18cc44050Sraviteja-b #include "mock_user_mgr.hpp"
2e47c09d3SNan Zhou #include "user_mgr.hpp"
39638afb9SPatrick Williams
4417c0897SRavi Teja #include <sdbusplus/test/sdbus_mock.hpp>
59638afb9SPatrick Williams #include <xyz/openbmc_project/Common/error.hpp>
69638afb9SPatrick Williams #include <xyz/openbmc_project/User/Common/error.hpp>
79638afb9SPatrick Williams
89638afb9SPatrick Williams #include <exception>
9e48085dbSNan Zhou #include <filesystem>
10e48085dbSNan Zhou #include <fstream>
11da401fe5SNan Zhou #include <vector>
129638afb9SPatrick Williams
13da401fe5SNan Zhou #include <gmock/gmock.h>
149638afb9SPatrick Williams #include <gtest/gtest.h>
158cc44050Sraviteja-b
168cc44050Sraviteja-b namespace phosphor
178cc44050Sraviteja-b {
188cc44050Sraviteja-b namespace user
198cc44050Sraviteja-b {
208cc44050Sraviteja-b
218cc44050Sraviteja-b using ::testing::Return;
227562658eSAlexander Filippov using ::testing::Throw;
238cc44050Sraviteja-b
248cc44050Sraviteja-b using InternalFailure =
258cc44050Sraviteja-b sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure;
267562658eSAlexander Filippov using UserNameDoesNotExist =
277562658eSAlexander Filippov sdbusplus::xyz::openbmc_project::User::Common::Error::UserNameDoesNotExist;
288cc44050Sraviteja-b
298cc44050Sraviteja-b class TestUserMgr : public testing::Test
308cc44050Sraviteja-b {
318cc44050Sraviteja-b public:
3278d85042SNan Zhou sdbusplus::SdBusMock sdBusMock;
33b3ef4e1aSPatrick Williams sdbusplus::bus_t bus;
348cc44050Sraviteja-b MockManager mockManager;
358cc44050Sraviteja-b
TestUserMgr()368cc44050Sraviteja-b TestUserMgr() :
3778d85042SNan Zhou bus(sdbusplus::get_mocked_new(&sdBusMock)), mockManager(bus, objpath)
389638afb9SPatrick Williams {}
398cc44050Sraviteja-b
createLocalUser(const std::string & userName,std::vector<std::string> groupNames,const std::string & priv,bool enabled)408cc44050Sraviteja-b void createLocalUser(const std::string& userName,
418cc44050Sraviteja-b std::vector<std::string> groupNames,
428cc44050Sraviteja-b const std::string& priv, bool enabled)
438cc44050Sraviteja-b {
44b01e2fe7SP Dheeraj Srujan Kumar sdbusplus::message::object_path tempObjPath(usersObjPath);
45b01e2fe7SP Dheeraj Srujan Kumar tempObjPath /= userName;
46b01e2fe7SP Dheeraj Srujan Kumar std::string userObj(tempObjPath);
47e8edab57SDenis Zlobin if (enabled)
48e8edab57SDenis Zlobin {
49e8edab57SDenis Zlobin ON_CALL(mockManager, isUserEnabled)
50e8edab57SDenis Zlobin .WillByDefault(testing::Return(true));
51e8edab57SDenis Zlobin }
52e8edab57SDenis Zlobin else
53e8edab57SDenis Zlobin {
54e8edab57SDenis Zlobin ON_CALL(mockManager, isUserEnabled)
55e8edab57SDenis Zlobin .WillByDefault(testing::Return(false));
56e8edab57SDenis Zlobin }
578cc44050Sraviteja-b mockManager.usersList.emplace(
5878d85042SNan Zhou userName, std::make_unique<phosphor::user::Users>(
598cc44050Sraviteja-b mockManager.bus, userObj.c_str(), groupNames, priv,
6078d85042SNan Zhou enabled, mockManager));
618cc44050Sraviteja-b }
628cc44050Sraviteja-b
createPrivilegeMapperDbusObject(void)638cc44050Sraviteja-b DbusUserObj createPrivilegeMapperDbusObject(void)
648cc44050Sraviteja-b {
658cc44050Sraviteja-b DbusUserObj object;
668cc44050Sraviteja-b DbusUserObjValue objValue;
675fe724a7SRavi Teja
6878d85042SNan Zhou DbusUserObjPath objPath("/xyz/openbmc_project/user/ldap/openldap");
695fe724a7SRavi Teja DbusUserPropVariant enabled(true);
705fe724a7SRavi Teja DbusUserObjProperties property = {std::make_pair("Enabled", enabled)};
715fe724a7SRavi Teja std::string intf = "xyz.openbmc_project.Object.Enable";
725fe724a7SRavi Teja objValue.emplace(intf, property);
7378d85042SNan Zhou object.emplace(objPath, objValue);
745fe724a7SRavi Teja
7578d85042SNan Zhou DbusUserObjPath objectPath(
765fe724a7SRavi Teja "/xyz/openbmc_project/user/ldap/openldap/role_map/1");
775fe724a7SRavi Teja std::string group = "ldapGroup";
785fe724a7SRavi Teja std::string priv = "priv-admin";
798cc44050Sraviteja-b DbusUserObjProperties properties = {std::make_pair("GroupName", group),
808cc44050Sraviteja-b std::make_pair("Privilege", priv)};
818cc44050Sraviteja-b std::string interface = "xyz.openbmc_project.User.PrivilegeMapperEntry";
828cc44050Sraviteja-b
838cc44050Sraviteja-b objValue.emplace(interface, properties);
8478d85042SNan Zhou object.emplace(objectPath, objValue);
858cc44050Sraviteja-b
868cc44050Sraviteja-b return object;
878cc44050Sraviteja-b }
885fe724a7SRavi Teja
createLdapConfigObjectWithoutPrivilegeMapper(void)895fe724a7SRavi Teja DbusUserObj createLdapConfigObjectWithoutPrivilegeMapper(void)
905fe724a7SRavi Teja {
915fe724a7SRavi Teja DbusUserObj object;
925fe724a7SRavi Teja DbusUserObjValue objValue;
935fe724a7SRavi Teja
9478d85042SNan Zhou DbusUserObjPath objPath("/xyz/openbmc_project/user/ldap/openldap");
955fe724a7SRavi Teja DbusUserPropVariant enabled(true);
965fe724a7SRavi Teja DbusUserObjProperties property = {std::make_pair("Enabled", enabled)};
975fe724a7SRavi Teja std::string intf = "xyz.openbmc_project.Object.Enable";
985fe724a7SRavi Teja objValue.emplace(intf, property);
9978d85042SNan Zhou object.emplace(objPath, objValue);
1005fe724a7SRavi Teja return object;
1015fe724a7SRavi Teja }
1028cc44050Sraviteja-b };
1038cc44050Sraviteja-b
TEST_F(TestUserMgr,ldapEntryDoesNotExist)1048cc44050Sraviteja-b TEST_F(TestUserMgr, ldapEntryDoesNotExist)
1058cc44050Sraviteja-b {
1068cc44050Sraviteja-b std::string userName = "user";
1078cc44050Sraviteja-b UserInfoMap userInfo;
1088cc44050Sraviteja-b
1097562658eSAlexander Filippov EXPECT_CALL(mockManager, getPrimaryGroup(userName))
1107562658eSAlexander Filippov .WillRepeatedly(Throw(UserNameDoesNotExist()));
1117562658eSAlexander Filippov EXPECT_THROW(userInfo = mockManager.getUserInfo(userName),
1127562658eSAlexander Filippov UserNameDoesNotExist);
1138cc44050Sraviteja-b }
1148cc44050Sraviteja-b
TEST_F(TestUserMgr,localUser)1158cc44050Sraviteja-b TEST_F(TestUserMgr, localUser)
1168cc44050Sraviteja-b {
1178cc44050Sraviteja-b UserInfoMap userInfo;
1188cc44050Sraviteja-b std::string userName = "testUser";
1198cc44050Sraviteja-b std::string privilege = "priv-admin";
1208cc44050Sraviteja-b std::vector<std::string> groups{"testGroup"};
1218cc44050Sraviteja-b // Create local user
1228cc44050Sraviteja-b createLocalUser(userName, groups, privilege, true);
1238cc44050Sraviteja-b EXPECT_CALL(mockManager, userLockedForFailedAttempt(userName)).Times(1);
1248cc44050Sraviteja-b userInfo = mockManager.getUserInfo(userName);
1258cc44050Sraviteja-b
1268cc44050Sraviteja-b EXPECT_EQ(privilege, std::get<std::string>(userInfo["UserPrivilege"]));
1278cc44050Sraviteja-b EXPECT_EQ(groups,
1288cc44050Sraviteja-b std::get<std::vector<std::string>>(userInfo["UserGroups"]));
1298cc44050Sraviteja-b EXPECT_EQ(true, std::get<bool>(userInfo["UserEnabled"]));
1308cc44050Sraviteja-b EXPECT_EQ(false, std::get<bool>(userInfo["UserLockedForFailedAttempt"]));
1313ab6cc28SJoseph Reynolds EXPECT_EQ(false, std::get<bool>(userInfo["UserPasswordExpired"]));
1328cc44050Sraviteja-b EXPECT_EQ(false, std::get<bool>(userInfo["RemoteUser"]));
1338cc44050Sraviteja-b }
1348cc44050Sraviteja-b
TEST_F(TestUserMgr,ldapUserWithPrivMapper)1358cc44050Sraviteja-b TEST_F(TestUserMgr, ldapUserWithPrivMapper)
1368cc44050Sraviteja-b {
1378cc44050Sraviteja-b UserInfoMap userInfo;
1388cc44050Sraviteja-b std::string userName = "ldapUser";
1398cc44050Sraviteja-b std::string ldapGroup = "ldapGroup";
1407562658eSAlexander Filippov gid_t primaryGid = 1000;
1418cc44050Sraviteja-b
1427562658eSAlexander Filippov EXPECT_CALL(mockManager, getPrimaryGroup(userName))
1437562658eSAlexander Filippov .WillRepeatedly(Return(primaryGid));
1448cc44050Sraviteja-b // Create privilege mapper dbus object
1458cc44050Sraviteja-b DbusUserObj object = createPrivilegeMapperDbusObject();
1468cc44050Sraviteja-b EXPECT_CALL(mockManager, getPrivilegeMapperObject())
1478cc44050Sraviteja-b .WillRepeatedly(Return(object));
1487562658eSAlexander Filippov EXPECT_CALL(mockManager, isGroupMember(userName, primaryGid, ldapGroup))
1497562658eSAlexander Filippov .WillRepeatedly(Return(true));
1508cc44050Sraviteja-b userInfo = mockManager.getUserInfo(userName);
1518cc44050Sraviteja-b EXPECT_EQ(true, std::get<bool>(userInfo["RemoteUser"]));
1528cc44050Sraviteja-b EXPECT_EQ("priv-admin", std::get<std::string>(userInfo["UserPrivilege"]));
1538cc44050Sraviteja-b }
1548cc44050Sraviteja-b
TEST_F(TestUserMgr,ldapUserWithoutPrivMapper)1558cc44050Sraviteja-b TEST_F(TestUserMgr, ldapUserWithoutPrivMapper)
1568cc44050Sraviteja-b {
1577562658eSAlexander Filippov using ::testing::_;
1587562658eSAlexander Filippov
1598cc44050Sraviteja-b UserInfoMap userInfo;
1608cc44050Sraviteja-b std::string userName = "ldapUser";
1618cc44050Sraviteja-b std::string ldapGroup = "ldapGroup";
1627562658eSAlexander Filippov gid_t primaryGid = 1000;
1638cc44050Sraviteja-b
1647562658eSAlexander Filippov EXPECT_CALL(mockManager, getPrimaryGroup(userName))
1657562658eSAlexander Filippov .WillRepeatedly(Return(primaryGid));
1665fe724a7SRavi Teja // Create LDAP config object without privilege mapper
1675fe724a7SRavi Teja DbusUserObj object = createLdapConfigObjectWithoutPrivilegeMapper();
1688cc44050Sraviteja-b EXPECT_CALL(mockManager, getPrivilegeMapperObject())
1698cc44050Sraviteja-b .WillRepeatedly(Return(object));
1707562658eSAlexander Filippov EXPECT_CALL(mockManager, isGroupMember(_, _, _)).Times(0);
1718cc44050Sraviteja-b userInfo = mockManager.getUserInfo(userName);
1728cc44050Sraviteja-b EXPECT_EQ(true, std::get<bool>(userInfo["RemoteUser"]));
17356862061SJiaqing Zhao EXPECT_EQ("priv-user", std::get<std::string>(userInfo["UserPrivilege"]));
1748cc44050Sraviteja-b }
175e47c09d3SNan Zhou
TEST(GetCSVFromVector,EmptyVectorReturnsEmptyString)176e47c09d3SNan Zhou TEST(GetCSVFromVector, EmptyVectorReturnsEmptyString)
177e47c09d3SNan Zhou {
178e47c09d3SNan Zhou EXPECT_EQ(getCSVFromVector({}), "");
179e47c09d3SNan Zhou }
180e47c09d3SNan Zhou
TEST(GetCSVFromVector,ElementsAreJoinedByComma)181e47c09d3SNan Zhou TEST(GetCSVFromVector, ElementsAreJoinedByComma)
182e47c09d3SNan Zhou {
183e47c09d3SNan Zhou EXPECT_EQ(getCSVFromVector(std::vector<std::string>{"123"}), "123");
184e47c09d3SNan Zhou EXPECT_EQ(getCSVFromVector(std::vector<std::string>{"123", "456"}),
185e47c09d3SNan Zhou "123,456");
186e47c09d3SNan Zhou }
187e47c09d3SNan Zhou
TEST(RemoveStringFromCSV,WithoutDeleteStringReturnsFalse)188332fb9dcSNan Zhou TEST(RemoveStringFromCSV, WithoutDeleteStringReturnsFalse)
189332fb9dcSNan Zhou {
190332fb9dcSNan Zhou std::string expected = "whatever,https";
191332fb9dcSNan Zhou std::string str = expected;
192332fb9dcSNan Zhou EXPECT_FALSE(removeStringFromCSV(str, "ssh"));
193332fb9dcSNan Zhou EXPECT_EQ(str, expected);
194332fb9dcSNan Zhou
195332fb9dcSNan Zhou std::string empty;
196332fb9dcSNan Zhou EXPECT_FALSE(removeStringFromCSV(empty, "ssh"));
197332fb9dcSNan Zhou }
198332fb9dcSNan Zhou
TEST(RemoveStringFromCSV,WithDeleteStringReturnsTrue)199332fb9dcSNan Zhou TEST(RemoveStringFromCSV, WithDeleteStringReturnsTrue)
200332fb9dcSNan Zhou {
201332fb9dcSNan Zhou std::string expected = "whatever";
202332fb9dcSNan Zhou std::string str = "whatever,https";
203332fb9dcSNan Zhou EXPECT_TRUE(removeStringFromCSV(str, "https"));
204332fb9dcSNan Zhou EXPECT_EQ(str, expected);
205332fb9dcSNan Zhou
206332fb9dcSNan Zhou str = "https";
207332fb9dcSNan Zhou EXPECT_TRUE(removeStringFromCSV(str, "https"));
208332fb9dcSNan Zhou EXPECT_EQ(str, "");
209332fb9dcSNan Zhou }
210332fb9dcSNan Zhou
211e48085dbSNan Zhou namespace
212e48085dbSNan Zhou {
213e48085dbSNan Zhou inline constexpr const char* objectRootInTest = "/xyz/openbmc_project/user";
214e48085dbSNan Zhou
2152d042d14SJason M. Bills // Fake configs; referenced configs on real BMC
2162d042d14SJason M. Bills inline constexpr const char* rawFailLockConfig = R"(
2172d042d14SJason M. Bills deny=2
2182d042d14SJason M. Bills unlock_time=3
2192d042d14SJason M. Bills )";
2203b280ec7SJason M. Bills inline constexpr const char* rawPWHistoryConfig = R"(
2213b280ec7SJason M. Bills enforce_for_root
2223b280ec7SJason M. Bills remember=0
2233b280ec7SJason M. Bills )";
2242d042d14SJason M. Bills inline constexpr const char* rawPWQualityConfig = R"(
2252d042d14SJason M. Bills enforce_for_root
2262d042d14SJason M. Bills minlen=8
2272d042d14SJason M. Bills difok=0
2282d042d14SJason M. Bills lcredit=0
2292d042d14SJason M. Bills ocredit=0
2302d042d14SJason M. Bills dcredit=0
2312d042d14SJason M. Bills ucredit=0
2322d042d14SJason M. Bills )";
233e48085dbSNan Zhou } // namespace
234e48085dbSNan Zhou
dumpStringToFile(const std::string & str,const std::string & filePath)235e48085dbSNan Zhou void dumpStringToFile(const std::string& str, const std::string& filePath)
236e48085dbSNan Zhou {
237e48085dbSNan Zhou std::ofstream outputFileStream;
238e48085dbSNan Zhou
239*16c2b681SPatrick Williams outputFileStream.exceptions(
240*16c2b681SPatrick Williams std::ofstream::failbit | std::ofstream::badbit | std::ofstream::eofbit);
241e48085dbSNan Zhou
242e48085dbSNan Zhou outputFileStream.open(filePath, std::ios::out);
243e48085dbSNan Zhou outputFileStream << str << "\n" << std::flush;
244e48085dbSNan Zhou outputFileStream.close();
245e48085dbSNan Zhou }
246e48085dbSNan Zhou
removeFile(const std::string & filePath)247e48085dbSNan Zhou void removeFile(const std::string& filePath)
248e48085dbSNan Zhou {
249e48085dbSNan Zhou std::filesystem::remove(filePath);
250e48085dbSNan Zhou }
251e48085dbSNan Zhou
252e48085dbSNan Zhou class UserMgrInTest : public testing::Test, public UserMgr
253e48085dbSNan Zhou {
254e48085dbSNan Zhou public:
UserMgrInTest()255e48085dbSNan Zhou UserMgrInTest() : UserMgr(busInTest, objectRootInTest)
256e48085dbSNan Zhou {
2572d042d14SJason M. Bills tempFaillockConfigFile = "/tmp/test-data-XXXXXX";
2582d042d14SJason M. Bills mktemp(tempFaillockConfigFile.data());
2592d042d14SJason M. Bills EXPECT_NO_THROW(
2602d042d14SJason M. Bills dumpStringToFile(rawFailLockConfig, tempFaillockConfigFile));
2613b280ec7SJason M. Bills tempPWHistoryConfigFile = "/tmp/test-data-XXXXXX";
2623b280ec7SJason M. Bills mktemp(tempPWHistoryConfigFile.data());
2633b280ec7SJason M. Bills EXPECT_NO_THROW(
2643b280ec7SJason M. Bills dumpStringToFile(rawPWHistoryConfig, tempPWHistoryConfigFile));
2652d042d14SJason M. Bills tempPWQualityConfigFile = "/tmp/test-data-XXXXXX";
2662d042d14SJason M. Bills mktemp(tempPWQualityConfigFile.data());
2672d042d14SJason M. Bills EXPECT_NO_THROW(
2682d042d14SJason M. Bills dumpStringToFile(rawPWQualityConfig, tempPWQualityConfigFile));
269e48085dbSNan Zhou // Set config files to test files
2702d042d14SJason M. Bills faillockConfigFile = tempFaillockConfigFile;
2713b280ec7SJason M. Bills pwHistoryConfigFile = tempPWHistoryConfigFile;
2722d042d14SJason M. Bills pwQualityConfigFile = tempPWQualityConfigFile;
27349c81364SNan Zhou
274e8edab57SDenis Zlobin ON_CALL(*this, executeUserAdd(testing::_, testing::_, testing::_,
275e8edab57SDenis Zlobin testing::Eq(true)))
276cb20ea83SPatrick Williams .WillByDefault([this]() {
277*16c2b681SPatrick Williams ON_CALL(*this, isUserEnabled)
278*16c2b681SPatrick Williams .WillByDefault(testing::Return(true));
279e8edab57SDenis Zlobin testing::Return();
280e8edab57SDenis Zlobin });
281e8edab57SDenis Zlobin
282e8edab57SDenis Zlobin ON_CALL(*this, executeUserAdd(testing::_, testing::_, testing::_,
283e8edab57SDenis Zlobin testing::Eq(false)))
284cb20ea83SPatrick Williams .WillByDefault([this]() {
285*16c2b681SPatrick Williams ON_CALL(*this, isUserEnabled)
286*16c2b681SPatrick Williams .WillByDefault(testing::Return(false));
287e8edab57SDenis Zlobin testing::Return();
288e8edab57SDenis Zlobin });
28949c81364SNan Zhou
29049c81364SNan Zhou ON_CALL(*this, executeUserDelete).WillByDefault(testing::Return());
29149c81364SNan Zhou
292ac921a5eSJayanth Othayoth ON_CALL(*this, executeUserClearFailRecords)
293ac921a5eSJayanth Othayoth .WillByDefault(testing::Return());
294ac921a5eSJayanth Othayoth
29549c81364SNan Zhou ON_CALL(*this, getIpmiUsersCount).WillByDefault(testing::Return(0));
296f25443e8SNan Zhou
297f25443e8SNan Zhou ON_CALL(*this, executeUserRename).WillByDefault(testing::Return());
298fef63038SNan Zhou
299fef63038SNan Zhou ON_CALL(*this, executeUserModify(testing::_, testing::_, testing::_))
300fef63038SNan Zhou .WillByDefault(testing::Return());
3016b6f2d80SNan Zhou
302e8edab57SDenis Zlobin ON_CALL(*this,
303e8edab57SDenis Zlobin executeUserModifyUserEnable(testing::_, testing::Eq(true)))
304cb20ea83SPatrick Williams .WillByDefault([this]() {
305*16c2b681SPatrick Williams ON_CALL(*this, isUserEnabled)
306*16c2b681SPatrick Williams .WillByDefault(testing::Return(true));
307e8edab57SDenis Zlobin testing::Return();
308e8edab57SDenis Zlobin });
309e8edab57SDenis Zlobin
310e8edab57SDenis Zlobin ON_CALL(*this,
311e8edab57SDenis Zlobin executeUserModifyUserEnable(testing::_, testing::Eq(false)))
312cb20ea83SPatrick Williams .WillByDefault([this]() {
313*16c2b681SPatrick Williams ON_CALL(*this, isUserEnabled)
314*16c2b681SPatrick Williams .WillByDefault(testing::Return(false));
315e8edab57SDenis Zlobin testing::Return();
316e8edab57SDenis Zlobin });
317da401fe5SNan Zhou
318da401fe5SNan Zhou ON_CALL(*this, executeGroupCreation(testing::_))
319da401fe5SNan Zhou .WillByDefault(testing::Return());
320da401fe5SNan Zhou
321da401fe5SNan Zhou ON_CALL(*this, executeGroupDeletion(testing::_))
322da401fe5SNan Zhou .WillByDefault(testing::Return());
323da401fe5SNan Zhou
324da401fe5SNan Zhou ON_CALL(*this, executeGroupCreation).WillByDefault(testing::Return());
325da401fe5SNan Zhou
326da401fe5SNan Zhou ON_CALL(*this, executeGroupDeletion).WillByDefault(testing::Return());
327e48085dbSNan Zhou }
328e48085dbSNan Zhou
~UserMgrInTest()329e48085dbSNan Zhou ~UserMgrInTest() override
330e48085dbSNan Zhou {
3312d042d14SJason M. Bills EXPECT_NO_THROW(removeFile(tempFaillockConfigFile));
3323b280ec7SJason M. Bills EXPECT_NO_THROW(removeFile(tempPWHistoryConfigFile));
3332d042d14SJason M. Bills EXPECT_NO_THROW(removeFile(tempPWQualityConfigFile));
334e48085dbSNan Zhou }
335e48085dbSNan Zhou
33649c81364SNan Zhou MOCK_METHOD(void, executeUserAdd, (const char*, const char*, bool, bool),
33749c81364SNan Zhou (override));
33849c81364SNan Zhou
33949c81364SNan Zhou MOCK_METHOD(void, executeUserDelete, (const char*), (override));
34049c81364SNan Zhou
341ac921a5eSJayanth Othayoth MOCK_METHOD(void, executeUserClearFailRecords, (const char*), (override));
342ac921a5eSJayanth Othayoth
34349c81364SNan Zhou MOCK_METHOD(size_t, getIpmiUsersCount, (), (override));
34449c81364SNan Zhou
345f25443e8SNan Zhou MOCK_METHOD(void, executeUserRename, (const char*, const char*),
346f25443e8SNan Zhou (override));
347f25443e8SNan Zhou
348fef63038SNan Zhou MOCK_METHOD(void, executeUserModify, (const char*, const char*, bool),
349fef63038SNan Zhou (override));
350fef63038SNan Zhou
3516b6f2d80SNan Zhou MOCK_METHOD(void, executeUserModifyUserEnable, (const char*, bool),
3526b6f2d80SNan Zhou (override));
3536b6f2d80SNan Zhou
354a295303bSNan Zhou MOCK_METHOD(std::vector<std::string>, getFailedAttempt, (const char*),
355a295303bSNan Zhou (override));
356a295303bSNan Zhou
357da401fe5SNan Zhou MOCK_METHOD(void, executeGroupCreation, (const char*), (override));
358da401fe5SNan Zhou
359da401fe5SNan Zhou MOCK_METHOD(void, executeGroupDeletion, (const char*), (override));
360da401fe5SNan Zhou
361e8edab57SDenis Zlobin MOCK_METHOD(bool, isUserEnabled, (const std::string& userName), (override));
362e8edab57SDenis Zlobin
363fef63038SNan Zhou protected:
364e48085dbSNan Zhou static sdbusplus::bus_t busInTest;
3652d042d14SJason M. Bills std::string tempFaillockConfigFile;
3663b280ec7SJason M. Bills std::string tempPWHistoryConfigFile;
3672d042d14SJason M. Bills std::string tempPWQualityConfigFile;
368e48085dbSNan Zhou };
369e48085dbSNan Zhou
370e48085dbSNan Zhou sdbusplus::bus_t UserMgrInTest::busInTest = sdbusplus::bus::new_default();
371e48085dbSNan Zhou
TEST_F(UserMgrInTest,GetPamModuleConfValueOnSuccess)3722d042d14SJason M. Bills TEST_F(UserMgrInTest, GetPamModuleConfValueOnSuccess)
3732d042d14SJason M. Bills {
3742d042d14SJason M. Bills std::string minlen;
3752d042d14SJason M. Bills EXPECT_EQ(getPamModuleConfValue(tempPWQualityConfigFile, "minlen", minlen),
3762d042d14SJason M. Bills 0);
3772d042d14SJason M. Bills EXPECT_EQ(minlen, "8");
3782d042d14SJason M. Bills std::string deny;
3792d042d14SJason M. Bills EXPECT_EQ(getPamModuleConfValue(tempFaillockConfigFile, "deny", deny), 0);
3802d042d14SJason M. Bills EXPECT_EQ(deny, "2");
3812d042d14SJason M. Bills std::string remember;
3823b280ec7SJason M. Bills EXPECT_EQ(
3833b280ec7SJason M. Bills getPamModuleConfValue(tempPWHistoryConfigFile, "remember", remember),
3842d042d14SJason M. Bills 0);
3853b280ec7SJason M. Bills EXPECT_EQ(remember, "0");
3862d042d14SJason M. Bills }
3872d042d14SJason M. Bills
TEST_F(UserMgrInTest,SetPamModuleConfValueOnSuccess)3882d042d14SJason M. Bills TEST_F(UserMgrInTest, SetPamModuleConfValueOnSuccess)
3892d042d14SJason M. Bills {
3902d042d14SJason M. Bills EXPECT_EQ(setPamModuleConfValue(tempPWQualityConfigFile, "minlen", "16"),
3912d042d14SJason M. Bills 0);
3922d042d14SJason M. Bills std::string minlen;
3932d042d14SJason M. Bills EXPECT_EQ(getPamModuleConfValue(tempPWQualityConfigFile, "minlen", minlen),
3942d042d14SJason M. Bills 0);
3952d042d14SJason M. Bills EXPECT_EQ(minlen, "16");
3962d042d14SJason M. Bills
3972d042d14SJason M. Bills EXPECT_EQ(setPamModuleConfValue(tempFaillockConfigFile, "deny", "3"), 0);
3982d042d14SJason M. Bills std::string deny;
3992d042d14SJason M. Bills EXPECT_EQ(getPamModuleConfValue(tempFaillockConfigFile, "deny", deny), 0);
4002d042d14SJason M. Bills EXPECT_EQ(deny, "3");
401e48085dbSNan Zhou
4023b280ec7SJason M. Bills EXPECT_EQ(setPamModuleConfValue(tempPWHistoryConfigFile, "remember", "1"),
4033b280ec7SJason M. Bills 0);
4043b280ec7SJason M. Bills std::string remember;
4053b280ec7SJason M. Bills EXPECT_EQ(
4063b280ec7SJason M. Bills getPamModuleConfValue(tempPWHistoryConfigFile, "remember", remember),
4073b280ec7SJason M. Bills 0);
4083b280ec7SJason M. Bills EXPECT_EQ(remember, "1");
40917b88278SJason M. Bills }
41017b88278SJason M. Bills
TEST_F(UserMgrInTest,SetPamModuleConfValueTempFileOnSuccess)41117b88278SJason M. Bills TEST_F(UserMgrInTest, SetPamModuleConfValueTempFileOnSuccess)
41217b88278SJason M. Bills {
41317b88278SJason M. Bills EXPECT_EQ(setPamModuleConfValue(tempPWQualityConfigFile, "minlen", "16"),
41417b88278SJason M. Bills 0);
41517b88278SJason M. Bills
41617b88278SJason M. Bills std::string tmpFile = tempPWQualityConfigFile + "_tmp";
41717b88278SJason M. Bills EXPECT_FALSE(std::filesystem::exists(tmpFile));
41817b88278SJason M. Bills
41917b88278SJason M. Bills EXPECT_EQ(setPamModuleConfValue(tempFaillockConfigFile, "deny", "3"), 0);
42017b88278SJason M. Bills
42117b88278SJason M. Bills tmpFile = tempFaillockConfigFile + "_tmp";
42217b88278SJason M. Bills EXPECT_FALSE(std::filesystem::exists(tmpFile));
42317b88278SJason M. Bills
4243b280ec7SJason M. Bills EXPECT_EQ(setPamModuleConfValue(tempPWHistoryConfigFile, "remember", "1"),
4253b280ec7SJason M. Bills 0);
426e48085dbSNan Zhou
4273b280ec7SJason M. Bills tmpFile = tempPWHistoryConfigFile + "_tmp";
4283b280ec7SJason M. Bills EXPECT_FALSE(std::filesystem::exists(tmpFile));
4292d042d14SJason M. Bills }
4302d042d14SJason M. Bills
TEST_F(UserMgrInTest,GetPamModuleConfValueOnFailure)4312d042d14SJason M. Bills TEST_F(UserMgrInTest, GetPamModuleConfValueOnFailure)
4322d042d14SJason M. Bills {
4332d042d14SJason M. Bills EXPECT_NO_THROW(dumpStringToFile("whatever", tempPWQualityConfigFile));
4342d042d14SJason M. Bills std::string minlen;
4352d042d14SJason M. Bills EXPECT_EQ(getPamModuleConfValue(tempPWQualityConfigFile, "minlen", minlen),
4362d042d14SJason M. Bills -1);
4372d042d14SJason M. Bills
4382d042d14SJason M. Bills EXPECT_NO_THROW(removeFile(tempPWQualityConfigFile));
4392d042d14SJason M. Bills EXPECT_EQ(getPamModuleConfValue(tempPWQualityConfigFile, "minlen", minlen),
4402d042d14SJason M. Bills -1);
4412d042d14SJason M. Bills
4422d042d14SJason M. Bills EXPECT_NO_THROW(dumpStringToFile("whatever", tempFaillockConfigFile));
4432d042d14SJason M. Bills std::string deny;
4442d042d14SJason M. Bills EXPECT_EQ(getPamModuleConfValue(tempFaillockConfigFile, "deny", deny), -1);
4452d042d14SJason M. Bills
4462d042d14SJason M. Bills EXPECT_NO_THROW(removeFile(tempFaillockConfigFile));
4472d042d14SJason M. Bills EXPECT_EQ(getPamModuleConfValue(tempFaillockConfigFile, "deny", deny), -1);
448e48085dbSNan Zhou
4493b280ec7SJason M. Bills EXPECT_NO_THROW(dumpStringToFile("whatever", tempPWHistoryConfigFile));
4503b280ec7SJason M. Bills std::string remember;
4513b280ec7SJason M. Bills EXPECT_EQ(
4523b280ec7SJason M. Bills getPamModuleConfValue(tempPWHistoryConfigFile, "remember", remember),
4533b280ec7SJason M. Bills -1);
454e48085dbSNan Zhou
4553b280ec7SJason M. Bills EXPECT_NO_THROW(removeFile(tempPWHistoryConfigFile));
4563b280ec7SJason M. Bills EXPECT_EQ(
4573b280ec7SJason M. Bills getPamModuleConfValue(tempPWHistoryConfigFile, "remember", remember),
4583b280ec7SJason M. Bills -1);
4592d042d14SJason M. Bills }
4602d042d14SJason M. Bills
TEST_F(UserMgrInTest,SetPamModuleConfValueOnFailure)4612d042d14SJason M. Bills TEST_F(UserMgrInTest, SetPamModuleConfValueOnFailure)
4622d042d14SJason M. Bills {
4632d042d14SJason M. Bills EXPECT_NO_THROW(dumpStringToFile("whatever", tempPWQualityConfigFile));
4642d042d14SJason M. Bills EXPECT_EQ(setPamModuleConfValue(tempPWQualityConfigFile, "minlen", "16"),
4652d042d14SJason M. Bills -1);
4662d042d14SJason M. Bills
4672d042d14SJason M. Bills EXPECT_NO_THROW(removeFile(tempPWQualityConfigFile));
4682d042d14SJason M. Bills EXPECT_EQ(setPamModuleConfValue(tempPWQualityConfigFile, "minlen", "16"),
4692d042d14SJason M. Bills -1);
4702d042d14SJason M. Bills
4712d042d14SJason M. Bills EXPECT_NO_THROW(dumpStringToFile("whatever", tempFaillockConfigFile));
4722d042d14SJason M. Bills EXPECT_EQ(setPamModuleConfValue(tempFaillockConfigFile, "deny", "3"), -1);
4732d042d14SJason M. Bills
4742d042d14SJason M. Bills EXPECT_NO_THROW(removeFile(tempFaillockConfigFile));
4752d042d14SJason M. Bills EXPECT_EQ(setPamModuleConfValue(tempFaillockConfigFile, "deny", "3"), -1);
476e48085dbSNan Zhou
4773b280ec7SJason M. Bills EXPECT_NO_THROW(dumpStringToFile("whatever", tempPWHistoryConfigFile));
4783b280ec7SJason M. Bills EXPECT_EQ(setPamModuleConfValue(tempPWHistoryConfigFile, "remember", "1"),
4793b280ec7SJason M. Bills -1);
48017b88278SJason M. Bills
4813b280ec7SJason M. Bills EXPECT_NO_THROW(removeFile(tempPWHistoryConfigFile));
4823b280ec7SJason M. Bills EXPECT_EQ(setPamModuleConfValue(tempPWHistoryConfigFile, "remember", "1"),
4833b280ec7SJason M. Bills -1);
48417b88278SJason M. Bills }
48517b88278SJason M. Bills
TEST_F(UserMgrInTest,SetPamModuleConfValueTempFileOnFailure)48617b88278SJason M. Bills TEST_F(UserMgrInTest, SetPamModuleConfValueTempFileOnFailure)
48717b88278SJason M. Bills {
48817b88278SJason M. Bills EXPECT_NO_THROW(dumpStringToFile("whatever", tempPWQualityConfigFile));
48917b88278SJason M. Bills EXPECT_EQ(setPamModuleConfValue(tempPWQualityConfigFile, "minlen", "16"),
49017b88278SJason M. Bills -1);
49117b88278SJason M. Bills
49217b88278SJason M. Bills std::string tmpFile = tempPWQualityConfigFile + "_tmp";
49317b88278SJason M. Bills EXPECT_FALSE(std::filesystem::exists(tmpFile));
49417b88278SJason M. Bills
49517b88278SJason M. Bills EXPECT_NO_THROW(removeFile(tempPWQualityConfigFile));
49617b88278SJason M. Bills EXPECT_EQ(setPamModuleConfValue(tempPWQualityConfigFile, "minlen", "16"),
49717b88278SJason M. Bills -1);
49817b88278SJason M. Bills
49917b88278SJason M. Bills EXPECT_FALSE(std::filesystem::exists(tmpFile));
50017b88278SJason M. Bills
50117b88278SJason M. Bills EXPECT_NO_THROW(dumpStringToFile("whatever", tempFaillockConfigFile));
50217b88278SJason M. Bills EXPECT_EQ(setPamModuleConfValue(tempFaillockConfigFile, "deny", "3"), -1);
50317b88278SJason M. Bills
50417b88278SJason M. Bills tmpFile = tempFaillockConfigFile + "_tmp";
50517b88278SJason M. Bills EXPECT_FALSE(std::filesystem::exists(tmpFile));
50617b88278SJason M. Bills
50717b88278SJason M. Bills EXPECT_NO_THROW(removeFile(tempFaillockConfigFile));
50817b88278SJason M. Bills EXPECT_EQ(setPamModuleConfValue(tempFaillockConfigFile, "deny", "3"), -1);
50917b88278SJason M. Bills
51017b88278SJason M. Bills EXPECT_FALSE(std::filesystem::exists(tmpFile));
5113b280ec7SJason M. Bills
5123b280ec7SJason M. Bills EXPECT_NO_THROW(dumpStringToFile("whatever", tempPWHistoryConfigFile));
5133b280ec7SJason M. Bills EXPECT_EQ(setPamModuleConfValue(tempPWHistoryConfigFile, "remember", "1"),
5143b280ec7SJason M. Bills -1);
5153b280ec7SJason M. Bills
5163b280ec7SJason M. Bills tmpFile = tempPWHistoryConfigFile + "_tmp";
5173b280ec7SJason M. Bills EXPECT_FALSE(std::filesystem::exists(tmpFile));
5183b280ec7SJason M. Bills
5193b280ec7SJason M. Bills EXPECT_NO_THROW(removeFile(tempPWHistoryConfigFile));
5203b280ec7SJason M. Bills EXPECT_EQ(setPamModuleConfValue(tempPWHistoryConfigFile, "remember", "1"),
5213b280ec7SJason M. Bills -1);
5223b280ec7SJason M. Bills
5233b280ec7SJason M. Bills EXPECT_FALSE(std::filesystem::exists(tmpFile));
52417b88278SJason M. Bills }
52517b88278SJason M. Bills
TEST_F(UserMgrInTest,IsUserExistEmptyInputThrowsError)5268a11d998SNan Zhou TEST_F(UserMgrInTest, IsUserExistEmptyInputThrowsError)
5278a11d998SNan Zhou {
5288a11d998SNan Zhou EXPECT_THROW(
5298a11d998SNan Zhou isUserExist(""),
5308a11d998SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
5318a11d998SNan Zhou }
5328a11d998SNan Zhou
TEST_F(UserMgrInTest,ThrowForUserDoesNotExistThrowsError)5338a11d998SNan Zhou TEST_F(UserMgrInTest, ThrowForUserDoesNotExistThrowsError)
5348a11d998SNan Zhou {
5358a11d998SNan Zhou EXPECT_THROW(throwForUserDoesNotExist("whatever"),
5368a11d998SNan Zhou sdbusplus::xyz::openbmc_project::User::Common::Error::
5378a11d998SNan Zhou UserNameDoesNotExist);
5388a11d998SNan Zhou }
5398a11d998SNan Zhou
TEST_F(UserMgrInTest,ThrowForUserExistsThrowsError)5408a11d998SNan Zhou TEST_F(UserMgrInTest, ThrowForUserExistsThrowsError)
5418a11d998SNan Zhou {
5428a11d998SNan Zhou EXPECT_THROW(
5438a11d998SNan Zhou throwForUserExists("root"),
5448a11d998SNan Zhou sdbusplus::xyz::openbmc_project::User::Common::Error::UserNameExists);
5458a11d998SNan Zhou }
5468a11d998SNan Zhou
TEST_F(UserMgrInTest,ThrowForUserNameConstraintsExceedIpmiMaxUserNameLenThrowsUserNameGroupFail)54740e44979SNan Zhou TEST_F(
54840e44979SNan Zhou UserMgrInTest,
54940e44979SNan Zhou ThrowForUserNameConstraintsExceedIpmiMaxUserNameLenThrowsUserNameGroupFail)
55040e44979SNan Zhou {
55140e44979SNan Zhou std::string strWith17Chars(17, 'A');
55240e44979SNan Zhou EXPECT_THROW(throwForUserNameConstraints(strWith17Chars, {"ipmi"}),
55340e44979SNan Zhou sdbusplus::xyz::openbmc_project::User::Common::Error::
55440e44979SNan Zhou UserNameGroupFail);
55540e44979SNan Zhou }
55640e44979SNan Zhou
TEST_F(UserMgrInTest,ThrowForUserNameConstraintsExceedSystemMaxUserNameLenThrowsInvalidArgument)55740e44979SNan Zhou TEST_F(
55840e44979SNan Zhou UserMgrInTest,
55940e44979SNan Zhou ThrowForUserNameConstraintsExceedSystemMaxUserNameLenThrowsInvalidArgument)
56040e44979SNan Zhou {
56140e44979SNan Zhou std::string strWith31Chars(31, 'A');
56240e44979SNan Zhou EXPECT_THROW(
56340e44979SNan Zhou throwForUserNameConstraints(strWith31Chars, {}),
56440e44979SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
56540e44979SNan Zhou }
56640e44979SNan Zhou
TEST_F(UserMgrInTest,ThrowForUserNameConstraintsRegexMismatchThrowsInvalidArgument)56740e44979SNan Zhou TEST_F(UserMgrInTest,
56840e44979SNan Zhou ThrowForUserNameConstraintsRegexMismatchThrowsInvalidArgument)
56940e44979SNan Zhou {
57040e44979SNan Zhou std::string startWithNumber = "0ABC";
571d9adc73aSnichanghao.nch std::string startWithDisallowedCharacter = "[test";
57240e44979SNan Zhou EXPECT_THROW(
57340e44979SNan Zhou throwForUserNameConstraints(startWithNumber, {"ipmi"}),
57440e44979SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
575d9adc73aSnichanghao.nch EXPECT_THROW(
576d9adc73aSnichanghao.nch throwForUserNameConstraints(startWithDisallowedCharacter, {"ipmi"}),
577d9adc73aSnichanghao.nch sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
57840e44979SNan Zhou }
57940e44979SNan Zhou
TEST_F(UserMgrInTest,UserAddNotRootFailedWithInternalFailure)58049c81364SNan Zhou TEST_F(UserMgrInTest, UserAddNotRootFailedWithInternalFailure)
58149c81364SNan Zhou {
58249c81364SNan Zhou EXPECT_THROW(
58349c81364SNan Zhou UserMgr::executeUserAdd("user0", "ipmi,ssh", true, true),
58449c81364SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure);
58549c81364SNan Zhou }
58649c81364SNan Zhou
TEST_F(UserMgrInTest,UserDeleteNotRootFailedWithInternalFailure)58749c81364SNan Zhou TEST_F(UserMgrInTest, UserDeleteNotRootFailedWithInternalFailure)
58849c81364SNan Zhou {
58949c81364SNan Zhou EXPECT_THROW(
59049c81364SNan Zhou UserMgr::executeUserDelete("user0"),
59149c81364SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure);
59249c81364SNan Zhou }
59349c81364SNan Zhou
TEST_F(UserMgrInTest,ThrowForMaxGrpUserCountThrowsNoResourceWhenIpmiUserExceedLimit)59449c81364SNan Zhou TEST_F(UserMgrInTest,
59549c81364SNan Zhou ThrowForMaxGrpUserCountThrowsNoResourceWhenIpmiUserExceedLimit)
59649c81364SNan Zhou {
59749c81364SNan Zhou EXPECT_CALL(*this, getIpmiUsersCount()).WillOnce(Return(ipmiMaxUsers));
59849c81364SNan Zhou EXPECT_THROW(
59949c81364SNan Zhou throwForMaxGrpUserCount({"ipmi"}),
60049c81364SNan Zhou sdbusplus::xyz::openbmc_project::User::Common::Error::NoResource);
60149c81364SNan Zhou }
60249c81364SNan Zhou
TEST_F(UserMgrInTest,CreateUserThrowsInternalFailureWhenExecuteUserAddFails)60349c81364SNan Zhou TEST_F(UserMgrInTest, CreateUserThrowsInternalFailureWhenExecuteUserAddFails)
60449c81364SNan Zhou {
60549c81364SNan Zhou EXPECT_CALL(*this, executeUserAdd)
60649c81364SNan Zhou .WillOnce(testing::Throw(
60749c81364SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure()));
60849c81364SNan Zhou EXPECT_THROW(
60949c81364SNan Zhou createUser("whatever", {"redfish"}, "", true),
61049c81364SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure);
61149c81364SNan Zhou }
61249c81364SNan Zhou
TEST_F(UserMgrInTest,DeleteUserThrowsInternalFailureWhenExecuteUserDeleteFails)61349c81364SNan Zhou TEST_F(UserMgrInTest, DeleteUserThrowsInternalFailureWhenExecuteUserDeleteFails)
61449c81364SNan Zhou {
61549c81364SNan Zhou std::string username = "user";
61649c81364SNan Zhou EXPECT_NO_THROW(
61749c81364SNan Zhou UserMgr::createUser(username, {"redfish", "ssh"}, "priv-user", true));
61849c81364SNan Zhou EXPECT_CALL(*this, executeUserDelete(testing::StrEq(username)))
61949c81364SNan Zhou .WillOnce(testing::Throw(
62049c81364SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure()))
62149c81364SNan Zhou .WillOnce(testing::DoDefault());
62249c81364SNan Zhou
62349c81364SNan Zhou EXPECT_THROW(
62449c81364SNan Zhou deleteUser(username),
62549c81364SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure);
62649c81364SNan Zhou EXPECT_NO_THROW(UserMgr::deleteUser(username));
62749c81364SNan Zhou }
62849c81364SNan Zhou
TEST_F(UserMgrInTest,DeleteUserThrowsInternalFailureWhenExecuteUserClearFailRecords)629ac921a5eSJayanth Othayoth TEST_F(UserMgrInTest,
630ac921a5eSJayanth Othayoth DeleteUserThrowsInternalFailureWhenExecuteUserClearFailRecords)
631ac921a5eSJayanth Othayoth {
632ac921a5eSJayanth Othayoth const char* username = "user";
633ac921a5eSJayanth Othayoth EXPECT_NO_THROW(
634ac921a5eSJayanth Othayoth UserMgr::createUser(username, {"redfish", "ssh"}, "priv-user", true));
635ac921a5eSJayanth Othayoth EXPECT_CALL(*this, executeUserClearFailRecords(testing::StrEq(username)))
636ac921a5eSJayanth Othayoth .WillOnce(testing::Throw(
637ac921a5eSJayanth Othayoth sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure()))
638ac921a5eSJayanth Othayoth .WillOnce(testing::DoDefault());
639ac921a5eSJayanth Othayoth
640ac921a5eSJayanth Othayoth EXPECT_THROW(
641ac921a5eSJayanth Othayoth deleteUser(username),
642ac921a5eSJayanth Othayoth sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure);
643ac921a5eSJayanth Othayoth EXPECT_NO_THROW(UserMgr::deleteUser(username));
644ac921a5eSJayanth Othayoth }
645ac921a5eSJayanth Othayoth
TEST_F(UserMgrInTest,ThrowForInvalidPrivilegeThrowsWhenPrivilegeIsInvalid)646589aeb44SNan Zhou TEST_F(UserMgrInTest, ThrowForInvalidPrivilegeThrowsWhenPrivilegeIsInvalid)
647589aeb44SNan Zhou {
648589aeb44SNan Zhou EXPECT_THROW(
649589aeb44SNan Zhou throwForInvalidPrivilege("whatever"),
650589aeb44SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
651589aeb44SNan Zhou }
652589aeb44SNan Zhou
TEST_F(UserMgrInTest,ThrowForInvalidPrivilegeNoThrowWhenPrivilegeIsValid)653589aeb44SNan Zhou TEST_F(UserMgrInTest, ThrowForInvalidPrivilegeNoThrowWhenPrivilegeIsValid)
654589aeb44SNan Zhou {
655589aeb44SNan Zhou EXPECT_NO_THROW(throwForInvalidPrivilege("priv-admin"));
656589aeb44SNan Zhou EXPECT_NO_THROW(throwForInvalidPrivilege("priv-operator"));
657589aeb44SNan Zhou EXPECT_NO_THROW(throwForInvalidPrivilege("priv-user"));
658589aeb44SNan Zhou }
659589aeb44SNan Zhou
TEST_F(UserMgrInTest,ThrowForInvalidGroupsThrowsWhenGroupIsInvalid)660ecf88768SNan Zhou TEST_F(UserMgrInTest, ThrowForInvalidGroupsThrowsWhenGroupIsInvalid)
661ecf88768SNan Zhou {
662ecf88768SNan Zhou EXPECT_THROW(
663ecf88768SNan Zhou throwForInvalidGroups({"whatever"}),
664ecf88768SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
6654e2c06e7SRavi Teja EXPECT_THROW(
6664e2c06e7SRavi Teja throwForInvalidGroups({"web"}),
6674e2c06e7SRavi Teja sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
668ecf88768SNan Zhou }
669ecf88768SNan Zhou
TEST_F(UserMgrInTest,ThrowForInvalidGroupsNoThrowWhenGroupIsValid)670ecf88768SNan Zhou TEST_F(UserMgrInTest, ThrowForInvalidGroupsNoThrowWhenGroupIsValid)
671ecf88768SNan Zhou {
672ecf88768SNan Zhou EXPECT_NO_THROW(throwForInvalidGroups({"ipmi"}));
673ecf88768SNan Zhou EXPECT_NO_THROW(throwForInvalidGroups({"ssh"}));
674ecf88768SNan Zhou EXPECT_NO_THROW(throwForInvalidGroups({"redfish"}));
675601d3db4SNinad Palsule EXPECT_NO_THROW(throwForInvalidGroups({"hostconsole"}));
676ecf88768SNan Zhou }
677ecf88768SNan Zhou
TEST_F(UserMgrInTest,RenameUserOnSuccess)678f25443e8SNan Zhou TEST_F(UserMgrInTest, RenameUserOnSuccess)
679f25443e8SNan Zhou {
680f25443e8SNan Zhou std::string username = "user001";
681f25443e8SNan Zhou EXPECT_NO_THROW(
682f25443e8SNan Zhou UserMgr::createUser(username, {"redfish", "ssh"}, "priv-user", true));
683f25443e8SNan Zhou std::string newUsername = "user002";
684f25443e8SNan Zhou
685f25443e8SNan Zhou EXPECT_NO_THROW(UserMgr::renameUser(username, newUsername));
686f25443e8SNan Zhou
687f25443e8SNan Zhou // old username doesn't exist
688f25443e8SNan Zhou EXPECT_THROW(getUserInfo(username),
689f25443e8SNan Zhou sdbusplus::xyz::openbmc_project::User::Common::Error::
690f25443e8SNan Zhou UserNameDoesNotExist);
691f25443e8SNan Zhou
692f25443e8SNan Zhou UserInfoMap userInfo = getUserInfo(newUsername);
693f25443e8SNan Zhou EXPECT_EQ(std::get<Privilege>(userInfo["UserPrivilege"]), "priv-user");
694f25443e8SNan Zhou EXPECT_THAT(std::get<GroupList>(userInfo["UserGroups"]),
695f25443e8SNan Zhou testing::UnorderedElementsAre("redfish", "ssh"));
696f25443e8SNan Zhou EXPECT_EQ(std::get<UserEnabled>(userInfo["UserEnabled"]), true);
697f25443e8SNan Zhou
698f25443e8SNan Zhou EXPECT_NO_THROW(UserMgr::deleteUser(newUsername));
699f25443e8SNan Zhou }
700f25443e8SNan Zhou
TEST_F(UserMgrInTest,RenameUserThrowsInternalFailureIfExecuteUserModifyFails)701f25443e8SNan Zhou TEST_F(UserMgrInTest, RenameUserThrowsInternalFailureIfExecuteUserModifyFails)
702f25443e8SNan Zhou {
703f25443e8SNan Zhou std::string username = "user001";
704f25443e8SNan Zhou EXPECT_NO_THROW(
705f25443e8SNan Zhou UserMgr::createUser(username, {"redfish", "ssh"}, "priv-user", true));
706f25443e8SNan Zhou std::string newUsername = "user002";
707f25443e8SNan Zhou
708f25443e8SNan Zhou EXPECT_CALL(*this, executeUserRename(testing::StrEq(username),
709f25443e8SNan Zhou testing::StrEq(newUsername)))
710f25443e8SNan Zhou .WillOnce(testing::Throw(
711f25443e8SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure()));
712f25443e8SNan Zhou EXPECT_THROW(
713f25443e8SNan Zhou UserMgr::renameUser(username, newUsername),
714f25443e8SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure);
715f25443e8SNan Zhou
716f25443e8SNan Zhou // The original user is unchanged
717f25443e8SNan Zhou UserInfoMap userInfo = getUserInfo(username);
718f25443e8SNan Zhou EXPECT_EQ(std::get<Privilege>(userInfo["UserPrivilege"]), "priv-user");
719f25443e8SNan Zhou EXPECT_THAT(std::get<GroupList>(userInfo["UserGroups"]),
720f25443e8SNan Zhou testing::UnorderedElementsAre("redfish", "ssh"));
721f25443e8SNan Zhou EXPECT_EQ(std::get<UserEnabled>(userInfo["UserEnabled"]), true);
722f25443e8SNan Zhou
723f25443e8SNan Zhou EXPECT_NO_THROW(UserMgr::deleteUser(username));
724f25443e8SNan Zhou }
725f25443e8SNan Zhou
TEST_F(UserMgrInTest,DefaultUserModifyFailedWithInternalFailure)726f25443e8SNan Zhou TEST_F(UserMgrInTest, DefaultUserModifyFailedWithInternalFailure)
727f25443e8SNan Zhou {
728f25443e8SNan Zhou EXPECT_THROW(
729f25443e8SNan Zhou UserMgr::executeUserRename("user0", "user1"),
730f25443e8SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure);
731fef63038SNan Zhou EXPECT_THROW(
732fef63038SNan Zhou UserMgr::executeUserModify("user0", "ssh", true),
733fef63038SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure);
734fef63038SNan Zhou }
735fef63038SNan Zhou
TEST_F(UserMgrInTest,UpdateGroupsAndPrivOnSuccess)736fef63038SNan Zhou TEST_F(UserMgrInTest, UpdateGroupsAndPrivOnSuccess)
737fef63038SNan Zhou {
738fef63038SNan Zhou std::string username = "user001";
739fef63038SNan Zhou EXPECT_NO_THROW(
740fef63038SNan Zhou UserMgr::createUser(username, {"redfish", "ssh"}, "priv-user", true));
741fef63038SNan Zhou EXPECT_NO_THROW(
742fef63038SNan Zhou updateGroupsAndPriv(username, {"ipmi", "ssh"}, "priv-admin"));
743fef63038SNan Zhou UserInfoMap userInfo = getUserInfo(username);
744fef63038SNan Zhou EXPECT_EQ(std::get<Privilege>(userInfo["UserPrivilege"]), "priv-admin");
745fef63038SNan Zhou EXPECT_THAT(std::get<GroupList>(userInfo["UserGroups"]),
746fef63038SNan Zhou testing::UnorderedElementsAre("ipmi", "ssh"));
747fef63038SNan Zhou EXPECT_EQ(std::get<UserEnabled>(userInfo["UserEnabled"]), true);
748fef63038SNan Zhou EXPECT_NO_THROW(UserMgr::deleteUser(username));
749fef63038SNan Zhou }
750fef63038SNan Zhou
TEST_F(UserMgrInTest,UpdateGroupsAndPrivThrowsInternalFailureIfExecuteUserModifyFail)751fef63038SNan Zhou TEST_F(UserMgrInTest,
752fef63038SNan Zhou UpdateGroupsAndPrivThrowsInternalFailureIfExecuteUserModifyFail)
753fef63038SNan Zhou {
754fef63038SNan Zhou std::string username = "user001";
755fef63038SNan Zhou EXPECT_NO_THROW(
756fef63038SNan Zhou UserMgr::createUser(username, {"redfish", "ssh"}, "priv-user", true));
757fef63038SNan Zhou EXPECT_CALL(*this, executeUserModify(testing::StrEq(username), testing::_,
758fef63038SNan Zhou testing::_))
759fef63038SNan Zhou .WillOnce(testing::Throw(
760fef63038SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure()));
761fef63038SNan Zhou EXPECT_THROW(
762fef63038SNan Zhou updateGroupsAndPriv(username, {"ipmi", "ssh"}, "priv-admin"),
763fef63038SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure);
764fef63038SNan Zhou EXPECT_NO_THROW(UserMgr::deleteUser(username));
765f25443e8SNan Zhou }
766f25443e8SNan Zhou
TEST_F(UserMgrInTest,MinPasswordLengthReturnsIfValueIsTheSame)7671803101cSNan Zhou TEST_F(UserMgrInTest, MinPasswordLengthReturnsIfValueIsTheSame)
7681803101cSNan Zhou {
7691803101cSNan Zhou initializeAccountPolicy();
7701803101cSNan Zhou EXPECT_EQ(AccountPolicyIface::minPasswordLength(), 8);
7711803101cSNan Zhou UserMgr::minPasswordLength(8);
7721803101cSNan Zhou EXPECT_EQ(AccountPolicyIface::minPasswordLength(), 8);
7731803101cSNan Zhou }
7741803101cSNan Zhou
TEST_F(UserMgrInTest,MinPasswordLengthRejectsTooShortPasswordWithInvalidArgument)7751803101cSNan Zhou TEST_F(UserMgrInTest,
7761803101cSNan Zhou MinPasswordLengthRejectsTooShortPasswordWithInvalidArgument)
7771803101cSNan Zhou {
7781803101cSNan Zhou initializeAccountPolicy();
7791803101cSNan Zhou EXPECT_EQ(AccountPolicyIface::minPasswordLength(), 8);
7801803101cSNan Zhou EXPECT_THROW(
7811803101cSNan Zhou UserMgr::minPasswordLength(minPasswdLength - 1),
7821803101cSNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
7831803101cSNan Zhou EXPECT_EQ(AccountPolicyIface::minPasswordLength(), 8);
7841803101cSNan Zhou }
7851803101cSNan Zhou
TEST_F(UserMgrInTest,MinPasswordLengthOnSuccess)7861803101cSNan Zhou TEST_F(UserMgrInTest, MinPasswordLengthOnSuccess)
7871803101cSNan Zhou {
7881803101cSNan Zhou initializeAccountPolicy();
7891803101cSNan Zhou EXPECT_EQ(AccountPolicyIface::minPasswordLength(), 8);
7901803101cSNan Zhou UserMgr::minPasswordLength(16);
7911803101cSNan Zhou EXPECT_EQ(AccountPolicyIface::minPasswordLength(), 16);
7921803101cSNan Zhou }
7931803101cSNan Zhou
TEST_F(UserMgrInTest,MinPasswordLengthOnFailure)7941803101cSNan Zhou TEST_F(UserMgrInTest, MinPasswordLengthOnFailure)
7951803101cSNan Zhou {
7962d042d14SJason M. Bills EXPECT_NO_THROW(dumpStringToFile("whatever", tempPWQualityConfigFile));
7971803101cSNan Zhou initializeAccountPolicy();
7981803101cSNan Zhou EXPECT_EQ(AccountPolicyIface::minPasswordLength(), 8);
7991803101cSNan Zhou EXPECT_THROW(
8001803101cSNan Zhou UserMgr::minPasswordLength(16),
8011803101cSNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure);
8021803101cSNan Zhou EXPECT_EQ(AccountPolicyIface::minPasswordLength(), 8);
8031803101cSNan Zhou }
8041803101cSNan Zhou
TEST_F(UserMgrInTest,RememberOldPasswordTimesReturnsIfValueIsTheSame)805a6ce1faaSNan Zhou TEST_F(UserMgrInTest, RememberOldPasswordTimesReturnsIfValueIsTheSame)
806a6ce1faaSNan Zhou {
807a6ce1faaSNan Zhou initializeAccountPolicy();
808a6ce1faaSNan Zhou EXPECT_EQ(AccountPolicyIface::rememberOldPasswordTimes(), 0);
809a6ce1faaSNan Zhou UserMgr::rememberOldPasswordTimes(8);
810a6ce1faaSNan Zhou EXPECT_EQ(AccountPolicyIface::rememberOldPasswordTimes(), 8);
811a6ce1faaSNan Zhou UserMgr::rememberOldPasswordTimes(8);
812a6ce1faaSNan Zhou EXPECT_EQ(AccountPolicyIface::rememberOldPasswordTimes(), 8);
813a6ce1faaSNan Zhou }
814a6ce1faaSNan Zhou
TEST_F(UserMgrInTest,RememberOldPasswordTimesOnSuccess)815a6ce1faaSNan Zhou TEST_F(UserMgrInTest, RememberOldPasswordTimesOnSuccess)
816a6ce1faaSNan Zhou {
817a6ce1faaSNan Zhou initializeAccountPolicy();
818a6ce1faaSNan Zhou EXPECT_EQ(AccountPolicyIface::rememberOldPasswordTimes(), 0);
819a6ce1faaSNan Zhou UserMgr::rememberOldPasswordTimes(16);
820a6ce1faaSNan Zhou EXPECT_EQ(AccountPolicyIface::rememberOldPasswordTimes(), 16);
821a6ce1faaSNan Zhou }
822a6ce1faaSNan Zhou
TEST_F(UserMgrInTest,RememberOldPasswordTimesOnFailure)823a6ce1faaSNan Zhou TEST_F(UserMgrInTest, RememberOldPasswordTimesOnFailure)
824a6ce1faaSNan Zhou {
8253b280ec7SJason M. Bills EXPECT_NO_THROW(dumpStringToFile("whatever", tempPWHistoryConfigFile));
826a6ce1faaSNan Zhou initializeAccountPolicy();
827a6ce1faaSNan Zhou EXPECT_EQ(AccountPolicyIface::rememberOldPasswordTimes(), 0);
828a6ce1faaSNan Zhou EXPECT_THROW(
829a6ce1faaSNan Zhou UserMgr::rememberOldPasswordTimes(16),
830a6ce1faaSNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure);
831a6ce1faaSNan Zhou EXPECT_EQ(AccountPolicyIface::rememberOldPasswordTimes(), 0);
832a6ce1faaSNan Zhou }
833a6ce1faaSNan Zhou
TEST_F(UserMgrInTest,MaxLoginAttemptBeforeLockoutReturnsIfValueIsTheSame)834cfabe6b3SNan Zhou TEST_F(UserMgrInTest, MaxLoginAttemptBeforeLockoutReturnsIfValueIsTheSame)
835cfabe6b3SNan Zhou {
836cfabe6b3SNan Zhou initializeAccountPolicy();
837cfabe6b3SNan Zhou EXPECT_EQ(AccountPolicyIface::maxLoginAttemptBeforeLockout(), 2);
838cfabe6b3SNan Zhou UserMgr::maxLoginAttemptBeforeLockout(2);
839cfabe6b3SNan Zhou EXPECT_EQ(AccountPolicyIface::maxLoginAttemptBeforeLockout(), 2);
840cfabe6b3SNan Zhou }
841cfabe6b3SNan Zhou
TEST_F(UserMgrInTest,MaxLoginAttemptBeforeLockoutOnSuccess)842cfabe6b3SNan Zhou TEST_F(UserMgrInTest, MaxLoginAttemptBeforeLockoutOnSuccess)
843cfabe6b3SNan Zhou {
844cfabe6b3SNan Zhou initializeAccountPolicy();
845cfabe6b3SNan Zhou EXPECT_EQ(AccountPolicyIface::maxLoginAttemptBeforeLockout(), 2);
846cfabe6b3SNan Zhou UserMgr::maxLoginAttemptBeforeLockout(16);
847cfabe6b3SNan Zhou EXPECT_EQ(AccountPolicyIface::maxLoginAttemptBeforeLockout(), 16);
848cfabe6b3SNan Zhou }
849cfabe6b3SNan Zhou
TEST_F(UserMgrInTest,MaxLoginAttemptBeforeLockoutOnFailure)850cfabe6b3SNan Zhou TEST_F(UserMgrInTest, MaxLoginAttemptBeforeLockoutOnFailure)
851cfabe6b3SNan Zhou {
852cfabe6b3SNan Zhou initializeAccountPolicy();
8532d042d14SJason M. Bills EXPECT_NO_THROW(dumpStringToFile("whatever", tempFaillockConfigFile));
854cfabe6b3SNan Zhou EXPECT_THROW(
855cfabe6b3SNan Zhou UserMgr::maxLoginAttemptBeforeLockout(16),
856cfabe6b3SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure);
8572d042d14SJason M. Bills EXPECT_EQ(AccountPolicyIface::maxLoginAttemptBeforeLockout(), 2);
858cfabe6b3SNan Zhou }
859cfabe6b3SNan Zhou
TEST_F(UserMgrInTest,AccountUnlockTimeoutReturnsIfValueIsTheSame)860784aecd4SNan Zhou TEST_F(UserMgrInTest, AccountUnlockTimeoutReturnsIfValueIsTheSame)
861784aecd4SNan Zhou {
862784aecd4SNan Zhou initializeAccountPolicy();
863784aecd4SNan Zhou EXPECT_EQ(AccountPolicyIface::accountUnlockTimeout(), 3);
864784aecd4SNan Zhou UserMgr::accountUnlockTimeout(3);
865784aecd4SNan Zhou EXPECT_EQ(AccountPolicyIface::accountUnlockTimeout(), 3);
866784aecd4SNan Zhou }
867784aecd4SNan Zhou
TEST_F(UserMgrInTest,AccountUnlockTimeoutOnSuccess)868784aecd4SNan Zhou TEST_F(UserMgrInTest, AccountUnlockTimeoutOnSuccess)
869784aecd4SNan Zhou {
870784aecd4SNan Zhou initializeAccountPolicy();
871784aecd4SNan Zhou EXPECT_EQ(AccountPolicyIface::accountUnlockTimeout(), 3);
872784aecd4SNan Zhou UserMgr::accountUnlockTimeout(16);
873784aecd4SNan Zhou EXPECT_EQ(AccountPolicyIface::accountUnlockTimeout(), 16);
874784aecd4SNan Zhou }
875784aecd4SNan Zhou
TEST_F(UserMgrInTest,AccountUnlockTimeoutOnFailure)876784aecd4SNan Zhou TEST_F(UserMgrInTest, AccountUnlockTimeoutOnFailure)
877784aecd4SNan Zhou {
878784aecd4SNan Zhou initializeAccountPolicy();
8792d042d14SJason M. Bills EXPECT_NO_THROW(dumpStringToFile("whatever", tempFaillockConfigFile));
880784aecd4SNan Zhou EXPECT_THROW(
881784aecd4SNan Zhou UserMgr::accountUnlockTimeout(16),
882784aecd4SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure);
883784aecd4SNan Zhou EXPECT_EQ(AccountPolicyIface::accountUnlockTimeout(), 3);
884784aecd4SNan Zhou }
885784aecd4SNan Zhou
TEST_F(UserMgrInTest,UserEnableOnSuccess)8866b6f2d80SNan Zhou TEST_F(UserMgrInTest, UserEnableOnSuccess)
8876b6f2d80SNan Zhou {
8886b6f2d80SNan Zhou std::string username = "user001";
8896b6f2d80SNan Zhou EXPECT_NO_THROW(
8906b6f2d80SNan Zhou UserMgr::createUser(username, {"redfish", "ssh"}, "priv-user", true));
8916b6f2d80SNan Zhou UserInfoMap userInfo = getUserInfo(username);
8926b6f2d80SNan Zhou EXPECT_EQ(std::get<UserEnabled>(userInfo["UserEnabled"]), true);
8936b6f2d80SNan Zhou
8946b6f2d80SNan Zhou EXPECT_NO_THROW(userEnable(username, false));
8956b6f2d80SNan Zhou
8966b6f2d80SNan Zhou userInfo = getUserInfo(username);
8976b6f2d80SNan Zhou EXPECT_EQ(std::get<UserEnabled>(userInfo["UserEnabled"]), false);
8986b6f2d80SNan Zhou
8996b6f2d80SNan Zhou EXPECT_NO_THROW(UserMgr::deleteUser(username));
9006b6f2d80SNan Zhou }
9016b6f2d80SNan Zhou
TEST_F(UserMgrInTest,CreateDeleteUserSuccessForHostConsole)902601d3db4SNinad Palsule TEST_F(UserMgrInTest, CreateDeleteUserSuccessForHostConsole)
903601d3db4SNinad Palsule {
904601d3db4SNinad Palsule std::string username = "user001";
905601d3db4SNinad Palsule EXPECT_NO_THROW(
906601d3db4SNinad Palsule UserMgr::createUser(username, {"hostconsole"}, "priv-user", true));
907601d3db4SNinad Palsule EXPECT_NO_THROW(UserMgr::deleteUser(username));
908601d3db4SNinad Palsule EXPECT_NO_THROW(
909601d3db4SNinad Palsule UserMgr::createUser(username, {"hostconsole"}, "priv-admin", true));
910601d3db4SNinad Palsule EXPECT_NO_THROW(UserMgr::deleteUser(username));
911601d3db4SNinad Palsule EXPECT_NO_THROW(
912601d3db4SNinad Palsule UserMgr::createUser(username, {"hostconsole"}, "priv-operator", true));
913601d3db4SNinad Palsule EXPECT_NO_THROW(UserMgr::deleteUser(username));
914601d3db4SNinad Palsule }
915601d3db4SNinad Palsule
TEST_F(UserMgrInTest,UserEnableThrowsInternalFailureIfExecuteUserModifyFail)9166b6f2d80SNan Zhou TEST_F(UserMgrInTest, UserEnableThrowsInternalFailureIfExecuteUserModifyFail)
9176b6f2d80SNan Zhou {
9186b6f2d80SNan Zhou std::string username = "user001";
9196b6f2d80SNan Zhou EXPECT_NO_THROW(
9206b6f2d80SNan Zhou UserMgr::createUser(username, {"redfish", "ssh"}, "priv-user", true));
9216b6f2d80SNan Zhou UserInfoMap userInfo = getUserInfo(username);
9226b6f2d80SNan Zhou EXPECT_EQ(std::get<UserEnabled>(userInfo["UserEnabled"]), true);
9236b6f2d80SNan Zhou
9246b6f2d80SNan Zhou EXPECT_CALL(*this, executeUserModifyUserEnable(testing::StrEq(username),
9256b6f2d80SNan Zhou testing::Eq(false)))
9266b6f2d80SNan Zhou .WillOnce(testing::Throw(
9276b6f2d80SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure()));
9286b6f2d80SNan Zhou EXPECT_THROW(
9296b6f2d80SNan Zhou userEnable(username, false),
9306b6f2d80SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure);
9316b6f2d80SNan Zhou
9326b6f2d80SNan Zhou userInfo = getUserInfo(username);
9336b6f2d80SNan Zhou // Stay unchanged
9346b6f2d80SNan Zhou EXPECT_EQ(std::get<UserEnabled>(userInfo["UserEnabled"]), true);
9356b6f2d80SNan Zhou
9366b6f2d80SNan Zhou EXPECT_NO_THROW(UserMgr::deleteUser(username));
9376b6f2d80SNan Zhou }
9386b6f2d80SNan Zhou
TEST_F(UserMgrInTest,UserLockedForFailedAttemptReturnsFalseIfMaxLoginAttemptBeforeLockoutIsZero)939a295303bSNan Zhou TEST_F(
940a295303bSNan Zhou UserMgrInTest,
941a295303bSNan Zhou UserLockedForFailedAttemptReturnsFalseIfMaxLoginAttemptBeforeLockoutIsZero)
942a295303bSNan Zhou {
943a295303bSNan Zhou EXPECT_FALSE(userLockedForFailedAttempt("whatever"));
944a295303bSNan Zhou }
945a295303bSNan Zhou
TEST_F(UserMgrInTest,UserLockedForFailedAttemptZeroFailuresReturnsFalse)946a295303bSNan Zhou TEST_F(UserMgrInTest, UserLockedForFailedAttemptZeroFailuresReturnsFalse)
947a295303bSNan Zhou {
948a295303bSNan Zhou std::string username = "user001";
949a295303bSNan Zhou initializeAccountPolicy();
950a295303bSNan Zhou // Example output from BMC
9512d042d14SJason M. Bills // root:~# faillock --user root
9522d042d14SJason M. Bills // root:
9532d042d14SJason M. Bills // When Type Source Valid
9542d042d14SJason M. Bills std::vector<std::string> output = {"whatever",
9552d042d14SJason M. Bills "When Type Source Valid"};
956a295303bSNan Zhou EXPECT_CALL(*this, getFailedAttempt(testing::StrEq(username.c_str())))
957a295303bSNan Zhou .WillOnce(testing::Return(output));
958a295303bSNan Zhou
959a295303bSNan Zhou EXPECT_FALSE(userLockedForFailedAttempt(username));
960a295303bSNan Zhou }
961a295303bSNan Zhou
TEST_F(UserMgrInTest,UserLockedForFailedAttemptFailIfGetFailedAttemptFail)962a295303bSNan Zhou TEST_F(UserMgrInTest, UserLockedForFailedAttemptFailIfGetFailedAttemptFail)
963a295303bSNan Zhou {
964a295303bSNan Zhou std::string username = "user001";
965a295303bSNan Zhou initializeAccountPolicy();
966a295303bSNan Zhou EXPECT_CALL(*this, getFailedAttempt(testing::StrEq(username.c_str())))
967a295303bSNan Zhou .WillOnce(testing::Throw(
968a295303bSNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure()));
969a295303bSNan Zhou
970a295303bSNan Zhou EXPECT_THROW(
971a295303bSNan Zhou userLockedForFailedAttempt(username),
972a295303bSNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure);
973a295303bSNan Zhou }
974a295303bSNan Zhou
TEST_F(UserMgrInTest,UserLockedForFailedAttemptThrowsInternalFailureIfWrongDateFormat)975a295303bSNan Zhou TEST_F(UserMgrInTest,
976a295303bSNan Zhou UserLockedForFailedAttemptThrowsInternalFailureIfWrongDateFormat)
977a295303bSNan Zhou {
978a295303bSNan Zhou std::string username = "user001";
979a295303bSNan Zhou initializeAccountPolicy();
980a295303bSNan Zhou
981a295303bSNan Zhou // Choose a date in the past.
982a295303bSNan Zhou std::vector<std::string> output = {"whatever",
9832d042d14SJason M. Bills "10/24/2002 00:00:00 type source V"};
984a295303bSNan Zhou EXPECT_CALL(*this, getFailedAttempt(testing::StrEq(username.c_str())))
985a295303bSNan Zhou .WillOnce(testing::Return(output));
986a295303bSNan Zhou
987a295303bSNan Zhou EXPECT_THROW(
988a295303bSNan Zhou userLockedForFailedAttempt(username),
989a295303bSNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure);
990a295303bSNan Zhou }
991a295303bSNan Zhou
TEST_F(UserMgrInTest,UserLockedForFailedAttemptReturnsFalseIfLastFailTimeHasTimedOut)992a295303bSNan Zhou TEST_F(UserMgrInTest,
993a295303bSNan Zhou UserLockedForFailedAttemptReturnsFalseIfLastFailTimeHasTimedOut)
994a295303bSNan Zhou {
995a295303bSNan Zhou std::string username = "user001";
996a295303bSNan Zhou initializeAccountPolicy();
997a295303bSNan Zhou
998a295303bSNan Zhou // Choose a date in the past.
999a295303bSNan Zhou std::vector<std::string> output = {"whatever",
10002d042d14SJason M. Bills "2002-10-24 00:00:00 type source V"};
1001a295303bSNan Zhou EXPECT_CALL(*this, getFailedAttempt(testing::StrEq(username.c_str())))
1002a295303bSNan Zhou .WillOnce(testing::Return(output));
1003a295303bSNan Zhou
1004a295303bSNan Zhou EXPECT_EQ(userLockedForFailedAttempt(username), false);
1005a295303bSNan Zhou }
1006a295303bSNan Zhou
TEST_F(UserMgrInTest,CheckAndThrowForDisallowedGroupCreationOnSuccess)1007da401fe5SNan Zhou TEST_F(UserMgrInTest, CheckAndThrowForDisallowedGroupCreationOnSuccess)
1008da401fe5SNan Zhou {
1009da401fe5SNan Zhou // Base Redfish Roles
1010da401fe5SNan Zhou EXPECT_NO_THROW(
1011da401fe5SNan Zhou checkAndThrowForDisallowedGroupCreation("openbmc_rfr_Administrator"));
1012da401fe5SNan Zhou EXPECT_NO_THROW(
1013da401fe5SNan Zhou checkAndThrowForDisallowedGroupCreation("openbmc_rfr_Operator"));
1014da401fe5SNan Zhou EXPECT_NO_THROW(
1015da401fe5SNan Zhou checkAndThrowForDisallowedGroupCreation("openbmc_rfr_ReadOnly"));
1016da401fe5SNan Zhou // Base Redfish Privileges
1017da401fe5SNan Zhou EXPECT_NO_THROW(
1018da401fe5SNan Zhou checkAndThrowForDisallowedGroupCreation("openbmc_rfp_Login"));
1019da401fe5SNan Zhou EXPECT_NO_THROW(checkAndThrowForDisallowedGroupCreation(
1020da401fe5SNan Zhou "openbmc_rfp_ConfigureManager"));
1021da401fe5SNan Zhou EXPECT_NO_THROW(
1022da401fe5SNan Zhou checkAndThrowForDisallowedGroupCreation("openbmc_rfp_ConfigureUsers"));
1023da401fe5SNan Zhou EXPECT_NO_THROW(
1024da401fe5SNan Zhou checkAndThrowForDisallowedGroupCreation("openbmc_rfp_ConfigureSelf"));
1025da401fe5SNan Zhou EXPECT_NO_THROW(checkAndThrowForDisallowedGroupCreation(
1026da401fe5SNan Zhou "openbmc_rfp_ConfigureComponents"));
1027da401fe5SNan Zhou // OEM Redfish Roles
1028da401fe5SNan Zhou EXPECT_NO_THROW(
1029da401fe5SNan Zhou checkAndThrowForDisallowedGroupCreation("openbmc_orfr_PowerService"));
1030da401fe5SNan Zhou // OEM Redfish Privileges
1031da401fe5SNan Zhou EXPECT_NO_THROW(
1032da401fe5SNan Zhou checkAndThrowForDisallowedGroupCreation("openbmc_orfp_PowerService"));
1033da401fe5SNan Zhou }
1034da401fe5SNan Zhou
TEST_F(UserMgrInTest,CheckAndThrowForDisallowedGroupCreationThrowsIfGroupNameTooLong)1035da401fe5SNan Zhou TEST_F(UserMgrInTest,
1036da401fe5SNan Zhou CheckAndThrowForDisallowedGroupCreationThrowsIfGroupNameTooLong)
1037da401fe5SNan Zhou {
1038da401fe5SNan Zhou std::string groupName(maxSystemGroupNameLength + 1, 'A');
1039da401fe5SNan Zhou EXPECT_THROW(
1040da401fe5SNan Zhou checkAndThrowForDisallowedGroupCreation(groupName),
1041da401fe5SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
1042da401fe5SNan Zhou }
1043da401fe5SNan Zhou
TEST_F(UserMgrInTest,CheckAndThrowForDisallowedGroupCreationThrowsIfGroupNameHasDisallowedCharacters)1044da401fe5SNan Zhou TEST_F(
1045da401fe5SNan Zhou UserMgrInTest,
1046da401fe5SNan Zhou CheckAndThrowForDisallowedGroupCreationThrowsIfGroupNameHasDisallowedCharacters)
1047da401fe5SNan Zhou {
1048da401fe5SNan Zhou EXPECT_THROW(
1049da401fe5SNan Zhou checkAndThrowForDisallowedGroupCreation("openbmc_rfp_?owerService"),
1050da401fe5SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
1051da401fe5SNan Zhou EXPECT_THROW(
1052da401fe5SNan Zhou checkAndThrowForDisallowedGroupCreation("openbmc_rfp_-owerService"),
1053da401fe5SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
1054da401fe5SNan Zhou }
1055da401fe5SNan Zhou
TEST_F(UserMgrInTest,CheckAndThrowForDisallowedGroupCreationThrowsIfGroupNameHasDisallowedPrefix)1056da401fe5SNan Zhou TEST_F(
1057da401fe5SNan Zhou UserMgrInTest,
1058da401fe5SNan Zhou CheckAndThrowForDisallowedGroupCreationThrowsIfGroupNameHasDisallowedPrefix)
1059da401fe5SNan Zhou {
1060da401fe5SNan Zhou EXPECT_THROW(
1061da401fe5SNan Zhou checkAndThrowForDisallowedGroupCreation("google_rfp_"),
1062da401fe5SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
1063da401fe5SNan Zhou EXPECT_THROW(
1064da401fe5SNan Zhou checkAndThrowForDisallowedGroupCreation("com_rfp_"),
1065da401fe5SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
1066da401fe5SNan Zhou }
1067da401fe5SNan Zhou
TEST_F(UserMgrInTest,CheckAndThrowForMaxGroupCountOnSuccess)1068da401fe5SNan Zhou TEST_F(UserMgrInTest, CheckAndThrowForMaxGroupCountOnSuccess)
1069da401fe5SNan Zhou {
10704e2c06e7SRavi Teja constexpr size_t predefGroupCount = 4;
1071601d3db4SNinad Palsule
1072601d3db4SNinad Palsule EXPECT_THAT(allGroups().size(), predefGroupCount);
1073601d3db4SNinad Palsule for (size_t i = 0; i < maxSystemGroupCount - predefGroupCount; ++i)
1074da401fe5SNan Zhou {
1075da401fe5SNan Zhou std::string groupName = "openbmc_rfr_role";
1076da401fe5SNan Zhou groupName += std::to_string(i);
1077da401fe5SNan Zhou EXPECT_NO_THROW(createGroup(groupName));
1078da401fe5SNan Zhou }
1079da401fe5SNan Zhou EXPECT_THROW(
1080da401fe5SNan Zhou createGroup("openbmc_rfr_AnotherRole"),
1081da401fe5SNan Zhou sdbusplus::xyz::openbmc_project::User::Common::Error::NoResource);
1082601d3db4SNinad Palsule for (size_t i = 0; i < maxSystemGroupCount - predefGroupCount; ++i)
1083da401fe5SNan Zhou {
1084da401fe5SNan Zhou std::string groupName = "openbmc_rfr_role";
1085da401fe5SNan Zhou groupName += std::to_string(i);
1086da401fe5SNan Zhou EXPECT_NO_THROW(deleteGroup(groupName));
1087da401fe5SNan Zhou }
1088da401fe5SNan Zhou }
1089da401fe5SNan Zhou
TEST_F(UserMgrInTest,CheckAndThrowForGroupExist)1090da401fe5SNan Zhou TEST_F(UserMgrInTest, CheckAndThrowForGroupExist)
1091da401fe5SNan Zhou {
1092da401fe5SNan Zhou std::string groupName = "openbmc_rfr_role";
1093da401fe5SNan Zhou EXPECT_NO_THROW(createGroup(groupName));
1094da401fe5SNan Zhou EXPECT_THROW(
1095da401fe5SNan Zhou createGroup(groupName),
1096da401fe5SNan Zhou sdbusplus::xyz::openbmc_project::User::Common::Error::GroupNameExists);
1097da401fe5SNan Zhou EXPECT_NO_THROW(deleteGroup(groupName));
1098da401fe5SNan Zhou }
1099da401fe5SNan Zhou
TEST_F(UserMgrInTest,ByDefaultAllGroupsArePredefinedGroups)1100da401fe5SNan Zhou TEST_F(UserMgrInTest, ByDefaultAllGroupsArePredefinedGroups)
1101da401fe5SNan Zhou {
11024e2c06e7SRavi Teja EXPECT_THAT(allGroups(), testing::UnorderedElementsAre(
11034e2c06e7SRavi Teja "redfish", "ipmi", "ssh", "hostconsole"));
1104601d3db4SNinad Palsule }
1105601d3db4SNinad Palsule
TEST_F(UserMgrInTest,AddGroupThrowsIfPreDefinedGroupAdd)1106601d3db4SNinad Palsule TEST_F(UserMgrInTest, AddGroupThrowsIfPreDefinedGroupAdd)
1107601d3db4SNinad Palsule {
1108601d3db4SNinad Palsule EXPECT_THROW(
1109601d3db4SNinad Palsule createGroup("ipmi"),
1110601d3db4SNinad Palsule sdbusplus::xyz::openbmc_project::User::Common::Error::GroupNameExists);
1111601d3db4SNinad Palsule EXPECT_THROW(
1112601d3db4SNinad Palsule createGroup("redfish"),
1113601d3db4SNinad Palsule sdbusplus::xyz::openbmc_project::User::Common::Error::GroupNameExists);
1114601d3db4SNinad Palsule EXPECT_THROW(
1115601d3db4SNinad Palsule createGroup("ssh"),
1116601d3db4SNinad Palsule sdbusplus::xyz::openbmc_project::User::Common::Error::GroupNameExists);
1117601d3db4SNinad Palsule EXPECT_THROW(
1118601d3db4SNinad Palsule createGroup("hostconsole"),
1119601d3db4SNinad Palsule sdbusplus::xyz::openbmc_project::User::Common::Error::GroupNameExists);
1120da401fe5SNan Zhou }
1121da401fe5SNan Zhou
TEST_F(UserMgrInTest,DeleteGroupThrowsIfGroupIsNotAllowedToChange)1122da401fe5SNan Zhou TEST_F(UserMgrInTest, DeleteGroupThrowsIfGroupIsNotAllowedToChange)
1123da401fe5SNan Zhou {
1124da401fe5SNan Zhou EXPECT_THROW(
1125da401fe5SNan Zhou deleteGroup("ipmi"),
1126da401fe5SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
1127da401fe5SNan Zhou EXPECT_THROW(
1128da401fe5SNan Zhou deleteGroup("redfish"),
1129da401fe5SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
1130da401fe5SNan Zhou EXPECT_THROW(
1131da401fe5SNan Zhou deleteGroup("ssh"),
1132da401fe5SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
1133601d3db4SNinad Palsule EXPECT_THROW(
1134601d3db4SNinad Palsule deleteGroup("hostconsole"),
1135601d3db4SNinad Palsule sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
1136da401fe5SNan Zhou }
1137da401fe5SNan Zhou
TEST_F(UserMgrInTest,CreateGroupThrowsInternalFailureWhenExecuteGroupCreateFails)1138da401fe5SNan Zhou TEST_F(UserMgrInTest,
1139da401fe5SNan Zhou CreateGroupThrowsInternalFailureWhenExecuteGroupCreateFails)
1140da401fe5SNan Zhou {
1141da401fe5SNan Zhou EXPECT_CALL(*this, executeGroupCreation)
1142da401fe5SNan Zhou .WillOnce(testing::Throw(
1143da401fe5SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure()));
1144da401fe5SNan Zhou EXPECT_THROW(
1145da401fe5SNan Zhou createGroup("openbmc_rfr_role1"),
1146da401fe5SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure);
1147da401fe5SNan Zhou }
1148da401fe5SNan Zhou
TEST_F(UserMgrInTest,DeleteGroupThrowsInternalFailureWhenExecuteGroupDeleteFails)1149da401fe5SNan Zhou TEST_F(UserMgrInTest,
1150da401fe5SNan Zhou DeleteGroupThrowsInternalFailureWhenExecuteGroupDeleteFails)
1151da401fe5SNan Zhou {
1152da401fe5SNan Zhou std::string groupName = "openbmc_rfr_role1";
1153da401fe5SNan Zhou EXPECT_NO_THROW(UserMgr::createGroup(groupName));
1154da401fe5SNan Zhou EXPECT_CALL(*this, executeGroupDeletion(testing::StrEq(groupName)))
1155da401fe5SNan Zhou .WillOnce(testing::Throw(
1156da401fe5SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure()))
1157da401fe5SNan Zhou .WillOnce(testing::DoDefault());
1158da401fe5SNan Zhou
1159da401fe5SNan Zhou EXPECT_THROW(
1160da401fe5SNan Zhou deleteGroup(groupName),
1161da401fe5SNan Zhou sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure);
1162da401fe5SNan Zhou EXPECT_NO_THROW(UserMgr::deleteGroup(groupName));
1163da401fe5SNan Zhou }
1164da401fe5SNan Zhou
TEST_F(UserMgrInTest,CheckAndThrowForGroupNotExist)1165da401fe5SNan Zhou TEST_F(UserMgrInTest, CheckAndThrowForGroupNotExist)
1166da401fe5SNan Zhou {
1167da401fe5SNan Zhou EXPECT_THROW(deleteGroup("whatever"),
1168da401fe5SNan Zhou sdbusplus::xyz::openbmc_project::User::Common::Error::
1169da401fe5SNan Zhou GroupNameDoesNotExist);
1170da401fe5SNan Zhou }
1171da401fe5SNan Zhou
TEST(ReadAllGroupsOnSystemTest,OnlyReturnsPredefinedGroups)1172da401fe5SNan Zhou TEST(ReadAllGroupsOnSystemTest, OnlyReturnsPredefinedGroups)
1173da401fe5SNan Zhou {
11744e2c06e7SRavi Teja EXPECT_THAT(
11754e2c06e7SRavi Teja UserMgr::readAllGroupsOnSystem(),
11764e2c06e7SRavi Teja testing::UnorderedElementsAre("redfish", "ipmi", "ssh", "hostconsole"));
1177da401fe5SNan Zhou }
1178da401fe5SNan Zhou
11798cc44050Sraviteja-b } // namespace user
11808cc44050Sraviteja-b } // namespace phosphor
1181