1*** Settings *** 2 3 4Documentation Suite to test local user management. 5 6Library OperatingSystem 7Library String 8Library Collections 9 10Resource ../../lib/resource.robot 11Resource ../../lib/bmc_redfish_resource.robot 12Resource ../../lib/openbmc_ffdc.robot 13Resource ../../lib/certificate_utils.robot 14Resource ../../lib/dmtf_redfishtool_utils.robot 15 16Suite Setup Suite Setup Execution 17 18Force Tags Redfishtool_Local_User 19 20*** Variables *** 21 22${root_cmd_args} = SEPARATOR= 23... redfishtool raw -r ${OPENBMC_HOST}:${HTTPS_PORT} -u ${OPENBMC_USERNAME} -p ${OPENBMC_PASSWORD} -S Always 24 25 26*** Test Cases *** 27 28Verify Redfishtool Create Users 29 [Documentation] Create user via Redfishtool and verify. 30 [Tags] Verify_Redfishtool_Create_Users 31 [Teardown] Redfishtool Delete User "UserT100" 32 33 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true 34 Redfishtool Verify User "UserT100" "ReadOnly" 35 36 37Verify Redfishtool Modify Users 38 [Documentation] Modify user via Redfishtool and verify. 39 [Tags] Verify_Redfishtool_Modify_Users 40 [Teardown] Redfishtool Delete User "UserT100" 41 42 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true 43 Redfishtool Update User Role "UserT100" "Administrator" 44 Redfishtool Verify User "UserT100" "Administrator" 45 46 47Verify Redfishtool Delete Users 48 [Documentation] Delete user via Redfishtool and verify. 49 [Tags] Verify_Redfishtool_Delete_Users 50 51 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true 52 Redfishtool Delete User "UserT100" 53 ${status}= Redfishtool Verify User Name Exists "UserT100" 54 Should Be True ${status} == False 55 56 57Verify Redfishtool Login With Deleted Redfish Users 58 [Documentation] Verify login with deleted user via Redfishtool. 59 [Tags] Verify_Redfishtool_Login_With_Deleted_Redfish_Users 60 61 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true 62 Redfishtool Delete User "UserT100" 63 Redfishtool Access Resource /redfish/v1/AccountService/Accounts "UserT100" "TestPwd123" 64 ... ${HTTP_UNAUTHORIZED} 65 66 67Verify Redfishtool Error Upon Creating Same Users With Different Privileges 68 [Documentation] Verify error upon creating same users with different privileges. 69 [Tags] Verify_Redfishtool_Error_Upon_Creating_Same_Users_With_Different_Privileges 70 [Teardown] Redfishtool Delete User "UserT100" 71 72 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true 73 Redfishtool Create User "UserT100" "TestPwd123" "Administrator" true 74 ... expected_error=${HTTP_BAD_REQUEST} 75 76 77Verify Redfishtool Admin User Privilege 78 [Documentation] Verify privilege of admin user. 79 [Tags] Verify_Redfishtool_Admin_User_Privilege 80 [Teardown] Run Keywords Redfishtool Delete User "UserT100" AND 81 ... Redfishtool Delete User "UserT101" 82 83 Redfishtool Create User "UserT100" "TestPwd123" "Administrator" true 84 85 # Verify if a user can be added by admin 86 Redfishtool Create User "UserT101" "TestPwd123" "ReadOnly" true "UserT100" "TestPwd123" 87 88 89Verify Redfishtool ReadOnly User Privilege 90 [Documentation] Verify Redfishtool ReadOnly user privilege works. 91 [Tags] Verify_Redfishtool_ReadOnly_User_Privilege 92 [Teardown] Redfishtool Delete User "UserT100" 93 94 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true 95 Redfishtool Access Resource /redfish/v1/Systems/ "UserT100" "TestPwd123" 96 97 Redfishtool Create User 98 ... "UserT101" "TestPwd123" "Operator" true "UserT100" "TestPwd123" ${HTTP_FORBIDDEN} 99 100 101Verify Redfishtool Operator User Privilege 102 [Documentation] Verify that an operator user is able to perform operator privilege 103 ... task(e.g. create user, delete user). 104 [Tags] Verify_Redfishtool_Operator_User_Privilege 105 [Teardown] Redfishtool Delete User "UserT100" 106 107 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true 108 Redfishtool Access Resource /redfish/v1/Systems/ "UserT100" "TestPwd123" 109 110 Redfishtool Create User 111 ... "UserT101" "TestPwd123" "Operator" true "UserT100" "TestPwd123" ${HTTP_FORBIDDEN} 112 113 114Verify Error While Creating User With Invalid Role 115 [Documentation] Verify error while creating a user with invalid role using Redfishtool. 116 [Tags] Verify_Error_While_Creating_User_With_Invalid_Role 117 [Teardown] Redfishtool Delete User "UserT100" ${HTTP_NOT_FOUND} 118 119 Redfishtool Create User "UserT100" "TestPwd123" "wrongroleid" true expected_error=${HTTP_BAD_REQUEST} 120 121 122Verify Minimum Password Length For Redfish User 123 [Documentation] Verify minimum password length of eight characters for new and existing user. 124 [Tags] Verify_Minimum_Password_Length_For_Redfish_User 125 [Teardown] Redfishtool Delete User "UserT100" 126 127 Redfishtool Create User "UserT100" "TestPwd" "ReadOnly" true expected_error=${HTTP_BAD_REQUEST} 128 Redfishtool Create User "UserT100" "TestPwd1" "ReadOnly" true 129 130 131Verify Create User Without Enabling 132 [Documentation] Create a user without enabling it and verify that it does not have access. 133 [Tags] Verify_Create_User_Without_Enabling 134 [Teardown] Redfishtool Delete User "UserT100" 135 136 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" false 137 Redfishtool Access Resource /redfish/v1/AccountService/Accounts "UserT100" "TestPwd123" 138 ... ${HTTP_UNAUTHORIZED} 139 140 141Verify Error While Running Redfishtool With Incorrect Password 142 [Documentation] Verify error while running redfishtool with incorrect Password. 143 [Tags] Verify_Error_While_Running_Redfishtool_With_Incorrect_Password 144 [Teardown] Redfishtool Delete User "UserT100" 145 146 Redfishtool Create User "UserT100" "TestPwd123" "Administrator" true 147 Redfishtool Access Resource /redfish/v1/Systems/ "UserT100" "TestPwd234" ${HTTP_UNAUTHORIZED} 148 149*** Keywords *** 150 151 152Redfishtool Access Resource 153 [Documentation] Access resource. 154 [Arguments] ${uri} ${login_user} ${login_pasword} ${expected_error}=200 155 156 # Description of argument(s): 157 # uri URI for resource access. 158 # login_user The login user name used other than default root user. 159 # login_pasword The login password. 160 # expected_error Expected error optionally provided in testcase (e.g. 401 / 161 # authentication error, etc. ) 162 163 ${user_cmd_args}= Set Variable 164 ... redfishtool raw -r ${OPENBMC_HOST} -u ${login_user} -p ${login_pasword} -S Always 165 Redfishtool Get ${uri} ${user_cmd_args} ${expected_error} 166 167 168Redfishtool Create User 169 [Documentation] Create new user. 170 [Arguments] ${user_name} ${password} ${roleId} ${enable} ${login_user}="" ${login_pasword}="" 171 ... ${expected_error}=200 172 173 # Description of argument(s): 174 # user_name The user name (e.g. "test", "robert", etc.). 175 # password The user password (e.g. "0penBmc", "0penBmc1", etc.). 176 # roleId The role of user (e.g. "Administrator", "Operator", etc.). 177 # enable Enabled attribute of (e.g. true or false). 178 # expected_error Expected error optionally provided in testcase (e.g. 401 / 179 # authentication error, etc. ) 180 181 ${user_cmd_args}= Set Variable 182 ... redfishtool raw -r ${OPENBMC_HOST} -u ${login_user} -p ${login_pasword} -S Always 183 ${data}= Set Variable 184 ... '{"UserName":${user_name},"Password":${password},"RoleId":${roleId},"Enabled":${enable}}' 185 Run Keyword If ${login_user} == "" 186 ... Redfishtool Post ${data} /redfish/v1/AccountService/Accounts ${root_cmd_args} ${expected_error} 187 ... ELSE 188 ... Redfishtool Post ${data} /redfish/v1/AccountService/Accounts ${user_cmd_args} ${expected_error} 189 190 191Redfishtool Update User Role 192 [Documentation] Update user role. 193 [Arguments] ${user_name} ${newRole} ${login_user}="" ${login_pasword}="" 194 ... ${expected_error}=200 195 196 # Description of argument(s): 197 # user_name The user name (e.g. "test", "robert", etc.). 198 # newRole The new role of user (e.g. "Administrator", "Operator", etc.). 199 # login_user The login user name used other than default root user. 200 # login_pasword The login password. 201 # expected_error Expected error optionally provided in testcase (e.g. 401 / 202 # authentication error, etc. ) 203 204 ${user_cmd_args}= Set Variable 205 ... redfishtool raw -r ${OPENBMC_HOST} -u ${login_user} -p ${login_pasword} -S Always 206 Run Keyword If ${login_user} == "" 207 ... Redfishtool Patch '{"RoleId":${newRole}}' 208 ... /redfish/v1/AccountService/Accounts/${user_name} ${root_cmd_args} ${expected_error} 209 ... ELSE 210 ... Redfishtool Patch '{"RoleId":${newRole}}' 211 ... /redfish/v1/AccountService/Accounts/${user_name} ${user_cmd_args} ${expected_error} 212 213 214Redfishtool Delete User 215 [Documentation] Delete a user. 216 [Arguments] ${user_name} ${expected_error}=200 217 218 # Description of argument(s): 219 # user_name The user name (e.g. "test", "robert", etc.). 220 # expected_error Expected error optionally provided in testcase (e.g. 401 / 221 # authentication error, etc. ). 222 223 Redfishtool Delete /redfish/v1/AccountService/Accounts/${user_name} 224 ... ${root_cmd_args} ${expected_error} 225 226 227Redfishtool Verify User 228 [Documentation] Verify role of the user. 229 [Arguments] ${user_name} ${role} 230 231 # Description of argument(s): 232 # user_name The user name (e.g. "test", "robert", etc.). 233 # role The new role of user (e.g. "Administrator", "Operator", etc.). 234 235 ${user_account}= Redfishtool Get /redfish/v1/AccountService/Accounts/${user_name} 236 ${json_obj}= Evaluate json.loads('''${user_account}''') json 237 Should Be equal "${json_obj["RoleId"]}" ${role} 238 239 240Redfishtool Verify User Name Exists 241 [Documentation] Verify user name exists. 242 [Arguments] ${user_name} 243 244 # Description of argument(s): 245 # user_name The user name (e.g. "test", "robert", etc.). 246 247 ${status}= Run Keyword And Return Status redfishtool Get 248 ... /redfish/v1/AccountService/Accounts/${user_name} 249 250 [return] ${status} 251 252 253Suite Setup Execution 254 [Documentation] Do suite setup execution. 255 256 ${tool_exist}= Run which redfishtool 257 Should Not Be Empty ${tool_exist} 258