1*** Settings ***
2Documentation    Test IPMI and Redfish combinations for user management.
3
4Resource         ../../lib/openbmc_ffdc.robot
5Resource         ../../lib/ipmi_client.robot
6Resource         ../../lib/resource.robot
7Resource         ../../lib/bmc_redfish_resource.robot
8Resource         ../../lib/openbmc_ffdc.robot
9Resource         ../../lib/ipmi_client.robot
10Library          ../../lib/ipmi_utils.py
11
12Test Setup       Test Setup Execution
13Test Teardown    Test Teardown Execution
14
15
16*** Variables ***
17
18${valid_password}       0penBmc1
19${valid_password2}      0penBmc2
20
21
22*** Test Cases ***
23
24Create IPMI User Without Any Privilege And Verify Via Redfish
25    [Documentation]  Create user using IPMI without privilege and verify user privilege
26    ...  via Redfish.
27    [Tags]  Create_IPMI_User_Without_Any_Privilege_And_Verify_Via_Redfish
28
29    # Create IPMI user with random id and username.
30    ${random_userid}=  Evaluate  random.randint(2, 15)  modules=random
31    ${random_username}=  Generate Random String  8  [LETTERS]
32    Run IPMI Standard Command
33    ...  user set name ${random_userid} ${random_username}
34
35    # Verify new user privilege level via Redfish.
36    ${privilege}=  Redfish_Utils.Get Attribute
37    ...  /redfish/v1/AccountService/Accounts/${random_username}  RoleId
38    Valid Value  privilege  ['ReadOnly']
39
40
41Create Admin User Via Redfish And Verify Login Via IPMI
42    [Documentation]  Create user via redfish and verify via IPMI.
43    [Tags]  Create_Admin_User_Via_Redfish_And_Verify_Login_Via_IPMI
44
45    ${random_username}=  Generate Random String  8  [LETTERS]
46    Set Test Variable  ${random_username}
47
48    ${payload}=  Create Dictionary
49    ...  UserName=${random_username}  Password=${valid_password}
50    ...  RoleId=Administrator  Enabled=${True}
51    Redfish.Post  /redfish/v1/AccountService/Accounts  body=&{payload}
52    ...  valid_status_codes=[${HTTP_CREATED}]
53
54    # Add delay for a new admin user password to set.
55    Sleep  5s
56
57    Enable IPMI Access To User Using Redfish  ${random_username}
58
59    # Update user password using Redfish.
60    ${payload}=  Create Dictionary  Password=${valid_password2}
61    Redfish.Patch  /redfish/v1/AccountService/Accounts/${random_username}  body=&{payload}
62
63    Verify IPMI Username And Password  ${random_username}  ${valid_password2}
64
65
66Delete User Via Redfish And Verify Using IPMI
67    [Documentation]  Delete user via redfish and verify using IPMI.
68    [Tags]  Delete_User_Via_Redfish_And_Verify_Using_IPMI
69
70    # Create user using Redfish.
71    ${random_username}=  Generate Random String  8  [LETTERS]
72    Set Test Variable  ${random_username}
73
74    ${payload}=  Create Dictionary
75    ...  UserName=${random_username}  Password=${valid_password}
76    ...  RoleId=Administrator  Enabled=${True}
77    Redfish.Post  /redfish/v1/AccountService/Accounts  body=&{payload}
78    ...  valid_status_codes=[${HTTP_CREATED}]
79
80    Enable IPMI Access To User Using Redfish  ${random_username}
81
82    # Update user password using Redfish.
83    ${payload}=  Create Dictionary  Password=${valid_password2}
84    Redfish.Patch  /redfish/v1/AccountService/Accounts/${random_username}  body=&{payload}
85
86    # Delete user using Redfish.
87    Redfish.Delete  /redfish/v1/AccountService/Accounts/${random_username}
88
89    # Verify that IPMI command fails with deleted user.
90    Run Keyword And Expect Error  *Error: Unable to establish IPMI*
91    ...  Verify IPMI Username And Password  ${random_username}  ${valid_password2}
92
93
94*** Keywords ***
95
96Create IPMI Random User With Password And Privilege
97    [Documentation]  Create random IPMI user with given password and privilege
98    ...  level.
99    [Arguments]  ${password}  ${privilege}=0
100
101    # Description of argument(s):
102    # password      Password to be assigned for the user.
103    # privilege     Privilege level for the user (e.g. "1", "2", "3", etc.).
104
105    # Create IPMI user.
106    ${random_username}=  Generate Random String  8  [LETTERS]
107    Set Suite Variable  ${random_username}
108
109    ${random_userid}=  Find And Return Free User Id
110    IPMI Create User  ${random_userid}  ${random_username}
111
112    # Set given password for newly created user.
113    Run IPMI Standard Command
114    ...  user set password ${random_userid} ${password}
115
116    # Enable IPMI user.
117    Run IPMI Standard Command  user enable ${random_userid}
118
119    # Set given privilege and enable IPMI messaging for newly created user.
120    Run Keyword If  '${privilege}' != '0'
121    ...  Set Channel Access  ${random_userid}  ipmi=on privilege=${privilege}
122
123    [Return]  ${random_username}  ${random_userid}
124
125
126Delete Users Via Redfish
127    [Documentation]  Delete all the users via redfish from given list.
128    [Arguments]  ${user_list}
129
130    # Description of argument(s):
131    # user_list    List of user which are to be deleted.
132
133    Redfish.Login
134
135    FOR  ${user}  IN  @{user_list}
136      Redfish.Delete  ${user}
137    END
138
139    Redfish.Logout
140
141
142Enable IPMI Access To User Using Redfish
143    [Documentation]  Add IPMI access to a user through Redfish.
144    [Arguments]  ${user_name}
145
146    # Description of argument(s):
147    # user_name  User name to which IPMI access is to be added.
148
149    # Adding IPMI access to user name.
150    Redfish.Patch    /redfish/v1/AccountService/Accounts/${user_name}
151    ...  body={"AccountTypes": ["Redfish", "HostConsole", "ManagerConsole", "WebUI", "IPMI"]}
152
153
154Test Setup Execution
155    [Documentation]  Do test case setup tasks.
156
157    Redfish.Login
158
159
160Test Teardown Execution
161    [Documentation]  Do the post test teardown.
162
163    FFDC On Test Case Fail
164    # Delete the test user.
165    Run Keyword And Ignore Error
166    ...  Redfish.Delete  /redfish/v1/AccountService/Accounts/${random_username}
167
168    Redfish.Logout
169
170
171Find And Return Free User Id
172    [Documentation]  Find and return userid that is not being used.
173
174    FOR    ${index}    IN RANGE    300
175        # IPMI maximum users count (i.e. 15 users).
176        ${random_userid}=  Evaluate  random.randint(1, ${ipmi_max_num_users})  modules=random
177        ${access_output}=  Run IPMI Standard Command  channel getaccess 1 ${random_userid}
178
179        ${name_line}=  Get Lines Containing String  ${access_output}  User Name
180        Log To Console  For ID ${random_userid}: ${name_line}
181        ${is_empty}=  Run Keyword And Return Status
182        ...  Should Match Regexp  ${name_line}  ${empty_name_pattern}
183
184        Exit For Loop If  ${is_empty} == ${True}
185    END
186    Run Keyword If  '${index}' == '299'  Fail  msg=A free user ID could not be found.
187    [Return]  ${random_userid}
188
189