1*** Settings ***
2Documentation  This module provides general keywords for LDAP.
3
4*** Keywords ***
5
6Get LDAP Configuration Using Redfish
7    [Documentation]  Retrieve LDAP Configuration.
8    [Arguments]   ${ldap_type}
9
10    # Description of argument(s):
11    # ldap_type  The LDAP type ("ActiveDirectory" or "LDAP").
12
13    ${ldap_config}=  Redfish.Get Properties  ${REDFISH_BASE_URI}AccountService
14    [Return]  ${ldap_config["${ldap_type}"]}
15
16
17Get LDAP Privilege And Group Name Via Redfish
18    [Documentation]  Get LDAP groupname via Redfish.
19
20    # Get LDAP configuration via Redfish.
21    # Sample output of LDAP configuration:
22    # {
23    #  'RemoteRoleMapping': [
24    #    {
25    #     'RemoteGroup': 'openldapgroup',
26    #     'LocalRole': 'Administrator'
27    #     },
28    #   ],
29    #  'Authentication':
30    #   {
31    #    'Username': 'cn=Administrator,dc=ldap,dc=com',
32    #    'Password': None,
33    #    'AuthenticationType': 'UsernameAndPassword'
34    #   },
35    #  'LDAPService':
36    #    {
37    #     'SearchSettings':
38    #      {
39    #       'BaseDistinguishedNames': ['dc=ldap,dc=com'],
40    #       'UsernameAttribute': 'cn',
41    #       'GroupsAttribute': 'gidNumber'
42    #      }
43    #    },
44    #  'ServiceEnabled': True,
45    #  'Certificates':
46    #    {
47    #      '@odata.id': u'/redfish/v1/AccountService/LDAP/Certificates'
48    #    },
49    #  'ServiceAddresses': ['ldap://xx.xx.xx.xx/']
50    # }
51
52    ${ldap_config}=  Get LDAP Configuration Using Redfish  ${LDAP_TYPE}
53    ${num_list_entries}=  Get Length  ${ldap_config["RemoteRoleMapping"]}
54    Return From Keyword If  ${num_list_entries} == ${0}  @{EMPTY}
55    ${ldap_group_names}=  Create List
56    FOR  ${i}  IN RANGE  ${num_list_entries}
57      Append To List  ${ldap_group_names}  ${ldap_config["RemoteRoleMapping"][${i}]["RemoteGroup"]}
58    END
59
60    [Return]  ${ldap_group_names}
61
62
63Create LDAP Configuration
64    [Documentation]  Create LDAP configuration.
65    [Arguments]  ${ldap_type}=${LDAP_TYPE}  ${ldap_server_uri}=${LDAP_SERVER_URI}
66    ...  ${ldap_bind_dn}=${LDAP_BIND_DN}  ${ldap_bind_dn_password}=${LDAP_BIND_DN_PASSWORD}
67    ...  ${ldap_base_dn}=${LDAP_BASE_DN}
68
69    # Description of argument(s):
70    # ldap_type              The LDAP type ("ActiveDirectory" or "LDAP").
71    # ldap_server_uri        LDAP server uri (e.g. ldap://XX.XX.XX.XX).
72    # ldap_bind_dn           The LDAP bind distinguished name.
73    # ldap_bind_dn_password  The LDAP bind distinguished name password.
74    # ldap_base_dn           The LDAP base distinguished name.
75
76    ${body}=  Catenate  {'${ldap_type}':
77    ...  {'ServiceEnabled': ${True},
78    ...   'ServiceAddresses': ['${ldap_server_uri}'],
79    ...   'Authentication':
80    ...       {'AuthenticationType': 'UsernameAndPassword',
81    ...        'Username':'${ldap_bind_dn}',
82    ...        'Password': '${ldap_bind_dn_password}'},
83    ...   'LDAPService':
84    ...       {'SearchSettings':
85    ...           {'BaseDistinguishedNames': ['${ldap_base_dn}']}}}}
86
87    Redfish.Patch  ${REDFISH_BASE_URI}AccountService  body=${body}
88    Sleep  15s
89