1*** Settings *** 2Documentation Test suite for OpenBMC IPMI user management. 3 4Resource ../lib/ipmi_client.robot 5Resource ../lib/openbmc_ffdc.robot 6Library ../lib/ipmi_utils.py 7 8Test Teardown Test Teardown Execution 9 10 11*** Variables *** 12 13${invalid_username} user% 14${invalid_password} abc123 15${root_userid} 1 16${operator_level_priv} 0x3 17${admin_level_priv} 4 18${valid_password} 0penBmc1 19${max_password_length} 20 20${ipmi_setaccess_cmd} channel setaccess 21${IPMI_EXT_CMD} ipmitool -I lanplus -C 3 22${PASSWORD_OPTION} -P 23${USER_OPTION} -U 24${SEL_INFO_CMD} sel info 25 26 27*** Test Cases *** 28 29Verify IPMI User Summary 30 [Documentation] Verify IPMI maximum supported IPMI user ID and 31 ... enabled user form user summary 32 [Tags] Verify_IPMI_User_Summary 33 34 # Delete all non-root IPMI (i.e. except userid 1) 35 Delete All Non Root IPMI User 36 37 # Create a valid user and enable it. 38 ${random_username}= Generate Random String 8 [LETTERS] 39 ${random_userid}= Evaluate random.randint(2, 15) modules=random 40 IPMI Create User ${random_userid} ${random_username} 41 Run IPMI Standard Command user enable ${random_userid} 42 43 # Verify maximum user count IPMI local user can have. Also verify 44 # currently enabled users. 45 ${resp}= Run IPMI Standard Command user summary 46 ${enabled_user_count}= 47 ... Get Lines Containing String ${resp} Enabled User Count 48 ${maximum_ids}= Get Lines Containing String ${resp} Maximum IDs 49 Should Contain ${enabled_user_count} 2 50 Should Contain ${maximum_ids} 15 51 52 53Verify IPMI User Creation With Valid Name And ID 54 [Documentation] Create user via IPMI and verify. 55 [Tags] Test_IPMI_User_Creation_With_Valid_Name_And_ID 56 57 ${random_username}= Generate Random String 8 [LETTERS] 58 ${random_userid}= Evaluate random.randint(2, 15) modules=random 59 IPMI Create User ${random_userid} ${random_username} 60 61 62Verify IPMI User Creation With Invalid Name 63 [Documentation] Verify error while creating IPMI user with invalid 64 ... name(e.g. user name with special characters). 65 [Tags] Verify_IPMI_User_Creation_With_Invalid_Name 66 67 ${random_userid}= Evaluate random.randint(2, 15) modules=random 68 ${msg}= Run Keyword And Expect Error * Run IPMI Standard Command 69 ... user set name ${random_userid} ${invalid_username} 70 Should Contain ${msg} Invalid data 71 72 73Verify IPMI User Creation With Invalid ID 74 [Documentation] Verify error while creating IPMI user with invalid 75 ... ID(i.e. any number greater than 15 or 0). 76 [Tags] Verify_IPMI_User_Creation_With_Invalid_ID 77 78 @{id_list}= Create List 79 ${random_invalid_id}= Evaluate random.randint(16, 1000) modules=random 80 Append To List ${id_list} ${random_invalid_id} 81 Append To List ${id_list} 0 82 83 :FOR ${id} IN @{id_list} 84 \ ${msg}= Run Keyword And Expect Error * Run IPMI Standard Command 85 \ ... user set name ${id} newuser 86 \ Should Contain ${msg} User ID is limited to range 87 88 89Verify Setting IPMI User With Invalid Password 90 [Documentation] Verify error while setting IPMI user with invalid 91 ... password. 92 [Tags] Verify_Setting_IPMI_User_With_Invalid_Password 93 94 # Create IPMI user. 95 ${random_username}= Generate Random String 8 [LETTERS] 96 ${random_userid}= Evaluate random.randint(2, 15) modules=random 97 IPMI Create User ${random_userid} ${random_username} 98 99 # Set invalid password for newly created user. 100 ${msg}= Run Keyword And Expect Error * Run IPMI Standard Command 101 ... user set password ${random_userid} ${invalid_password} 102 103 Should Contain ${msg} Invalid data field in request 104 105 106Verify Setting IPMI Root User With New Name 107 [Documentation] Verify error while setting IPMI root user with new 108 ... name. 109 [Tags] Verify_Setting_IPMI_Root_User_With_New_Name 110 111 # Set invalid password for newly created user. 112 ${msg}= Run Keyword And Expect Error * Run IPMI Standard Command 113 ... user set name ${root_userid} abcd 114 115 Should Contain ${msg} Set User Name command failed 116 117 118Verify IPMI User Password Via Test Command 119 [Documentation] Verify IPMI user password using test command. 120 [Tags] Verify_IPMI_User_Password_Via_Test_Command 121 122 # Create IPMI user. 123 ${random_username}= Generate Random String 8 [LETTERS] 124 ${random_userid}= Evaluate random.randint(2, 15) modules=random 125 IPMI Create User ${random_userid} ${random_username} 126 127 # Set valid password for newly created user. 128 Run IPMI Standard Command 129 ... user set password ${random_userid} ${valid_password} 130 131 # Verify newly set password using test command. 132 ${msg}= Run IPMI Standard Command 133 ... user test ${random_userid} ${max_password_length} ${valid_password} 134 135 Should Contain ${msg} Success 136 137 138Verify Setting Valid Password For IPMI User 139 [Documentation] Set valid password for IPMI user and verify. 140 [Tags] Verify_Setting_Valid_Password_For_IPMI_User 141 142 # Create IPMI user. 143 ${random_username}= Generate Random String 8 [LETTERS] 144 ${random_userid}= Evaluate random.randint(2, 15) modules=random 145 IPMI Create User ${random_userid} ${random_username} 146 147 # Set valid password for newly created user. 148 Run IPMI Standard Command 149 ... user set password ${random_userid} ${valid_password} 150 151 # Enable IPMI user 152 Run IPMI Standard Command user enable ${random_userid} 153 154 # Set admin privilege and enable IPMI messaging for newly created user 155 Set Channel Access ${random_userid} ipmi=on privilege=${admin_level_priv} 156 157 Verify IPMI Username And Password ${random_username} ${valid_password} 158 159 160Verify IPMI User Creation With Same Name 161 [Documentation] Verify error while creating two IPMI user with same name. 162 [Tags] Verify_IPMI_User_Creation_With_Same_Name 163 164 ${random_username}= Generate Random String 8 [LETTERS] 165 IPMI Create User 2 ${random_username} 166 167 # Set same username for another IPMI user. 168 ${msg}= Run Keyword And Expect Error * Run IPMI Standard Command 169 ... user set name 3 ${random_username} 170 Should Contain ${msg} Invalid data field in request 171 172 173Verify Setting IPMI User With Null Password 174 [Documentation] Verify error while setting IPMI user with null 175 ... password. 176 [Tags] Verify_Setting_IPMI_User_With_Null_Password 177 178 # Create IPMI user. 179 ${random_username}= Generate Random String 8 [LETTERS] 180 ${random_userid}= Evaluate random.randint(2, 15) modules=random 181 IPMI Create User ${random_userid} ${random_username} 182 183 # Set null password for newly created user. 184 ${msg}= Run Keyword And Expect Error * Run IPMI Standard Command 185 ... user set password ${random_userid} "" 186 187 Should Contain ${msg} Invalid data field in request 188 189 190Verify IPMI User Deletion 191 [Documentation] Delete user via IPMI and verify. 192 [Tags] Verify_IPMI_User_Deletion 193 194 ${random_username}= Generate Random String 8 [LETTERS] 195 ${random_userid}= Evaluate random.randint(2, 15) modules=random 196 IPMI Create User ${random_userid} ${random_username} 197 198 # Delete IPMI User and verify 199 Run IPMI Standard Command user set name ${random_userid} "" 200 ${user_info}= Get User Info ${random_userid} 201 Should Be Equal ${user_info['user_name']} ${EMPTY} 202 203 204Enable IPMI User And Verify 205 [Documentation] Enable IPMI user and verify that the user is able 206 ... to run IPMI command. 207 [Tags] Enable_IPMI_User_And_Verify 208 209 # Create IPMI user and set valid password. 210 ${random_username}= Generate Random String 8 [LETTERS] 211 ${random_userid}= Evaluate random.randint(2, 15) modules=random 212 IPMI Create User ${random_userid} ${random_username} 213 Run IPMI Standard Command 214 ... user set password ${random_userid} ${valid_password} 215 216 # Set admin privilege and enable IPMI messaging for newly created user. 217 Set Channel Access ${random_userid} ipmi=on privilege=${admin_level_priv} 218 219 # Enable IPMI user and verify. 220 Run IPMI Standard Command user enable ${random_userid} 221 ${user_info}= Get User Info ${random_userid} 222 Should Be Equal ${user_info['enable_status']} enabled 223 224 # Verify that enabled IPMI user is able to run IPMI command. 225 Verify IPMI Username And Password ${random_username} ${valid_password} 226 227 228Disable IPMI User And Verify 229 [Documentation] Disable IPMI user and verify that that the user 230 ... is unable to run IPMI command. 231 [Tags] Disable_IPMI_User_And_Verify 232 233 # Create IPMI user and set valid password. 234 ${random_username}= Generate Random String 8 [LETTERS] 235 ${random_userid}= Evaluate random.randint(2, 15) modules=random 236 IPMI Create User ${random_userid} ${random_username} 237 Run IPMI Standard Command 238 ... user set password ${random_userid} ${valid_password} 239 240 # Set admin privilege and enable IPMI messaging for newly created user. 241 Set Channel Access ${random_userid} ipmi=on privilege=${admin_level_priv} 242 243 # Disable IPMI user and verify. 244 Run IPMI Standard Command user disable ${random_userid} 245 ${user_info}= Get User Info ${random_userid} 246 Should Be Equal ${user_info['enable_status']} disabled 247 248 # Verify that disabled IPMI user is unable to run IPMI command. 249 ${msg}= Run Keyword And Expect Error * Verify IPMI Username And Password 250 ... ${random_username} ${valid_password} 251 Should Contain ${msg} IPMI command fails 252 253 254Verify IPMI Root User Password Change 255 [Documentation] Change IPMI root user password and verify that 256 ... root user is able to run IPMI command. 257 [Tags] Verify_IPMI_Root_User_Password_Change 258 [Teardown] Wait Until Keyword Succeeds 15 sec 5 sec 259 ... Set Default Password For IPMI Root User 260 261 # Set new password for root user. 262 Run IPMI Standard Command 263 ... user set password ${root_userid} ${valid_password} 264 265 # Verify that root user is able to run IPMI command using new password. 266 Verify IPMI Username And Password root ${valid_password} 267 268 269*** Keywords *** 270 271IPMI Create User 272 [Documentation] Create IPMI user with given userid and username. 273 [Arguments] ${userid} ${username} 274 275 # Description of argument(s): 276 # userid The user ID (e.g. "1", "2", etc.). 277 # username The user name (e.g. "root", "robert", etc.). 278 279 ${ipmi_cmd}= Catenate user set name ${userid} ${username} 280 ${resp}= Run IPMI Standard Command ${ipmi_cmd} 281 ${user_info}= Get User Info ${userid} 282 Should Be Equal ${user_info['user_name']} ${username} 283 284 285Set Channel Access 286 [Documentation] Verify that user is able to run IPMI command 287 ... with given username and password. 288 [Arguments] ${userid} ${options} ${channel}=1 289 290 # Description of argument(s): 291 # userid The user ID (e.g. "1", "2", etc.). 292 # options Set channel command options (e.g. 293 # "link=on", "ipmi=on", etc.). 294 # channel_number The user's channel number (e.g. "1"). 295 296 ${ipmi_cmd}= Catenate SEPARATOR= 297 ... ${ipmi_setaccess_cmd}${SPACE}${channel}${SPACE}${userid} 298 ... ${SPACE}${options} 299 Run IPMI Standard Command ${ipmi_cmd} 300 301Set Default Password For IPMI Root User 302 [Documentation] Set default password for IPMI root user (i.e. 0penBmc). 303 304 # Set default password for root user. 305 ${result}= Run External IPMI Standard Command 306 ... user set password ${root_userid} ${OPENBMC_PASSWORD} 307 ... P=${valid_password} 308 Should Contain ${result} Set User Password command successful 309 310 # Verify that root user is able to run IPMI command using default password. 311 Verify IPMI Username And Password root ${OPENBMC_PASSWORD} 312 313 314Verify IPMI Username And Password 315 [Documentation] Verify that user is able to run IPMI command 316 ... with given username and password. 317 [Arguments] ${username} ${password} 318 319 ${ipmi_cmd}= Catenate SEPARATOR= 320 ... ${IPMI_EXT_CMD}${SPACE}${USER_OPTION}${SPACE}${username} 321 ... ${SPACE}${PASSWORD_OPTION}${SPACE}${password} 322 ... ${SPACE}${HOST}${SPACE}${OPENBMC_HOST}${SPACE}${SEL_INFO_CMD} 323 ${rc} ${output}= Run and Return RC and Output ${ipmi_cmd} 324 Should Be Equal ${rc} ${0} msg=IPMI command fails 325 Should Contain ${output} SEL Information 326 327 328Delete All Non Root IPMI User 329 [Documentation] Delete all non-root IPMI user. 330 331 :FOR ${userid} IN RANGE 2 16 332 \ ${user_info}= Get User Info ${userid} 333 \ Run Keyword If "${user_info['user_name']}" != "" 334 ... Run IPMI Standard Command user set name ${userid} "" 335 336 337Test Teardown Execution 338 [Documentation] Do the test teardown execution. 339 340 FFDC On Test Case Fail 341 Delete All Non Root IPMI User 342 343