TULIP DOCS (LTS12 REV3)
Overview
User Requirements
Product Specs
Test Cases
Release Notes
Edge Release Notes
Bug Fixes
Edge Bug Fixes

QA-T1214

SAML : 07 - Roles from SAML Attributes Overwrite Tulip Roles with IdP Control Mode

OBJECTIVE
Verify that when IdP Control Mode is enabled, a user's roles according to their SAML attributes override their roles in Tulip.
PRECONDITION
  • This instance should be configured for SAML, and the `samlCongifUI` feature flag is enabled.
  • The `multipleRolesUsersPerWorkspace` feature flag is enabled (this is not vital, but changes the verification process for 1 step).
  • The SAML user "Andrew Cooke" must already be present on the instance. You can get this use on your instance by logging as this user via SAML using the credentials in 1Pass.
  • SAML should be disabled at the start of the test.
  • You are logged into Pritunl so that you can access our Open AM IdP.
  • You are logged in to Factory as a Sysadmin. (To log in as a sysadmin, follow the instructions of QA-T170.)

NOTE: To work around a bug with OpenAM, you must open the OpenAM interface at https://openam-ec2.tulipintra.net/openam/ in a new tab after every time you log out of Tulip with a SAML user. Refer to the Test Plan for more information.

Covers

models
routes