...
source | function | target | result |
|---|---|---|---|
user A | can SU | user B | true/false |
| Panel | ||
|---|---|---|
| ||
Priv User = users that are added to a role in the 'SU Realm' which has the 'Can SU' security function
|
What is expected:
test | source | function | target | result | Test # |
|---|---|---|---|---|---|
SuperUser | can SU | SuperUser | false |
| test 3 |
SuperUser | can SU | Priv User | true |
|
|
SuperUser | can SU | Standard User | true |
|
|
Standard User | can SU | SuperUser | false |
| test 5 |
Standard User | can SU | Priv User | false |
|
|
Standard User | can SU | Standard User | false |
| test 4 |
Priv User | can SU | SuperUser | false |
| test 6a |
Priv User | can SU | Standard User | true |
| test 6b |
Priv User | can SU | Priv User | true |
|
|
...
Expected result: 'unauthorized' - Standard users cannot su another standard user account with out the correct permissions
Test 5 - Validate Standard User cannot SU SuperUser
Login as a standard user Standard User and select the tool page test site that contains the SU Tool.
type Type in the name of SuperAccount a SuperUser and select 'become user'.
Expected result: 'unauthorized' - Standard users cannot su SU a SuperUser account.
Test 6
...
Prep for 6-a and 6b
...
- Login as admin and access the
...
- Realms tool and edit the realm entitled '!su.can_su_realm'.
...
- Add a role (example 'Can SU').
...
- Add a Checkbox next to 'su.can_su' permission for that role.
...
- Click on 'add a grant'.
...
- Type in the name of a
...
- Standard User in the test site.
...
- Save the edit
- Logout and re-login as the username given in
...
- Test 3.
- Select the
...
- test site that contains the SU Tool.
6-a
select tool reset button
type in the name of SuperUser and select 'become user'
...