xref: /openbmc/openbmc-test-automation/redfish/account_service/test_user_account.robot (revision cbc4c0b46432e4937857537481eb1996b79c60b4) 
1*** Settings ***
2Documentation    Test Redfish user account.
3
4Resource         ../../lib/resource.robot
5Resource         ../../lib/bmc_redfish_resource.robot
6Resource         ../../lib/openbmc_ffdc.robot
7Resource         ../../lib/bmc_redfish_utils.robot
8
9Library          SSHLibrary
10
11Test Setup       Redfish.Login
12Test Teardown    Test Teardown Execution
13
14*** Variables ***
15
16${account_lockout_duration}   ${30}
17${account_lockout_threshold}  ${3}
18
19** Test Cases **
20
21Verify AccountService Available
22    [Documentation]  Verify Redfish account service is available.
23    [Tags]  Verify_AccountService_Available
24
25    ${resp} =  Redfish_utils.Get Attribute  /redfish/v1/AccountService  ServiceEnabled
26    Should Be Equal As Strings  ${resp}  ${True}
27
28Verify Redfish User Persistence After Reboot
29    [Documentation]  Verify Redfish user persistence after reboot.
30    [Tags]  Verify_Redfish_User_Persistence_After_Reboot
31    # Create Redfish users.
32    Redfish Create User  admin_user     TestPwd123  Administrator   ${True}
33    Redfish Create User  operator_user  TestPwd123  Operator        ${True}
34    Redfish Create User  readonly_user  TestPwd123  ReadOnly        ${True}
35
36    # Reboot BMC.
37    Redfish OBMC Reboot (off)  stack_mode=normal
38
39    # Verify users after reboot.
40    Redfish Verify User  admin_user     TestPwd123  Administrator   ${True}
41    Redfish Verify User  operator_user  TestPwd123  Operator        ${True}
42    Redfish Verify User  readonly_user  TestPwd123  ReadOnly        ${True}
43
44    # Delete created users.
45    Redfish.Delete  /redfish/v1/AccountService/Accounts/admin_user
46    Redfish.Delete  /redfish/v1/AccountService/Accounts/operator_user
47    Redfish.Delete  /redfish/v1/AccountService/Accounts/readonly_user
48
49Redfish Create and Verify Admin User
50    [Documentation]  Create a Redfish user with administrator role and verify.
51    [Tags]  Redfish_Create_and_Verify_Users
52    [Template]  Redfish Create And Verify User
53
54    #username      password    role_id         enabled
55    admin_user     TestPwd123  Administrator   ${True}
56
57
58Redfish Create and Verify Operator User
59    [Documentation]  Create a Redfish user with operator role and verify.
60    [Tags]  Redfish_Create_and_Verify_Operator_User
61    [Template]  Redfish Create And Verify User
62
63    #username      password    role_id         enabled
64    operator_user  TestPwd123  Operator        ${True}
65
66
67Redfish Create and Verify Readonly User
68    [Documentation]  Create a Redfish user with readonly role and verify.
69    [Tags]  Redfish_Create_and_Verify_Readonly_User
70    [Template]  Redfish Create And Verify User
71
72    #username      password    role_id         enabled
73    readonly_user  TestPwd123  ReadOnly        ${True}
74
75
76Verify Redfish Admin User With Wrong Password
77    [Documentation]  Verify Redfish admin user with wrong password.
78    [Tags]  Verify_Redfish_Admin_User_With_Wrong_Password
79    [Template]  Verify Redfish User with Wrong Password
80
81    #username      password    role_id         enabled  wrong_password
82    admin_user     TestPwd123  Administrator   ${True}  alskjhfwurh
83
84
85Verify Redfish Operator User with Wrong Password
86    [Documentation]  Verify Redfish operator user with wrong password.
87    [Tags]  Verify_Redfish_Operator_User_with_Wrong_Password
88    [Template]  Verify Redfish User with Wrong Password
89
90    #username      password    role_id         enabled  wrong_password
91    operator_user  TestPwd123  Operator        ${True}  12j8a8uakjhdaosiruf024
92
93
94Verify Redfish Readonly User With Wrong Password
95    [Documentation]  Verify Redfish readonly user with wrong password.
96    [Tags]  Verify_Redfish_Readonly_User_With_Wrong_Password
97    [Template]  Verify Redfish User with Wrong Password
98
99    #username      password    role_id         enabled  wrong_password
100    readonly_user  TestPwd123  ReadOnly        ${True}  12
101
102
103Verify Redfish Operator User with Wrong Password
104    [Documentation]  Verify Redfish operator user with wrong password.
105    [Tags]  Verify_Redfish_Operator_User_with_Wrong_Password
106    [Template]  Verify Redfish User with Wrong Password
107
108    #username      password    role_id         enabled  wrong_password
109    operator_user  TestPwd123  Operator        ${True}  12j8a8uakjhdaosiruf024
110
111
112Verify Login with Deleted Redfish Admin User
113    [Documentation]  Verify login with deleted Redfish admin user.
114    [Tags]  Verify_Login_with_Deleted_Redfish_Admin_User
115    [Template]  Verify Login with Deleted Redfish User
116
117    #username     password    role_id         enabled
118    admin_user     TestPwd123  Administrator   ${True}
119
120
121Verify Login with Deleted Redfish Operator User
122    [Documentation]  Verify login with deleted Redfish operator user.
123    [Tags]  Verify_Login_with_Deleted_Redfish_Operator_User
124    [Template]  Verify Login with Deleted Redfish User
125
126    #username     password    role_id         enabled
127    operator_user  TestPwd123  Operator        ${True}
128
129
130Verify Login with Deleted Redfish Readonly User
131    [Documentation]  Verify login with deleted Redfish readonly user.
132    [Tags]  Verify_Login_with_Deleted_Redfish_Readonly_User
133    [Template]  Verify Login with Deleted Redfish User
134
135    #username     password    role_id         enabled
136    readonly_user  TestPwd123  ReadOnly        ${True}
137
138
139Verify Admin User Creation Without Enabling It
140    [Documentation]  Verify admin user creation without enabling it.
141    [Tags]  Verify_Admin_User_Creation_Without_Enabling_It
142    [Template]  Verify Create User Without Enabling
143
144    #username      password    role_id         enabled
145    admin_user     TestPwd123  Administrator   ${False}
146
147
148Verify Operator User Creation Without Enabling It
149    [Documentation]  Verify operator user creation without enabling it.
150    [Tags]  Verify_Operator_User_Creation_Without_Enabling_It
151    [Template]  Verify Create User Without Enabling
152
153    #username      password    role_id         enabled
154    operator_user  TestPwd123  Operator        ${False}
155
156
157Verify Readonly User Creation Without Enabling It
158    [Documentation]  Verify readonly user creation without enabling it.
159    [Tags]  Verify_Readonly_User_Creation_Without_Enabling_It
160    [Template]  Verify Create User Without Enabling
161
162    #username      password    role_id         enabled
163    readonly_user  TestPwd123  ReadOnly        ${False}
164
165
166Verify User Creation With Invalid Role Id
167    [Documentation]  Verify user creation with invalid role ID.
168    [Tags]  Verify_User_Creation_With_Invalid_Role_Id
169
170    # Make sure the user account in question does not already exist.
171    Redfish.Delete  /redfish/v1/AccountService/Accounts/test_user
172    ...  valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
173
174    # Create specified user.
175    ${payload}=  Create Dictionary
176    ...  UserName=test_user  Password=TestPwd123  RoleId=wrongroleid  Enabled=${True}
177    Redfish.Post  /redfish/v1/AccountService/Accounts/  body=&{payload}
178    ...  valid_status_codes=[${HTTP_BAD_REQUEST}]
179
180Verify Error Upon Creating Same Users With Different Privileges
181    [Documentation]  Verify error upon creating same users with different privileges.
182    [Tags]  Verify_Error_Upon_Creating_Same_Users_With_Different_Privileges
183
184    Redfish Create User  test_user  TestPwd123  Administrator  ${True}
185
186    # Create specified user.
187    ${payload}=  Create Dictionary
188    ...  UserName=test_user  Password=TestPwd123  RoleId=Operator  Enabled=${True}
189    Redfish.Post  /redfish/v1/AccountService/Accounts/  body=&{payload}
190    ...  valid_status_codes=[${HTTP_BAD_REQUEST}]
191
192    Redfish.Delete  /redfish/v1/AccountService/Accounts/test_user
193
194Verify Modifying User Attributes
195    [Documentation]  Verify modifying user attributes.
196    [Tags]  Verify_Modifying_User_Attributes
197    # Create Redfish users.
198    Redfish Create User  admin_user     TestPwd123  Administrator   ${True}
199    Redfish Create User  operator_user  TestPwd123  Operator        ${True}
200    Redfish Create User  readonly_user  TestPwd123  ReadOnly        ${True}
201
202    # Make sure the new user account does not already exist.
203    Redfish.Delete  /redfish/v1/AccountService/Accounts/newadmin_user
204    ...  valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
205
206    # Update admin_user username using Redfish.
207    ${payload}=  Create Dictionary  UserName=newadmin_user
208    Redfish.Patch  /redfish/v1/AccountService/Accounts/admin_user  body=&{payload}
209
210    # Update operator_user password using Redfish.
211    ${payload}=  Create Dictionary  Password=NewTestPwd123
212    Redfish.Patch  /redfish/v1/AccountService/Accounts/operator_user  body=&{payload}
213
214    # Update readonly_user role using Redfish.
215    ${payload}=  Create Dictionary  RoleId=Operator
216    Redfish.Patch  /redfish/v1/AccountService/Accounts/readonly_user  body=&{payload}
217
218    # Verify users after updating
219    Redfish Verify User  newadmin_user  TestPwd123     Administrator   ${True}
220    Redfish Verify User  operator_user  NewTestPwd123  Operator        ${True}
221    Redfish Verify User  readonly_user  TestPwd123     Operator        ${True}
222
223    # Delete created users.
224    Redfish.Delete  /redfish/v1/AccountService/Accounts/newadmin_user
225    Redfish.Delete  /redfish/v1/AccountService/Accounts/operator_user
226    Redfish.Delete  /redfish/v1/AccountService/Accounts/readonly_user
227
228Verify User Account Locked
229    [Documentation]  Verify user account locked upon trying with invalid password.
230    [Tags]  Verify_User_Account_Locked
231
232    Redfish Create User  admin_user  TestPwd123  Administrator   ${True}
233
234    ${payload}=  Create Dictionary  AccountLockoutThreshold=${account_lockout_threshold}
235    ...  AccountLockoutDuration=${account_lockout_duration}
236    Redfish.Patch  ${REDFISH_ACCOUNTS_SERVICE_URI}  body=${payload}
237
238    Redfish.Logout
239
240    # Make ${account_lockout_threshold} failed login attempts.
241    Repeat Keyword  ${account_lockout_threshold} times
242    ...  Run Keyword And Expect Error  InvalidCredentialsError*  Redfish.Login  admin_user  abc123
243
244    # Verify that legitimate login fails due to lockout.
245    Run Keyword And Expect Error  InvalidCredentialsError*
246    ...  Redfish.Login  admin_user  TestPwd123
247
248    # Wait for lockout duration to expire and then verify that login works.
249    Sleep  ${account_lockout_duration}s
250    Redfish.Login  admin_user  TestPwd123
251
252    Redfish.Logout
253
254    Redfish.Login
255
256    Redfish.Delete  /redfish/v1/AccountService/Accounts/admin_user
257
258Verify Admin User Privilege
259    [Documentation]  Verify admin user privilege.
260    [Tags]  Verify_Admin_User_Privilege
261
262    Redfish Create User  admin_user  TestPwd123  Administrator  ${True}
263    Redfish Create User  operator_user  TestPwd123  Operator  ${True}
264    Redfish Create User  readonly_user  TestPwd123  ReadOnly  ${True}
265
266    Redfish.Logout
267
268    # Change role ID of operator user with admin user.
269    # Login with admin user.
270    Redfish.Login  admin_user  TestPwd123
271
272    # Modify Role ID of Operator user.
273    Redfish.Patch  /redfish/v1/AccountService/Accounts/operator_user  body={'RoleId': 'Administrator'}
274
275    # Verify modified user.
276    Redfish Verify User  operator_user  TestPwd123  Administrator  ${True}
277
278    Redfish.Logout
279    Redfish.Login  admin_user  TestPwd123
280
281    # Change password of 'user' user with admin user.
282    Redfish.Patch  /redfish/v1/AccountService/Accounts/readonly_user  body={'Password': 'NewTestPwd123'}
283
284    # Verify modified user.
285    Redfish Verify User  readonly_user  NewTestPwd123  ReadOnly  ${True}
286
287    Redfish.Delete  /redfish/v1/AccountService/Accounts/admin_user
288    Redfish.Delete  /redfish/v1/AccountService/Accounts/operator_user
289    Redfish.Delete  /redfish/v1/AccountService/Accounts/readonly_user
290
291Verify Operator User Privilege
292    [Documentation]  Verify operator user privilege.
293    [Tags]  Verify_Operator_User_Privilege
294
295    Redfish Create User  admin_user  TestPwd123  Administrator  ${True}
296    Redfish Create User  operator_user  TestPwd123  Operator  ${True}
297
298    Redfish.Logout
299    # Login with operator user.
300    Redfish.Login  operator_user  TestPwd123
301
302    # Verify BMC reset.
303    Run Keyword And Expect Error  ValueError*  Redfish BMC Reset Operation
304
305    # Attempt to change password of admin user with operator user.
306    Redfish.Patch  /redfish/v1/AccountService/Accounts/admin_user  body={'Password': 'NewTestPwd123'}
307    ...  valid_status_codes=[${HTTP_FORBIDDEN}]
308
309    Redfish.Logout
310
311    Redfish.Login
312
313    Redfish.Delete  /redfish/v1/AccountService/Accounts/admin_user
314    Redfish.Delete  /redfish/v1/AccountService/Accounts/operator_user
315
316
317Verify ReadOnly User Privilege
318    [Documentation]  Verify ReadOnly user privilege.
319    [Tags]  Verify_ReadOnly_User_Privilege
320
321    Redfish Create User  readonly_user  TestPwd123  ReadOnly  ${True}
322    Redfish.Logout
323
324    # Login with read_only user.
325    Redfish.Login  readonly_user  TestPwd123
326
327    # Read system level data.
328    ${system_model}=  Redfish_Utils.Get Attribute
329    ...  ${SYSTEM_BASE_URI}  Model
330
331    Redfish.Logout
332    Redfish.Login
333    Redfish.Delete  ${REDFISH_ACCOUNTS_URI}readonly_user
334
335
336Verify Minimum Password Length For Redfish User
337    [Documentation]  Verify minimum password length for new and existing user.
338    [Tags]  Verify_Minimum_Password_Length_For_Redfish_User
339
340    ${user_name}=  Set Variable  testUser
341
342    # Make sure the user account in question does not already exist.
343    Redfish.Delete  /redfish/v1/AccountService/Accounts/${user_name}
344    ...  valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
345
346    # Try to create a user with invalid length password.
347    ${payload}=  Create Dictionary
348    ...  UserName=${user_name}  Password=UserPwd  RoleId=Administrator  Enabled=${True}
349    Redfish.Post  /redfish/v1/AccountService/Accounts/  body=&{payload}
350    ...  valid_status_codes=[${HTTP_BAD_REQUEST}]
351
352    # Create specified user with valid length password.
353    Set To Dictionary  ${payload}  Password  UserPwd1
354    Redfish.Post  /redfish/v1/AccountService/Accounts/  body=&{payload}
355    ...  valid_status_codes=[${HTTP_CREATED}]
356
357    # Try to change to an invalid password.
358    Redfish.Patch  /redfish/v1/AccountService/Accounts/${user_name}  body={'Password': 'UserPwd'}
359    ...  valid_status_codes=[${HTTP_BAD_REQUEST}]
360
361    # Change to a valid password.
362    Redfish.Patch  /redfish/v1/AccountService/Accounts/${user_name}  body={'Password': 'UserPwd1'}
363
364    # Verify login.
365    Redfish.Logout
366    Redfish.Login  ${user_name}  UserPwd1
367    Redfish.Logout
368    Redfish.Login
369    Redfish.Delete  /redfish/v1/AccountService/Accounts/${user_name}
370
371
372Verify Standard User Roles Defined By Redfish
373    [Documentation]  Verify standard user roles defined by Redfish.
374    [Tags]  Verify_Standard_User_Roles_Defined_By_Redfish
375
376    ${member_list}=  Redfish_Utils.Get Member List
377    ...  /redfish/v1/AccountService/Roles
378
379    @{roles}=  Create List
380    ...  /redfish/v1/AccountService/Roles/Administrator
381    ...  /redfish/v1/AccountService/Roles/Operator
382    ...  /redfish/v1/AccountService/Roles/ReadOnly
383
384    List Should Contain Sub List  ${member_list}  ${roles}
385
386    # The standard roles are:
387
388    # | Role name | Assigned privileges |
389    # | Administrator | Login, ConfigureManager, ConfigureUsers, ConfigureComponents, ConfigureSelf |
390    # | Operator | Login, ConfigureComponents, ConfigureSelf |
391    # | ReadOnly | Login, ConfigureSelf |
392
393    @{admin}=  Create List  Login  ConfigureManager  ConfigureUsers  ConfigureComponents  ConfigureSelf
394    @{operator}=  Create List  Login  ConfigureComponents  ConfigureSelf
395    @{readOnly}=  Create List  Login  ConfigureSelf
396
397    ${roles_dict}=  create dictionary  admin_privileges=${admin}  operator_privileges=${operator}
398    ...  readOnly_privileges=${readOnly}
399
400    ${resp}=  redfish.Get  /redfish/v1/AccountService/Roles/Administrator
401    List Should Contain Sub List  ${resp.dict['AssignedPrivileges']}  ${roles_dict['admin_privileges']}
402
403    ${resp}=  redfish.Get  /redfish/v1/AccountService/Roles/Operator
404    List Should Contain Sub List  ${resp.dict['AssignedPrivileges']}  ${roles_dict['operator_privileges']}
405
406    ${resp}=  redfish.Get  /redfish/v1/AccountService/Roles/ReadOnly
407    List Should Contain Sub List  ${resp.dict['AssignedPrivileges']}  ${roles_dict['readOnly_privileges']}
408
409
410Verify Error While Deleting Root User
411    [Documentation]  Verify error while deleting root user.
412    [Tags]  Verify_Error_While_Deleting_Root_User
413
414    Redfish.Delete  /redfish/v1/AccountService/Accounts/root  valid_status_codes=[${HTTP_FORBIDDEN}]
415
416
417Verify SSH Login Access With Admin User
418    [Documentation]  Verify that admin user does not have SSH login access.
419    [Tags]  Verify_SSH_Login_Access_With_Admin_User
420
421    # Create an admin User.
422    Redfish Create User  new_admin  TestPwd1  Administrator  ${True}
423
424    # Attempt SSH login with admin user.
425    SSHLibrary.Open Connection  ${OPENBMC_HOST}
426    ${status}=  Run Keyword And Return Status  SSHLibrary.Login  new_admin  TestPwd1
427    Should Be Equal  ${status}  ${False}
428
429
430*** Keywords ***
431
432Test Teardown Execution
433    [Documentation]  Do the post test teardown.
434
435    Run Keyword And Ignore Error  Redfish.Logout
436    FFDC On Test Case Fail
437
438
439Redfish Create User
440    [Documentation]  Redfish create user.
441    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}  ${login_check}=${True}
442
443    # Description of argument(s):
444    # username            The username to be created.
445    # password            The password to be assigned.
446    # role_id             The role ID of the user to be created
447    #                     (e.g. "Administrator", "Operator", etc.).
448    # enabled             Indicates whether the username being created
449    #                     should be enabled (${True}, ${False}).
450    # login_check         Checks user login for created user.
451    #                     (e.g. ${True}, ${False}).
452
453    # Make sure the user account in question does not already exist.
454    Redfish.Delete  /redfish/v1/AccountService/Accounts/${userName}
455    ...  valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
456
457    # Create specified user.
458    ${payload}=  Create Dictionary
459    ...  UserName=${username}  Password=${password}  RoleId=${role_id}  Enabled=${enabled}
460    Redfish.Post  /redfish/v1/AccountService/Accounts/  body=&{payload}
461    ...  valid_status_codes=[${HTTP_CREATED}]
462
463    # Resetting faillock count as a workaround for issue
464    # openbmc/phosphor-user-manager#4
465    ${cmd}=  Catenate  test -f /usr/sbin/faillock && /usr/sbin/faillock --user USER --reset
466    ...  || /usr/sbin/pam_tally2 -u ${username} --reset
467    Bmc Execute Command  ${cmd}
468
469    # Verify login with created user.
470    ${status}=  Run Keyword If  '${login_check}' == '${True}'
471    ...  Verify Redfish User Login  ${username}  ${password}
472    Run Keyword If  '${login_check}' == '${True}'  Should Be Equal  ${status}  ${enabled}
473
474    # Validate Role ID of created user.
475    ${role_config}=  Redfish_Utils.Get Attribute
476    ...  /redfish/v1/AccountService/Accounts/${username}  RoleId
477    Should Be Equal  ${role_id}  ${role_config}
478
479
480Redfish Verify User
481    [Documentation]  Redfish user verification.
482    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}
483
484    # Description of argument(s):
485    # username            The username to be created.
486    # password            The password to be assigned.
487    # role_id             The role ID of the user to be created
488    #                     (e.g. "Administrator", "Operator", etc.).
489    # enabled             Indicates whether the username being created
490    #                     should be enabled (${True}, ${False}).
491
492    ${status}=  Verify Redfish User Login  ${username}  ${password}
493    # Doing a check of the returned status.
494    Should Be Equal  ${status}  ${enabled}
495
496    # Validate Role Id of user.
497    ${role_config}=  Redfish_Utils.Get Attribute
498    ...  /redfish/v1/AccountService/Accounts/${username}  RoleId
499    Should Be Equal  ${role_id}  ${role_config}
500
501
502Verify Redfish User Login
503    [Documentation]  Verify Redfish login with given user id.
504    [Teardown]  Run Keywords  Run Keyword And Ignore Error  Redfish.Logout  AND  Redfish.Login
505    [Arguments]   ${username}  ${password}
506
507    # Description of argument(s):
508    # username            Login username.
509    # password            Login password.
510
511    # Logout from current Redfish session.
512    # We don't really care if the current session is flushed out since we are going to login
513    # with new credential in next.
514    Run Keyword And Ignore Error  Redfish.Logout
515
516    ${status}=  Run Keyword And Return Status  Redfish.Login  ${username}  ${password}
517    [Return]  ${status}
518
519
520Redfish Create And Verify User
521    [Documentation]  Redfish create and verify user.
522    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}
523
524    # Description of argument(s):
525    # username            The username to be created.
526    # password            The password to be assigned.
527    # role_id             The role ID of the user to be created
528    #                     (e.g. "Administrator", "Operator", etc.).
529    # enabled             Indicates whether the username being created
530    #                     should be enabled (${True}, ${False}).
531
532    # Example:
533    #{
534    #"@odata.context": "/redfish/v1/$metadata#ManagerAccount.ManagerAccount",
535    #"@odata.id": "/redfish/v1/AccountService/Accounts/test1",
536    #"@odata.type": "#ManagerAccount.v1_0_3.ManagerAccount",
537    #"Description": "User Account",
538    #"Enabled": true,
539    #"Id": "test1",
540    #"Links": {
541    #  "Role": {
542    #    "@odata.id": "/redfish/v1/AccountService/Roles/Administrator"
543    #  }
544    #},
545
546    Redfish Create User  ${username}  ${password}  ${role_id}  ${enabled}
547
548    Redfish Verify User  ${username}  ${password}  ${role_id}  ${enabled}
549
550    # Delete Specified User
551    Redfish.Delete  /redfish/v1/AccountService/Accounts/${username}
552
553Verify Redfish User with Wrong Password
554    [Documentation]  Verify Redfish User with Wrong Password.
555    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}  ${wrong_password}
556
557    # Description of argument(s):
558    # username            The username to be created.
559    # password            The password to be assigned.
560    # role_id             The role ID of the user to be created
561    #                     (e.g. "Administrator", "Operator", etc.).
562    # enabled             Indicates whether the username being created
563    #                     should be enabled (${True}, ${False}).
564    # wrong_password      Any invalid password.
565
566    Redfish Create User  ${username}  ${password}  ${role_id}  ${enabled}
567
568    Redfish.Logout
569
570    # Attempt to login with created user with invalid password.
571    Run Keyword And Expect Error  InvalidCredentialsError*
572    ...  Redfish.Login  ${username}  ${wrong_password}
573
574    Redfish.Login
575
576    # Delete newly created user.
577    Redfish.Delete  /redfish/v1/AccountService/Accounts/${username}
578
579
580Verify Login with Deleted Redfish User
581    [Documentation]  Verify Login with Deleted Redfish User.
582    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}
583
584    # Description of argument(s):
585    # username            The username to be created.
586    # password            The password to be assigned.
587    # role_id             The role ID of the user to be created
588    #                     (e.g. "Administrator", "Operator", etc.).
589    # enabled             Indicates whether the username being created
590    #                     should be enabled (${True}, ${False}).
591
592    Redfish Create User  ${username}  ${password}  ${role_id}  ${enabled}
593
594    # Delete newly created user.
595    Redfish.Delete  /redfish/v1/AccountService/Accounts/${userName}
596
597    Redfish.Logout
598
599    # Attempt to login with deleted user account.
600    Run Keyword And Expect Error  InvalidCredentialsError*
601    ...  Redfish.Login  ${username}  ${password}
602
603    Redfish.Login
604
605
606Verify Create User Without Enabling
607    [Documentation]  Verify Create User Without Enabling.
608    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}
609
610    # Description of argument(s):
611    # username            The username to be created.
612    # password            The password to be assigned.
613    # role_id             The role ID of the user to be created
614    #                     (e.g. "Administrator", "Operator", etc.).
615    # enabled             Indicates whether the username being created
616    #                     should be enabled (${True}, ${False}).
617
618    Redfish Create User  ${username}  ${password}  ${role_id}  ${enabled}  ${False}
619
620    Redfish.Logout
621
622    # Login with created user.
623    Run Keyword And Expect Error  InvalidCredentialsError*
624    ...  Redfish.Login  ${username}  ${password}
625
626    Redfish.Login
627
628    # Delete newly created user.
629    Redfish.Delete  /redfish/v1/AccountService/Accounts/${username}
630
631