1*** Settings *** 2Documentation Test IPMI and Redfish combinations for user management. 3 4Resource ../../lib/resource.robot 5Resource ../../lib/bmc_redfish_resource.robot 6Resource ../../lib/openbmc_ffdc.robot 7Resource ../../lib/ipmi_client.robot 8Library ../lib/ipmi_utils.py 9 10Test Setup Test Setup Execution 11Test Teardown Test Teardown Execution 12 13 14*** Variables *** 15 16${valid_password} 0penBmc1 17${valid_password2} 0penBmc2 18${admin_level_priv} 4 19${operator_level_priv} 3 20${max_num_users} ${15} 21 22** Test Cases ** 23 24Create Admin Redfish User And Verify Login Via IPMI 25 [Documentation] Create user using redfish and verify via IPMI. 26 [Tags] Create_Admin_Redfish_User_And_Verify_Login_Via_IPMI 27 28 ${random_username}= Generate Random String 8 [LETTERS] 29 Set Test Variable ${random_username} 30 31 ${payload}= Create Dictionary 32 ... UserName=${random_username} Password=${valid_password} 33 ... RoleId=Administrator Enabled=${True} 34 Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload} 35 ... valid_status_codes=[${HTTP_CREATED}] 36 37 Verify IPMI Username And Password ${random_username} ${valid_password} 38 39 40Update User Password Via Redfish And Verify Using IPMI 41 [Documentation] Update user password via Redfish and verify using IPMI. 42 [Tags] Update_User_Password_Via_Redfish_And_Verify_Using_IPMI 43 44 # Create user using Redfish. 45 ${random_username}= Generate Random String 8 [LETTERS] 46 Set Test Variable ${random_username} 47 48 ${payload}= Create Dictionary 49 ... UserName=${random_username} Password=${valid_password} 50 ... RoleId=Administrator Enabled=${True} 51 Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload} 52 ... valid_status_codes=[${HTTP_CREATED}] 53 54 # Update user password using Redfish. 55 ${payload}= Create Dictionary Password=${valid_password2} 56 Redfish.Patch /redfish/v1/AccountService/Accounts/${random_username} body=&{payload} 57 58 # Verify that IPMI command works with new password and fails with older password. 59 Verify IPMI Username And Password ${random_username} ${valid_password2} 60 61 Run Keyword And Expect Error *Error: Unable to establish IPMI* 62 ... Verify IPMI Username And Password ${random_username} ${valid_password} 63 64 65Update User Privilege Via Redfish And Verify Using IPMI 66 [Documentation] Update user privilege via Redfish and verify using IPMI. 67 [Tags] Update_User_Privilege_Via_Redfish_And_Verify_Using_IPMI 68 69 # Create user using Redfish with admin privilege. 70 ${random_username}= Generate Random String 8 [LETTERS] 71 Set Test Variable ${random_username} 72 73 ${payload}= Create Dictionary 74 ... UserName=${random_username} Password=${valid_password} 75 ... RoleId=Administrator Enabled=${True} 76 Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload} 77 ... valid_status_codes=[${HTTP_CREATED}] 78 79 # Update user privilege to operator using Redfish. 80 ${payload}= Create Dictionary RoleId=Operator 81 Redfish.Patch /redfish/v1/AccountService/Accounts/${random_username} body=&{payload} 82 83 # Verify new user privilege level via IPMI. 84 ${resp}= Run IPMI Standard Command user list 85 86 # Example of response data: 87 # ID Name Callin Link Auth IPMI Msg Channel Priv Limit 88 # 1 root false true true ADMINISTRATOR 89 # 2 OAvCxjMv false true true OPERATOR 90 # 3 true false false NO ACCESS 91 # .. 92 # .. 93 # 15 true false false NO ACCESS 94 95 ${user_info}= 96 ... Get Lines Containing String ${resp} ${random_username} 97 Should Contain ${user_info} OPERATOR 98 99 100Delete User Via Redfish And Verify Using IPMI 101 [Documentation] Delete user via redfish and verify using IPMI. 102 [Tags] Delete_User_Via_Redfish_And_Verify_Using_IPMI 103 104 # Create user using Redfish. 105 ${random_username}= Generate Random String 8 [LETTERS] 106 Set Test Variable ${random_username} 107 108 ${payload}= Create Dictionary 109 ... UserName=${random_username} Password=${valid_password} 110 ... RoleId=Administrator Enabled=${True} 111 Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload} 112 ... valid_status_codes=[${HTTP_CREATED}] 113 114 # Delete user using Redfish. 115 Redfish.Delete /redfish/v1/AccountService/Accounts/${random_username} 116 117 # Verify that IPMI command fails with deleted user. 118 Run Keyword And Expect Error *Error: Unable to establish IPMI* 119 ... Verify IPMI Username And Password ${random_username} ${valid_password} 120 121 122Create IPMI User And Verify Login Via Redfish 123 [Documentation] Create user using IPMI and verify user login via Redfish. 124 [Tags] Create_IPMI_User_And_Verify_Login_Via_Redfish 125 126 ${username} ${userid}= IPMI Create Random User Plus Password And Privilege 127 ... ${valid_password} ${admin_level_priv} 128 129 Redfish.Logout 130 131 # Verify user login using Redfish. 132 Redfish.Login ${username} ${valid_password} 133 Redfish.Logout 134 135 Redfish.Login 136 137 138Update User Password Via IPMI And Verify Using Redfish 139 [Documentation] Update user password using IPMI and verify user 140 ... login via Redfish. 141 [Tags] Update_User_Password_Via_IPMI_And_Verify_Using_Redfish 142 143 ${username} ${userid}= IPMI Create Random User Plus Password And Privilege 144 ... ${valid_password} ${admin_level_priv} 145 146 # Update user password using IPMI. 147 Run IPMI Standard Command 148 ... user set password ${userid} ${valid_password2} 149 150 Redfish.Logout 151 152 # Verify that user login works with new password using Redfish. 153 Redfish.Login ${username} ${valid_password2} 154 Redfish.Logout 155 156 Redfish.Login 157 158 159Update User Privilege Via IPMI And Verify Using Redfish 160 [Documentation] Update user privilege via IPMI and verify using Redfish. 161 [Tags] Update_User_Privilege_Via_IPMI_And_Verify_Using_Redfish 162 163 # Create user using IPMI with admin privilege. 164 ${username} ${userid}= IPMI Create Random User Plus Password And Privilege 165 ... ${valid_password} ${admin_level_priv} 166 167 # Change user privilege to opetrator using IPMI. 168 Run IPMI Standard Command 169 ... user priv ${userid} ${operator_level_priv} ${CHANNEL_NUMBER} 170 171 # Verify new user privilege level via Redfish. 172 ${privilege}= Redfish_Utils.Get Attribute 173 ... /redfish/v1/AccountService/Accounts/${username} RoleId 174 Should Be Equal ${privilege} Operator 175 176 177Delete User Via IPMI And Verify Using Redfish 178 [Documentation] Delete user using IPMI and verify error while doing 179 ... user login with deleted user via Redfish. 180 [Tags] Delete_User_Via_IPMI_And_Verify_Using_Redfish 181 182 ${username} ${userid}= IPMI Create Random User Plus Password And Privilege 183 ... ${valid_password} ${admin_level_priv} 184 185 # Delete IPMI User. 186 Run IPMI Standard Command user set name ${userid} "" 187 188 # Verify that Redfish login fails with deleted user. 189 Run Keyword And Expect Error *InvalidCredentialsError* 190 ... Redfish.Login ${username} ${valid_password} 191 192 193Verify Failure To Exceed Max Number Of Users 194 [Documentation] Verify failure attempting to exceed the max number of user accounts. 195 [Tags] Verify_Failure_To_Exceed_Max_Number_Of_Users 196 [Teardown] Run Keywords Test Teardown Execution AND Delete All Non Root IPMI User 197 198 # Get existing user count. 199 ${resp}= Redfish.Get /redfish/v1/AccountService/Accounts/ 200 ${current_user_count}= Get From Dictionary ${resp.dict} Members@odata.count 201 202 ${payload}= Create Dictionary Password=${valid_password} 203 ... RoleId=Administrator Enabled=${True} 204 205 # Create users to reach maximum users count (i.e. 15 users). 206 FOR ${INDEX} IN RANGE ${current_user_count} ${max_num_users} 207 ${random_username}= Generate Random String 8 [LETTERS] 208 Set To Dictionary ${payload} UserName ${random_username} 209 Redfish.Post ${REDFISH_ACCOUNTS_URI} body=&{payload} 210 ... valid_status_codes=[${HTTP_CREATED}] 211 END 212 213 # Verify error while creating 16th user. 214 ${random_username}= Generate Random String 8 [LETTERS] 215 Set To Dictionary ${payload} UserName ${random_username} 216 Redfish.Post ${REDFISH_ACCOUNTS_URI} body=&{payload} 217 ... valid_status_codes=[${HTTP_BAD_REQUEST}] 218 219 220Create IPMI User Without Any Privilege And Verify Via Redfish 221 [Documentation] Create user using IPMI without privilege and verify via redfish. 222 [Tags] Create_IPMI_User_Without_Any_Privilege_And_Verify_Via_Redfish 223 224 ${username} ${userid}= IPMI Create Random User Plus Password And Privilege 225 ... ${valid_password} 226 227 # Verify new user privilege level via Redfish. 228 ${privilege}= Redfish_Utils.Get Attribute 229 ... /redfish/v1/AccountService/Accounts/${username} RoleId 230 Valid Value privilege ['NoAccess'] 231 232*** Keywords *** 233 234IPMI Create Random User Plus Password And Privilege 235 [Documentation] Create random IPMI user with given password and privilege 236 ... level. 237 [Arguments] ${password} ${privilege}=0 238 239 # Description of argument(s): 240 # password Password to be assigned for the user. 241 # privilege Privilege level for the user (e.g. "1", "2", "3", etc.). 242 243 # Create IPMI user. 244 ${random_username}= Generate Random String 8 [LETTERS] 245 Set Suite Variable ${random_username} 246 247 ${random_userid}= Evaluate random.randint(2, 15) modules=random 248 IPMI Create User ${random_userid} ${random_username} 249 250 # Set given password for newly created user. 251 Run IPMI Standard Command 252 ... user set password ${random_userid} ${password} 253 254 # Enable IPMI user. 255 Run IPMI Standard Command user enable ${random_userid} 256 257 # Set given privilege and enable IPMI messaging for newly created user. 258 Run Keyword If '${privilege}' != '0' 259 ... Set Channel Access ${random_userid} ipmi=on privilege=${privilege} 260 261 [Return] ${random_username} ${random_userid} 262 263 264Test Setup Execution 265 [Documentation] Do test case setup tasks. 266 267 Redfish.Login 268 269 270Test Teardown Execution 271 [Documentation] Do the post test teardown. 272 273 FFDC On Test Case Fail 274 # Delete the test user. 275 Run Keyword And Ignore Error 276 ... Redfish.Delete /redfish/v1/AccountService/Accounts/${random_username} 277 278 Redfish.Logout 279