xref: /openbmc/openbmc-test-automation/redfish/account_service/test_user_account.robot (revision 58229e4b4fcb8e62f5f7d9c539923e98ebc9bd9b)
1*** Settings ***
2Documentation    Test Redfish user account.
3
4Resource         ../../lib/resource.robot
5Resource         ../../lib/bmc_redfish_resource.robot
6Resource         ../../lib/openbmc_ffdc.robot
7Resource         ../../lib/bmc_redfish_utils.robot
8
9Library          SSHLibrary
10
11Test Setup       Redfish.Login
12Test Teardown    Test Teardown Execution
13
14*** Variables ***
15
16${account_lockout_duration}   ${30}
17${account_lockout_threshold}  ${3}
18
19** Test Cases **
20
21Verify AccountService Available
22    [Documentation]  Verify Redfish account service is available.
23    [Tags]  Verify_AccountService_Available
24
25    ${resp} =  Redfish_utils.Get Attribute  /redfish/v1/AccountService  ServiceEnabled
26    Should Be Equal As Strings  ${resp}  ${True}
27
28Verify Redfish User Persistence After Reboot
29    [Documentation]  Verify Redfish user persistence after reboot.
30    [Tags]  Verify_Redfish_User_Persistence_After_Reboot
31    # Create Redfish users.
32    Redfish Create User  admin_user     TestPwd123  Administrator   ${True}
33    Redfish Create User  operator_user  TestPwd123  Operator        ${True}
34    Redfish Create User  readonly_user  TestPwd123  ReadOnly        ${True}
35
36    # Reboot BMC.
37    Redfish OBMC Reboot (off)  stack_mode=normal
38
39    # Verify users after reboot.
40    Redfish Verify User  admin_user     TestPwd123  Administrator   ${True}
41    Redfish Verify User  operator_user  TestPwd123  Operator        ${True}
42    Redfish Verify User  readonly_user  TestPwd123  ReadOnly        ${True}
43
44    # Delete created users.
45    Redfish.Delete  /redfish/v1/AccountService/Accounts/admin_user
46    Redfish.Delete  /redfish/v1/AccountService/Accounts/operator_user
47    Redfish.Delete  /redfish/v1/AccountService/Accounts/readonly_user
48
49Redfish Create and Verify Admin User
50    [Documentation]  Create a Redfish user with administrator role and verify.
51    [Tags]  Redfish_Create_and_Verify_Admin_User
52    [Template]  Redfish Create And Verify User
53
54    #username      password    role_id         enabled
55    admin_user     TestPwd123  Administrator   ${True}
56
57
58Redfish Create and Verify Operator User
59    [Documentation]  Create a Redfish user with operator role and verify.
60    [Tags]  Redfish_Create_and_Verify_Operator_User
61    [Template]  Redfish Create And Verify User
62
63    #username      password    role_id         enabled
64    operator_user  TestPwd123  Operator        ${True}
65
66
67Redfish Create and Verify Readonly User
68    [Documentation]  Create a Redfish user with readonly role and verify.
69    [Tags]  Redfish_Create_and_Verify_Readonly_User
70    [Template]  Redfish Create And Verify User
71
72    #username      password    role_id         enabled
73    readonly_user  TestPwd123  ReadOnly        ${True}
74
75
76Verify Redfish Admin User With Wrong Password
77    [Documentation]  Verify Redfish admin user with wrong password.
78    [Tags]  Verify_Redfish_Admin_User_With_Wrong_Password
79    [Template]  Verify Redfish User with Wrong Password
80
81    #username      password    role_id         enabled  wrong_password
82    admin_user     TestPwd123  Administrator   ${True}  alskjhfwurh
83
84
85Verify Redfish Operator User with Wrong Password
86    [Documentation]  Verify Redfish operator user with wrong password.
87    [Tags]  Verify_Redfish_Operator_User_with_Wrong_Password
88    [Template]  Verify Redfish User with Wrong Password
89
90    #username      password    role_id         enabled  wrong_password
91    operator_user  TestPwd123  Operator        ${True}  12j8a8uakjhdaosiruf024
92
93
94Verify Redfish Readonly User With Wrong Password
95    [Documentation]  Verify Redfish readonly user with wrong password.
96    [Tags]  Verify_Redfish_Readonly_User_With_Wrong_Password
97    [Template]  Verify Redfish User with Wrong Password
98
99    #username      password    role_id         enabled  wrong_password
100    readonly_user  TestPwd123  ReadOnly        ${True}  12
101
102
103Verify Login with Deleted Redfish Admin User
104    [Documentation]  Verify login with deleted Redfish admin user.
105    [Tags]  Verify_Login_with_Deleted_Redfish_Admin_User
106    [Template]  Verify Login with Deleted Redfish User
107
108    #username     password    role_id         enabled
109    admin_user     TestPwd123  Administrator   ${True}
110
111
112Verify Login with Deleted Redfish Operator User
113    [Documentation]  Verify login with deleted Redfish operator user.
114    [Tags]  Verify_Login_with_Deleted_Redfish_Operator_User
115    [Template]  Verify Login with Deleted Redfish User
116
117    #username     password    role_id         enabled
118    operator_user  TestPwd123  Operator        ${True}
119
120
121Verify Login with Deleted Redfish Readonly User
122    [Documentation]  Verify login with deleted Redfish readonly user.
123    [Tags]  Verify_Login_with_Deleted_Redfish_Readonly_User
124    [Template]  Verify Login with Deleted Redfish User
125
126    #username     password    role_id         enabled
127    readonly_user  TestPwd123  ReadOnly        ${True}
128
129
130Verify Admin User Creation Without Enabling It
131    [Documentation]  Verify admin user creation without enabling it.
132    [Tags]  Verify_Admin_User_Creation_Without_Enabling_It
133    [Template]  Verify Create User Without Enabling
134
135    #username      password    role_id         enabled
136    admin_user     TestPwd123  Administrator   ${False}
137
138
139Verify Operator User Creation Without Enabling It
140    [Documentation]  Verify operator user creation without enabling it.
141    [Tags]  Verify_Operator_User_Creation_Without_Enabling_It
142    [Template]  Verify Create User Without Enabling
143
144    #username      password    role_id         enabled
145    operator_user  TestPwd123  Operator        ${False}
146
147
148Verify Readonly User Creation Without Enabling It
149    [Documentation]  Verify readonly user creation without enabling it.
150    [Tags]  Verify_Readonly_User_Creation_Without_Enabling_It
151    [Template]  Verify Create User Without Enabling
152
153    #username      password    role_id         enabled
154    readonly_user  TestPwd123  ReadOnly        ${False}
155
156
157Verify User Creation With Invalid Role Id
158    [Documentation]  Verify user creation with invalid role ID.
159    [Tags]  Verify_User_Creation_With_Invalid_Role_Id
160
161    # Make sure the user account in question does not already exist.
162    Redfish.Delete  /redfish/v1/AccountService/Accounts/test_user
163    ...  valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
164
165    # Create specified user.
166    ${payload}=  Create Dictionary
167    ...  UserName=test_user  Password=TestPwd123  RoleId=wrongroleid  Enabled=${True}
168    Redfish.Post  /redfish/v1/AccountService/Accounts/  body=&{payload}
169    ...  valid_status_codes=[${HTTP_BAD_REQUEST}]
170
171Verify Error Upon Creating Same Users With Different Privileges
172    [Documentation]  Verify error upon creating same users with different privileges.
173    [Tags]  Verify_Error_Upon_Creating_Same_Users_With_Different_Privileges
174
175    Redfish Create User  test_user  TestPwd123  Administrator  ${True}
176
177    # Create specified user.
178    ${payload}=  Create Dictionary
179    ...  UserName=test_user  Password=TestPwd123  RoleId=Operator  Enabled=${True}
180    Redfish.Post  /redfish/v1/AccountService/Accounts/  body=&{payload}
181    ...  valid_status_codes=[${HTTP_BAD_REQUEST}]
182
183    Redfish.Delete  /redfish/v1/AccountService/Accounts/test_user
184
185Verify Modifying User Attributes
186    [Documentation]  Verify modifying user attributes.
187    [Tags]  Verify_Modifying_User_Attributes
188    # Create Redfish users.
189    Redfish Create User  admin_user     TestPwd123  Administrator   ${True}
190    Redfish Create User  operator_user  TestPwd123  Operator        ${True}
191    Redfish Create User  readonly_user  TestPwd123  ReadOnly        ${True}
192
193    # Make sure the new user account does not already exist.
194    Redfish.Delete  /redfish/v1/AccountService/Accounts/newadmin_user
195    ...  valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
196
197    # Update admin_user username using Redfish.
198    ${payload}=  Create Dictionary  UserName=newadmin_user
199    Redfish.Patch  /redfish/v1/AccountService/Accounts/admin_user  body=&{payload}
200
201    # Update operator_user password using Redfish.
202    ${payload}=  Create Dictionary  Password=NewTestPwd123
203    Redfish.Patch  /redfish/v1/AccountService/Accounts/operator_user  body=&{payload}
204
205    # Update readonly_user role using Redfish.
206    ${payload}=  Create Dictionary  RoleId=Operator
207    Redfish.Patch  /redfish/v1/AccountService/Accounts/readonly_user  body=&{payload}
208
209    # Verify users after updating
210    Redfish Verify User  newadmin_user  TestPwd123     Administrator   ${True}
211    Redfish Verify User  operator_user  NewTestPwd123  Operator        ${True}
212    Redfish Verify User  readonly_user  TestPwd123     Operator        ${True}
213
214    # Delete created users.
215    Redfish.Delete  /redfish/v1/AccountService/Accounts/newadmin_user
216    Redfish.Delete  /redfish/v1/AccountService/Accounts/operator_user
217    Redfish.Delete  /redfish/v1/AccountService/Accounts/readonly_user
218
219Verify User Account Locked
220    [Documentation]  Verify user account locked upon trying with invalid password.
221    [Tags]  Verify_User_Account_Locked
222
223    Redfish Create User  admin_user  TestPwd123  Administrator   ${True}
224
225    ${payload}=  Create Dictionary  AccountLockoutThreshold=${account_lockout_threshold}
226    ...  AccountLockoutDuration=${account_lockout_duration}
227    Redfish.Patch  ${REDFISH_ACCOUNTS_SERVICE_URI}  body=${payload}
228
229    Redfish.Logout
230
231    # Make ${account_lockout_threshold} failed login attempts.
232    Repeat Keyword  ${account_lockout_threshold} times
233    ...  Run Keyword And Expect Error  InvalidCredentialsError*  Redfish.Login  admin_user  abc123
234
235    # Verify that legitimate login fails due to lockout.
236    Run Keyword And Expect Error  InvalidCredentialsError*
237    ...  Redfish.Login  admin_user  TestPwd123
238
239    # Wait for lockout duration to expire and then verify that login works.
240    Sleep  ${account_lockout_duration}s
241    Redfish.Login  admin_user  TestPwd123
242
243    Redfish.Logout
244
245    Redfish.Login
246
247    Redfish.Delete  /redfish/v1/AccountService/Accounts/admin_user
248
249Verify Admin User Privilege
250    [Documentation]  Verify admin user privilege.
251    [Tags]  Verify_Admin_User_Privilege
252
253    Redfish Create User  admin_user  TestPwd123  Administrator  ${True}
254    Redfish Create User  operator_user  TestPwd123  Operator  ${True}
255    Redfish Create User  readonly_user  TestPwd123  ReadOnly  ${True}
256
257    Redfish.Logout
258
259    # Change role ID of operator user with admin user.
260    # Login with admin user.
261    Redfish.Login  admin_user  TestPwd123
262
263    # Modify Role ID of Operator user.
264    Redfish.Patch  /redfish/v1/AccountService/Accounts/operator_user  body={'RoleId': 'Administrator'}
265
266    # Verify modified user.
267    Redfish Verify User  operator_user  TestPwd123  Administrator  ${True}
268
269    Redfish.Logout
270    Redfish.Login  admin_user  TestPwd123
271
272    # Change password of 'user' user with admin user.
273    Redfish.Patch  /redfish/v1/AccountService/Accounts/readonly_user  body={'Password': 'NewTestPwd123'}
274
275    # Verify modified user.
276    Redfish Verify User  readonly_user  NewTestPwd123  ReadOnly  ${True}
277
278    Redfish.Delete  /redfish/v1/AccountService/Accounts/admin_user
279    Redfish.Delete  /redfish/v1/AccountService/Accounts/operator_user
280    Redfish.Delete  /redfish/v1/AccountService/Accounts/readonly_user
281
282Verify Operator User Privilege
283    [Documentation]  Verify operator user privilege.
284    [Tags]  Verify_Operator_User_Privilege
285
286    Redfish Create User  admin_user  TestPwd123  Administrator  ${True}
287    Redfish Create User  operator_user  TestPwd123  Operator  ${True}
288
289    Redfish.Logout
290    # Login with operator user.
291    Redfish.Login  operator_user  TestPwd123
292
293    # Verify BMC reset.
294    Run Keyword And Expect Error  ValueError*  Redfish BMC Reset Operation
295
296    # Attempt to change password of admin user with operator user.
297    Redfish.Patch  /redfish/v1/AccountService/Accounts/admin_user  body={'Password': 'NewTestPwd123'}
298    ...  valid_status_codes=[${HTTP_FORBIDDEN}]
299
300    Redfish.Logout
301
302    Redfish.Login
303
304    Redfish.Delete  /redfish/v1/AccountService/Accounts/admin_user
305    Redfish.Delete  /redfish/v1/AccountService/Accounts/operator_user
306
307
308Verify ReadOnly User Privilege
309    [Documentation]  Verify ReadOnly user privilege.
310    [Tags]  Verify_ReadOnly_User_Privilege
311
312    Redfish Create User  readonly_user  TestPwd123  ReadOnly  ${True}
313    Redfish.Logout
314
315    # Login with read_only user.
316    Redfish.Login  readonly_user  TestPwd123
317
318    # Read system level data.
319    ${system_model}=  Redfish_Utils.Get Attribute
320    ...  ${SYSTEM_BASE_URI}  Model
321
322    Redfish.Logout
323    Redfish.Login
324    Redfish.Delete  ${REDFISH_ACCOUNTS_URI}readonly_user
325
326
327Verify Minimum Password Length For Redfish User
328    [Documentation]  Verify minimum password length for new and existing user.
329    [Tags]  Verify_Minimum_Password_Length_For_Redfish_User
330
331    ${user_name}=  Set Variable  testUser
332
333    # Make sure the user account in question does not already exist.
334    Redfish.Delete  /redfish/v1/AccountService/Accounts/${user_name}
335    ...  valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
336
337    # Try to create a user with invalid length password.
338    ${payload}=  Create Dictionary
339    ...  UserName=${user_name}  Password=UserPwd  RoleId=Administrator  Enabled=${True}
340    Redfish.Post  /redfish/v1/AccountService/Accounts/  body=&{payload}
341    ...  valid_status_codes=[${HTTP_BAD_REQUEST}]
342
343    # Create specified user with valid length password.
344    Set To Dictionary  ${payload}  Password  UserPwd1
345    Redfish.Post  /redfish/v1/AccountService/Accounts/  body=&{payload}
346    ...  valid_status_codes=[${HTTP_CREATED}]
347
348    # Try to change to an invalid password.
349    Redfish.Patch  /redfish/v1/AccountService/Accounts/${user_name}  body={'Password': 'UserPwd'}
350    ...  valid_status_codes=[${HTTP_BAD_REQUEST}]
351
352    # Change to a valid password.
353    Redfish.Patch  /redfish/v1/AccountService/Accounts/${user_name}  body={'Password': 'UserPwd1'}
354
355    # Verify login.
356    Redfish.Logout
357    Redfish.Login  ${user_name}  UserPwd1
358    Redfish.Logout
359    Redfish.Login
360    Redfish.Delete  /redfish/v1/AccountService/Accounts/${user_name}
361
362
363Verify Standard User Roles Defined By Redfish
364    [Documentation]  Verify standard user roles defined by Redfish.
365    [Tags]  Verify_Standard_User_Roles_Defined_By_Redfish
366
367    ${member_list}=  Redfish_Utils.Get Member List
368    ...  /redfish/v1/AccountService/Roles
369
370    @{roles}=  Create List
371    ...  /redfish/v1/AccountService/Roles/Administrator
372    ...  /redfish/v1/AccountService/Roles/Operator
373    ...  /redfish/v1/AccountService/Roles/ReadOnly
374
375    List Should Contain Sub List  ${member_list}  ${roles}
376
377    # The standard roles are:
378
379    # | Role name | Assigned privileges |
380    # | Administrator | Login, ConfigureManager, ConfigureUsers, ConfigureComponents, ConfigureSelf |
381    # | Operator | Login, ConfigureComponents, ConfigureSelf |
382    # | ReadOnly | Login, ConfigureSelf |
383
384    @{admin}=  Create List  Login  ConfigureManager  ConfigureUsers  ConfigureComponents  ConfigureSelf
385    @{operator}=  Create List  Login  ConfigureComponents  ConfigureSelf
386    @{readOnly}=  Create List  Login  ConfigureSelf
387
388    ${roles_dict}=  create dictionary  admin_privileges=${admin}  operator_privileges=${operator}
389    ...  readOnly_privileges=${readOnly}
390
391    ${resp}=  redfish.Get  /redfish/v1/AccountService/Roles/Administrator
392    List Should Contain Sub List  ${resp.dict['AssignedPrivileges']}  ${roles_dict['admin_privileges']}
393
394    ${resp}=  redfish.Get  /redfish/v1/AccountService/Roles/Operator
395    List Should Contain Sub List  ${resp.dict['AssignedPrivileges']}  ${roles_dict['operator_privileges']}
396
397    ${resp}=  redfish.Get  /redfish/v1/AccountService/Roles/ReadOnly
398    List Should Contain Sub List  ${resp.dict['AssignedPrivileges']}  ${roles_dict['readOnly_privileges']}
399
400
401Verify Error While Deleting Root User
402    [Documentation]  Verify error while deleting root user.
403    [Tags]  Verify_Error_While_Deleting_Root_User
404
405    Redfish.Delete  /redfish/v1/AccountService/Accounts/root  valid_status_codes=[${HTTP_FORBIDDEN}]
406
407
408Verify SSH Login Access With Admin User
409    [Documentation]  Verify that admin user does not have SSH login access.
410    [Tags]  Verify_SSH_Login_Access_With_Admin_User
411
412    # Create an admin User.
413    Redfish Create User  new_admin  TestPwd1  Administrator  ${True}
414
415    # Attempt SSH login with admin user.
416    SSHLibrary.Open Connection  ${OPENBMC_HOST}
417    ${status}=  Run Keyword And Return Status  SSHLibrary.Login  new_admin  TestPwd1
418    Should Be Equal  ${status}  ${False}
419
420
421*** Keywords ***
422
423Test Teardown Execution
424    [Documentation]  Do the post test teardown.
425
426    Run Keyword And Ignore Error  Redfish.Logout
427    FFDC On Test Case Fail
428
429
430Redfish Create User
431    [Documentation]  Redfish create user.
432    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}  ${login_check}=${True}
433
434    # Description of argument(s):
435    # username            The username to be created.
436    # password            The password to be assigned.
437    # role_id             The role ID of the user to be created
438    #                     (e.g. "Administrator", "Operator", etc.).
439    # enabled             Indicates whether the username being created
440    #                     should be enabled (${True}, ${False}).
441    # login_check         Checks user login for created user.
442    #                     (e.g. ${True}, ${False}).
443
444    # Make sure the user account in question does not already exist.
445    Redfish.Delete  /redfish/v1/AccountService/Accounts/${userName}
446    ...  valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
447
448    # Create specified user.
449    ${payload}=  Create Dictionary
450    ...  UserName=${username}  Password=${password}  RoleId=${role_id}  Enabled=${enabled}
451    Redfish.Post  /redfish/v1/AccountService/Accounts/  body=&{payload}
452    ...  valid_status_codes=[${HTTP_CREATED}]
453
454    # Resetting faillock count as a workaround for issue
455    # openbmc/phosphor-user-manager#4
456    ${cmd}=  Catenate  test -f /usr/sbin/faillock && /usr/sbin/faillock --user USER --reset
457    ...  || /usr/sbin/pam_tally2 -u ${username} --reset
458    Bmc Execute Command  ${cmd}
459
460    # Verify login with created user.
461    ${status}=  Run Keyword If  '${login_check}' == '${True}'
462    ...  Verify Redfish User Login  ${username}  ${password}
463    Run Keyword If  '${login_check}' == '${True}'  Should Be Equal  ${status}  ${enabled}
464
465    # Validate Role ID of created user.
466    ${role_config}=  Redfish_Utils.Get Attribute
467    ...  /redfish/v1/AccountService/Accounts/${username}  RoleId
468    Should Be Equal  ${role_id}  ${role_config}
469
470
471Redfish Verify User
472    [Documentation]  Redfish user verification.
473    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}
474
475    # Description of argument(s):
476    # username            The username to be created.
477    # password            The password to be assigned.
478    # role_id             The role ID of the user to be created
479    #                     (e.g. "Administrator", "Operator", etc.).
480    # enabled             Indicates whether the username being created
481    #                     should be enabled (${True}, ${False}).
482
483    ${status}=  Verify Redfish User Login  ${username}  ${password}
484    # Doing a check of the returned status.
485    Should Be Equal  ${status}  ${enabled}
486
487    # Validate Role Id of user.
488    ${role_config}=  Redfish_Utils.Get Attribute
489    ...  /redfish/v1/AccountService/Accounts/${username}  RoleId
490    Should Be Equal  ${role_id}  ${role_config}
491
492
493Verify Redfish User Login
494    [Documentation]  Verify Redfish login with given user id.
495    [Teardown]  Run Keywords  Run Keyword And Ignore Error  Redfish.Logout  AND  Redfish.Login
496    [Arguments]   ${username}  ${password}
497
498    # Description of argument(s):
499    # username            Login username.
500    # password            Login password.
501
502    # Logout from current Redfish session.
503    # We don't really care if the current session is flushed out since we are going to login
504    # with new credential in next.
505    Run Keyword And Ignore Error  Redfish.Logout
506
507    ${status}=  Run Keyword And Return Status  Redfish.Login  ${username}  ${password}
508    [Return]  ${status}
509
510
511Redfish Create And Verify User
512    [Documentation]  Redfish create and verify user.
513    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}
514
515    # Description of argument(s):
516    # username            The username to be created.
517    # password            The password to be assigned.
518    # role_id             The role ID of the user to be created
519    #                     (e.g. "Administrator", "Operator", etc.).
520    # enabled             Indicates whether the username being created
521    #                     should be enabled (${True}, ${False}).
522
523    # Example:
524    #{
525    #"@odata.context": "/redfish/v1/$metadata#ManagerAccount.ManagerAccount",
526    #"@odata.id": "/redfish/v1/AccountService/Accounts/test1",
527    #"@odata.type": "#ManagerAccount.v1_0_3.ManagerAccount",
528    #"Description": "User Account",
529    #"Enabled": true,
530    #"Id": "test1",
531    #"Links": {
532    #  "Role": {
533    #    "@odata.id": "/redfish/v1/AccountService/Roles/Administrator"
534    #  }
535    #},
536
537    Redfish Create User  ${username}  ${password}  ${role_id}  ${enabled}
538
539    Redfish Verify User  ${username}  ${password}  ${role_id}  ${enabled}
540
541    # Delete Specified User
542    Redfish.Delete  /redfish/v1/AccountService/Accounts/${username}
543
544Verify Redfish User with Wrong Password
545    [Documentation]  Verify Redfish User with Wrong Password.
546    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}  ${wrong_password}
547
548    # Description of argument(s):
549    # username            The username to be created.
550    # password            The password to be assigned.
551    # role_id             The role ID of the user to be created
552    #                     (e.g. "Administrator", "Operator", etc.).
553    # enabled             Indicates whether the username being created
554    #                     should be enabled (${True}, ${False}).
555    # wrong_password      Any invalid password.
556
557    Redfish Create User  ${username}  ${password}  ${role_id}  ${enabled}
558
559    Redfish.Logout
560
561    # Attempt to login with created user with invalid password.
562    Run Keyword And Expect Error  InvalidCredentialsError*
563    ...  Redfish.Login  ${username}  ${wrong_password}
564
565    Redfish.Login
566
567    # Delete newly created user.
568    Redfish.Delete  /redfish/v1/AccountService/Accounts/${username}
569
570
571Verify Login with Deleted Redfish User
572    [Documentation]  Verify Login with Deleted Redfish User.
573    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}
574
575    # Description of argument(s):
576    # username            The username to be created.
577    # password            The password to be assigned.
578    # role_id             The role ID of the user to be created
579    #                     (e.g. "Administrator", "Operator", etc.).
580    # enabled             Indicates whether the username being created
581    #                     should be enabled (${True}, ${False}).
582
583    Redfish Create User  ${username}  ${password}  ${role_id}  ${enabled}
584
585    # Delete newly created user.
586    Redfish.Delete  /redfish/v1/AccountService/Accounts/${userName}
587
588    Redfish.Logout
589
590    # Attempt to login with deleted user account.
591    Run Keyword And Expect Error  InvalidCredentialsError*
592    ...  Redfish.Login  ${username}  ${password}
593
594    Redfish.Login
595
596
597Verify Create User Without Enabling
598    [Documentation]  Verify Create User Without Enabling.
599    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}
600
601    # Description of argument(s):
602    # username            The username to be created.
603    # password            The password to be assigned.
604    # role_id             The role ID of the user to be created
605    #                     (e.g. "Administrator", "Operator", etc.).
606    # enabled             Indicates whether the username being created
607    #                     should be enabled (${True}, ${False}).
608
609    Redfish Create User  ${username}  ${password}  ${role_id}  ${enabled}  ${False}
610
611    Redfish.Logout
612
613    # Login with created user.
614    Run Keyword And Expect Error  InvalidCredentialsError*
615    ...  Redfish.Login  ${username}  ${password}
616
617    Redfish.Login
618
619    # Delete newly created user.
620    Redfish.Delete  /redfish/v1/AccountService/Accounts/${username}
621
622