1*** Settings *** 2Documentation Test IPMI and Redfish combinations for user management. 3 4Resource ../../lib/resource.robot 5Resource ../../lib/bmc_redfish_resource.robot 6Resource ../../lib/openbmc_ffdc.robot 7Resource ../../lib/ipmi_client.robot 8Library ../lib/ipmi_utils.py 9 10Test Setup Test Setup Execution 11Test Teardown Test Teardown Execution 12 13 14*** Variables *** 15 16${valid_password} 0penBmc1 17${valid_password2} 0penBmc2 18${admin_level_priv} 4 19${operator_level_priv} 3 20${readonly_level_priv} 2 21${ipmi_max_num_users} ${15} 22${max_num_users} ${15} 23${empty_name_pattern} ^User Name\\s.*\\s:\\s$ 24 25** Test Cases ** 26 27Create Admin Redfish User And Verify Login Via IPMI 28 [Documentation] Create user using redfish and verify via IPMI. 29 [Tags] Create_Admin_Redfish_User_And_Verify_Login_Via_IPMI 30 31 ${random_username}= Generate Random String 8 [LETTERS] 32 Set Test Variable ${random_username} 33 34 ${payload}= Create Dictionary 35 ... UserName=${random_username} Password=${valid_password} 36 ... RoleId=Administrator Enabled=${True} 37 Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload} 38 ... valid_status_codes=[${HTTP_CREATED}] 39 40 # Delay added for created new user password to get set. 41 Sleep 5s 42 43 Verify IPMI Username And Password ${random_username} ${valid_password} 44 45 46Update User Password Via Redfish And Verify Using IPMI 47 [Documentation] Update user password via Redfish and verify using IPMI. 48 [Tags] Update_User_Password_Via_Redfish_And_Verify_Using_IPMI 49 50 # Create user using Redfish. 51 ${random_username}= Generate Random String 8 [LETTERS] 52 Set Test Variable ${random_username} 53 54 ${payload}= Create Dictionary 55 ... UserName=${random_username} Password=${valid_password} 56 ... RoleId=Administrator Enabled=${True} 57 Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload} 58 ... valid_status_codes=[${HTTP_CREATED}] 59 60 # Update user password using Redfish. 61 ${payload}= Create Dictionary Password=${valid_password2} 62 Redfish.Patch /redfish/v1/AccountService/Accounts/${random_username} body=&{payload} 63 64 # Verify that IPMI command works with new password and fails with older password. 65 Verify IPMI Username And Password ${random_username} ${valid_password2} 66 67 Run Keyword And Expect Error *Error: Unable to establish IPMI* 68 ... Verify IPMI Username And Password ${random_username} ${valid_password} 69 70 71Update User Privilege Via Redfish And Verify Using IPMI 72 [Documentation] Update user privilege via Redfish and verify using IPMI. 73 [Tags] Update_User_Privilege_Via_Redfish_And_Verify_Using_IPMI 74 75 # Create user using Redfish with admin privilege. 76 ${random_username}= Generate Random String 8 [LETTERS] 77 Set Test Variable ${random_username} 78 79 ${payload}= Create Dictionary 80 ... UserName=${random_username} Password=${valid_password} 81 ... RoleId=Administrator Enabled=${True} 82 Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload} 83 ... valid_status_codes=[${HTTP_CREATED}] 84 85 # Update user privilege to operator using Redfish. 86 ${payload}= Create Dictionary RoleId=Operator 87 Redfish.Patch /redfish/v1/AccountService/Accounts/${random_username} body=&{payload} 88 89 # Verify new user privilege level via IPMI. 90 ${resp}= Run IPMI Standard Command user list ${CHANNEL_NUMBER} 91 92 # Example of response data: 93 # ID Name Callin Link Auth IPMI Msg Channel Priv Limit 94 # 1 root false true true ADMINISTRATOR 95 # 2 OAvCxjMv false true true OPERATOR 96 # 3 true false false NO ACCESS 97 # .. 98 # .. 99 # 15 true false false NO ACCESS 100 101 ${user_info}= 102 ... Get Lines Containing String ${resp} ${random_username} 103 Should Contain ${user_info} OPERATOR 104 105 106Delete User Via Redfish And Verify Using IPMI 107 [Documentation] Delete user via redfish and verify using IPMI. 108 [Tags] Delete_User_Via_Redfish_And_Verify_Using_IPMI 109 110 # Create user using Redfish. 111 ${random_username}= Generate Random String 8 [LETTERS] 112 Set Test Variable ${random_username} 113 114 ${payload}= Create Dictionary 115 ... UserName=${random_username} Password=${valid_password} 116 ... RoleId=Administrator Enabled=${True} 117 Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload} 118 ... valid_status_codes=[${HTTP_CREATED}] 119 120 # Delete user using Redfish. 121 Redfish.Delete /redfish/v1/AccountService/Accounts/${random_username} 122 123 # Verify that IPMI command fails with deleted user. 124 Run Keyword And Expect Error *Error: Unable to establish IPMI* 125 ... Verify IPMI Username And Password ${random_username} ${valid_password} 126 127 128Create IPMI User And Verify Login Via Redfish 129 [Documentation] Create user using IPMI and verify user login via Redfish. 130 [Tags] Create_IPMI_User_And_Verify_Login_Via_Redfish 131 132 ${username} ${userid}= IPMI Create Random User Plus Password And Privilege 133 ... ${valid_password} ${admin_level_priv} 134 135 Redfish.Logout 136 137 # Verify user login using Redfish. 138 Redfish.Login ${username} ${valid_password} 139 Redfish.Logout 140 141 Redfish.Login 142 143 144Update User Password Via IPMI And Verify Using Redfish 145 [Documentation] Update user password using IPMI and verify user 146 ... login via Redfish. 147 [Tags] Update_User_Password_Via_IPMI_And_Verify_Using_Redfish 148 149 ${username} ${userid}= IPMI Create Random User Plus Password And Privilege 150 ... ${valid_password} ${admin_level_priv} 151 152 # Update user password using IPMI. 153 Run IPMI Standard Command 154 ... user set password ${userid} ${valid_password2} 155 156 Redfish.Logout 157 158 # Verify that user login works with new password using Redfish. 159 Redfish.Login ${username} ${valid_password2} 160 Redfish.Logout 161 162 Redfish.Login 163 164 165Update User Privilege To Operator Via IPMI And Verify Using Redfish 166 [Documentation] Update user privilege to operator via IPMI and verify using Redfish. 167 [Tags] Update_User_Privilege_To_Operator_Via_IPMI_And_Verify_Using_Redfish 168 # Create user using IPMI with admin privilege. 169 ${username} ${userid}= IPMI Create Random User Plus Password And Privilege 170 ... ${valid_password} ${admin_level_priv} 171 172 # Change user privilege to opetrator using IPMI. 173 Run IPMI Standard Command 174 ... user priv ${userid} ${operator_level_priv} ${CHANNEL_NUMBER} 175 176 # Verify new user privilege level via Redfish. 177 ${privilege}= Redfish_Utils.Get Attribute 178 ... /redfish/v1/AccountService/Accounts/${username} RoleId 179 Should Be Equal ${privilege} Operator 180 181 182Update User Privilege To Readonly Via IPMI And Verify Using Redfish 183 [Documentation] Update user privilege to readonly via IPMI and verify using Redfish. 184 [Tags] Update_User_Privilege_To_Readonly_Via_IPMI_And_Verify_Using_Redfish 185 186 # Create user using IPMI with admin privilege. 187 ${username} ${userid}= IPMI Create Random User Plus Password And Privilege 188 ... ${valid_password} ${admin_level_priv} 189 190 # Change user privilege to readonly using IPMI. 191 Run IPMI Standard Command 192 ... user priv ${userid} ${readonly_level_priv} ${CHANNEL_NUMBER} 193 194 # Verify new user privilege level via Redfish. 195 ${privilege}= Redfish_Utils.Get Attribute 196 ... /redfish/v1/AccountService/Accounts/${username} RoleId 197 Should Be Equal ${privilege} ReadOnly 198 199 200Delete User Via IPMI And Verify Using Redfish 201 [Documentation] Delete user using IPMI and verify error while doing 202 ... user login with deleted user via Redfish. 203 [Tags] Delete_User_Via_IPMI_And_Verify_Using_Redfish 204 205 ${username} ${userid}= IPMI Create Random User Plus Password And Privilege 206 ... ${valid_password} ${admin_level_priv} 207 208 # Delete IPMI User. 209 Run IPMI Standard Command user set name ${userid} "" 210 211 # Verify that Redfish login fails with deleted user. 212 Run Keyword And Expect Error *InvalidCredentialsError* 213 ... Redfish.Login ${username} ${valid_password} 214 215 216Verify Failure To Exceed Max Number Of Users 217 [Documentation] Verify failure attempting to exceed the max number of user accounts. 218 [Tags] Verify_Failure_To_Exceed_Max_Number_Of_Users 219 [Teardown] Run Keywords Test Teardown Execution 220 ... AND Delete Users Via Redfish ${username_list} 221 222 # Get existing user count. 223 ${resp}= Redfish.Get /redfish/v1/AccountService/Accounts/ 224 ${current_user_count}= Get From Dictionary ${resp.dict} Members@odata.count 225 226 ${payload}= Create Dictionary Password=${valid_password} 227 ... RoleId=Administrator Enabled=${True} 228 229 @{username_list}= Create List 230 231 # Create users to reach maximum users count (i.e. 15 users). 232 FOR ${INDEX} IN RANGE ${current_user_count} ${max_num_users} 233 ${random_username}= Generate Random String 8 [LETTERS] 234 Set To Dictionary ${payload} UserName ${random_username} 235 Redfish.Post ${REDFISH_ACCOUNTS_URI} body=&{payload} 236 ... valid_status_codes=[${HTTP_CREATED}] 237 Append To List ${username_list} /redfish/v1/AccountService/Accounts/${random_username} 238 END 239 240 # Verify error while creating 16th user. 241 ${random_username}= Generate Random String 8 [LETTERS] 242 Set To Dictionary ${payload} UserName ${random_username} 243 Redfish.Post ${REDFISH_ACCOUNTS_URI} body=&{payload} 244 ... valid_status_codes=[${HTTP_BAD_REQUEST}] 245 246 247Create IPMI User Without Any Privilege And Verify Via Redfish 248 [Documentation] Create user using IPMI without privilege and verify via redfish. 249 [Tags] Create_IPMI_User_Without_Any_Privilege_And_Verify_Via_Redfish 250 251 ${username} ${userid}= IPMI Create Random User Plus Password And Privilege 252 ... ${valid_password} 253 254 # Verify new user privilege level via Redfish. 255 ${privilege}= Redfish_Utils.Get Attribute 256 ... /redfish/v1/AccountService/Accounts/${username} RoleId 257 Valid Value privilege ['NoAccess'] 258 259*** Keywords *** 260 261IPMI Create Random User Plus Password And Privilege 262 [Documentation] Create random IPMI user with given password and privilege 263 ... level. 264 [Arguments] ${password} ${privilege}=0 265 266 # Description of argument(s): 267 # password Password to be assigned for the user. 268 # privilege Privilege level for the user (e.g. "1", "2", "3", etc.). 269 270 # Create IPMI user. 271 ${random_username}= Generate Random String 8 [LETTERS] 272 Set Suite Variable ${random_username} 273 274 ${random_userid}= Find Free User Id 275 IPMI Create User ${random_userid} ${random_username} 276 277 # Set given password for newly created user. 278 Run IPMI Standard Command 279 ... user set password ${random_userid} ${password} 280 281 # Enable IPMI user. 282 Run IPMI Standard Command user enable ${random_userid} 283 284 # Set given privilege and enable IPMI messaging for newly created user. 285 Run Keyword If '${privilege}' != '0' 286 ... Set Channel Access ${random_userid} ipmi=on privilege=${privilege} 287 288 [Return] ${random_username} ${random_userid} 289 290 291Delete Users Via Redfish 292 [Documentation] Delete all the users via redfish from given list. 293 [Arguments] ${user_list} 294 295 # Description of argument(s): 296 # user_list List of user which are to be deleted. 297 298 Redfish.Login 299 300 FOR ${user} IN @{user_list} 301 Redfish.Delete ${user} 302 END 303 304 Redfish.Logout 305 306 307Test Setup Execution 308 [Documentation] Do test case setup tasks. 309 310 Redfish.Login 311 312 313Test Teardown Execution 314 [Documentation] Do the post test teardown. 315 316 FFDC On Test Case Fail 317 # Delete the test user. 318 Run Keyword And Ignore Error 319 ... Redfish.Delete /redfish/v1/AccountService/Accounts/${random_username} 320 321 Redfish.Logout 322 323 324Find Free User Id 325 [Documentation] Find a userid that is not being used. 326 FOR ${jj} IN RANGE 300 327 # IPMI maximum users count (i.e. 15 users). 328 ${random_userid}= Evaluate random.randint(1, ${ipmi_max_num_users}) modules=random 329 ${access}= Run IPMI Standard Command channel getaccess ${CHANNEL_NUMBER} ${random_userid} 330 331 ${name_line}= Get Lines Containing String ${access} User Name 332 Log To Console For ID ${random_userid}: ${name_line} 333 ${is_empty}= Run Keyword And Return Status 334 ... Should Match Regexp ${name_line} ${empty_name_pattern} 335 336 Exit For Loop If ${is_empty} == ${True} 337 END 338 Run Keyword If '${jj}' == '299' Fail msg=A free user ID could not be found. 339 [Return] ${random_userid} 340