{ "command_options": "-f value", "tests_group": { "authz": [ { "auth_name": "admin", "description": "Change user to admin (just in case...)" }, { "name": "list tenant", "command": "tenant list", "no_result": "alt_demo", "description": "Check if tenant alt_demo is used." }, { "name": "add tenant alt_demo", "command": "tenant add alt_demo", "result": "^$", "description": "Add a new tenant", "command_options": "" }, { "name": "check tenant alt_demo", "command": "tenant list", "result": "(?P\\w+)\\s+alt_demo", "description": "Check that tenant alt_demo has been correctly added" }, { "name": "create_intraextension_authz", "command": "intraextension add --policy_model policy_authz authz_test", "result": "IntraExtension created: (?P\\w+)", "description": "Create an authz intra extension", "command_options": "" }, { "name": "list_intraextension_authz", "command": "intraextension list", "result": "$uuid_authz", "description": "Check the existence of that authz intra extension" }, { "name": "set_tenant_authz", "command": "tenant set --authz $uuid_authz $uuid", "result": "", "description": "Connect the authz intra extension to the tenant alt_demo", "command_options": "" }, { "name": "select_authz_ie", "command": "intraextension select $uuid_authz", "result": "Select $uuid_authz IntraExtension.", "description": "Select the authz IntraExtension", "command_options": "" }, { "name": "check_select_authz_ie", "command": "intraextension show selected", "result": "$uuid_authz", "description": "Check the selected authz IntraExtension", "command_options": "-c id -f value" }, { "name": "check_submetarules", "command": "submetarule show", "result": "(?P\\w+)\\s+subject_security_level", "description": "Get one submetarule ID", "command_options": "-c id -c \"subject categories\" -f value" }, { "name": "list_subject_categories", "command": "subject category list", "result": "(?P\\w+)\\s+subject_security_level", "description": "Get one subject category.", "command_options": "-c id -c name -f value" }, { "name": "list_action_categories", "command": "action category list", "result": "(?P\\w+)\\s+resource_action", "description": "Get one action category.", "command_options": "-c id -c name -f value" }, { "name": "list_object_categories", "command": "object category list", "result": "(?P\\w+)\\s+object_security_level", "description": "Get one object category.", "command_options": "-c id -c name -f value" }, { "name": "add_subject_scope", "command": "subject scope add $category_slevel_uuid very_high", "result": "^$", "description": "Add one new scope.", "command_options": "" }, { "name": "check_added_subject_scope", "command": "subject scope list $category_slevel_uuid", "result": "(?P\\s+very_high)", "description": "Get the ID of the new scope.", "command_options": "-c id -c name -f value" }, { "name": "get_one_action_scope", "command": "action scope list $category_action_uuid", "result": "(?P\\s+storage_admin)", "description": "Get the ID of one action scope.", "command_options": "-c id -c name -f value" }, { "name": "get_one_object_scope", "command": "object scope list $category_object_uuid", "result": "(?P\\s+high)", "description": "Get the ID of one object scope.", "command_options": "-c id -c name -f value" }, { "name": "add_a_new_rule", "command": "rule add $submetarule_uuid \"very_high,storage_admin,high\"", "result": "^$", "description": "Add a new rule.", "command_options": "" }, { "name": "check_added_rule", "command": "rule list $submetarule_uuid", "result": "(?P\\w+)\\s+very_high\\s+storage_admin\\s+high", "description": "Check that the rule was correctly added.", "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value" }, { "name": "delete_added_rule", "command": "rule delete $submetarule_uuid $rule_id", "result": "^$", "description": "Delete the added rule.", "command_options": "" }, { "name": "check_deleted_rule", "command": "rule list $submetarule_uuid", "no_result": "very_high", "description": "Check that the rule was correctly deleted.", "command_options": "-c s:subject_security_level -f value" }, { "name": "delete_authz_intra_extension", "command": "intraextension delete $uuid_authz", "result": "", "description": "Delete the authz intra extension", "command_options": "" }, { "name": "list_intraextension_authz", "command": "intraextension list", "no_result": "$uuid_authz", "description": "Check the existence of that authz intra extension" }, { "name": "delete_tenant", "command": "tenant delete $uuid", "result": "", "description": "Delete the tenant alt_demo", "command_options": "" }, { "name": "list tenant", "command": "tenant list", "no_result": "alt_demo", "description": "Check if tenant alt_demo is used." } ], "authz_and_admin": [ { "name": "list tenant", "command": "tenant list", "no_result": "alt_demo", "description": "Check if tenant alt_demo is used." }, { "name": "add tenant alt_demo", "command": "tenant add alt_demo", "result": "^$", "description": "Add a new tenant", "command_options": "" }, { "name": "check tenant alt_demo", "command": "tenant list", "result": "(?P\\w+)\\s+alt_demo", "description": "Check that tenant alt_demo has been correctly added" }, { "name": "create_intraextension_authz", "command": "intraextension add --policy_model policy_authz authz_test", "result": "IntraExtension created: (?P\\w+)", "description": "Create an authz intra extension", "command_options": "" }, { "name": "list_intraextension_authz", "command": "intraextension list", "result": "$uuid_authz", "description": "Check the existence of that authz intra extension" }, { "name": "create_intraextension_admin", "command": "intraextension add --policy_model policy_rbac_admin admin_test", "result": "IntraExtension created: (?P\\w+)", "description": "Create an admin intra extension", "command_options": "" }, { "name": "list_intraextension_admin", "command": "intraextension list", "result": "$uuid_admin", "description": "Check the existence of that admin intra extension" }, { "name": "set_tenant_authz", "command": "tenant set --authz $uuid_authz $uuid", "result": "", "description": "Connect the authz intra extension to the tenant demo", "command_options": "" }, { "name": "set_tenant_admin", "command": "tenant set --admin $uuid_admin $uuid", "result": "", "description": "Connect the authz intra extension to the tenant alt_demo", "command_options": "" }, { "name": "check tenant alt_demo and authz ie", "command": "tenant list", "result": "alt_demo $uuid_authz", "description": "Check that authz intra extension has been correctly added to the tenant.", "command_options": "-c name -c intra_authz_extension_id -f value" }, { "name": "check tenant alt_demo and admin ie", "command": "tenant list", "result": "$uuid_admin", "description": "Check that admin intra extension has been correctly added to the tenant.", "command_options": "-c intra_admin_extension_id -f value" }, { "name": "select_authz_ie", "command": "intraextension select $uuid_authz", "result": "Select $uuid_authz IntraExtension.", "description": "Select the authz IntraExtension", "command_options": "" }, { "name": "check_select_authz_ie", "command": "intraextension show selected", "result": "$uuid_authz", "description": "Check the selected authz IntraExtension", "command_options": "-c id -f value" }, { "name": "check_submetarules", "command": "submetarule show", "result": "(?P\\w+)\\s+subject_security_level", "description": "Get one submetarule ID", "command_options": "-c id -c \"subject categories\" -f value" }, { "name": "list_subject_categories", "command": "subject category list", "result": "(?P\\w+)\\s+subject_security_level", "description": "Get one subject category.", "command_options": "-c id -c name -f value" }, { "name": "list_action_categories", "command": "action category list", "result": "(?P\\w+)\\s+resource_action", "description": "Get one action category.", "command_options": "-c id -c name -f value" }, { "name": "list_object_categories", "command": "object category list", "result": "(?P\\w+)\\s+object_security_level", "description": "Get one object category.", "command_options": "-c id -c name -f value" }, { "name": "add_subject_scope", "command": "subject scope add $category_slevel_uuid very_high", "result": "^$", "description": "Add one new scope.", "command_options": "" }, { "name": "check_added_subject_scope", "command": "subject scope list $category_slevel_uuid", "result": "(?P\\s+very_high)", "description": "Get the ID of the new scope.", "command_options": "-c id -c name -f value" }, { "name": "get_one_action_scope", "command": "action scope list $category_action_uuid", "result": "(?P\\s+storage_admin)", "description": "Get the ID of one action scope.", "command_options": "-c id -c name -f value" }, { "name": "get_one_object_scope", "command": "object scope list $category_object_uuid", "result": "(?P\\s+high)", "description": "Get the ID of one object scope.", "command_options": "-c id -c name -f value" }, { "name": "add_a_new_rule", "command": "rule add $submetarule_uuid \"very_high,storage_admin,high\"", "result": "^$", "description": "Add a new rule.", "command_options": "" }, { "name": "check_added_rule", "command": "rule list $submetarule_uuid", "result": "(?P\\w+)\\s+very_high\\s+storage_admin\\s+high", "description": "Check that the rule was correctly added.", "command_options": "-c id -c s:subject_security_level -c a:resource_action -c o:object_security_level -f value" }, { "name": "delete_added_rule", "command": "rule delete $submetarule_uuid $rule_id", "result": "^$", "description": "Delete the added rule.", "command_options": "" }, { "name": "check_deleted_rule", "command": "rule list $submetarule_uuid", "no_result": "very_high", "description": "Check that the rule was correctly deleted.", "command_options": "-c s:subject_security_level -f value" }, { "name": "delete_authz_intra_extension", "command": "intraextension delete $uuid_authz", "result": "", "description": "Delete the authz intra extension", "command_options": "" }, { "name": "list_intraextension_authz", "command": "intraextension list", "no_result": "$uuid_authz", "description": "Check the existence of that authz intra extension" }, { "name": "delete_tenant", "command": "tenant delete $uuid", "result": "", "description": "Delete the tenant alt_demo", "command_options": "" }, { "name": "list tenant", "command": "tenant list", "no_result": "alt_demo", "description": "Check if tenant alt_demo is used." } ] } }