1*** Settings ***
2Documentation    Test Redfish user account.
3
4Resource         ../../lib/resource.robot
5Resource         ../../lib/bmc_redfish_resource.robot
6Resource         ../../lib/openbmc_ffdc.robot
7Resource         ../../lib/bmc_redfish_utils.robot
8
9Library          SSHLibrary
10
11Test Setup       Redfish.Login
12Test Teardown    Test Teardown Execution
13
14*** Variables ***
15
16${account_lockout_duration}   ${30}
17${account_lockout_threshold}  ${3}
18
19** Test Cases **
20
21Verify AccountService Available
22    [Documentation]  Verify Redfish account service is available.
23    [Tags]  Verify_AccountService_Available
24
25    ${resp} =  Redfish_utils.Get Attribute  /redfish/v1/AccountService  ServiceEnabled
26    Should Be Equal As Strings  ${resp}  ${True}
27
28
29Verify Redfish Admin User Persistence After Reboot
30    [Documentation]  Verify Redfish admin user persistence after reboot.
31    [Tags]  Verify_Redfish_Admin_User_Persistence_After_Reboot
32    [Setup]  Run Keywords  Redfish.Login  AND
33    ...  Redfish Create User  admin_user  TestPwd123  Administrator  ${True}
34    [Teardown]  Run Keywords  Redfish.Delete  /redfish/v1/AccountService/Accounts/admin_user
35    ...  AND  Test Teardown Execution
36
37    # Reboot BMC.
38    Redfish OBMC Reboot (off)  stack_mode=normal
39
40    # Verify users after reboot.
41    Redfish Verify User  admin_user     TestPwd123  Administrator   ${True}
42
43
44Verify Redfish Operator User Persistence After Reboot
45    [Documentation]  Verify Redfish operator user persistence after reboot.
46    [Tags]  Verify_Redfish_Operator_User_Persistence_After_Reboot
47    [Setup]  Run Keywords  Redfish.Login  AND
48    ...  Redfish Create User  operator_user  TestPwd123  Operator  ${True}
49    [Teardown]  Run Keywords  Redfish.Delete  /redfish/v1/AccountService/Accounts/operator_user
50    ...  AND  Test Teardown Execution
51
52    # Reboot BMC.
53    Redfish OBMC Reboot (off)  stack_mode=normal
54
55    # Verify users after reboot.
56    Redfish Verify User  operator_user  TestPwd123  Operator        ${True}
57
58
59Verify Redfish Readonly User Persistence After Reboot
60    [Documentation]  Verify Redfish readonly user persistence after reboot.
61    [Tags]  Verify_Redfish_Readonly_User_Persistence_After_Reboot
62    [Setup]  Run Keywords  Redfish.Login  AND
63    ...  Redfish Create User  readonly_user  TestPwd123  ReadOnly  ${True}
64    [Teardown]  Run Keywords  Redfish.Delete  /redfish/v1/AccountService/Accounts/readonly_user
65    ...  AND  Test Teardown Execution
66
67    # Reboot BMC.
68    Redfish OBMC Reboot (off)  stack_mode=normal
69
70    # Verify users after reboot.
71    Redfish Verify User  readonly_user  TestPwd123  ReadOnly        ${True}
72
73
74Redfish Create and Verify Admin User
75    [Documentation]  Create a Redfish user with administrator role and verify.
76    [Tags]  Redfish_Create_and_Verify_Admin_User
77    [Template]  Redfish Create And Verify User
78
79    #username      password    role_id         enabled
80    admin_user     TestPwd123  Administrator   ${True}
81
82
83Redfish Create and Verify Operator User
84    [Documentation]  Create a Redfish user with operator role and verify.
85    [Tags]  Redfish_Create_and_Verify_Operator_User
86    [Template]  Redfish Create And Verify User
87
88    #username      password    role_id         enabled
89    operator_user  TestPwd123  Operator        ${True}
90
91
92Redfish Create and Verify Readonly User
93    [Documentation]  Create a Redfish user with readonly role and verify.
94    [Tags]  Redfish_Create_and_Verify_Readonly_User
95    [Template]  Redfish Create And Verify User
96
97    #username      password    role_id         enabled
98    readonly_user  TestPwd123  ReadOnly        ${True}
99
100
101Verify Redfish Admin User With Wrong Password
102    [Documentation]  Verify Redfish admin user with wrong password.
103    [Tags]  Verify_Redfish_Admin_User_With_Wrong_Password
104    [Template]  Verify Redfish User with Wrong Password
105
106    #username      password    role_id         enabled  wrong_password
107    admin_user     TestPwd123  Administrator   ${True}  alskjhfwurh
108
109
110Verify Redfish Operator User with Wrong Password
111    [Documentation]  Verify Redfish operator user with wrong password.
112    [Tags]  Verify_Redfish_Operator_User_with_Wrong_Password
113    [Template]  Verify Redfish User with Wrong Password
114
115    #username      password    role_id         enabled  wrong_password
116    operator_user  TestPwd123  Operator        ${True}  12j8a8uakjhdaosiruf024
117
118
119Verify Redfish Readonly User With Wrong Password
120    [Documentation]  Verify Redfish readonly user with wrong password.
121    [Tags]  Verify_Redfish_Readonly_User_With_Wrong_Password
122    [Template]  Verify Redfish User with Wrong Password
123
124    #username      password    role_id         enabled  wrong_password
125    readonly_user  TestPwd123  ReadOnly        ${True}  12
126
127
128Verify Login with Deleted Redfish Admin User
129    [Documentation]  Verify login with deleted Redfish admin user.
130    [Tags]  Verify_Login_with_Deleted_Redfish_Admin_User
131    [Template]  Verify Login with Deleted Redfish User
132
133    #username     password    role_id         enabled
134    admin_user     TestPwd123  Administrator   ${True}
135
136
137Verify Login with Deleted Redfish Operator User
138    [Documentation]  Verify login with deleted Redfish operator user.
139    [Tags]  Verify_Login_with_Deleted_Redfish_Operator_User
140    [Template]  Verify Login with Deleted Redfish User
141
142    #username     password    role_id         enabled
143    operator_user  TestPwd123  Operator        ${True}
144
145
146Verify Login with Deleted Redfish Readonly User
147    [Documentation]  Verify login with deleted Redfish readonly user.
148    [Tags]  Verify_Login_with_Deleted_Redfish_Readonly_User
149    [Template]  Verify Login with Deleted Redfish User
150
151    #username     password    role_id         enabled
152    readonly_user  TestPwd123  ReadOnly        ${True}
153
154
155Verify Admin User Creation Without Enabling It
156    [Documentation]  Verify admin user creation without enabling it.
157    [Tags]  Verify_Admin_User_Creation_Without_Enabling_It
158    [Template]  Verify Create User Without Enabling
159
160    #username      password    role_id         enabled
161    admin_user     TestPwd123  Administrator   ${False}
162
163
164Verify Operator User Creation Without Enabling It
165    [Documentation]  Verify operator user creation without enabling it.
166    [Tags]  Verify_Operator_User_Creation_Without_Enabling_It
167    [Template]  Verify Create User Without Enabling
168
169    #username      password    role_id         enabled
170    operator_user  TestPwd123  Operator        ${False}
171
172
173Verify Readonly User Creation Without Enabling It
174    [Documentation]  Verify readonly user creation without enabling it.
175    [Tags]  Verify_Readonly_User_Creation_Without_Enabling_It
176    [Template]  Verify Create User Without Enabling
177
178    #username      password    role_id         enabled
179    readonly_user  TestPwd123  ReadOnly        ${False}
180
181
182Verify User Creation With Invalid Role Id
183    [Documentation]  Verify user creation with invalid role ID.
184    [Tags]  Verify_User_Creation_With_Invalid_Role_Id
185
186    # Make sure the user account in question does not already exist.
187    Redfish.Delete  /redfish/v1/AccountService/Accounts/test_user
188    ...  valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
189
190    # Create specified user.
191    ${payload}=  Create Dictionary
192    ...  UserName=test_user  Password=TestPwd123  RoleId=wrongroleid  Enabled=${True}
193    Redfish.Post  /redfish/v1/AccountService/Accounts/  body=&{payload}
194    ...  valid_status_codes=[${HTTP_BAD_REQUEST}]
195
196Verify Error Upon Creating Same Users With Different Privileges
197    [Documentation]  Verify error upon creating same users with different privileges.
198    [Tags]  Verify_Error_Upon_Creating_Same_Users_With_Different_Privileges
199
200    Redfish Create User  test_user  TestPwd123  Administrator  ${True}
201
202    # Create specified user.
203    ${payload}=  Create Dictionary
204    ...  UserName=test_user  Password=TestPwd123  RoleId=Operator  Enabled=${True}
205    Redfish.Post  /redfish/v1/AccountService/Accounts/  body=&{payload}
206    ...  valid_status_codes=[${HTTP_BAD_REQUEST}]
207
208    Redfish.Delete  /redfish/v1/AccountService/Accounts/test_user
209
210Verify Modifying User Attributes
211    [Documentation]  Verify modifying user attributes.
212    [Tags]  Verify_Modifying_User_Attributes
213    # Create Redfish users.
214    Redfish Create User  admin_user     TestPwd123  Administrator   ${True}
215    Redfish Create User  operator_user  TestPwd123  Operator        ${True}
216    Redfish Create User  readonly_user  TestPwd123  ReadOnly        ${True}
217
218    # Make sure the new user account does not already exist.
219    Redfish.Delete  /redfish/v1/AccountService/Accounts/newadmin_user
220    ...  valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
221
222    # Update admin_user username using Redfish.
223    ${payload}=  Create Dictionary  UserName=newadmin_user
224    Redfish.Patch  /redfish/v1/AccountService/Accounts/admin_user  body=&{payload}
225
226    # Update operator_user password using Redfish.
227    ${payload}=  Create Dictionary  Password=NewTestPwd123
228    Redfish.Patch  /redfish/v1/AccountService/Accounts/operator_user  body=&{payload}
229
230    # Update readonly_user role using Redfish.
231    ${payload}=  Create Dictionary  RoleId=Operator
232    Redfish.Patch  /redfish/v1/AccountService/Accounts/readonly_user  body=&{payload}
233
234    # Verify users after updating
235    Redfish Verify User  newadmin_user  TestPwd123     Administrator   ${True}
236    Redfish Verify User  operator_user  NewTestPwd123  Operator        ${True}
237    Redfish Verify User  readonly_user  TestPwd123     Operator        ${True}
238
239    # Delete created users.
240    Redfish.Delete  /redfish/v1/AccountService/Accounts/newadmin_user
241    Redfish.Delete  /redfish/v1/AccountService/Accounts/operator_user
242    Redfish.Delete  /redfish/v1/AccountService/Accounts/readonly_user
243
244Verify User Account Locked
245    [Documentation]  Verify user account locked upon trying with invalid password.
246    [Tags]  Verify_User_Account_Locked
247
248    Redfish Create User  admin_user  TestPwd123  Administrator   ${True}
249
250    ${payload}=  Create Dictionary  AccountLockoutThreshold=${account_lockout_threshold}
251    ...  AccountLockoutDuration=${account_lockout_duration}
252    Redfish.Patch  ${REDFISH_ACCOUNTS_SERVICE_URI}  body=${payload}
253
254    Redfish.Logout
255
256    # Make ${account_lockout_threshold} failed login attempts.
257    Repeat Keyword  ${account_lockout_threshold} times
258    ...  Run Keyword And Expect Error  InvalidCredentialsError*  Redfish.Login  admin_user  abc123
259
260    # Verify that legitimate login fails due to lockout.
261    Run Keyword And Expect Error  InvalidCredentialsError*
262    ...  Redfish.Login  admin_user  TestPwd123
263
264    # Wait for lockout duration to expire and then verify that login works.
265    Sleep  ${account_lockout_duration}s
266    Redfish.Login  admin_user  TestPwd123
267
268    Redfish.Logout
269
270    Redfish.Login
271
272    Redfish.Delete  /redfish/v1/AccountService/Accounts/admin_user
273
274Verify Admin User Privilege
275    [Documentation]  Verify admin user privilege.
276    [Tags]  Verify_Admin_User_Privilege
277
278    Redfish Create User  admin_user  TestPwd123  Administrator  ${True}
279    Redfish Create User  operator_user  TestPwd123  Operator  ${True}
280    Redfish Create User  readonly_user  TestPwd123  ReadOnly  ${True}
281
282    Redfish.Logout
283
284    # Change role ID of operator user with admin user.
285    # Login with admin user.
286    Redfish.Login  admin_user  TestPwd123
287
288    # Modify Role ID of Operator user.
289    Redfish.Patch  /redfish/v1/AccountService/Accounts/operator_user  body={'RoleId': 'Administrator'}
290
291    # Verify modified user.
292    Redfish Verify User  operator_user  TestPwd123  Administrator  ${True}
293
294    Redfish.Logout
295    Redfish.Login  admin_user  TestPwd123
296
297    # Change password of 'user' user with admin user.
298    Redfish.Patch  /redfish/v1/AccountService/Accounts/readonly_user  body={'Password': 'NewTestPwd123'}
299
300    # Verify modified user.
301    Redfish Verify User  readonly_user  NewTestPwd123  ReadOnly  ${True}
302
303    Redfish.Delete  /redfish/v1/AccountService/Accounts/admin_user
304    Redfish.Delete  /redfish/v1/AccountService/Accounts/operator_user
305    Redfish.Delete  /redfish/v1/AccountService/Accounts/readonly_user
306
307Verify Operator User Privilege
308    [Documentation]  Verify operator user privilege.
309    [Tags]  Verify_Operator_User_Privilege
310
311    Redfish Create User  admin_user  TestPwd123  Administrator  ${True}
312    Redfish Create User  operator_user  TestPwd123  Operator  ${True}
313
314    Redfish.Logout
315    # Login with operator user.
316    Redfish.Login  operator_user  TestPwd123
317
318    # Verify BMC reset.
319    Run Keyword And Expect Error  ValueError*  Redfish BMC Reset Operation
320
321    # Attempt to change password of admin user with operator user.
322    Redfish.Patch  /redfish/v1/AccountService/Accounts/admin_user  body={'Password': 'NewTestPwd123'}
323    ...  valid_status_codes=[${HTTP_FORBIDDEN}]
324
325    Redfish.Logout
326
327    Redfish.Login
328
329    Redfish.Delete  /redfish/v1/AccountService/Accounts/admin_user
330    Redfish.Delete  /redfish/v1/AccountService/Accounts/operator_user
331
332
333Verify ReadOnly User Privilege
334    [Documentation]  Verify ReadOnly user privilege.
335    [Tags]  Verify_ReadOnly_User_Privilege
336
337    Redfish Create User  readonly_user  TestPwd123  ReadOnly  ${True}
338    Redfish.Logout
339
340    # Login with read_only user.
341    Redfish.Login  readonly_user  TestPwd123
342
343    # Read system level data.
344    ${system_model}=  Redfish_Utils.Get Attribute
345    ...  ${SYSTEM_BASE_URI}  Model
346
347    Redfish.Logout
348    Redfish.Login
349    Redfish.Delete  ${REDFISH_ACCOUNTS_URI}readonly_user
350
351
352Verify Minimum Password Length For Redfish User
353    [Documentation]  Verify minimum password length for new and existing user.
354    [Tags]  Verify_Minimum_Password_Length_For_Redfish_User
355
356    ${user_name}=  Set Variable  testUser
357
358    # Make sure the user account in question does not already exist.
359    Redfish.Delete  /redfish/v1/AccountService/Accounts/${user_name}
360    ...  valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
361
362    # Try to create a user with invalid length password.
363    ${payload}=  Create Dictionary
364    ...  UserName=${user_name}  Password=UserPwd  RoleId=Administrator  Enabled=${True}
365    Redfish.Post  /redfish/v1/AccountService/Accounts/  body=&{payload}
366    ...  valid_status_codes=[${HTTP_BAD_REQUEST}]
367
368    # Create specified user with valid length password.
369    Set To Dictionary  ${payload}  Password  UserPwd1
370    Redfish.Post  /redfish/v1/AccountService/Accounts/  body=&{payload}
371    ...  valid_status_codes=[${HTTP_CREATED}]
372
373    # Try to change to an invalid password.
374    Redfish.Patch  /redfish/v1/AccountService/Accounts/${user_name}  body={'Password': 'UserPwd'}
375    ...  valid_status_codes=[${HTTP_BAD_REQUEST}]
376
377    # Change to a valid password.
378    Redfish.Patch  /redfish/v1/AccountService/Accounts/${user_name}  body={'Password': 'UserPwd1'}
379
380    # Verify login.
381    Redfish.Logout
382    Redfish.Login  ${user_name}  UserPwd1
383    Redfish.Logout
384    Redfish.Login
385    Redfish.Delete  /redfish/v1/AccountService/Accounts/${user_name}
386
387
388Verify Standard User Roles Defined By Redfish
389    [Documentation]  Verify standard user roles defined by Redfish.
390    [Tags]  Verify_Standard_User_Roles_Defined_By_Redfish
391
392    ${member_list}=  Redfish_Utils.Get Member List
393    ...  /redfish/v1/AccountService/Roles
394
395    @{roles}=  Create List
396    ...  /redfish/v1/AccountService/Roles/Administrator
397    ...  /redfish/v1/AccountService/Roles/Operator
398    ...  /redfish/v1/AccountService/Roles/ReadOnly
399
400    List Should Contain Sub List  ${member_list}  ${roles}
401
402    # The standard roles are:
403
404    # | Role name | Assigned privileges |
405    # | Administrator | Login, ConfigureManager, ConfigureUsers, ConfigureComponents, ConfigureSelf |
406    # | Operator | Login, ConfigureComponents, ConfigureSelf |
407    # | ReadOnly | Login, ConfigureSelf |
408
409    @{admin}=  Create List  Login  ConfigureManager  ConfigureUsers  ConfigureComponents  ConfigureSelf
410    @{operator}=  Create List  Login  ConfigureComponents  ConfigureSelf
411    @{readOnly}=  Create List  Login  ConfigureSelf
412
413    ${roles_dict}=  create dictionary  admin_privileges=${admin}  operator_privileges=${operator}
414    ...  readOnly_privileges=${readOnly}
415
416    ${resp}=  redfish.Get  /redfish/v1/AccountService/Roles/Administrator
417    List Should Contain Sub List  ${resp.dict['AssignedPrivileges']}  ${roles_dict['admin_privileges']}
418
419    ${resp}=  redfish.Get  /redfish/v1/AccountService/Roles/Operator
420    List Should Contain Sub List  ${resp.dict['AssignedPrivileges']}  ${roles_dict['operator_privileges']}
421
422    ${resp}=  redfish.Get  /redfish/v1/AccountService/Roles/ReadOnly
423    List Should Contain Sub List  ${resp.dict['AssignedPrivileges']}  ${roles_dict['readOnly_privileges']}
424
425
426Verify Error While Deleting Root User
427    [Documentation]  Verify error while deleting root user.
428    [Tags]  Verify_Error_While_Deleting_Root_User
429
430    Redfish.Delete  /redfish/v1/AccountService/Accounts/root  valid_status_codes=[${HTTP_FORBIDDEN}]
431
432
433Verify SSH Login Access With Admin User
434    [Documentation]  Verify that admin user does not have SSH login access.
435    [Tags]  Verify_SSH_Login_Access_With_Admin_User
436
437    # Create an admin User.
438    Redfish Create User  new_admin  TestPwd1  Administrator  ${True}
439
440    # Attempt SSH login with admin user.
441    SSHLibrary.Open Connection  ${OPENBMC_HOST}
442    ${status}=  Run Keyword And Return Status  SSHLibrary.Login  new_admin  TestPwd1
443    Should Be Equal  ${status}  ${False}
444
445
446*** Keywords ***
447
448Test Teardown Execution
449    [Documentation]  Do the post test teardown.
450
451    Run Keyword And Ignore Error  Redfish.Logout
452    FFDC On Test Case Fail
453
454
455Redfish Create User
456    [Documentation]  Redfish create user.
457    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}  ${login_check}=${True}
458
459    # Description of argument(s):
460    # username            The username to be created.
461    # password            The password to be assigned.
462    # role_id             The role ID of the user to be created
463    #                     (e.g. "Administrator", "Operator", etc.).
464    # enabled             Indicates whether the username being created
465    #                     should be enabled (${True}, ${False}).
466    # login_check         Checks user login for created user.
467    #                     (e.g. ${True}, ${False}).
468
469    # Make sure the user account in question does not already exist.
470    Redfish.Delete  /redfish/v1/AccountService/Accounts/${userName}
471    ...  valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
472
473    # Create specified user.
474    ${payload}=  Create Dictionary
475    ...  UserName=${username}  Password=${password}  RoleId=${role_id}  Enabled=${enabled}
476    Redfish.Post  /redfish/v1/AccountService/Accounts/  body=&{payload}
477    ...  valid_status_codes=[${HTTP_CREATED}]
478
479    # Resetting faillock count as a workaround for issue
480    # openbmc/phosphor-user-manager#4
481    ${cmd}=  Catenate  test -f /usr/sbin/faillock && /usr/sbin/faillock --user USER --reset
482    ...  || /usr/sbin/pam_tally2 -u ${username} --reset
483    Bmc Execute Command  ${cmd}
484
485    # Verify login with created user.
486    ${status}=  Run Keyword If  '${login_check}' == '${True}'
487    ...  Verify Redfish User Login  ${username}  ${password}
488    Run Keyword If  '${login_check}' == '${True}'  Should Be Equal  ${status}  ${enabled}
489
490    # Validate Role ID of created user.
491    ${role_config}=  Redfish_Utils.Get Attribute
492    ...  /redfish/v1/AccountService/Accounts/${username}  RoleId
493    Should Be Equal  ${role_id}  ${role_config}
494
495
496Redfish Verify User
497    [Documentation]  Redfish user verification.
498    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}
499
500    # Description of argument(s):
501    # username            The username to be created.
502    # password            The password to be assigned.
503    # role_id             The role ID of the user to be created
504    #                     (e.g. "Administrator", "Operator", etc.).
505    # enabled             Indicates whether the username being created
506    #                     should be enabled (${True}, ${False}).
507
508    ${status}=  Verify Redfish User Login  ${username}  ${password}
509    # Doing a check of the returned status.
510    Should Be Equal  ${status}  ${enabled}
511
512    # Validate Role Id of user.
513    ${role_config}=  Redfish_Utils.Get Attribute
514    ...  /redfish/v1/AccountService/Accounts/${username}  RoleId
515    Should Be Equal  ${role_id}  ${role_config}
516
517
518Verify Redfish User Login
519    [Documentation]  Verify Redfish login with given user id.
520    [Teardown]  Run Keywords  Run Keyword And Ignore Error  Redfish.Logout  AND  Redfish.Login
521    [Arguments]   ${username}  ${password}
522
523    # Description of argument(s):
524    # username            Login username.
525    # password            Login password.
526
527    # Logout from current Redfish session.
528    # We don't really care if the current session is flushed out since we are going to login
529    # with new credential in next.
530    Run Keyword And Ignore Error  Redfish.Logout
531
532    ${status}=  Run Keyword And Return Status  Redfish.Login  ${username}  ${password}
533    [Return]  ${status}
534
535
536Redfish Create And Verify User
537    [Documentation]  Redfish create and verify user.
538    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}
539
540    # Description of argument(s):
541    # username            The username to be created.
542    # password            The password to be assigned.
543    # role_id             The role ID of the user to be created
544    #                     (e.g. "Administrator", "Operator", etc.).
545    # enabled             Indicates whether the username being created
546    #                     should be enabled (${True}, ${False}).
547
548    # Example:
549    #{
550    #"@odata.context": "/redfish/v1/$metadata#ManagerAccount.ManagerAccount",
551    #"@odata.id": "/redfish/v1/AccountService/Accounts/test1",
552    #"@odata.type": "#ManagerAccount.v1_0_3.ManagerAccount",
553    #"Description": "User Account",
554    #"Enabled": true,
555    #"Id": "test1",
556    #"Links": {
557    #  "Role": {
558    #    "@odata.id": "/redfish/v1/AccountService/Roles/Administrator"
559    #  }
560    #},
561
562    Redfish Create User  ${username}  ${password}  ${role_id}  ${enabled}
563
564    Redfish Verify User  ${username}  ${password}  ${role_id}  ${enabled}
565
566    # Delete Specified User
567    Redfish.Delete  /redfish/v1/AccountService/Accounts/${username}
568
569Verify Redfish User with Wrong Password
570    [Documentation]  Verify Redfish User with Wrong Password.
571    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}  ${wrong_password}
572
573    # Description of argument(s):
574    # username            The username to be created.
575    # password            The password to be assigned.
576    # role_id             The role ID of the user to be created
577    #                     (e.g. "Administrator", "Operator", etc.).
578    # enabled             Indicates whether the username being created
579    #                     should be enabled (${True}, ${False}).
580    # wrong_password      Any invalid password.
581
582    Redfish Create User  ${username}  ${password}  ${role_id}  ${enabled}
583
584    Redfish.Logout
585
586    # Attempt to login with created user with invalid password.
587    Run Keyword And Expect Error  InvalidCredentialsError*
588    ...  Redfish.Login  ${username}  ${wrong_password}
589
590    Redfish.Login
591
592    # Delete newly created user.
593    Redfish.Delete  /redfish/v1/AccountService/Accounts/${username}
594
595
596Verify Login with Deleted Redfish User
597    [Documentation]  Verify Login with Deleted Redfish User.
598    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}
599
600    # Description of argument(s):
601    # username            The username to be created.
602    # password            The password to be assigned.
603    # role_id             The role ID of the user to be created
604    #                     (e.g. "Administrator", "Operator", etc.).
605    # enabled             Indicates whether the username being created
606    #                     should be enabled (${True}, ${False}).
607
608    Redfish Create User  ${username}  ${password}  ${role_id}  ${enabled}
609
610    # Delete newly created user.
611    Redfish.Delete  /redfish/v1/AccountService/Accounts/${userName}
612
613    Redfish.Logout
614
615    # Attempt to login with deleted user account.
616    Run Keyword And Expect Error  InvalidCredentialsError*
617    ...  Redfish.Login  ${username}  ${password}
618
619    Redfish.Login
620
621
622Verify Create User Without Enabling
623    [Documentation]  Verify Create User Without Enabling.
624    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}
625
626    # Description of argument(s):
627    # username            The username to be created.
628    # password            The password to be assigned.
629    # role_id             The role ID of the user to be created
630    #                     (e.g. "Administrator", "Operator", etc.).
631    # enabled             Indicates whether the username being created
632    #                     should be enabled (${True}, ${False}).
633
634    Redfish Create User  ${username}  ${password}  ${role_id}  ${enabled}  ${False}
635
636    Redfish.Logout
637
638    # Login with created user.
639    Run Keyword And Expect Error  InvalidCredentialsError*
640    ...  Redfish.Login  ${username}  ${password}
641
642    Redfish.Login
643
644    # Delete newly created user.
645    Redfish.Delete  /redfish/v1/AccountService/Accounts/${username}
646
647