.@[THE_USER].p.unknown myInstance myAction
787 com.test.TC_Perm1.@[THE_USER].p.unknown2 myInstance myAction
789 # TC_Perm1.30.2.POS Create Sub-ns when Roles that exist
790 ns create com.test.TC_Perm1.@[user.name].r @[user.name] testid@aaf.att.com
794 # TC_Perm1.30.3.POS List Data on NS with sub-roles
795 ns list name com.test.TC_Perm1.@[user.name]
798 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
799 --------------------------------------------------------------------------------
800 com.test.TC_Perm1.@[THE_USER]
804 @[THE_USER]@csp.att.com
806 com.test.TC_Perm1.@[THE_USER].admin
807 com.test.TC_Perm1.@[THE_USER].cred_admin
808 com.test.TC_Perm1.@[THE_USER].owner
810 com.test.TC_Perm1.@[THE_USER].access * *
811 com.test.TC_Perm1.@[THE_USER].access * read
812 com.test.TC_Perm1.@[THE_USER].p.A myInstance myAction
813 com.test.TC_Perm1.@[THE_USER].p.unknown myInstance myAction
814 com.test.TC_Perm1.@[THE_USER].p.unknown2 myInstance myAction
816 ns list name com.test.TC_Perm1.@[user.name].r
819 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER].r]
820 --------------------------------------------------------------------------------
821 com.test.TC_Perm1.@[THE_USER].r
825 @[THE_USER]@csp.att.com
827 com.test.TC_Perm1.@[THE_USER].r.A
828 com.test.TC_Perm1.@[THE_USER].r.admin
829 com.test.TC_Perm1.@[THE_USER].r.owner
830 com.test.TC_Perm1.@[THE_USER].r.unknown
831 com.test.TC_Perm1.@[THE_USER].r.unknown2
833 com.test.TC_Perm1.@[THE_USER].r.access * *
834 com.test.TC_Perm1.@[THE_USER].r.access * read
837 # TC_Perm1.99.1.POS Namespace Admin can delete Namepace defined Roles
839 set force=true perm delete com.test.TC_Perm1.@[user.name].p.A myInstance myAction
844 set force=true perm delete com.test.TC_Perm1.@[user.name].p.B myInstance myAction
846 Failed [SVC4404]: Not Found - Permission [com.test.TC_Perm1.@[THE_USER].p.B|myInstance|myAction] does not exist
849 set force=true perm delete com.test.TC_Perm1.@[user.name].p.C myInstance myAction
851 Failed [SVC4404]: Not Found - Permission [com.test.TC_Perm1.@[THE_USER].p.C|myInstance|myAction] does not exist
854 set force=true perm delete com.test.TC_Perm1.@[user.name].p.unknown myInstance myAction
859 set force=true perm delete com.test.TC_Perm1.@[user.name].p.unknown2 myInstance myAction
863 role delete com.test.TC_Perm1.@[user.name].r.A
867 role delete com.test.TC_Perm1.@[user.name].r.B
869 Failed [SVC3404]: Not Found - Role [com.test.TC_Perm1.@[THE_USER].r.B] does not exist
871 role delete com.test.TC_Perm1.@[user.name].r.C
873 Failed [SVC3404]: Not Found - Role [com.test.TC_Perm1.@[THE_USER].r.C] does not exist
875 role delete com.test.TC_Perm1.@[user.name].r.unknown
879 role delete com.test.TC_Perm1.@[user.name].r.unknown2
883 role delete com.test2.TC_Perm1.@[user.name].r.C
885 Failed [SVC3404]: Not Found - Role [com.test2.TC_Perm1.@[THE_USER].r.C] does not exist
887 role delete com.test.TC_Perm1.@[user.name]_2.r.C
889 Failed [SVC3404]: Not Found - Role [com.test.TC_Perm1.@[THE_USER]_2.r.C] does not exist
891 role delete com.test2.TC_Perm1.@[user.name]_2.r.C
893 Failed [SVC3404]: Not Found - Role [com.test2.TC_Perm1.@[THE_USER]_2.r.C] does not exist
895 # TC_Perm1.99.2.POS Remove ability to create creds
896 user role del XX@NS com.test.TC_Perm1.@[user.name].cred_admin
898 Removed Role [com.test.TC_Perm1.@[THE_USER].cred_admin] from User [XX@NS]
901 perm ungrant com.att.aaf.mechid com.att create com.test.TC_Perm1.@[user.name].cred_admin
903 UnGranted Permission [com.att.aaf.mechid|com.att|create] from Role [com.test.TC_Perm1.@[THE_USER].cred_admin]
905 as testid@aaf.att.com
906 role delete com.test.TC_Perm1.@[user.name].cred_admin
912 # TC_Perm1.99.98.POS Namespace Admin can delete Namespace
914 set force=true ns delete com.test2.TC_Perm1.@[user.name]
916 Failed [SVC2404]: Not Found - com.test2.TC_Perm1.@[THE_USER] does not exist
919 force ns delete com.test.TC_Perm1.@[user.name].r
923 force ns delete com.test.TC_Perm1.@[user.name]_2
925 Failed [SVC2404]: Not Found - com.test.TC_Perm1.@[THE_USER]_2 does not exist
927 force ns delete com.test.TC_Perm1.@[user.name]
931 force ns delete com.test2.TC_Perm1.@[user.name]
933 Failed [SVC2404]: Not Found - com.test2.TC_Perm1.@[THE_USER] does not exist
935 # TC_Perm1.99.99.POS List to prove removed
936 ns list name com.test.TC_Perm1.@[user.name]
939 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]]
940 --------------------------------------------------------------------------------
941 *** Namespace Not Found ***
943 ns list name com.test.TC_Perm1.@[user.name].r
946 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER].r]
947 --------------------------------------------------------------------------------
948 *** Namespace Not Found ***
950 ns list name com.test.TC_Perm1.@[user.name]_2
953 List Namespaces by Name[com.test.TC_Perm1.@[THE_USER]_2]
954 --------------------------------------------------------------------------------
955 *** Namespace Not Found ***
957 ns list name com.test2.TC_Perm1.@[user.name]
960 List Namespaces by Name[com.test2.TC_Perm1.@[THE_USER]]
961 --------------------------------------------------------------------------------
962 *** Namespace Not Found ***