TWiki>
Main Web>TWikiUsers>AlexanderBernegger>ADFSUserMapping>TestResults (2010-05-10, unknown)
EditAttachPDF
Main Web>TWikiUsers>AlexanderBernegger>ADFSUserMapping>TestResults (2010-05-10, unknown) EditAttachPDFADFSUserMapping Addon Test Results
Test scenario:- Topicname: RestrictedArea2,
- Testgroups Twiki: Main.TWikiAdminGroup,
- Testgroups ADFS: IT-DEP-DES, IT, CERN, NICE Users
- Testuser: AlexanderBernegger, TWikiGuest
| Test | Result | Comment |
|---|---|---|
| Test ALLOWTOPICVIEW, ALLOWTOPICCHANGE, DENYTOPICVIEW, DENYTOPICCHANGE | OK | denytopic view problem solved |
| Test with the user in a TWikiGroup and also in a ADFS group | OK | OK |
| Test with DENY from one group and ALLOW from another. What happens if you are in both groups? | OK | Deny always overrides Allow in Access.pm |
| Test with the ADFS group in its various formats. Uppercase, lowercase, with a group email address | OK | Group mail address doesn't work because of strict matching |
Access control set in a TWiki WebPreferences: Restricting WebPreferences on MAINWEB with TwikiAdminGroup and ADFS_Group.
| Test | Result | Comment |
|---|---|---|
| Test ALLOWWEBVIEW, ALLOWWEBCHANGE, DENYWEBVIEW, DENYWEBCHANGE | OK | OK |
| Test with a user in a TWikiGroup and also in a ADFS group. (Main.SpecialGroup, it-dep-des) | OK | denywebview works because of Main.SpecialGroup |
| Test with DENY from one group and ALLOW from another. What happens if you are in both groups? | OK | Deny always overrides Allow in Access.pm |
| Test with the ADFS group in its various formats. Uppercase, lowercase, with a group email address etc | OK | Group mail adress doesn't work because of strict matching; additional: Set ALLOWTOPICVIEW = it-dep-de -> acces denied |
| Test if the settings in the WebPreferences are overwritten by settings in a topic. | OK | Web doesnt override Topic, Topic overrides Web. (Access.pm: “Check DENYWEB, but only if DENYTOPIC is not set .Check ALLOWWEB. If this is defined and not overridden by ALLOWTOPIC) |
Miscellaneous testing in Topic AND Web
| Test | Result | Comment |
|---|---|---|
| Test AllowWebview: it-dep-des, DenyWebview: TwikiGuest AND DenyTopicview: AlexanderBernegger | OK | AlexanderBernegger is not able to access topic |
| Test compiling order. DenyTopicView and AllowTopicView in one topic | OK | Doesn't matter which one is first set. Deny is stronger than allow. |
| Test compiling order. DenyWebView and AllowWebView in one topic | OK | Doesn't matter which one is first set. Deny is stronger than allow. |
Two sessions testing, logged-on and Twiki Guest
| Test | Logged on | TwikiGuest | Comment |
|---|---|---|---|
| Test ALLOWTOPICVIEW, DENYTOPICVIEW ALLOWTOPICCHANGE, DENYTOPICCHANGE | OK | Can't access | |
| Test TWiki Group and ADFS Group | OK | Can't access | booth are working when logged in |
| Test lower / uppercase | OK | Can't access | works even with dots between words, not only minus. eg: it.dep.des is the same as it-dep-des |
| Test writing order e.g it-des-dep instead of it-dep-des | OK | Can't access | works only when written correctly |
| Test only word pieces e.g. IT | OK | Can't access | Doesn't allow to view because of strict pattern matching |
| Test DenyTopic it-dep-des, AllowTopic Nice Users | Can't access | Can't access | It will deny view because deny stronger than allow |
| Test DenyTopic it-dep-des, AllowTopic Guest | Can't access | OK | Allows only Twiki Guest for viewing |
| Test DenyTopic Guest, AllowTopic it-dep-des | OK | Can't access | Doesn't allow view topic to Guests |
| Test ALLOWWEBVIEW, DENYWEBVIEW, ALLOWWEBCHANGE, DENYWEBCHANGE | OK | Can't access | Denyview problem solved. |
| Test lower / uppercase, writing order andword pieces for WEB | OK | Can't access | same results as for topic |
| Test AllowWeb it-dep-des, DenyWeb it-dep-des | Can't access | Can't access | It will deny view because deny stronger than allow |
| Test AllowWeb it-dep-des, DenyWeb Guest | OK | Can't access | |
| Test AllowWeb Guest, DenyWeb it-dep-des | Can't access | OK | Allows only Twiki Guest for viewing |
| view | |||
| Test Denyweb it-dep-des, AllowTopic Guest | Web: No, Topic: No | Web: Yes, Topic: Yes | |
| Test Denyweb Guest, AllowTopic it-dep-des | Web: Yes, Topic: Yes | Web: No, Topic: No | |
| Test AllowWeb it-dep-des, AllowTopic Guest | Web: Yes, Topic: No | Web: No, Topic: No | |
| Test AllowWeb Guest, AllowTopic it-dep-des | Web: No, Topic: Yes | Web: Yes, Topic: No | |
| Test AllowWeb it-dep-des, DenyTopic it-dep-des | Web: Yes, Topic: No | Web: No, Topic: No | |
| change | |||
| Test Denyweb it-dep-des, AllowTopic Guest | Web: No, Topic: No | No, need log on for edit | |
| Test Denyweb Guest, AllowTopic it-dep-des | Web: Yes, Topic: Yes | No, need log on for edit | |
| Test AllowWeb it-dep-des, AllowTopic Guest | Web: Yes, Topic: No | No, need log on for edit | |
| Test AllowWeb Guest, AllowTopic it-dep-des | Web: No, Topic: Yes | No, need log on for edit | |
| Test AllowWeb it-dep-des, DenyTopic it-dep-des | Web: Yes, Topic: No | No, need log on for edit |
Test environment:
Group(TWiki): ITDesGroup
Members(ADFS): IT-DEP
| Test | Comment |
|---|---|
| ALLOWTOPICVIEW = ITDesGroup | Members from IT-DEP are allowed, Guest is asked to login |
| ALLOWWEBVIEW = ITDesGroup | Members from IT-DEP are allowed, Guest is asked to login |
| ALLOWTOPICCHANGE = ITDesGroup | Members from IT-DEP are allowed, Guest is asked to login |
| ALLOWWEBCHANGE = ITDesGroup | Members from IT-DEP are allowed, Guest is asked to login |
| DENYTOPICVIEW = ITDesGroup | Member from IT-DEP are denied, Guest is asked to login |
| DENYWEBVIEW = ITDesGroup | Member from IT-DEP are denied , Guest is asked to login |
| DENYTOPICCHANGE = ITDesGroup | Members from IT-DEP are denied, Guest is asked to login |
| DENYWEBCHANGE = ITDesGroup | Members from IT-DEP are denied, Guest is asked to login |
Group(TWiki): ITDesGroup
Members(ADFS): catia-users
User: AlexanderBernegger (not in catia-users)
| Test | Comment |
|---|---|
| ALLOWTOPICVIEW = ITDesGroup | AlexanderBernegger is not allowed |
| ALLOWWEBVIEW = ITDesGroup | AlexanderBernegger is not allowed |
| ALLOWTOPICCHANGE = ITDesGroup | AlexanderBernegger is allowed to read, not to change |
| ALLOWWEBCHANGE = ITDesGroup | AlexanderBernegger is allowed to read, not to change |
| DENYTOPICVIEW = ITDesGroup | AlexanderBernegger is allowed |
| DENYWEBVIEW = ITDesGroup | AlexanderBernegger is allowed |
| DENYTOPICCHANGE = ITDesGroup | AlexanderBernegger is allowed to read and change |
| DENYWEBCHANGE = ITDesGroup | AlexanderBernegger is allowed to read and change |
Home
Index
Search
Changes
Notifications
RSS Feed
Documentation
SupportWebs
Main
Main Archive
Plugins
Sandbox for tests
- ABATBEA
- ACPP
- ADCgroup
- AEGIS
- AfricaMap
- AgileInfrastructure
- ALICE
- AliceEbyE
- AliceSPD
- AliceSSD
- AliceTOF
- AliFemto
- ALPHA
- Altair
- ArdaGrid
- ASACUSA
- AthenaFCalTBAna
- Atlas
- AtlasLBNL
- AXIALPET
- CAE
- CALICE
- CDS
- CENF
- CERNSearch
- CLIC
- Cloud
- CloudServices
- CMS
- Controls
- CTA
- CvmFS
- DB
- DefaultWeb
- DESgroup
- DPHEP
- DM-LHC
- DSSGroup
- EGEE
- EgeePtf
- ELFms
- EMI
- ETICS
- FIOgroup
- FlukaTeam
- Frontier
- Gaudi
- GeneratorServices
- GuidesInfo
- HardwareLabs
- HCC
- HEPIX
- ILCBDSColl
- ILCTPC
- IMWG
- Inspire
- IPv6
- IT
- ItCommTeam
- ITCoord
- ITdeptTechForum
- ITDRP
- ITGT
- ITSDC
- LAr
- LCG
- LCGAAWorkbook
- Leade
- LHCAccess
- LHCAtHome
- LHCb
- LHCgas
- LHCONE
- LHCOPN
- LinuxSupport
- Main
- Medipix
- Messaging
- MPGD
- NA49
- NA61
- NA62
- NTOF
- Openlab
- PDBService
- Persistency
- PESgroup
- Plugins
- PSAccess
- PSBUpgrade
- R2Eproject
- RCTF
- RD42
- RFCond12
- RFLowLevel
- ROXIE
- Sandbox
- SocialActivities
- SPI
- SRMDev
- SSM
- Student
- SuperComputing
- Support
- SwfCatalogue
- TMVA
- TOTEM
- TWiki
- UNOSAT
- Virtualization
- VOBox
- WITCH
- XTCA
Welcome Guest Login or Register
 |
|
Copyright &© 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback