1*** Settings ***
2Documentation    Test Redfish user account.
3
4Resource         ../../lib/resource.robot
5Resource         ../../lib/bmc_redfish_resource.robot
6Resource         ../../lib/openbmc_ffdc.robot
7
8Test Setup       Test Setup Execution
9Test Teardown    Test Teardown Execution
10
11
12** Test Cases **
13
14Verify AccountService Available
15    [Documentation]  Verify Redfish account service is available.
16    [Tags]  Verify_AccountService_Available
17
18    ${resp} =  Redfish_utils.Get Attribute  /redfish/v1/AccountService  ServiceEnabled
19    Should Be Equal As Strings  ${resp}  ${True}
20
21Redfish Create and Verify Users
22    [Documentation]  Create Redfish users with various roles
23    [Tags]  Redfish_Create_and_Verify_Users
24    [Template]  Redfish Create And Verify User
25
26     # username       password    role_id         enabled
27       admin_user     TestPwd123  Administrator   ${True}
28       operator_user  TestPwd123  Operator        ${True}
29       user_user      TestPwd123  User            ${True}
30       callback_user  TestPwd123  Callback        ${True}
31
32Verify Redfish User with Wrong Password
33    [Documentation]  Verify Redfish User with Wrong Password
34    [Tags]  Verify_Redfish_User_with_Wrong_Password
35    [Template]  Verify Redfish User with Wrong Password
36
37     # username       password    role_id         enabled  wrong_password
38       admin_user     TestPwd123  Administrator   ${True}  alskjhfwurh
39       operator_user  TestPwd123  Operator        ${True}  12j8a8uakjhdaosiruf024
40       user_user      TestPwd123  User            ${True}  12
41       callback_user  TestPwd123  Callback        ${True}  !#@D#RF#@!D
42
43Verify Login with Deleted Redfish Users
44    [Documentation]  Verify login with deleted Redfish Users
45    [Tags]  Verify_Login_with_Deleted_Redfish_Users
46    [Template]  Verify Login with Deleted Redfish User
47
48     # username       password    role_id         enabled
49       admin_user     TestPwd123  Administrator   ${True}
50       operator_user  TestPwd123  Operator        ${True}
51       user_user      TestPwd123  User            ${True}
52       callback_user  TestPwd123  Callback        ${True}
53
54
55*** Keywords ***
56
57Test Setup Execution
58    [Documentation]  Do test case setup tasks.
59
60    Redfish.Login
61
62
63Test Teardown Execution
64    [Documentation]  Do the post test teardown.
65
66    FFDC On Test Case Fail
67    Redfish.Logout
68
69Redfish Create And Verify User
70    [Documentation]  Redfish create and verify user.
71    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}
72
73    # Description of argument(s):
74    # username            The username to be created.
75    # password            The password to be assigned.
76    # role_id             The role id of the user to be created
77    #                     (e.g. "Administrator", "Operator", etc.).
78    # enabled             Indicates whether the username being created
79    #                     should be enabled (${True}, ${False}).
80
81    # Example:
82    #{
83    #"@odata.context": "/redfish/v1/$metadata#ManagerAccount.ManagerAccount",
84    #"@odata.id": "/redfish/v1/AccountService/Accounts/test1",
85    #"@odata.type": "#ManagerAccount.v1_0_3.ManagerAccount",
86    #"Description": "User Account",
87    #"Enabled": true,
88    #"Id": "test1",
89    #"Links": {
90    #  "Role": {
91    #    "@odata.id": "/redfish/v1/AccountService/Roles/Administrator"
92    #  }
93    #},
94
95    # Make sure the user account in question does not already exist.
96    Run Keyword And Ignore Error
97    ...  Redfish.Delete  /redfish/v1/AccountService/Accounts/${userName}
98
99    # Create specified user.
100    ${payload}=  Create Dictionary
101    ...  UserName=${username}  Password=${password}  RoleId=${role_id}  Enabled=${enabled}
102    Redfish.Post  /redfish/v1/AccountService/Accounts  body=&{payload}
103    ...  valid_status_codes=[${HTTP_CREATED}]
104
105    Redfish.Logout
106
107    # Login with created user.
108    Redfish.Login  ${username}  ${password}
109
110    # Validate Role Id of created user.
111    ${role_config}=  Redfish_Utils.Get Attribute
112    ...  /redfish/v1/AccountService/Accounts/${userName}  RoleId
113    Should Be Equal  ${role_id}  ${role_config}
114
115    Redfish.Get  /redfish/v1/AccountService/Accounts/${userName}
116
117    # Delete Specified User
118    Redfish.Delete  /redfish/v1/AccountService/Accounts/${userName}
119
120Verify Redfish User with Wrong Password
121    [Documentation]  Verify Redfish User with Wrong Password
122    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}  ${wrong_password}
123
124    # Description of argument(s):
125    # username            The username to be created.
126    # password            The password to be assigned.
127    # role_id             The role id of the user to be created
128    #                     (e.g. "Administrator", "Operator", etc.).
129    # enabled             Indicates whether the username being created
130    #                     should be enabled (${True}, ${False}).
131    # wrong_password      Any invalid password.
132
133    # Make sure the user account in question does not already exist.
134    Run Keyword And Ignore Error
135    ...  Redfish.Delete  /redfish/v1/AccountService/Accounts/${userName}
136
137    # Create specified user.
138    ${payload}=  Create Dictionary
139    ...  UserName=${username}  Password=${password}  RoleId=${role_id}  Enabled=${enabled}
140    Redfish.Post  /redfish/v1/AccountService/Accounts  body=&{payload}
141    ...  valid_status_codes=[${HTTP_CREATED}]
142
143    Redfish.Logout
144
145    # Login with created user.
146    Redfish.Login  ${username}  ${password}
147
148    Redfish.Logout
149
150    # Attempt to login with created user with invalid password.
151    Run Keyword And Expect Error  InvalidCredentialsError*
152    ...  Redfish.Login  ${username}  ${wrong_password}
153
154    Redfish.Login
155
156    # Delete newly created user.
157    Redfish.Delete  /redfish/v1/AccountService/Accounts/${userName}
158
159
160Verify Login with Deleted Redfish User
161    [Documentation]  Verify Login with Deleted Redfish User
162    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}
163
164    # Description of argument(s):
165    # username            The username to be created.
166    # password            The password to be assigned.
167    # role_id             The role id of the user to be created
168    #                     (e.g. "Administrator", "Operator", etc.).
169    # enabled             Indicates whether the username being created
170    #                     should be enabled (${True}, ${False}).
171
172    # Make sure the user account in question does not already exist.
173    Run Keyword And Ignore Error
174    ...  Redfish.Delete  /redfish/v1/AccountService/Accounts/${userName}
175
176    Redfish.Login
177
178    # Create specified user.
179    ${payload}=  Create Dictionary
180    ...  UserName=${username}  Password=${password}  RoleId=${role_id}  Enabled=${enabled}
181    Redfish.Post  /redfish/v1/AccountService/Accounts  body=&{payload}
182    ...  valid_status_codes=[${HTTP_CREATED}]
183
184    Redfish.Logout
185
186    # Login with created user.
187    Redfish.Login  ${username}  ${password}
188
189    Redfish.Logout
190
191    Redfish.Login
192
193    # Delete newly created user.
194    Redfish.Delete  /redfish/v1/AccountService/Accounts/${userName}
195
196    # Attempt to login with deleted user account.
197    Run Keyword And Expect Error  InvalidCredentialsError*
198    ...  Redfish.Login  ${username}  ${password}
199