1*** Settings ***
2Documentation    Test Redfish LDAP user configuration.
3
4Resource         ../../lib/resource.robot
5Resource         ../../lib/bmc_redfish_resource.robot
6Resource         ../../lib/openbmc_ffdc.robot
7
8Suite Setup      Suite Setup Execution
9Test Setup       Test Setup Execution
10Test Teardown    Test Teardown Execution
11
12Force Tags       LDAP_Test
13
14** Test Cases **
15
16Verify LDAP Configuration Exist
17    [Documentation]  Verify LDAP configuration is available.
18    [Tags]  Verify_LDAP_Configuration_Exist
19
20    ${resp}=  Redfish.Get Attribute  ${REDFISH_BASE_URI}AccountService
21    ...  ${LDAP_TYPE}  default=${EMPTY}
22    Should Not Be Empty  ${resp}  msg=LDAP configuration is not defined.
23
24
25Verify LDAP User Login
26    [Documentation]  Verify LDAP user able to login into BMC.
27    [Tags]  Verify_LDAP_User_Login
28
29    ${resp}=  Run Keyword And Return Status  Redfish.Login  ${LDAP_USER}
30    ...  ${LDAP_USER_PASSWORD}
31    Should Be Equal  ${resp}  ${True}  msg=LDAP user is not able to login.
32    redfish.Logout
33
34
35Verify LDAP Service Available
36    [Documentation]  Verify LDAP service is available.
37    [Tags]  Verify_LDAP_Service_Available
38
39    @{ldap_configuration}=  Get LDAP Configuration  ${LDAP_TYPE}
40    Should Contain  ${ldap_configuration}  LDAPService
41    ...  msg=LDAPService is not available.
42
43
44Verify LDAP Login Works After BMC Reboot
45    [Documentation]  Verify LDAP login works after BMC reboot.
46    [Tags]  Verify_LDAP_Login_Works_After_BMC_Reboot
47
48    Redfish OBMC Reboot (off)
49    Redfish.Login  ${LDAP_USER}  ${LDAP_USER_PASSWORD}
50    Redfish.Logout
51
52
53Verify LDAP User With Admin Privilege Able To Do BMC Reboot
54    [Documentation]  Verify LDAP user with administrator privilege able to do BMC reboot.
55    [Tags]  Verify_LDAP_User_With_Admin_Privilege_Able_To_Do_BMC_Reboot
56
57
58    Update LDAP Configuration with LDAP User Role And Group  ${LDAP_TYPE}
59    ...  ${GROUP_PRIVILEGE}  ${GROUP_NAME}
60    Redfish.Login  ${LDAP_USER}  ${LDAP_USER_PASSWORD}
61    # With LDAP user and with right privilege trying to do BMC reboot.
62    Redfish OBMC Reboot (off)
63    Redfish.Login  ${LDAP_USER}  ${LDAP_USER_PASSWORD}
64    Redfish.Logout
65
66
67*** Keywords ***
68Suite Setup Execution
69    [Documentation]  Do suite setup tasks.
70
71    Should Not Be Empty  ${LDAP_TYPE}
72    redfish.Login
73    Get LDAP Configuration  ${LDAP_TYPE}
74    redfish.Logout
75
76
77Test Setup Execution
78    [Documentation]  Do test case setup tasks.
79
80    redfish.Login
81
82
83Test Teardown Execution
84    [Documentation]  Do the post test teardown.
85    FFDC On Test Case Fail
86    redfish.Logout
87
88
89Get LDAP Configuration
90    [Documentation]  Retrieve LDAP Configuration.
91    [Arguments]   ${ldap_type}
92
93    # Description of argument(s):
94    # ldap_type  The LDAP type ("ActiveDirectory" or "LDAP").
95
96    ${ldap_config}=  Redfish.Get Properties  ${REDFISH_BASE_URI}AccountService
97    [Return]  ${ldap_config["${ldap_type}"]}
98
99
100Update LDAP Configuration with LDAP User Role And Group
101    [Documentation]  Update LDAP configuration update with LDAP user Role and group.
102    [Arguments]   ${ldap_type}  ${group_privilege}  ${group_name}
103
104    # Description of argument(s):
105    # ldap_type        The LDAP type ("ActiveDirectory" or "LDAP").
106    # group_privilege  The group privilege ("Administrator", "Operator", "User" or "Callback").
107    # group_name       The group name of user.
108
109    ${local_role_remote_group}=  Create Dictionary  LocalRole=${group_privilege}  RemoteGroup=${group_name}
110    ${remote_role_mapping}=  Create List  ${local_role_remote_group}
111    ${ldap_data}=  Create Dictionary  RemoteRoleMapping=${remote_role_mapping}
112    ${payload}=  Create Dictionary  ${ldap_type}=${ldap_data}
113    Redfish.Patch  ${REDFISH_BASE_URI}AccountService  body=&{payload}
114
115