xref: /openbmc/openbmc-test-automation/ipmi/test_ipmi_user.robot (revision 58229e4b4fcb8e62f5f7d9c539923e98ebc9bd9b)
1*** Settings ***
2Documentation       Test suite for OpenBMC IPMI user management.
3
4Resource            ../lib/ipmi_client.robot
5Resource            ../lib/openbmc_ffdc.robot
6Resource            ../lib/bmc_network_utils.robot
7Library             ../lib/ipmi_utils.py
8Test Setup          Printn
9
10Suite Setup         Suite Setup Execution
11Test Teardown       Test Teardown Execution
12
13*** Variables ***
14
15${invalid_username}     user%
16${invalid_password}     abc123
17${new_username}         newuser
18${root_userid}          1
19${operator_level_priv}  0x3
20${user_priv}            2
21${operator_priv}        3
22${admin_level_priv}     4
23${no_access_priv}       15
24${valid_password}       0penBmc1
25${max_password_length}  20
26${ipmi_setaccess_cmd}   channel setaccess
27&{password_values}      16=0penBmc10penBmc2  17=0penBmc10penBmc2B
28              ...       20=0penBmc10penBmc2Bmc3  21=0penBmc10penBmc2Bmc34
29              ...       7=0penBmc  8=0penBmc0
30${expected_max_ids}     15
31${root_pattern}         ^.*\\sroot\\s.*ADMINISTRATOR.*$
32${empty_name_pattern}   ^User Name\\s.*\\s:\\s$
33
34# User defined count.
35${USER_LOOP_COUNT}      20
36
37*** Test Cases ***
38
39Verify IPMI User Summary
40    [Documentation]  Verify IPMI maximum supported IPMI user ID and
41    ...  enabled user from user summary.
42    [Tags]  Verify_IPMI_User_Summary
43    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
44    ...  Delete Created User  ${random_userid}
45
46    ${initial_user_count}  ${maximum_ids}=  Get Enabled User Count
47
48    ${random_userid}  ${random_username}=  Create Random IPMI User
49    Wait And Confirm New User Entry  ${random_username}
50    Set Test Variable  ${random_userid}
51    Run IPMI Standard Command  user enable ${random_userid}
52
53    # Verify number of currently enabled users.
54    ${current_user_count}  ${maximum_ids}=  Get Enabled User Count
55    ${calculated_count}=  Evaluate  ${initial_user_count} + 1
56    Should Be Equal As Integers  ${current_user_count}   ${calculated_count}
57
58    # Verify maximum user count IPMI local user can have.
59    Should Be Equal As Integers  ${maximum_ids}  ${expected_max_ids}
60
61
62Verify IPMI User List
63    [Documentation]  Verify user list via IPMI.
64    [Tags]  Verify_IPMI_User_List
65    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
66    ...  Delete Created User  ${random_userid}
67
68    ${random_userid}  ${random_username}=  Create Random IPMI User
69    Set Test Variable  ${random_userid}
70
71    Run IPMI Standard Command
72    ...  user set password ${random_userid} ${valid_password}
73    Run IPMI Standard Command  user enable ${random_userid}
74    # Delay added for IPMI user to get enabled.
75    Sleep  5s
76    # Set admin privilege and enable IPMI messaging for newly created user.
77    Set Channel Access  ${random_userid}  ipmi=on privilege=${admin_level_priv}
78
79    ${users_access}=  Get User Access Ipmi  ${CHANNEL_NUMBER}
80    Rprint Vars  users_access
81
82    ${index}=  Evaluate  ${random_userid} - 1
83    # Verify the user access of created user.
84    Valid Value  users_access[${index}]['id']  ['${random_userid}']
85    Valid Value  users_access[${index}]['name']  ['${random_username}']
86    Valid Value  users_access[${index}]['callin']  ['true']
87    Valid Value  users_access[${index}]['link']  ['false']
88    Valid Value  users_access[${index}]['auth']  ['true']
89    Valid Value  users_access[${index}]['ipmi']  ['ADMINISTRATOR']
90
91
92Verify IPMI User Creation With Valid Name And ID
93    [Documentation]  Create user via IPMI and verify.
94    [Tags]  Verify_IPMI_User_Creation_With_Valid_Name_And_ID
95    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
96    ...  Delete Created User  ${random_userid}
97
98    ${random_userid}  ${random_username}=  Create Random IPMI User
99    Set Test Variable  ${random_userid}
100
101
102Verify IPMI User Creation With Invalid Name
103    [Documentation]  Verify error while creating IPMI user with invalid
104    ...  name (e.g. user name with special characters).
105    [Tags]  Verify_IPMI_User_Creation_With_Invalid_Name
106
107    ${random_userid}=  Find Free User Id
108    ${msg}=  Run Keyword And Expect Error  *  Run IPMI Standard Command
109    ...  user set name ${random_userid} ${invalid_username}
110    Should Contain  ${msg}  Invalid data
111
112
113Verify IPMI User Creation With Invalid ID
114    [Documentation]  Verify error while creating IPMI user with invalid
115    ...  ID(i.e. any number greater than 15 or 0).
116    [Tags]  Verify_IPMI_User_Creation_With_Invalid_ID
117
118    @{id_list}=  Create List
119    ${random_invalid_id}=  Evaluate  random.randint(16, 1000)  modules=random
120    Append To List  ${id_list}  ${random_invalid_id}
121    Append To List  ${id_list}  0
122
123    FOR  ${id}  IN  @{id_list}
124      ${msg}=  Run Keyword And Expect Error  *  Run IPMI Standard Command
125      ...  user set name ${id} newuser
126      Should Contain Any  ${msg}  User ID is limited to range  Parameter out of range
127    END
128
129
130Verify Setting IPMI User With Invalid Password
131    [Documentation]  Verify error while setting IPMI user with invalid
132    ...  password.
133    [Tags]  Verify_Setting_IPMI_User_With_Invalid_Password
134    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
135    ...  Delete Created User  ${random_userid}
136
137    ${random_userid}  ${random_username}=  Create Random IPMI User
138    Set Test Variable  ${random_userid}
139
140    # Set invalid password for newly created user.
141    ${msg}=  Run Keyword And Expect Error  *  Run IPMI Standard Command
142    ...  user set password ${random_userid} ${invalid_password}
143
144    # Delay added for user password to get set.
145    Sleep  5s
146
147    Should Contain  ${msg}  Set User Password command failed
148
149
150Verify Setting IPMI Root User With New Name
151    [Documentation]  Verify error while setting IPMI root user with new
152    ...  name.
153    [Tags]  Verify_Setting_IPMI_Root_User_With_New_Name
154
155    # Set invalid password for newly created user.
156    ${msg}=  Run Keyword And Expect Error  *  Run IPMI Standard Command
157    ...  user set name ${root_userid} abcd
158
159    Should Contain  ${msg}  Set User Name command failed
160
161
162Verify IPMI User Password Via Test Command
163    [Documentation]  Verify IPMI user password using test command.
164    [Tags]  Verify_IPMI_User_Password_Via_Test_Command
165    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
166    ...  Delete Created User  ${random_userid}
167
168    ${random_userid}  ${random_username}=  Create Random IPMI User
169    Set Test Variable  ${random_userid}
170
171    # Set valid password for newly created user.
172    Run IPMI Standard Command
173    ...  user set password ${random_userid} ${valid_password}
174
175    # Verify newly set password using test command.
176    ${msg}=  Run IPMI Standard Command
177    ...  user test ${random_userid} ${max_password_length} ${valid_password}
178
179    Should Contain  ${msg}  Success
180
181
182Verify Setting Valid Password For IPMI User
183    [Documentation]  Set valid password for IPMI user and verify.
184    [Tags]  Verify_Setting_Valid_Password_For_IPMI_User
185    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
186    ...  Delete Created User  ${random_userid}
187
188    ${random_userid}  ${random_username}=  Create Random IPMI User
189    Set Test Variable  ${random_userid}
190
191    # Set valid password for newly created user.
192    Run IPMI Standard Command
193    ...  user set password ${random_userid} ${valid_password}
194
195    Run IPMI Standard Command  user enable ${random_userid}
196
197    # Delay added for IPMI user to get enable
198    Sleep  5s
199
200    # Set admin privilege and enable IPMI messaging for newly created user
201    Set Channel Access  ${random_userid}  ipmi=on privilege=${admin_level_priv}
202
203    Verify IPMI Username And Password  ${random_username}  ${valid_password}
204
205
206Verify IPMI User Creation With Same Name
207    [Documentation]  Verify error while creating two IPMI user with same name.
208    [Tags]  Verify_IPMI_User_Creation_With_Same_Name
209    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
210    ...  Delete Created User  ${random_userid}
211
212    ${random_userid}  ${random_username}=  Create Random IPMI User
213
214    # Set same username for another IPMI user.
215    ${rand_userid_two}=  Find Free User Id
216    ${msg}=  Run Keyword And Expect Error  *  Run IPMI Standard Command
217    ...  user set name ${rand_userid_two} ${random_username}
218    Should Contain  ${msg}  Invalid data field in request
219
220
221Verify Setting IPMI User With Null Password
222    [Documentation]  Verify error while setting IPMI user with null
223    ...  password.
224    [Tags]  Verify_Setting_IPMI_User_With_Null_Password
225    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
226    ...  Delete Created User  ${random_userid}
227
228    ${random_userid}  ${random_username}=  Create Random IPMI User
229    Set Test Variable  ${random_userid}
230
231    # Set null password for newly created user.
232    ${msg}=  Run Keyword And Expect Error  *  Run IPMI Standard Command
233    ...  user set password ${random_userid} ""
234
235    Should Contain  ${msg}  Invalid data field in request
236
237
238Verify IPMI User Deletion
239    [Documentation]  Delete user via IPMI and verify.
240    [Tags]  Verify_IPMI_User_Deletion
241    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
242    ...  Delete Created User  ${random_userid}
243
244    ${random_userid}  ${random_username}=  Create Random IPMI User
245    Set Test Variable  ${random_userid}
246    # Delete IPMI User and verify
247    Run IPMI Standard Command  user set name ${random_userid} ""
248    ${user_info}=  Get User Info  ${random_userid}
249    Should Be Equal  ${user_info['user_name']}  ${EMPTY}
250
251
252Test IPMI User Privilege Level
253    [Documentation]  Verify IPMI user with user privilege can only run user level commands.
254    [Tags]  Test_IPMI_User_Privilege_Level
255    [Template]  Test IPMI User Privilege
256    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
257    ...  Delete Created User  ${random_userid}
258
259    #Privilege level     User Cmd Status  Operator Cmd Status  Admin Cmd Status
260    ${user_priv}         Passed           Failed               Failed
261
262
263Test IPMI Operator Privilege Level
264    [Documentation]  Verify IPMI user with operator privilege can only run user and operator levels commands.
265    ...  level is set to operator.
266    [Tags]  Test_IPMI_Operator_Privilege_Level
267    [Template]  Test IPMI User Privilege
268    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
269    ...  Delete Created User  ${random_userid}
270
271    #Privilege level     User Cmd Status  Operator Cmd Status  Admin Cmd Status
272    ${operator_priv}     Passed           Passed               Failed
273
274
275Test IPMI Administrator Privilege Level
276    [Documentation]  Verify IPMI user with admin privilege can run all levels command.
277    [Tags]  Test_IPMI_Administrator_Privilege_Level
278    [Template]  Test IPMI User Privilege
279    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
280    ...  Delete Created User  ${random_userid}
281
282    #Privilege level     User Cmd Status  Operator Cmd Status  Admin Cmd Status
283    ${admin_level_priv}  Passed           Passed               Passed
284
285
286Test IPMI No Access Privilege Level
287    [Documentation]  Verify IPMI user with no access privilege can not run command at any level.
288    [Tags]  Test_IPMI_No_Access_Privilege_Level
289    [Template]  Test IPMI User Privilege
290    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
291    ...  Delete Created User  ${random_userid}
292
293    #Privilege level     User Cmd Status  Operator Cmd Status  Admin Cmd Status
294    ${no_access_priv}    Failed           Failed               Failed
295
296
297Enable IPMI User And Verify
298    [Documentation]  Enable IPMI user and verify that the user is able
299    ...  to run IPMI command.
300    [Tags]  Enable_IPMI_User_And_Verify
301    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
302    ...  Delete Created User  ${random_userid}
303
304    ${random_userid}  ${random_username}=  Create Random IPMI User
305    Set Test Variable  ${random_userid}
306    Run IPMI Standard Command
307    ...  user set password ${random_userid} ${valid_password}
308
309    # Set admin privilege and enable IPMI messaging for newly created user.
310    Set Channel Access  ${random_userid}  ipmi=on privilege=${admin_level_priv}
311
312    # Delay added for user privilege to get set.
313    Sleep  5s
314
315    Enable IPMI User And Verify  ${random_userid}
316    Wait And Confirm New Username And Password  ${random_username}  ${valid_password}
317
318    # Verify that enabled IPMI  user is able to run IPMI command.
319    Verify IPMI Username And Password  ${random_username}  ${valid_password}
320
321
322Disable IPMI User And Verify
323    [Documentation]  Disable IPMI user and verify that that the user
324    ...  is unable to run IPMI command.
325    [Tags]  Disable_IPMI_User_And_Verify
326    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
327    ...  Delete Created User  ${random_userid}
328
329    ${random_userid}  ${random_username}=  Create Random IPMI User
330    Set Test Variable  ${random_userid}
331    Run IPMI Standard Command
332    ...  user set password ${random_userid} ${valid_password}
333
334    # Set admin privilege and enable IPMI messaging for newly created user.
335    Set Channel Access  ${random_userid}  ipmi=on privilege=${admin_level_priv}
336
337    # Disable IPMI user and verify.
338    Run IPMI Standard Command  user disable ${random_userid}
339    ${user_info}=  Get User Info  ${random_userid}
340    Should Be Equal  ${user_info['enable_status']}  disabled
341
342    # Verify that disabled IPMI  user is unable to run IPMI command.
343    ${msg}=  Run Keyword And Expect Error  *  Verify IPMI Username And Password
344    ...  ${random_username}  ${valid_password}
345    Should Contain  ${msg}  Unable to establish IPMI
346
347
348Verify IPMI Root User Password Change
349    [Documentation]  Change IPMI root user password and verify that
350    ...  root user is able to run IPMI command.
351    [Tags]  Verify_IPMI_Root_User_Password_Change
352    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
353    ...  Wait Until Keyword Succeeds  15 sec  5 sec
354    ...  Set Default Password For IPMI Root User
355
356    # User input password should be minimum 8 characters long.
357    Valid Length  OPENBMC_PASSWORD  min_length=8
358    # Set new password for root user.
359    Run IPMI Standard Command
360    ...  user set password ${root_userid} ${valid_password}
361
362    # Delay added for user password to get set.
363    Sleep  5s
364
365    # Verify that root user is able to run IPMI command using new password.
366    Wait Until Keyword Succeeds  15 sec  5 sec  Verify IPMI Username And Password
367    ...  root  ${valid_password}
368
369
370Verify Administrator And No Access Privilege For Different Channels
371    [Documentation]  Set administrator and no access privilege for different channels and verify.
372    [Tags]  Verify_Administrator_And_No_Access_Privilege_For_Different_Channels
373    [Setup]  Check Active Ethernet Channels
374    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
375    ...  Delete Created User  ${random_userid}
376
377    ${random_userid}  ${random_username}=  Create Random IPMI User
378    Set Test Variable  ${random_userid}
379    Run IPMI Standard Command
380    ...  user set password ${random_userid} ${valid_password}
381
382    # Set admin privilege for newly created user with channel 1.
383    Set Channel Access  ${random_userid}  ipmi=on privilege=${admin_level_priv}  ${CHANNEL_NUMBER}
384
385    # Set no access privilege for newly created user with channel 2.
386    Set Channel Access  ${random_userid}  ipmi=on privilege=${no_access_priv}  ${secondary_channel_number}
387
388    Enable IPMI User And Verify  ${random_userid}
389
390    # Verify that user is able to run administrator level IPMI command with channel 1.
391    Verify IPMI Command  ${random_username}  ${valid_password}  Administrator  ${CHANNEL_NUMBER}
392
393    # Verify that user is unable to run IPMI command with channel 2.
394    Run IPMI Standard Command
395    ...  sel info ${secondary_channel_number}  expected_rc=${1}  U=${random_username}  P=${valid_password}
396
397
398Verify Operator And User Privilege For Different Channels
399    [Documentation]  Set operator and user privilege for different channels and verify.
400    [Tags]  Verify_Operator_And_User_Privilege_For_Different_Channels
401    [Setup]  Check Active Ethernet Channels
402    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
403    ...  Delete Created User  ${random_userid}
404
405    ${random_userid}  ${random_username}=  Create Random IPMI User
406    Set Test Variable  ${random_userid}
407    Run IPMI Standard Command
408    ...  user set password ${random_userid} ${valid_password}
409
410    # Set operator privilege for newly created user with channel 1.
411    Set Channel Access  ${random_userid}  ipmi=on privilege=${operator_priv}  ${CHANNEL_NUMBER}
412
413    # Set user privilege for newly created user with channel 2.
414    Set Channel Access  ${random_userid}  ipmi=on privilege=${user_priv}  ${secondary_channel_number}
415
416    Enable IPMI User And Verify  ${random_userid}
417
418    # Verify that user is able to run operator level IPMI command with channel 1.
419    Verify IPMI Command  ${random_username}  ${valid_password}  Operator  ${CHANNEL_NUMBER}
420
421    # Verify that user is able to run user level IPMI command with channel 2.
422    Verify IPMI Command  ${random_username}  ${valid_password}  User  ${secondary_channel_number}
423
424
425Verify Setting IPMI User With Max Password Length
426    [Documentation]  Verify IPMI user creation with password length of 20 characters.
427    [Tags]  Verify_Setting_IPMI_User_With_Max_Password_Length
428    [Template]  Set User Password And Verify
429
430    # password_length  password_option  expected_status
431    20                 20               ${True}
432
433
434Verify Setting IPMI User With Invalid Password Length
435    [Documentation]  Verify that IPMI user cannot be set with 21 character password using 16 char
436    ...  or 20 char password option.
437    [Tags]  Verify_Setting_IPMI_User_With_Invalid_Password_Length
438    [Template]  Set User Password And Verify
439
440    # password_length  password_option  expected_status
441    21                 16               ${False}
442    21                 20               ${False}
443
444
445Verify Setting IPMI User With 16 Character Password
446    [Documentation]  Verify that IPMI user can create a 16 character password using 16 char or 20
447    ...  char password option.
448    [Tags]  Verify_Setting_IPMI_User_With_16_Character_Password
449    [Template]  Set User Password And Verify
450
451    # password_length  password_option  expected_status
452    16                 16               ${True}
453    16                 20               ${True}
454
455
456Verify Default Selection Of 16 Character Password For IPMI User
457    [Documentation]  Verify that ipmitool by default opts for the 16 character option when given a
458    ...  password whose length is in between 17 and 20.
459    [Tags]  Verify_Default_Selection_Of_16_Character_Password_For_IPMI_User
460    [Template]  Set User Password And Verify
461
462    # password_length  password_option  expected_status
463    17                 16               ${True}
464    20                 16               ${True}
465
466
467Verify Minimum Password Length For IPMI User
468    [Documentation]  Verify minimum password length of 8 characters.
469    [Tags]  Verify_Minimum_Password_Length_For_IPMI_User
470    [Template]  Set User Password And Verify
471
472    # password_length  password_option  expected_status
473    7                  16               ${False}
474    8                  16               ${True}
475    7                  20               ${False}
476    8                  20               ${True}
477
478
479Verify Continuous IPMI Command Execution
480    [Documentation]  Verify that continuous IPMI command execution runs fine.
481    [Tags]  Verify_Continuous_IPMI_Command_Execution
482
483    FOR  ${i}  IN RANGE  ${USER_LOOP_COUNT}
484        Run IPMI Standard Command  lan print
485        Run IPMI Standard Command  power status
486        Run IPMI Standard Command  fru list
487        Run IPMI Standard Command  sel list
488    END
489
490
491Modify IPMI User
492    [Documentation]  Verify modified IPMI user is communicating via IPMI.
493    [Tags]  Modify_IPMI_User
494    [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
495    ...  Delete Created User  ${random_userid}
496
497    ${random_userid}  ${random_username}=  Create Random IPMI User
498    Set Test Variable  ${random_userid}
499    Run IPMI Standard Command
500    ...  user set password ${random_userid} ${valid_password}
501
502    # Set admin privilege and enable IPMI messaging for newly created user.
503    Set Channel Access  ${random_userid}  ipmi=on privilege=${admin_level_priv}
504
505    # Delay added for user privilege to get set.
506    Sleep  5s
507
508    Enable IPMI User And Verify  ${random_userid}
509
510    # Verify that user is able to run administrator level IPMI command.
511    Verify IPMI Command  ${random_username}  ${valid_password}  Administrator  ${CHANNEL_NUMBER}
512
513    # Set different username for same IPMI user.
514    Run IPMI Standard Command
515    ...  user set name ${random_userid} ${new_username}
516    Wait And Confirm New Username And Password  ${new_username}  ${valid_password}
517
518    # Verify that user is able to run administrator level IPMI command.
519    Verify IPMI Command  ${new_username}  ${valid_password}  Administrator  ${CHANNEL_NUMBER}
520
521
522*** Keywords ***
523
524Set Default Password For IPMI Root User
525    [Documentation]  Set default password for IPMI root user (i.e. 0penBmc).
526    # Set default password for root user.
527    ${result}=  Run External IPMI Standard Command
528    ...  user set password ${root_userid} ${OPENBMC_PASSWORD}
529    ...  P=${valid_password}
530    Should Contain  ${result}  Set User Password command successful
531
532    # Verify that root user is able to run IPMI command using default password.
533    Verify IPMI Username And Password  root  ${OPENBMC_PASSWORD}
534
535
536Test IPMI User Privilege
537    [Documentation]  Test IPMI user privilege by executing IPMI command with different privileges.
538    [Arguments]  ${privilege_level}  ${user_cmd_status}  ${operator_cmd_status}  ${admin_cmd_status}
539
540    # Description of argument(s):
541    # privilege_level     Privilege level of IPMI user (e.g. 4, 3).
542    # user_cmd_status     Expected status of IPMI command run with the "User"
543    #                     privilege (i.e. "Passed" or "Failed").
544    # operator_cmd_status Expected status of IPMI command run with the "Operator"
545    #                     privilege (i.e. "Passed" or "Failed").
546    # admin_cmd_status    Expected status of IPMI command run with the "Administrator"
547    #                     privilege (i.e. "Passed" or "Failed").
548
549    # Create IPMI user and set valid password.
550    ${random_username}=  Generate Random String  8  [LETTERS]
551    ${random_userid}=  Evaluate  random.randint(2, 15)  modules=random
552    IPMI Create User  ${random_userid}  ${random_username}
553    Set Test Variable  ${random_userid}
554    Run IPMI Standard Command
555    ...  user set password ${random_userid} ${valid_password}
556
557    # Set privilege and enable IPMI messaging for newly created user.
558    Set Channel Access  ${random_userid}  ipmi=on privilege=${privilege_level}
559
560    # Delay added for user privilege to get set.
561    Sleep  5s
562
563    Enable IPMI User And Verify  ${random_userid}
564
565    Verify IPMI Command  ${random_username}  ${valid_password}  User
566    ...  expected_status=${user_cmd_status}
567    Verify IPMI Command  ${random_username}  ${valid_password}  Operator
568    ...  expected_status=${operator_cmd_status}
569    Verify IPMI Command  ${random_username}  ${valid_password}  Administrator
570    ...  expected_status=${admin_cmd_status}
571
572
573Verify IPMI Command
574    [Documentation]  Verify IPMI command execution with given username,
575    ...  password, privilege and expected status.
576    [Arguments]  ${username}  ${password}  ${privilege}  ${channel}=${1}  ${expected_status}=Passed
577    # Description of argument(s):
578    # username         The user name (e.g. "root", "robert", etc.).
579    # password         The user password (e.g. "0penBmc", "0penBmc1", etc.).
580    # privilege        The session privilege for IPMI command (e.g. "User", "Operator", etc.).
581    # channel          The user channel number (e.g. "1" or "2").
582    # expected_status  Expected status of IPMI command run with the user
583    #                  of above password and privilege (i.e. "Passed" or "Failed").
584
585    ${expected_rc}=  Set Variable If  '${expected_status}' == 'Passed'  ${0}  ${1}
586    Wait Until Keyword Succeeds  15 sec  5 sec  Run IPMI Standard Command
587    ...  sel info ${channel}  expected_rc=${expected_rc}  U=${username}  P=${password}
588    ...  L=${privilege}
589
590
591Set User Password And Verify
592    [Documentation]  Create a user and set its password with given length and option.
593    [Arguments]  ${password_length}  ${password_option}  ${expected_result}
594    [Teardown]  Run Keyword  Delete Created User  ${random_userid}
595    # Description of argument(s):
596    # password_length  Length of password to be generated and used (e.g. "16").
597    # password_option  Password length option to be given in IPMI command (e.g. "16", "20").
598    # expected_result  Expected result for setting the user's password (e.g. "True", "False").
599
600    Rprint Vars  password_length  password_option  expected_result
601    ${random_userid}  ${random_username}=  Create Random IPMI User
602    Set Test Variable  ${random_userid}
603    ${password}=  Get From Dictionary  ${password_values}  ${password_length}
604    Rprint Vars  random_userid  password
605
606    # Set password for newly created user.
607    ${status}=  Run Keyword And Return Status  Run IPMI Standard Command
608    ...  user set password ${random_userid} ${password} ${password_option}
609    Rprint Vars  status
610    Valid Value  status  [${expected_result}]
611    Return From Keyword If  '${expected_result}' == '${False}'
612
613    # Set admin privilege and enable IPMI messaging for newly created user.
614    Set Channel Access  ${random_userid}  ipmi=on privilege=${admin_level_priv}
615
616    # Delay added for user privilege to get set.
617    Sleep  5s
618
619    Enable IPMI User And Verify  ${random_userid}
620
621    # For password_option 16, passwords with length between 17 and 20 will be truncated.
622    # For all other cases, passwords will be retained as it is to verify.
623    ${truncated_password}=  Set Variable  ${password[:${password_option}]}
624    Rprint Vars  truncated_password
625    ${status}=  Run Keyword And Return Status  Verify IPMI Username And Password  ${random_username}
626    ...  ${truncated_password}
627    Rprint Vars  status
628    Valid Value  status  [${expected_result}]
629
630
631Test Teardown Execution
632    [Documentation]  Do the test teardown execution.
633
634    FFDC On Test Case Fail
635
636
637Check Active Ethernet Channels
638    [Documentation]  Check active ethernet channels and set suite variables.
639
640    ${channel_number_list}=  Get Active Ethernet Channel List
641    ${channel_length}=  Get Length  ${channel_number_list}
642    Skip If  '${channel_length}' == '1'
643    ...  msg= Skips this test case as only one channel was in active.
644
645    FOR  ${channel_num}  IN  @{channel_number_list}
646        ${secondary_channel_number}=  Set Variable If  ${channel_num} != ${CHANNEL_NUMBER}  ${channel_num}
647    END
648
649    Set Suite Variable  ${secondary_channel_number}
650
651
652Suite Setup Execution
653    [Documentation]  Make sure the enabled user count is below maximum,
654    ...  and prepares administrative user list suite variables.
655
656    Check Enabled User Count
657    # Skip root user checking if user decides not to use root user as default.
658    Run Keyword If  '${IPMI_USERNAME}' == 'root'  Determine Root User Id
659
660
661Check Enabled User Count
662    [Documentation]  Ensure that there are available user IDs.
663
664    # Check for the enabled user count
665    ${resp}=  Run IPMI Standard Command  user summary ${CHANNEL_NUMBER}
666    ${enabled_user_count}=
667    ...  Get Lines Containing String  ${resp}  Enabled User Count
668
669    Should not contain  ${enabled_user_count}  ${expected_max_ids}
670    ...  msg=IPMI have reached maximum user count
671
672
673Determine Root User Id
674    [Documentation]  Determines the user ID of the root user.
675
676    ${resp}=  Wait Until Keyword Succeeds  15 sec  1 sec  Run IPMI Standard Command
677    ...  user list
678    @{lines}=  Split To Lines  ${resp}
679
680    ${root_userid}=  Set Variable  ${-1}
681    ${line_count}=  Get Length  ${lines}
682    FOR  ${id_index}  IN RANGE  1  ${line_count}
683        ${line}=  Get From List  ${lines}  ${id_index}
684        ${root_found}=  Get Lines Matching Regexp  ${line}  ${root_pattern}
685        IF  '${root_found}' != '${EMPTY}'
686            ${root_userid}=  Set Variable  ${id_index}
687            Exit For Loop
688        END
689    END
690    Set Suite Variable  ${root_userid}
691
692    Log To Console  The root user ID is ${root_userid}.
693    Run Keyword If  ${root_userid} < ${1}  Fail  msg= Did not identify root user ID.
694
695
696Wait And Confirm New Username And Password
697    [Documentation]  Wait in loop trying to to confirm Username And Password.
698    [Arguments]  ${username}  ${password}
699
700    # Description of argument(s):
701    # username         The user name (e.g. "root", "robert", etc.).
702    # password         The user password (e.g. "0penBmc", "0penBmc1", etc.).
703
704    # Give time for previous command to complete.
705    Sleep  5s
706
707    # Looping verify that root user is able to run IPMI command using new password.
708    Wait Until Keyword Succeeds  15 sec  5 sec  Verify IPMI Username And Password
709    ...  ${username}  ${password}
710
711
712Get Enabled User Count
713    [Documentation]  Return as integers: current number of enabled users and
714    ...  Maximum number of Ids.
715
716    # Isolate 'Enabled User Count' value and convert to integer
717    ${resp}=  Wait Until Keyword Succeeds  15 sec  1 sec  Run IPMI Standard Command
718    ...  user summary ${CHANNEL_NUMBER}
719    ${user_count_line}=  Get Lines Containing String  ${resp}  Enabled User Count
720    ${count}=  Fetch From Right  ${user_count_line}  \:
721    ${user_count}=  Convert To Integer  ${count}
722
723    # Isolate 'Maximum IDs' value and convert to integer
724    ${maximum_ids}=  Get Lines Containing String  ${resp}  Maximum IDs
725    ${max_ids}=  Fetch From Right  ${maximum_ids}  \:
726    ${int_maximum_ids_count}=  Convert To Integer  ${max_ids}
727
728    [Return]  ${user_count}  ${int_maximum_ids_count}
729
730
731Wait And Confirm New User Entry
732    [Documentation]  Wait in loop until new user appears with given username.
733    [Arguments]  ${username}
734
735    # Description of argument(s):
736    # username         The user name (e.g. "root", "robert", etc.).
737
738    Wait Until Keyword Succeeds  45 sec  1 sec  Verify IPMI Username Visible
739    ...  ${username}
740
741
742Verify IPMI Username Visible
743    [Documentation]  Confirm that username is present in user list.
744    [Arguments]  ${username}
745
746    # Description of argument(s):
747    # username         The user name (e.g. "root", "robert", etc.).
748
749    ${resp}=  Run IPMI Standard Command  user list
750    Should Contain  ${resp}  ${username}
751
752
753Find Free User Id
754    [Documentation]  Find a user ID that is not being used.
755
756    Check Enabled User Count
757    FOR    ${num}    IN RANGE    300
758        ${random_userid}=  Evaluate  random.randint(1, ${expected_max_ids})  modules=random
759        ${access}=  Run IPMI Standard Command  channel getaccess 1 ${random_userid}
760
761        ${name_line}=  Get Lines Containing String  ${access}  User Name
762        Log To Console  For ID ${random_userid}: ${name_line}
763        ${is_empty}=  Run Keyword And Return Status
764        ...  Should Match Regexp  ${name_line}  ${empty_name_pattern}
765
766        Exit For Loop If  ${is_empty} == ${True}
767    END
768    [Return]  ${random_userid}
769