1a37963e3SRahul Maheshwari*** Settings *** 2a37963e3SRahul MaheshwariDocumentation Test IPMI and Redfish combinations for user management. 3a37963e3SRahul Maheshwari 4e64caee6Ssrichn28Resource ../../lib/resource.robot 5e64caee6Ssrichn28Resource ../../lib/bmc_redfish_resource.robot 6e64caee6Ssrichn28Resource ../../lib/openbmc_ffdc.robot 7e64caee6Ssrichn28Resource ../../lib/ipmi_client.robot 8e64caee6Ssrichn28Library ../../lib/ipmi_utils.py 9e64caee6Ssrichn28 10e64caee6Ssrichn28Test Setup Test Setup Execution 11e64caee6Ssrichn28Test Teardown Test Teardown Execution 12e64caee6Ssrichn28 136fb70d98SMatt FischerTest Tags IPMI_Redfish_User 14e64caee6Ssrichn28 15e64caee6Ssrichn28*** Variables *** 16e64caee6Ssrichn28 17e64caee6Ssrichn28${valid_password} 0penBmc1 18e64caee6Ssrichn28${valid_password2} 0penBmc2 19a37963e3SRahul Maheshwari 20a37963e3SRahul Maheshwari 21a37963e3SRahul Maheshwari*** Test Cases *** 22a37963e3SRahul Maheshwari 23a37963e3SRahul MaheshwariCreate IPMI User Without Any Privilege And Verify Via Redfish 24a37963e3SRahul Maheshwari [Documentation] Create user using IPMI without privilege and verify user privilege 25a37963e3SRahul Maheshwari ... via Redfish. 26a37963e3SRahul Maheshwari [Tags] Create_IPMI_User_Without_Any_Privilege_And_Verify_Via_Redfish 27a37963e3SRahul Maheshwari 28a37963e3SRahul Maheshwari # Create IPMI user with random id and username. 29a37963e3SRahul Maheshwari ${random_userid}= Evaluate random.randint(2, 15) modules=random 30a37963e3SRahul Maheshwari ${random_username}= Generate Random String 8 [LETTERS] 31a37963e3SRahul Maheshwari Run IPMI Standard Command 32a37963e3SRahul Maheshwari ... user set name ${random_userid} ${random_username} 33a37963e3SRahul Maheshwari 34a37963e3SRahul Maheshwari # Verify new user privilege level via Redfish. 35*b0a5a6dbSSridevi Ramesh ${privilege}= Redfish.Get Attribute 36a37963e3SRahul Maheshwari ... /redfish/v1/AccountService/Accounts/${random_username} RoleId 37a37963e3SRahul Maheshwari Valid Value privilege ['ReadOnly'] 38a37963e3SRahul Maheshwari 39e64caee6Ssrichn28 40e64caee6Ssrichn28Create Admin User Via Redfish And Verify Login Via IPMI 41e64caee6Ssrichn28 [Documentation] Create user via redfish and verify via IPMI. 42e64caee6Ssrichn28 [Tags] Create_Admin_User_Via_Redfish_And_Verify_Login_Via_IPMI 43e64caee6Ssrichn28 44e64caee6Ssrichn28 ${random_username}= Generate Random String 8 [LETTERS] 45e64caee6Ssrichn28 Set Test Variable ${random_username} 46e64caee6Ssrichn28 47e64caee6Ssrichn28 ${payload}= Create Dictionary 48e64caee6Ssrichn28 ... UserName=${random_username} Password=${valid_password} 49e64caee6Ssrichn28 ... RoleId=Administrator Enabled=${True} 50e64caee6Ssrichn28 Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload} 51e64caee6Ssrichn28 ... valid_status_codes=[${HTTP_CREATED}] 52e64caee6Ssrichn28 53e64caee6Ssrichn28 # Add delay for a new admin user password to set. 54e64caee6Ssrichn28 Sleep 5s 55e64caee6Ssrichn28 56e64caee6Ssrichn28 Enable IPMI Access To User Using Redfish ${random_username} 57e64caee6Ssrichn28 58e64caee6Ssrichn28 # Update user password using Redfish. 59e64caee6Ssrichn28 ${payload}= Create Dictionary Password=${valid_password2} 60e64caee6Ssrichn28 Redfish.Patch /redfish/v1/AccountService/Accounts/${random_username} body=&{payload} 61e64caee6Ssrichn28 62e64caee6Ssrichn28 Verify IPMI Username And Password ${random_username} ${valid_password2} 63e64caee6Ssrichn28 64e64caee6Ssrichn28 65e64caee6Ssrichn28Delete User Via Redfish And Verify Using IPMI 66e64caee6Ssrichn28 [Documentation] Delete user via redfish and verify using IPMI. 67e64caee6Ssrichn28 [Tags] Delete_User_Via_Redfish_And_Verify_Using_IPMI 68e64caee6Ssrichn28 69e64caee6Ssrichn28 # Create user using Redfish. 70e64caee6Ssrichn28 ${random_username}= Generate Random String 8 [LETTERS] 71e64caee6Ssrichn28 Set Test Variable ${random_username} 72e64caee6Ssrichn28 73e64caee6Ssrichn28 ${payload}= Create Dictionary 74e64caee6Ssrichn28 ... UserName=${random_username} Password=${valid_password} 75e64caee6Ssrichn28 ... RoleId=Administrator Enabled=${True} 76e64caee6Ssrichn28 Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload} 77e64caee6Ssrichn28 ... valid_status_codes=[${HTTP_CREATED}] 78e64caee6Ssrichn28 79e64caee6Ssrichn28 Enable IPMI Access To User Using Redfish ${random_username} 80e64caee6Ssrichn28 81e64caee6Ssrichn28 # Update user password using Redfish. 82e64caee6Ssrichn28 ${payload}= Create Dictionary Password=${valid_password2} 83e64caee6Ssrichn28 Redfish.Patch /redfish/v1/AccountService/Accounts/${random_username} body=&{payload} 84e64caee6Ssrichn28 85e64caee6Ssrichn28 # Delete user using Redfish. 86e64caee6Ssrichn28 Redfish.Delete /redfish/v1/AccountService/Accounts/${random_username} 87e64caee6Ssrichn28 88e64caee6Ssrichn28 # Verify that IPMI command fails with deleted user. 89e64caee6Ssrichn28 Run Keyword And Expect Error *Error: Unable to establish IPMI* 90e64caee6Ssrichn28 ... Verify IPMI Username And Password ${random_username} ${valid_password2} 91e64caee6Ssrichn28 92e64caee6Ssrichn28 933d53b0f3Ssrichn28Update User Password Via Redfish And Verify Using IPMI 943d53b0f3Ssrichn28 [Documentation] Update user password via Redfish and verify using IPMI. 953d53b0f3Ssrichn28 [Tags] Update_User_Password_Via_Redfish_And_Verify_Using_IPMI 963d53b0f3Ssrichn28 973d53b0f3Ssrichn28 # Create user using Redfish. 983d53b0f3Ssrichn28 ${random_username}= Generate Random String 8 [LETTERS] 993d53b0f3Ssrichn28 Set Test Variable ${random_username} 1003d53b0f3Ssrichn28 1013d53b0f3Ssrichn28 ${payload}= Create Dictionary 1023d53b0f3Ssrichn28 ... UserName=${random_username} Password=${valid_password} 1033d53b0f3Ssrichn28 ... RoleId=Administrator Enabled=${True} 1043d53b0f3Ssrichn28 Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload} 1053d53b0f3Ssrichn28 ... valid_status_codes=[${HTTP_CREATED}] 1063d53b0f3Ssrichn28 1073d53b0f3Ssrichn28 Enable IPMI Access To User Using Redfish ${random_username} 1083d53b0f3Ssrichn28 1093d53b0f3Ssrichn28 # Update user password using Redfish. 1103d53b0f3Ssrichn28 ${payload}= Create Dictionary Password=${valid_password2} 1113d53b0f3Ssrichn28 Redfish.Patch /redfish/v1/AccountService/Accounts/${random_username} body=&{payload} 1123d53b0f3Ssrichn28 1133d53b0f3Ssrichn28 # Verify that IPMI command works with new password and fails with older password. 1143d53b0f3Ssrichn28 Verify IPMI Username And Password ${random_username} ${valid_password2} 1153d53b0f3Ssrichn28 1163d53b0f3Ssrichn28 Run Keyword And Expect Error *Error: Unable to establish IPMI* 1173d53b0f3Ssrichn28 ... Verify IPMI Username And Password ${random_username} ${valid_password} 1183d53b0f3Ssrichn28 1193d53b0f3Ssrichn28 1203d53b0f3Ssrichn28Update User Privilege Via Redfish And Verify Using IPMI 1213d53b0f3Ssrichn28 [Documentation] Update user privilege via Redfish and verify using IPMI. 1223d53b0f3Ssrichn28 [Tags] Update_User_Privilege_Via_Redfish_And_Verify_Using_IPMI 1233d53b0f3Ssrichn28 1243d53b0f3Ssrichn28 # Create user using Redfish with admin privilege. 1253d53b0f3Ssrichn28 ${random_username}= Generate Random String 8 [LETTERS] 1263d53b0f3Ssrichn28 Set Test Variable ${random_username} 1273d53b0f3Ssrichn28 1283d53b0f3Ssrichn28 ${payload}= Create Dictionary 1293d53b0f3Ssrichn28 ... UserName=${random_username} Password=${valid_password} 1303d53b0f3Ssrichn28 ... RoleId=Administrator Enabled=${True} 1313d53b0f3Ssrichn28 Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload} 1323d53b0f3Ssrichn28 ... valid_status_codes=[${HTTP_CREATED}] 1333d53b0f3Ssrichn28 1343d53b0f3Ssrichn28 Enable IPMI Access To User Using Redfish ${random_username} 1353d53b0f3Ssrichn28 1363d53b0f3Ssrichn28 # Update user password using Redfish. 1373d53b0f3Ssrichn28 ${payload}= Create Dictionary Password=${valid_password2} 1383d53b0f3Ssrichn28 Redfish.Patch /redfish/v1/AccountService/Accounts/${random_username} body=&{payload} 1393d53b0f3Ssrichn28 1403d53b0f3Ssrichn28 # Update user privilege to readonly using Redfish. 1413d53b0f3Ssrichn28 ${payload}= Create Dictionary RoleId=ReadOnly 1423d53b0f3Ssrichn28 Redfish.Patch /redfish/v1/AccountService/Accounts/${random_username} body=&{payload} 1433d53b0f3Ssrichn28 1443d53b0f3Ssrichn28 # Verify new user privilege level via IPMI. 1453d53b0f3Ssrichn28 ${resp}= Run IPMI Standard Command user list 1463d53b0f3Ssrichn28 1473d53b0f3Ssrichn28 # Example of response data: 1483d53b0f3Ssrichn28 # ID Name Callin Link Auth IPMI Msg Channel Priv Limit 1493d53b0f3Ssrichn28 # 1 ipmi_admin false true true ADMINISTRATOR 1503d53b0f3Ssrichn28 # 2 OAvCxjMv false true true USER 1513d53b0f3Ssrichn28 # 3 true false false NO ACCESS 1523d53b0f3Ssrichn28 # .. 1533d53b0f3Ssrichn28 # .. 1543d53b0f3Ssrichn28 # 15 true false false NO ACCESS 1553d53b0f3Ssrichn28 1563d53b0f3Ssrichn28 ${user_info}= 1573d53b0f3Ssrichn28 ... Get Lines Containing String ${resp} ${random_username} 1583d53b0f3Ssrichn28 Should Contain ${user_info} USER 1593d53b0f3Ssrichn28 1603d53b0f3Ssrichn28 161e64caee6Ssrichn28*** Keywords *** 162e64caee6Ssrichn28 163e64caee6Ssrichn28Create IPMI Random User With Password And Privilege 164e64caee6Ssrichn28 [Documentation] Create random IPMI user with given password and privilege 165e64caee6Ssrichn28 ... level. 166e64caee6Ssrichn28 [Arguments] ${password} ${privilege}=0 167e64caee6Ssrichn28 168e64caee6Ssrichn28 # Description of argument(s): 169e64caee6Ssrichn28 # password Password to be assigned for the user. 170e64caee6Ssrichn28 # privilege Privilege level for the user (e.g. "1", "2", "3", etc.). 171e64caee6Ssrichn28 172e64caee6Ssrichn28 # Create IPMI user. 173e64caee6Ssrichn28 ${random_username}= Generate Random String 8 [LETTERS] 174e64caee6Ssrichn28 Set Suite Variable ${random_username} 175e64caee6Ssrichn28 176e64caee6Ssrichn28 ${random_userid}= Find And Return Free User Id 177e64caee6Ssrichn28 IPMI Create User ${random_userid} ${random_username} 178e64caee6Ssrichn28 179e64caee6Ssrichn28 # Set given password for newly created user. 180e64caee6Ssrichn28 Run IPMI Standard Command 181e64caee6Ssrichn28 ... user set password ${random_userid} ${password} 182e64caee6Ssrichn28 183e64caee6Ssrichn28 # Enable IPMI user. 184e64caee6Ssrichn28 Run IPMI Standard Command user enable ${random_userid} 185e64caee6Ssrichn28 186e64caee6Ssrichn28 # Set given privilege and enable IPMI messaging for newly created user. 187460848a8SSridevi Ramesh IF '${privilege}' != '0' 188460848a8SSridevi Ramesh Set Channel Access ${random_userid} ipmi=on privilege=${privilege} 189460848a8SSridevi Ramesh END 190e64caee6Ssrichn28 191409df05dSGeorge Keishing RETURN ${random_username} ${random_userid} 192e64caee6Ssrichn28 193e64caee6Ssrichn28 194e64caee6Ssrichn28Delete Users Via Redfish 195e64caee6Ssrichn28 [Documentation] Delete all the users via redfish from given list. 196e64caee6Ssrichn28 [Arguments] ${user_list} 197e64caee6Ssrichn28 198e64caee6Ssrichn28 # Description of argument(s): 199e64caee6Ssrichn28 # user_list List of user which are to be deleted. 200e64caee6Ssrichn28 201e64caee6Ssrichn28 Redfish.Login 202e64caee6Ssrichn28 203e64caee6Ssrichn28 FOR ${user} IN @{user_list} 204e64caee6Ssrichn28 Redfish.Delete ${user} 205e64caee6Ssrichn28 END 206e64caee6Ssrichn28 207e64caee6Ssrichn28 Redfish.Logout 208e64caee6Ssrichn28 209e64caee6Ssrichn28 210e64caee6Ssrichn28Enable IPMI Access To User Using Redfish 211e64caee6Ssrichn28 [Documentation] Add IPMI access to a user through Redfish. 212e64caee6Ssrichn28 [Arguments] ${user_name} 213e64caee6Ssrichn28 214e64caee6Ssrichn28 # Description of argument(s): 215e64caee6Ssrichn28 # user_name User name to which IPMI access is to be added. 216e64caee6Ssrichn28 217e64caee6Ssrichn28 # Adding IPMI access to user name. 218e64caee6Ssrichn28 Redfish.Patch /redfish/v1/AccountService/Accounts/${user_name} 219e64caee6Ssrichn28 ... body={"AccountTypes": ["Redfish", "HostConsole", "ManagerConsole", "WebUI", "IPMI"]} 220e64caee6Ssrichn28 221e64caee6Ssrichn28 222e64caee6Ssrichn28Test Setup Execution 223e64caee6Ssrichn28 [Documentation] Do test case setup tasks. 224e64caee6Ssrichn28 225e64caee6Ssrichn28 Redfish.Login 226e64caee6Ssrichn28 227e64caee6Ssrichn28 228e64caee6Ssrichn28Test Teardown Execution 229e64caee6Ssrichn28 [Documentation] Do the post test teardown. 230e64caee6Ssrichn28 231e64caee6Ssrichn28 FFDC On Test Case Fail 232e64caee6Ssrichn28 # Delete the test user. 233e64caee6Ssrichn28 Run Keyword And Ignore Error 234e64caee6Ssrichn28 ... Redfish.Delete /redfish/v1/AccountService/Accounts/${random_username} 235e64caee6Ssrichn28 236e64caee6Ssrichn28 Redfish.Logout 237e64caee6Ssrichn28 238e64caee6Ssrichn28 239e64caee6Ssrichn28Find And Return Free User Id 240e64caee6Ssrichn28 [Documentation] Find and return userid that is not being used. 241e64caee6Ssrichn28 242e64caee6Ssrichn28 FOR ${index} IN RANGE 300 243e64caee6Ssrichn28 # IPMI maximum users count (i.e. 15 users). 244e64caee6Ssrichn28 ${random_userid}= Evaluate random.randint(1, ${ipmi_max_num_users}) modules=random 245e64caee6Ssrichn28 ${access_output}= Run IPMI Standard Command channel getaccess 1 ${random_userid} 246e64caee6Ssrichn28 247e64caee6Ssrichn28 ${name_line}= Get Lines Containing String ${access_output} User Name 248e64caee6Ssrichn28 Log To Console For ID ${random_userid}: ${name_line} 249e64caee6Ssrichn28 ${is_empty}= Run Keyword And Return Status 250e64caee6Ssrichn28 ... Should Match Regexp ${name_line} ${empty_name_pattern} 251e64caee6Ssrichn28 252460848a8SSridevi Ramesh IF ${is_empty} == ${True} BREAK 253e64caee6Ssrichn28 END 254460848a8SSridevi Ramesh 255460848a8SSridevi Ramesh IF '${index}' == '299' 256460848a8SSridevi Ramesh Fail msg=A free user ID could not be found. 257460848a8SSridevi Ramesh END 258460848a8SSridevi Ramesh 259409df05dSGeorge Keishing RETURN ${random_userid} 260e64caee6Ssrichn28 261