From 00933b2542c1f4d0cf04b759ffd1e690cae25d98 Mon Sep 17 00:00:00 2001 From: asteroide Date: Fri, 20 Nov 2015 15:45:03 +0100 Subject: Add tests for moonclient which authorize a new user to modify the admin intra-extension. Change-Id: I6b942f43a67c1e148546b64b3dd0dcda8a6e78b1 --- .../tests/tests_admin_intraextensions.json | 123 + .../tests/tests_empty_policy_new_user.json | 3471 ++++++++++++++++++++ .../tests/tests_root_intraextensions.json | 43 + 3 files changed, 3637 insertions(+) create mode 100644 moonclient/moonclient/tests/tests_admin_intraextensions.json create mode 100644 moonclient/moonclient/tests/tests_empty_policy_new_user.json create mode 100644 moonclient/moonclient/tests/tests_root_intraextensions.json diff --git a/moonclient/moonclient/tests/tests_admin_intraextensions.json b/moonclient/moonclient/tests/tests_admin_intraextensions.json new file mode 100644 index 00000000..40ac04a3 --- /dev/null +++ b/moonclient/moonclient/tests/tests_admin_intraextensions.json @@ -0,0 +1,123 @@ +{ + "command_options": "-f value", + "tests_group": { + "main": [ + { + "name": "list tenant", + "command": "tenant list", + "result": "(?!alt_demo)", + "description": "List all tenants (must be empty)" + }, + { + "name": "add tenant alt_demo", + "command": "tenant add alt_demo", + "result": "^$", + "description": "Add a new tenant", + "command_options": "" + }, + { + "name": "check tenant alt_demo", + "command": "tenant list", + "result": "(?P\\w+)\\s+alt_demo", + "description": "Check that tenant alt_demo has been correctly added" + }, + { + "name": "create_intraextension_admin", + "command": "intraextension add --policy_model policy_rbac_admin admin_test", + "result": "IntraExtension created: (?P\\w+)", + "description": "Create an admin intra extension", + "command_options": "" + }, + { + "name": "list_intraextension_admin", + "command": "intraextension list", + "result": "$uuid_admin", + "description": "Check the existence of that admin intra extension" + }, + { + "name": "create_intraextension_authz", + "command": "intraextension add --policy_model policy_authz authz_test", + "result": "IntraExtension created: (?P\\w+)", + "description": "Create an authz intra extension", + "command_options": "" + }, + { + "name": "list_intraextension_authz", + "command": "intraextension list", + "result": "$uuid_authz", + "description": "Check the existence of that authz intra extension" + }, + { + "name": "set_tenant_authz", + "command": "tenant set --authz $uuid_authz $uuid", + "result": "", + "description": "Connect the authz intra extension to the tenant alt_demo", + "command_options": "" + }, + { + "name": "check authz ie for tenant alt_demo", + "command": "tenant list", + "result": "alt_demo $uuid_authz", + "description": "Check that authz ie has been correctly added for tenant alt_demo ", + "command_options": "-c name -c intra_authz_extension_id -f value" + }, + { + "name": "set_tenant_admin", + "command": "tenant set --admin $uuid_admin $uuid", + "result": "", + "description": "Connect the admin intra extension to the tenant alt_demo", + "command_options": "" + }, + { + "name": "check admin ie for tenant alt_demo", + "command": "tenant list", + "result": "alt_demo $uuid_admin", + "description": "Check that admin ie has been correctly added for tenant alt_demo ", + "command_options": "-c name -c intra_admin_extension_id -f value" + }, + + { + "name": "select admin ie", + "command": "intraextension select $uuid_admin", + "result": "Select $uuid_admin IntraExtension.", + "description": "Select the admin intra extension to work with", + "command_options": "" + }, + { + "name": "check_admin_user", + "command": "subject list", + "result": "admin", + "description": "Check that admin user was added" + }, + { + "name": "check_submetarule", + "command": "submetarule show", + "result": "rbac", + "description": "Check that submetarule was added" + }, + + + { + "name": "delete_admin_intra_extension", + "command": "intraextension delete $uuid_admin", + "result": "", + "description": "Delete the admin intra extension", + "command_options": "" + }, + { + "name": "delete_authz_intra_extension", + "command": "intraextension delete $uuid_authz", + "result": "", + "description": "Delete the authz intra extension", + "command_options": "" + }, + { + "name": "delete_tenant", + "command": "tenant delete $uuid", + "result": "", + "description": "Delete the tenant alt_demo", + "command_options": "" + } + ] + } +} \ No newline at end of file diff --git a/moonclient/moonclient/tests/tests_empty_policy_new_user.json b/moonclient/moonclient/tests/tests_empty_policy_new_user.json new file mode 100644 index 00000000..6344a3e7 --- /dev/null +++ b/moonclient/moonclient/tests/tests_empty_policy_new_user.json @@ -0,0 +1,3471 @@ +{ + "command_options": "-f value", + "tests_group": { + "authz": [ + { + "name": "nova image-list", + "external_command": "nova image-list", + "result": "(?P[\\w-]+)\\s+\\| cirros-0.3.4-x86_64-uec", + "description": "Get an Image ID" + }, + { + "name": "nova boot new server", + "external_command": "nova boot --flavor m1.micro --image $uuid_image test_moonclient", + "result": "\\| OS-EXT-STS\\:vm_state\\s+\\| building", + "description": "Boot a new nova server." + }, + { + "name": "sleep", + "external_command": "sleep 10", + "result": "", + "description": "time for server to really boot" + }, + { + "name": "nova get new server", + "external_command": "nova list", + "result": "\\| (?P[\\w\\-]+)\\s+\\| test_moonclient\\s+\\| ACTIVE\\s+\\| [\\w\\-]+\\s+\\| Running", + "description": "Get the ID of the new server" + }, + { + "name": "list tenant", + "command": "tenant list", + "result": "(?!demo)", + "description": "Check if tenant demo is used." + }, + { + "name": "add tenant demo", + "command": "tenant add demo", + "result": "^$", + "description": "Add a new tenant", + "command_options": "" + }, + { + "name": "check tenant demo", + "command": "tenant list", + "result": "(?P\\w+)\\s+demo", + "description": "Check that tenant demo has been correctly added" + }, + { + "name": "add role admin to demo", + "external_command": "keystone user-role-add --user demo --role admin --tenant demo", + "result": "", + "description": "Add role admin to user demo (an error may occurred)" + }, + { + "name": "create_intraextension_authz", + "command": "intraextension add --policy_model policy_empty_authz empty_test", + "result": "IntraExtension created: (?P\\w+)", + "description": "Create an authz intra extension", + "command_options": "" + }, + { + "name": "list_intraextension_authz", + "command": "intraextension list", + "result": "$uuid_authz", + "description": "Check the existence of that authz intra extension" + }, + { + "name": "set_tenant_authz", + "command": "tenant set --authz $uuid_authz $uuid", + "result": "", + "description": "Connect the authz intra extension to the tenant demo", + "command_options": "" + }, + { + "name": "list tenant", + "command": "tenant list", + "result": "demo", + "description": "Check if tenant demo is used." + }, + { + "name": "select_authz_ie", + "command": "intraextension select $uuid_authz", + "result": "Select $uuid_authz IntraExtension.", + "description": "Select the authz IntraExtension", + "command_options": "" + }, + { + "name": "check_select_authz_ie", + "command": "intraextension show selected", + "result": "$uuid_authz", + "description": "Check the selected authz IntraExtension", + "command_options": "-c id -f value" + }, + { + "name": "add_subject", + "command": "subject add admin --password nomoresecrete", + "result": "", + "description": "", + "command_options": "" + }, + { + "name": "list_subject", + "command": "subject list", + "result": "(?P\\w+)\\s+admin", + "description": "Check that admin subject was added." + }, + { + "name": "add_subject", + "command": "subject add demo --password nomoresecrete", + "result": "", + "description": "", + "command_options": "" + }, + { + "name": "list_subject", + "command": "subject list", + "result": "(?P\\w+)\\s+demo", + "description": "Check that demo subject was added." + }, + { + "name": "add_object", + "command": "object add servers", + "result": "", + "description": "", + "command_options": "" + }, + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+servers", + "description": "Check that servers subject was added." + }, + { + "name": "add_action", + "command": "action add pause", + "result": "", + "description": "", + "command_options": "" + }, + { + "name": "list_action", + "command": "action list", + "result": "(?P\\w+)\\s+pause", + "description": "Check that pause action was added." + }, + { + "name": "add_action", + "command": "action add unpause", + "result": "", + "description": "", + "command_options": "" + }, + { + "name": "list_action", + "command": "action list", + "result": "(?P\\w+)\\s+unpause", + "description": "Check that unpause action was added." + }, + { + "name": "add_action", + "command": "action add list", + "result": "", + "description": "", + "command_options": "" + }, + { + "name": "list_action", + "command": "action list", + "result": "(?P\\w+)\\s+list", + "description": "Check that list action was added." + }, + { + "name": "add_action", + "command": "action add start", + "result": "", + "description": "", + "command_options": "" + }, + { + "name": "list_action", + "command": "action list", + "result": "(?P\\w+)\\s+start", + "description": "Check that start action was added." + }, + { + "name": "add_action", + "command": "action add stop", + "result": "", + "description": "", + "command_options": "" + }, + { + "name": "list_action", + "command": "action list", + "result": "(?P\\w+)\\s+stop", + "description": "Check that stop action was added." + }, + { + "name": "add_action", + "command": "action add create", + "result": "", + "description": "", + "command_options": "" + }, + { + "name": "list_action", + "command": "action list", + "result": "(?P\\w+)\\s+create", + "description": "Check that create action was added." + }, + { + "name": "add_action", + "command": "action add upload", + "result": "", + "description": "", + "command_options": "" + }, + { + "name": "list_action", + "command": "action list", + "result": "(?P\\w+)\\s+upload", + "description": "Check that upload action was added." + }, + { + "name": "add_action", + "command": "action add download", + "result": "", + "description": "", + "command_options": "" + }, + { + "name": "list_action", + "command": "action list", + "result": "(?P\\w+)\\s+download", + "description": "Check that download action was added." + }, + { + "name": "add_action", + "command": "action add post", + "result": "", + "description": "", + "command_options": "" + }, + { + "name": "list_action", + "command": "action list", + "result": "(?P\\w+)\\s+post", + "description": "Check that post action was added." + }, + { + "name": "add_action", + "command": "action add storage_list", + "result": "", + "description": "", + "command_options": "" + }, + { + "name": "list_action", + "command": "action list", + "result": "(?P\\w+)\\s+storage_list", + "description": "Check that storage_list action was added." + }, + + { + "name": "add_subject_category", + "command": "subject category add subject_security_level", + "result": "", + "description": "Add the new subject category subject_security_level", + "command_options": "" + }, + { + "name": "list_subject_category", + "command": "subject category list", + "result": "(?P\\w+)\\s+subject_security_level", + "description": "Check that subject_security_level subject_category was added." + }, + { + "name": "add_object_category", + "command": "object category add object_security_level", + "result": "", + "description": "Add the new object category object_security_level", + "command_options": "" + }, + { + "name": "list_object_category", + "command": "object category list", + "result": "(?P\\w+)\\s+object_security_level", + "description": "Check that object_security_level object_category was added." + }, + { + "name": "add_action_category", + "command": "action category add resource_action", + "result": "", + "description": "Add the new action category resource_action", + "command_options": "" + }, + { + "name": "list_subject_category", + "command": "action category list", + "result": "(?P\\w+)\\s+resource_action", + "description": "Check that resource_action action_category was added." + }, + + { + "name": "add_scope", + "command": "subject scope add $uuid_subject_category_authz high --description \"high\"", + "result": "^$", + "description": "Add one scope to subject category role", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "subject scope list $uuid_subject_category_authz", + "result": "(?P\\w+)\\s+high\\s+high", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + { + "name": "add_scope", + "command": "subject scope add $uuid_subject_category_authz medium --description \"medium\"", + "result": "^$", + "description": "Add one scope to subject category role", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "subject scope list $uuid_subject_category_authz", + "result": "(?P\\w+)\\s+medium\\s+medium", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + { + "name": "add_scope", + "command": "subject scope add $uuid_subject_category_authz low --description \"low\"", + "result": "^$", + "description": "Add one scope to subject category role", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "subject scope list $uuid_subject_category_authz", + "result": "(?P\\w+)\\s+low\\s+low", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_authz high --description \"high\"", + "result": "^$", + "description": "Add one scope to object category role", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_authz", + "result": "(?P\\w+)\\s+high\\s+high", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_authz medium --description \"medium\"", + "result": "^$", + "description": "Add one scope to object category role", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_authz", + "result": "(?P\\w+)\\s+medium\\s+medium", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_authz low --description \"low\"", + "result": "^$", + "description": "Add one scope to object category role", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_authz", + "result": "(?P\\w+)\\s+low\\s+low", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + { + "name": "add_scope", + "command": "action scope add $uuid_action_category_authz vm_admin --description \"vm_admin\"", + "result": "^$", + "description": "Add one scope to action category role", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "action scope list $uuid_action_category_authz", + "result": "(?P\\w+)\\s+vm_admin\\s+vm_admin", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + { + "name": "add_scope", + "command": "action scope add $uuid_action_category_authz vm_access --description \"vm_access\"", + "result": "^$", + "description": "Add one scope to action category role", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "action scope list $uuid_action_category_authz", + "result": "(?P\\w+)\\s+vm_access\\s+vm_access", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + { + "name": "add_scope", + "command": "action scope add $uuid_action_category_authz storage_admin --description \"storage_admin\"", + "result": "^$", + "description": "Add one scope to action category role", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "action scope list $uuid_action_category_authz", + "result": "(?P\\w+)\\s+storage_admin\\s+storage_admin", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + { + "name": "add_scope", + "command": "action scope add $uuid_action_category_authz storage_access --description \"storage_access\"", + "result": "^$", + "description": "Add one scope to action category role", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "action scope list $uuid_action_category_authz", + "result": "(?P\\w+)\\s+storage_access\\s+storage_access", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_assignment", + "command": "subject assignment add $uuid_subject_admin $uuid_subject_category_authz $uuid_subject_scope_high", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "subject assignment list $uuid_subject_admin $uuid_subject_category_authz", + "result": "$uuid_subject_scope_high high", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + { + "name": "add_assignment", + "command": "subject assignment add $uuid_subject_demo $uuid_subject_category_authz $uuid_subject_scope_medium", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "subject assignment list $uuid_subject_demo $uuid_subject_category_authz", + "result": "$uuid_subject_scope_medium medium", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_servers $uuid_object_category_authz $uuid_object_scope_low", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_servers $uuid_object_category_authz", + "result": "$uuid_object_scope_low low", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + { + "name": "add_assignment", + "command": "action assignment add $uuid_action_pause $uuid_action_category_authz $uuid_action_scope_vm_admin", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "action assignment list $uuid_action_pause $uuid_action_category_authz", + "result": "$uuid_action_scope_vm_admin vm_admin", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + { + "name": "add_assignment", + "command": "action assignment add $uuid_action_unpause $uuid_action_category_authz $uuid_action_scope_vm_admin", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "action assignment list $uuid_action_unpause $uuid_action_category_authz", + "result": "$uuid_action_scope_vm_admin vm_admin", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + { + "name": "add_assignment", + "command": "action assignment add $uuid_action_start $uuid_action_category_authz $uuid_action_scope_vm_admin", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "action assignment list $uuid_action_start $uuid_action_category_authz", + "result": "$uuid_action_scope_vm_admin vm_admin", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + { + "name": "add_assignment", + "command": "action assignment add $uuid_action_stop $uuid_action_category_authz $uuid_action_scope_vm_admin", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "action assignment list $uuid_action_stop $uuid_action_category_authz", + "result": "$uuid_action_scope_vm_admin vm_admin", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + { + "name": "add_assignment", + "command": "action assignment add $uuid_action_list $uuid_action_category_authz $uuid_action_scope_vm_admin", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "action assignment list $uuid_action_list $uuid_action_category_authz", + "result": "$uuid_action_scope_vm_admin vm_admin", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + { + "name": "add_assignment", + "command": "action assignment add $uuid_action_list $uuid_action_category_authz $uuid_action_scope_vm_access", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "action assignment list $uuid_action_list $uuid_action_category_authz", + "result": "$uuid_action_scope_vm_access vm_access", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + { + "name": "add_assignment", + "command": "action assignment add $uuid_action_create $uuid_action_category_authz $uuid_action_scope_vm_admin", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "action assignment list $uuid_action_create $uuid_action_category_authz", + "result": "$uuid_action_scope_vm_admin vm_admin", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + { + "name": "add_assignment", + "command": "action assignment add $uuid_action_storage_list $uuid_action_category_authz $uuid_action_scope_storage_access", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "action assignment list $uuid_action_storage_list $uuid_action_category_authz", + "result": "$uuid_action_scope_storage_access storage_access", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + { + "name": "add_assignment", + "command": "action assignment add $uuid_action_download $uuid_action_category_authz $uuid_action_scope_storage_access", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "action assignment list $uuid_action_download $uuid_action_category_authz", + "result": "$uuid_action_scope_storage_access storage_access", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + { + "name": "add_assignment", + "command": "action assignment add $uuid_action_upload $uuid_action_category_authz $uuid_action_scope_storage_admin", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "action assignment list $uuid_action_upload $uuid_action_category_authz", + "result": "$uuid_action_scope_storage_admin storage_admin", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + { + "name": "add_assignment", + "command": "action assignment add $uuid_action_post $uuid_action_category_authz $uuid_action_scope_storage_admin", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "action assignment list $uuid_action_post $uuid_action_category_authz", + "result": "$uuid_action_scope_storage_admin storage_admin", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "check_submetarules", + "command": "submetarule show", + "result": "(?P\\w+)", + "description": "Get one submetarule ID", + "command_options": "-c id -f value" + }, + { + "name": "set_submetarule", + "command": "submetarule set $submetarule_uuid_authz --subject_category_id=\"$uuid_subject_category_authz\" --object_category_id=\"$uuid_object_category_authz\" --action_category_id=\"$uuid_action_category_authz\"", + "result": "^$", + "description": "Set a new submetarule", + "command_options": "" + }, + { + "name": "check_submetarule", + "command": "submetarule show", + "result": "$submetarule_uuid_authz \\s*subject_security_level", + "description": "Check the new submetarule", + "command_options": "-c id -c \"subject categories\" -f value" + }, + { + "name": "check_submetarule", + "command": "submetarule show", + "result": "$submetarule_uuid_authz \\s*object_security_level", + "description": "Check the new submetarule", + "command_options": "-c id -c \"object categories\" -f value" + }, + { + "name": "check_submetarule", + "command": "submetarule show", + "result": "$submetarule_uuid_authz \\s*resource_action", + "description": "Check the new submetarule", + "command_options": "-c id -c \"action categories\" -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_authz \"high,vm_admin,medium\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_authz", + "result": "(?P\\w+)\\s+high\\s+vm_admin\\s+medium", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value" + }, + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_authz \"high,vm_admin,low\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_authz", + "result": "(?P\\w+)\\s+high\\s+vm_admin\\s+low", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value" + }, + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_authz \"medium,vm_admin,low\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_authz", + "result": "(?P\\w+)\\s+medium\\s+vm_admin\\s+low", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value" + }, + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_authz \"high,vm_access,medium\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_authz", + "result": "(?P\\w+)\\s+high\\s+vm_access\\s+medium", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value" + }, + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_authz \"high,vm_access,low\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_authz", + "result": "(?P\\w+)\\s+high\\s+vm_access\\s+low", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value" + }, + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_authz \"medium,vm_access,low\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_authz", + "result": "(?P\\w+)\\s+medium\\s+vm_access\\s+low", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value" + }, + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_authz \"high,storage_admin,medium\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_authz", + "result": "(?P\\w+)\\s+high\\s+storage_admin\\s+medium", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value" + }, + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_authz \"high,storage_admin,low\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_authz", + "result": "(?P\\w+)\\s+high\\s+storage_admin\\s+low", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value" + }, + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_authz \"medium,storage_admin,low\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_authz", + "result": "(?P\\w+)\\s+medium\\s+storage_admin\\s+low", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value" + }, + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_authz \"high,storage_access,medium\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_authz", + "result": "(?P\\w+)\\s+high\\s+storage_access\\s+medium", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value" + }, + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_authz \"high,storage_access,low\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_authz", + "result": "(?P\\w+)\\s+high\\s+storage_access\\s+low", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value" + }, + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_authz \"medium,storage_access,low\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_authz", + "result": "(?P\\w+)\\s+medium\\s+storage_access\\s+low", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value" + }, + { + "name": "get aggregation algorithm", + "command": "aggregation algorithm list", + "result": "(?P\\w+)\\s+one_true", + "description": "Get aggregation algorithm.", + "command_options": "-c id -c name -f value" + }, + { + "name": "set aggregation algorithm", + "command": "aggregation algorithm set $uuid_aggregation", + "result": "", + "description": "Set aggregation algorithm to one_true.", + "command_options": "" + }, + { + "name": "get aggregation algorithm", + "command": "aggregation algorithm show", + "result": "$uuid_aggregation\\s+one_true", + "description": "Check aggregation algorithm.", + "command_options": "-c id -c name -f value" + }, + { + "name": "get submetarule algorithm", + "command": "submetarule algorithm list", + "result": "(?P\\w+)\\s+inclusion", + "description": "Get submetarule algorithm named inclusion.", + "command_options": "-c id -c name -f value" + }, + { + "name": "set submetarule algorithm", + "command": "submetarule set --algorithm_name inclusion $submetarule_uuid_authz", + "result": "", + "description": "Set submetarule algorithm to inclusion.", + "command_options": "" + }, + + { + "name": "create_intraextension_admin", + "command": "intraextension add --policy_model policy_empty_admin empty_admin_test", + "result": "IntraExtension created: (?P\\w+)", + "description": "Create an admin intra extension", + "command_options": "" + }, + { + "name": "list_intraextension_authz", + "command": "intraextension list", + "result": "$uuid_admin", + "description": "Check the existence of that admin intra extension" + }, + { + "name": "set_tenant_admin", + "command": "tenant set --admin $uuid_admin $uuid", + "result": "", + "description": "Connect the admin intra extension to the tenant demo", + "command_options": "" + }, + { + "name": "list tenant", + "command": "tenant list", + "result": "demo", + "description": "Check if tenant demo is used." + }, + { + "name": "select_admin_ie", + "command": "intraextension select $uuid_admin", + "result": "Select $uuid_admin IntraExtension.", + "description": "Select the admin IntraExtension", + "command_options": "" + }, + { + "name": "check_select_admin_ie", + "command": "intraextension show selected", + "result": "$uuid_admin", + "description": "Check the selected admin IntraExtension", + "command_options": "-c id -f value" + }, + + { + "name": "add_subject", + "command": "subject add admin --password nomoresecrete", + "result": "", + "description": "Add admin subject.", + "command_options": "" + }, + { + "name": "list_subject", + "command": "subject list", + "result": "(?P\\w+)\\s+admin", + "description": "Check that admin subject was already there." + }, + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+authz.subjects", + "description": "Check that authz_subjects subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+authz.objects", + "description": "Check that authz_objects subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+authz.actions", + "description": "Check that authz_actions subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+authz.subject_categories", + "description": "Check that authz_subject_categories subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+authz.object_categories", + "description": "Check that authz_object_categories subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+authz.action_categories", + "description": "Check that authz_action_categories subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+authz.subject_scopes", + "description": "Check that authz_subject_scopes subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+authz.object_scopes", + "description": "Check that authz_object_scopes subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+authz.action_scopes", + "description": "Check that authz_action_scopes subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+authz.subject_assignments", + "description": "Check that authz_subject_assignments subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+authz.object_assignments", + "description": "Check that authz_object_assignments subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+authz.action_assignments", + "description": "Check that authz_action_assignments subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+authz.aggregation_algorithm", + "description": "Check that authz_aggregation_algorithm subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+authz.sub_meta_rules", + "description": "Check that authz_sub_meta_rules subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+authz.rules", + "description": "Check that authz_rules subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+admin.subjects", + "description": "Check that admin_subjects subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+admin.objects", + "description": "Check that admin_objects subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+admin.actions", + "description": "Check that admin_actions subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+admin.subject_categories", + "description": "Check that admin_subject_categories subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+admin.object_categories", + "description": "Check that admin_object_categories subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+admin.action_categories", + "description": "Check that admin_action_categories subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+admin.subject_scopes", + "description": "Check that admin_subject_scopes subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+admin.object_scopes", + "description": "Check that admin_object_scopes subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+admin.action_scopes", + "description": "Check that admin_action_scopes subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+admin.subject_assignments", + "description": "Check that admin_subject_assignments subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+admin.object_assignments", + "description": "Check that admin_object_assignments subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+admin.action_assignments", + "description": "Check that admin_action_assignments subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+admin.aggregation_algorithm", + "description": "Check that admin_aggregation_algorithm subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+admin.sub_meta_rules", + "description": "Check that admin_sub_meta_rules subject was already there." + }, + + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+admin.rules", + "description": "Check that admin_rules subject was already there." + }, + + { + "name": "list_action", + "command": "action list", + "result": "(?P\\w+)\\s+read", + "description": "Check that read action was already there." + }, + + { + "name": "list_action", + "command": "action list", + "result": "(?P\\w+)\\s+write", + "description": "Check that write action was already there." + }, + + { + "name": "add_subject_category", + "command": "subject category add role", + "result": "", + "description": "Add the new subject category role", + "command_options": "" + }, + { + "name": "list_subject_category", + "command": "subject category list", + "result": "(?P\\w+)\\s+role", + "description": "Check that role subject_category was added." + }, + { + "name": "add_object_category", + "command": "object category add object_id", + "result": "", + "description": "Add the new object category object_id", + "command_options": "" + }, + { + "name": "list_object_category", + "command": "object category list", + "result": "(?P\\w+)\\s+object_id", + "description": "Check that object_id object_category was added." + }, + { + "name": "add_action_category", + "command": "action category add action_id", + "result": "", + "description": "Add the new action category action_id", + "command_options": "" + }, + { + "name": "list_subject_category", + "command": "action category list", + "result": "(?P\\w+)\\s+action_id", + "description": "Check that action_id action_category was added." + }, + + { + "name": "add_scope", + "command": "subject scope add $uuid_subject_category_admin root_role --description \"root role\"", + "result": "^$", + "description": "Add one scope to subject category role", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "subject scope list $uuid_subject_category_admin", + "result": "(?P\\w+)\\s+root_role\\s+root role", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + { + "name": "add_scope", + "command": "subject scope add $uuid_subject_category_admin dev_role --description \"dev role\"", + "result": "^$", + "description": "Add one scope to subject category role", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "subject scope list $uuid_subject_category_admin", + "result": "(?P\\w+)\\s+dev_role\\s+dev role", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin authz_subjects --description \"authz subjects\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+authz.subjects\\s+authz subjects", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin authz_objects --description \"authz objects\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+authz.objects\\s+authz objects", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin authz_actions --description \"authz actions\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+authz.actions\\s+authz actions", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin authz_subject_categories --description \"authz subject categories\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+authz.subject_categories\\s+authz subject categories", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin authz_object_categories --description \"authz object categories\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+authz.object_categories\\s+authz object categories", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin authz_action_categories --description \"authz action categories\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+authz.action_categories\\s+authz action categories", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin authz_subject_scopes --description \"authz subject scopes\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+authz.subject_scopes\\s+authz subject scopes", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin authz_object_scopes --description \"authz object scopes\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+authz.object_scopes\\s+authz object scopes", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin authz_action_scopes --description \"authz action scopes\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+authz.action_scopes\\s+authz action scopes", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin authz_subject_assignments --description \"authz subject assignments\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+authz.subject_assignments\\s+authz subject assignments", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin authz_object_assignments --description \"authz object assignments\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+authz.object_assignments\\s+authz object assignments", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin authz_action_assignments --description \"authz action assignments\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+authz.action_assignments\\s+authz action assignments", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin authz_aggregation_algorithm --description \"authz aggregation algorithm\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+authz.aggregation_algorithm\\s+authz aggregation algorithm", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin authz_sub_meta_rules --description \"authz sub meta rules\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+authz.sub_meta_rules\\s+authz sub meta rules", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin authz_rules --description \"authz rules\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+authz.rules\\s+authz rules", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin admin_subjects --description \"admin subjects\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+admin.subjects\\s+admin subjects", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin admin_objects --description \"admin objects\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+admin.objects\\s+admin objects", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin admin_actions --description \"admin actions\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+admin.actions\\s+admin actions", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin admin_subject_categories --description \"admin subject categories\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+admin.subject_categories\\s+admin subject categories", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin admin_object_categories --description \"admin object categories\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+admin.object_categories\\s+admin object categories", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin admin_action_categories --description \"admin action categories\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+admin.action_categories\\s+admin action categories", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin admin_subject_scopes --description \"admin subject scopes\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+admin.subject_scopes\\s+admin subject scopes", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin admin_object_scopes --description \"admin object scopes\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+admin.object_scopes\\s+admin object scopes", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin admin_action_scopes --description \"admin action scopes\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+admin.action_scopes\\s+admin action scopes", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin admin_subject_assignments --description \"admin subject assignments\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+admin.subject_assignments\\s+admin subject assignments", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin admin_object_assignments --description \"admin object assignments\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+admin.object_assignments\\s+admin object assignments", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin admin_action_assignments --description \"admin action assignments\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+admin.action_assignments\\s+admin action assignments", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin admin_aggregation_algorithm --description \"admin aggregation algorithm\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+admin.aggregation_algorithm\\s+admin aggregation algorithm", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin admin_sub_meta_rules --description \"admin sub meta rules\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+admin.sub_meta_rules\\s+admin sub meta rules", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_scope", + "command": "object scope add $uuid_object_category_admin admin_rules --description \"admin rules\"", + "result": "^$", + "description": "Add one scope to object category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "object scope list $uuid_object_category_admin", + "result": "(?P\\w+)\\s+admin.rules\\s+admin rules", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + { + "name": "add_scope", + "command": "action scope add $uuid_action_category_admin read --description \"read\"", + "result": "^$", + "description": "Add one scope to action category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "action scope list $uuid_action_category_admin", + "result": "(?P\\w+)\\s+read\\s+read", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + { + "name": "add_scope", + "command": "action scope add $uuid_action_category_admin write --description \"write\"", + "result": "^$", + "description": "Add one scope to action category", + "command_options": "" + }, + { + "name": "check_added_scope", + "command": "action scope list $uuid_action_category_admin", + "result": "(?P\\w+)\\s+write\\s+write", + "description": "Check added scope.", + "command_options": "-c id -c name -c description -f value" + }, + + { + "name": "add_assignment", + "command": "subject assignment add $uuid_subject_admin $uuid_subject_category_admin $uuid_subject_scope_root_role", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "subject assignment list $uuid_subject_admin $uuid_subject_category_admin", + "result": "$uuid_subject_scope_root_role root_role", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_authz_subjects $uuid_object_category_admin $uuid_object_scope_authz_subjects", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_authz_subjects $uuid_object_category_admin", + "result": "$uuid_object_scope_authz_subjects authz_subjects", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_authz_objects $uuid_object_category_admin $uuid_object_scope_authz_objects", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_authz_objects $uuid_object_category_admin", + "result": "$uuid_object_scope_authz_objects authz_objects", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_authz_actions $uuid_object_category_admin $uuid_object_scope_authz_actions", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_authz_actions $uuid_object_category_admin", + "result": "$uuid_object_scope_authz_actions authz_actions", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_authz_subject_categories $uuid_object_category_admin $uuid_object_scope_authz_subject_categories", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_authz_subject_categories $uuid_object_category_admin", + "result": "$uuid_object_scope_authz_subject_categories authz_subject_categories", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_authz_object_categories $uuid_object_category_admin $uuid_object_scope_authz_object_categories", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_authz_object_categories $uuid_object_category_admin", + "result": "$uuid_object_scope_authz_object_categories authz_object_categories", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_authz_action_categories $uuid_object_category_admin $uuid_object_scope_authz_action_categories", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_authz_action_categories $uuid_object_category_admin", + "result": "$uuid_object_scope_authz_action_categories authz_action_categories", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_authz_subject_scopes $uuid_object_category_admin $uuid_object_scope_authz_subject_scopes", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_authz_subject_scopes $uuid_object_category_admin", + "result": "$uuid_object_scope_authz_subject_scopes authz_subject_scopes", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_authz_object_scopes $uuid_object_category_admin $uuid_object_scope_authz_object_scopes", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_authz_object_scopes $uuid_object_category_admin", + "result": "$uuid_object_scope_authz_object_scopes authz_object_scopes", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_authz_action_scopes $uuid_object_category_admin $uuid_object_scope_authz_action_scopes", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_authz_action_scopes $uuid_object_category_admin", + "result": "$uuid_object_scope_authz_action_scopes authz_action_scopes", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_authz_subject_assignments $uuid_object_category_admin $uuid_object_scope_authz_subject_assignments", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_authz_subject_assignments $uuid_object_category_admin", + "result": "$uuid_object_scope_authz_subject_assignments authz_subject_assignments", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_authz_object_assignments $uuid_object_category_admin $uuid_object_scope_authz_object_assignments", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_authz_object_assignments $uuid_object_category_admin", + "result": "$uuid_object_scope_authz_object_assignments authz_object_assignments", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_authz_action_assignments $uuid_object_category_admin $uuid_object_scope_authz_action_assignments", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_authz_action_assignments $uuid_object_category_admin", + "result": "$uuid_object_scope_authz_action_assignments authz_action_assignments", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_authz_aggregation_algorithm $uuid_object_category_admin $uuid_object_scope_authz_aggregation_algorithm", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_authz_aggregation_algorithm $uuid_object_category_admin", + "result": "$uuid_object_scope_authz_aggregation_algorithm authz_aggregation_algorithm", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_authz_sub_meta_rules $uuid_object_category_admin $uuid_object_scope_authz_sub_meta_rules", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_authz_sub_meta_rules $uuid_object_category_admin", + "result": "$uuid_object_scope_authz_sub_meta_rules authz_sub_meta_rules", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_authz_rules $uuid_object_category_admin $uuid_object_scope_authz_rules", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_authz_rules $uuid_object_category_admin", + "result": "$uuid_object_scope_authz_rules authz_rules", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_admin_subjects $uuid_object_category_admin $uuid_object_scope_admin_subjects", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_admin_subjects $uuid_object_category_admin", + "result": "$uuid_object_scope_admin_subjects admin_subjects", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_admin_objects $uuid_object_category_admin $uuid_object_scope_admin_objects", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_admin_objects $uuid_object_category_admin", + "result": "$uuid_object_scope_admin_objects admin_objects", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_admin_actions $uuid_object_category_admin $uuid_object_scope_admin_actions", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_admin_actions $uuid_object_category_admin", + "result": "$uuid_object_scope_admin_actions admin_actions", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_admin_subject_categories $uuid_object_category_admin $uuid_object_scope_admin_subject_categories", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_admin_subject_categories $uuid_object_category_admin", + "result": "$uuid_object_scope_admin_subject_categories admin_subject_categories", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_admin_object_categories $uuid_object_category_admin $uuid_object_scope_admin_object_categories", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_admin_object_categories $uuid_object_category_admin", + "result": "$uuid_object_scope_admin_object_categories admin_object_categories", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_admin_action_categories $uuid_object_category_admin $uuid_object_scope_admin_action_categories", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_admin_action_categories $uuid_object_category_admin", + "result": "$uuid_object_scope_admin_action_categories admin_action_categories", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_admin_subject_scopes $uuid_object_category_admin $uuid_object_scope_admin_subject_scopes", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_admin_subject_scopes $uuid_object_category_admin", + "result": "$uuid_object_scope_admin_subject_scopes admin_subject_scopes", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_admin_object_scopes $uuid_object_category_admin $uuid_object_scope_admin_object_scopes", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_admin_object_scopes $uuid_object_category_admin", + "result": "$uuid_object_scope_admin_object_scopes admin_object_scopes", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_admin_action_scopes $uuid_object_category_admin $uuid_object_scope_admin_action_scopes", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_admin_action_scopes $uuid_object_category_admin", + "result": "$uuid_object_scope_admin_action_scopes admin_action_scopes", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_admin_subject_assignments $uuid_object_category_admin $uuid_object_scope_admin_subject_assignments", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_admin_subject_assignments $uuid_object_category_admin", + "result": "$uuid_object_scope_admin_subject_assignments admin_subject_assignments", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_admin_object_assignments $uuid_object_category_admin $uuid_object_scope_admin_object_assignments", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_admin_object_assignments $uuid_object_category_admin", + "result": "$uuid_object_scope_admin_object_assignments admin_object_assignments", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_admin_action_assignments $uuid_object_category_admin $uuid_object_scope_admin_action_assignments", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_admin_action_assignments $uuid_object_category_admin", + "result": "$uuid_object_scope_admin_action_assignments admin_action_assignments", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_admin_aggregation_algorithm $uuid_object_category_admin $uuid_object_scope_admin_aggregation_algorithm", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_admin_aggregation_algorithm $uuid_object_category_admin", + "result": "$uuid_object_scope_admin_aggregation_algorithm admin_aggregation_algorithm", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_admin_sub_meta_rules $uuid_object_category_admin $uuid_object_scope_admin_sub_meta_rules", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_admin_sub_meta_rules $uuid_object_category_admin", + "result": "$uuid_object_scope_admin_sub_meta_rules admin_sub_meta_rules", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_admin_rules $uuid_object_category_admin $uuid_object_scope_admin_rules", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_admin_rules $uuid_object_category_admin", + "result": "$uuid_object_scope_admin_rules admin_rules", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + { + "name": "add_assignment", + "command": "action assignment add $uuid_action_read $uuid_action_category_admin $uuid_action_scope_read", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "action assignment list $uuid_action_read $uuid_action_category_admin", + "result": "$uuid_action_scope_read read", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + { + "name": "add_assignment", + "command": "action assignment add $uuid_action_write $uuid_action_category_admin $uuid_action_scope_write", + "result": "^$", + "description": "Add a new assignment", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "action assignment list $uuid_action_write $uuid_action_category_admin", + "result": "$uuid_action_scope_write write", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "check_submetarules", + "command": "submetarule show", + "result": "(?P\\w+)", + "description": "Get one submetarule ID", + "command_options": "-c id -f value" + }, + { + "name": "set_submetarule", + "command": "submetarule set $submetarule_uuid_admin --subject_category_id=\"$uuid_subject_category_admin\" --object_category_id=\"$uuid_object_category_admin\" --action_category_id=\"$uuid_action_category_admin\"", + "result": "^$", + "description": "Set a new submetarule", + "command_options": "" + }, + { + "name": "check_submetarule", + "command": "submetarule show", + "result": "$submetarule_uuid_admin \\s*role", + "description": "Check the new submetarule", + "command_options": "-c id -c \"subject categories\" -f value" + }, + { + "name": "check_submetarule", + "command": "submetarule show", + "result": "$submetarule_uuid_admin \\s*object_id", + "description": "Check the new submetarule", + "command_options": "-c id -c \"object categories\" -f value" + }, + { + "name": "check_submetarule", + "command": "submetarule show", + "result": "$submetarule_uuid_admin \\s*action_id", + "description": "Check the new submetarule", + "command_options": "-c id -c \"action categories\" -f value" + }, + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_subjects\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+authz.subjects", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_objects\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+authz.objects", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_actions\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+authz.actions", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_subject_categories\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+authz.subject_categories", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_object_categories\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+authz.object_categories", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_action_categories\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+authz.action_categories", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_subject_scopes\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+authz.subject_scopes", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_object_scopes\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+authz.object_scopes", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_action_scopes\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+authz.action_scopes", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_subject_assignments\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+authz.subject_assignments", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_object_assignments\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+authz.object_assignments", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_action_assignments\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+authz.action_assignments", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_aggregation_algorithm\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+authz.aggregation_algorithm", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_sub_meta_rules\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+authz.sub_meta_rules", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,authz_rules\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+authz.rules", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_subjects\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+authz.subjects", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_objects\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+authz.objects", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_actions\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+authz.actions", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_subject_categories\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+authz.subject_categories", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_object_categories\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+authz.object_categories", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_action_categories\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+authz.action_categories", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_subject_scopes\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+authz.subject_scopes", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_object_scopes\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+authz.object_scopes", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_action_scopes\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+authz.action_scopes", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_subject_assignments\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+authz.subject_assignments", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_object_assignments\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+authz.object_assignments", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_action_assignments\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+authz.action_assignments", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_aggregation_algorithm\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+authz.aggregation_algorithm", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_sub_meta_rules\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+authz.sub_meta_rules", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,authz_rules\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+authz.rules", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_subjects\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+admin.subjects", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_objects\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+admin.objects", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_actions\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+admin.actions", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_subject_categories\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+admin.subject_categories", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_object_categories\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+admin.object_categories", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_action_categories\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+admin.action_categories", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_subject_scopes\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+admin.subject_scopes", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_object_scopes\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+admin.object_scopes", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_action_scopes\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+admin.action_scopes", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_subject_assignments\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+admin.subject_assignments", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_object_assignments\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+admin.object_assignments", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_action_assignments\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+admin.action_assignments", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_aggregation_algorithm\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+admin.aggregation_algorithm", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_sub_meta_rules\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+admin.sub_meta_rules", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,read,admin_rules\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+read\\s+admin.rules", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_subjects\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+admin.subjects", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_objects\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+admin.objects", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_actions\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+admin.actions", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_subject_categories\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+admin.subject_categories", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_object_categories\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+admin.object_categories", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_action_categories\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+admin.action_categories", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_subject_scopes\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+admin.subject_scopes", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_object_scopes\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+admin.object_scopes", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_action_scopes\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+admin.action_scopes", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_subject_assignments\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+admin.subject_assignments", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_object_assignments\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+admin.object_assignments", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_action_assignments\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+admin.action_assignments", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_aggregation_algorithm\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+admin.aggregation_algorithm", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_sub_meta_rules\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+admin.sub_meta_rules", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"root_role,write,admin_rules\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+root_role\\s+write\\s+admin.rules", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + { + "name": "get aggregation algorithm", + "command": "aggregation algorithm list", + "result": "(?P\\w+)\\s+one_true", + "description": "Get aggregation algorithm.", + "command_options": "-c id -c name -f value" + }, + { + "name": "set aggregation algorithm", + "command": "aggregation algorithm set $uuid_aggregation", + "result": "", + "description": "Set aggregation algorithm to one_true.", + "command_options": "" + }, + { + "name": "get aggregation algorithm", + "command": "aggregation algorithm show", + "result": "$uuid_aggregation\\s+one_true", + "description": "Check aggregation algorithm.", + "command_options": "-c id -c name -f value" + }, + { + "name": "get submetarule algorithm", + "command": "submetarule algorithm list", + "result": "(?P\\w+)\\s+inclusion", + "description": "Get submetarule algorithm named inclusion.", + "command_options": "-c id -c name -f value" + }, + { + "name": "set submetarule algorithm", + "command": "submetarule set --algorithm_name inclusion $submetarule_uuid_admin", + "result": "", + "description": "Set submetarule algorithm to inclusion.", + "command_options": "" + }, + + { + "name": "select_admin_ie", + "command": "intraextension select $uuid_admin", + "result": "Select $uuid_admin IntraExtension.", + "description": "Select the admin IntraExtension", + "command_options": "" + }, + { + "name": "check_select_admin_ie", + "command": "intraextension show selected", + "result": "$uuid_admin", + "description": "Check the selected admin IntraExtension", + "command_options": "-c id -f value" + }, + { + "name": "add_subject", + "command": "subject add demo --password nomoresecrete", + "result": "", + "description": "Add demo subject.", + "command_options": "" + }, + { + "name": "list_subject", + "command": "subject list", + "result": "(?P\\w+)\\s+demo", + "description": "Check that demo subject was added." + }, + { + "name": "add_new_role", + "command": "subject scope add $uuid_subject_category_admin demo_role", + "result": "", + "description": "Add demo_role to demo subject.", + "command_options": "" + }, + { + "name": "check_new_role", + "command": "subject scope list $uuid_subject_category_admin", + "result": "(?P\\w+)\\s+demo_role", + "description": "Check that demo_role was added." + }, + { + "name": "add_new_assignment", + "command": "subject assignment add $uuid_subject_demo_admin $uuid_subject_category_admin $uuid_subject_scope_demo_role", + "result": "", + "description": "Link the demo subject to the demo_role scope.", + "command_options": "" + }, + { + "name": "check_new_assignment", + "command": "subject assignment list $uuid_subject_demo_admin $uuid_subject_category_admin", + "result": "$uuid_subject_scope_demo_role demo_role", + "description": "Check that assignment was added.", + "command_options": "-c id -c name -f value" + }, + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"demo_role,read,authz_objects\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+demo_role\\s+read\\s+authz_objects", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"demo_role,write,authz_objects\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+demo_role\\s+write\\s+authz_objects", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"demo_role,read,authz_object_assignments\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+demo_role\\s+read\\s+authz_object_assignments", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + { + "name": "add_a_new_rule", + "command": "rule add $submetarule_uuid_admin \"demo_role,write,authz_object_assignments\"", + "result": "^$", + "description": "Add a new rule.", + "command_options": "" + }, + { + "name": "check_added_rule", + "command": "rule list $submetarule_uuid_admin", + "result": "(?P\\w+)\\s+demo_role\\s+write\\s+authz_object_assignments", + "description": "Check that the rule was correctly added.", + "command_options": "-c id -c s:role -c a:action_id -c o:object_id -f value" + }, + + { + "name": "select_authz_ie", + "command": "intraextension select $uuid_authz", + "result": "Select $uuid_authz IntraExtension.", + "description": "Select the authz IntraExtension", + "command_options": "" + }, + { + "name": "check_select_authz_ie", + "command": "intraextension show selected", + "result": "$uuid_authz", + "description": "Check the selected admin IntraExtension", + "command_options": "-c id -f value" + }, + { + "name": "add_subject", + "command": "subject add demo --password nomoresecrete", + "result": "", + "description": "Add demo subject.", + "command_options": "" + }, + { + "name": "list_subject", + "command": "subject list", + "result": "(?P\\w+)\\s+demo", + "description": "Check that admin subject was added." + }, + + { + "name": "demo: check nova command", + "external_command": "nova --os-user-name demo list", + "result": "test_moonclient", + "description": "Check demo cant list nova servers due to the current rules" + }, + { + "name": "demo: try to pause nova instance", + "external_command": "nova --os-user-name demo pause $uuid_server", + "result": "^$", + "description": "Pausing the server must be impossible due to the current rules" + }, + { + "name": "check nova command", + "external_command": "nova --os-user-name demo list", + "result": "\\| (?P[\\w\\-]+)\\s+\\| test_moonclient\\s+\\| ACTIVE\\s+\\| [\\w\\-]+\\s+\\| Running", + "description": "Check that nova server is still in running state." + }, + + { + "name": "list tenant", + "command": "tenant list", + "result": "demo", + "description": "Check if tenant demo is used." + }, + + { + "name": "select_authz_ie", + "command": "intraextension select $uuid_authz", + "result": "Select $uuid_authz IntraExtension.", + "description": "Select the authz IntraExtension", + "command_options": "" + }, + { + "name": "check_select_authz_ie", + "command": "intraextension show selected", + "result": "$uuid_authz", + "description": "Check the selected authz IntraExtension", + "command_options": "-c id -f value" + }, + + { + "auth_name": "demo", + "description": "Change user to demo" + }, + + { + "name": "add_object", + "command": "object add $uuid_server", + "result": "", + "description": "Add the new nova server", + "command_options": "" + }, + { + "name": "list_object", + "command": "object list", + "result": "(?P\\w+)\\s+$uuid_server", + "description": "Check that the new nova server was added." + }, + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_nova_server $uuid_object_category_authz $uuid_object_scope_low", + "result": "^$", + "description": "Set the assignment 'low' to nova server", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_nova_server $uuid_object_category_authz", + "result": "$uuid_object_scope_low low", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "check nova command", + "external_command": "nova list", + "result": "\\| (?P[\\w\\-]+)\\s+\\| test_moonclient\\s+\\| ACTIVE\\s+\\| [\\w\\-]+\\s+\\| Running", + "description": "Check that we can now list nova servers due to the current rules" + }, + { + "name": "try to pause nova instance", + "external_command": "nova pause $uuid_server", + "result": "^$", + "description": "Pausing the server must be possible now" + }, + { + "name": "check nova command", + "external_command": "nova list", + "result": "\\| (?P[\\w\\-]+)\\s+\\| test_moonclient\\s+\\| PAUSED\\s+\\| [\\w\\-]+\\s+\\| Paused", + "description": "Check that we can still list nova servers due to the current rules" + }, + { + "name": "reactivate nova instance", + "external_command": "nova unpause $uuid_server", + "result": "^$", + "description": "Unpausing the server for next tests" + }, + + { + "name": "del_assignment", + "command": "object assignment delete $uuid_object_nova_server $uuid_object_category_authz $uuid_object_scope_low", + "result": "^$", + "description": "Delete the assignment 'low' to nova server", + "command_options": "" + }, + { + "name": "add_assignment", + "command": "object assignment add $uuid_object_nova_server $uuid_object_category_authz $uuid_object_scope_high", + "result": "^$", + "description": "Set the assignment 'high' to nova server", + "command_options": "" + }, + { + "name": "check_added_assignment", + "command": "object assignment list $uuid_object_nova_server $uuid_object_category_authz", + "result": "$uuid_object_scope_high high", + "description": "Check added assignment.", + "command_options": "-c id -c name -f value" + }, + + { + "name": "check nova command", + "external_command": "nova list", + "result": "\\| (?P[\\w\\-]+)\\s+\\| test_moonclient\\s+\\| ACTIVE\\s+\\| [\\w\\-]+\\s+\\| Running", + "description": "Check that we can now list nova servers due to the current rules" + }, + { + "name": "try to pause nova instance", + "external_command": "nova pause $uuid_server", + "result": "^$", + "description": "Pausing the server must be not possible now" + }, + { + "name": "check nova command", + "external_command": "nova list", + "result": "\\| (?P[\\w\\-]+)\\s+\\| test_moonclient\\s+\\| ACTIVE\\s+\\| [\\w\\-]+\\s+\\| Running", + "description": "Check that we can still list nova servers due to the current rules" + }, + + + { + "name": "delete_authz_intra_extension", + "command": "intraextension delete $uuid_authz", + "result": "", + "description": "Delete the authz intra extension", + "command_options": "" + }, + { + "name": "delete_tenant", + "command": "tenant delete $uuid", + "result": "", + "description": "Delete the tenant demo", + "command_options": "" + }, + { + "name": "nova delete new server", + "external_command": "nova delete $uuid_server", + "result": "", + "description": "Delete the new server" + } + ] + } +} \ No newline at end of file diff --git a/moonclient/moonclient/tests/tests_root_intraextensions.json b/moonclient/moonclient/tests/tests_root_intraextensions.json new file mode 100644 index 00000000..339136d0 --- /dev/null +++ b/moonclient/moonclient/tests/tests_root_intraextensions.json @@ -0,0 +1,43 @@ +{ + "command_options": "-f value", + "tests_group": { + "main": [ + + { + "name": "list_intraextension", + "command": "intraextension list", + "result": "(?P\\w+)\\s+policy_root", + "description": "Check the existence of the root intra extension", + "command_options": "-c id -c name -f value" + }, + + { + "name": "select root ie", + "command": "intraextension select $uuid_root", + "result": "Select $uuid_root IntraExtension.", + "description": "Select the root intra extension to work with", + "command_options": "" + }, + { + "name": "check_admin_user", + "command": "subject list", + "result": "admin", + "description": "Check that admin user was added" + }, + { + "name": "check_submetarule", + "command": "submetarule show", + "result": "(?P\\w+)\\s+rbac_rule", + "description": "Check that submetarule was added" + }, + { + "name": "check_rule", + "command": "rule list $uuid_submetarule", + "result": "root_role", + "description": "Check that rules were added" + } + + + ] + } +} \ No newline at end of file -- cgit 1.2.3-korg