19ca0d370Smanashsarma*** Settings ***
29ca0d370Smanashsarma
39ca0d370Smanashsarma
49ca0d370SmanashsarmaDocumentation     Suite to test local user management.
59ca0d370Smanashsarma
69ca0d370SmanashsarmaLibrary           OperatingSystem
79ca0d370SmanashsarmaLibrary           String
89ca0d370SmanashsarmaLibrary           Collections
99ca0d370Smanashsarma
109ca0d370SmanashsarmaResource          ../../lib/resource.robot
119ca0d370SmanashsarmaResource          ../../lib/bmc_redfish_resource.robot
129ca0d370SmanashsarmaResource          ../../lib/openbmc_ffdc.robot
139ca0d370SmanashsarmaResource          ../../lib/certificate_utils.robot
14579d8253SmanashsarmaResource          ../../lib/dmtf_redfishtool_utils.robot
159ca0d370Smanashsarma
169ca0d370SmanashsarmaSuite Setup       Suite Setup Execution
179ca0d370Smanashsarma
18*6fb70d98SMatt FischerTest Tags        Redfishtool_Local_User
199ca0d370Smanashsarma
209ca0d370Smanashsarma*** Variables ***
219ca0d370Smanashsarma
229ca0d370Smanashsarma${root_cmd_args} =  SEPARATOR=
23d4ba2493SGeorge Keishing...  redfishtool raw -r ${OPENBMC_HOST}:${HTTPS_PORT} -u ${OPENBMC_USERNAME} -p ${OPENBMC_PASSWORD} -S Always
249ca0d370Smanashsarma
259ca0d370Smanashsarma
269ca0d370Smanashsarma*** Test Cases ***
279ca0d370Smanashsarma
289ca0d370SmanashsarmaVerify Redfishtool Create Users
299ca0d370Smanashsarma    [Documentation]  Create user via Redfishtool and verify.
309ca0d370Smanashsarma    [Tags]  Verify_Redfishtool_Create_Users
319ca0d370Smanashsarma    [Teardown]  Redfishtool Delete User  "UserT100"
329ca0d370Smanashsarma
33841ac303Smanashsarma    Redfishtool Create User  "UserT100"  "TestPwd123"  "ReadOnly"  true
34841ac303Smanashsarma    Redfishtool Verify User  "UserT100"  "ReadOnly"
359ca0d370Smanashsarma
369ca0d370Smanashsarma
379ca0d370SmanashsarmaVerify Redfishtool Modify Users
389ca0d370Smanashsarma    [Documentation]  Modify user via Redfishtool and verify.
399ca0d370Smanashsarma    [Tags]  Verify_Redfishtool_Modify_Users
409ca0d370Smanashsarma    [Teardown]  Redfishtool Delete User  "UserT100"
419ca0d370Smanashsarma
42841ac303Smanashsarma    Redfishtool Create User  "UserT100"  "TestPwd123"  "ReadOnly"  true
439ca0d370Smanashsarma    Redfishtool Update User Role  "UserT100"  "Administrator"
449ca0d370Smanashsarma    Redfishtool Verify User  "UserT100"  "Administrator"
459ca0d370Smanashsarma
469ca0d370Smanashsarma
479ca0d370SmanashsarmaVerify Redfishtool Delete Users
489ca0d370Smanashsarma    [Documentation]  Delete user via Redfishtool and verify.
499ca0d370Smanashsarma    [Tags]  Verify_Redfishtool_Delete_Users
509ca0d370Smanashsarma
51841ac303Smanashsarma    Redfishtool Create User  "UserT100"  "TestPwd123"  "ReadOnly"  true
529ca0d370Smanashsarma    Redfishtool Delete User  "UserT100"
539ca0d370Smanashsarma    ${status}=  Redfishtool Verify User Name Exists  "UserT100"
549ca0d370Smanashsarma    Should Be True  ${status} == False
559ca0d370Smanashsarma
569ca0d370Smanashsarma
579ca0d370SmanashsarmaVerify Redfishtool Login With Deleted Redfish Users
589ca0d370Smanashsarma    [Documentation]  Verify login with deleted user via Redfishtool.
599ca0d370Smanashsarma    [Tags]  Verify_Redfishtool_Login_With_Deleted_Redfish_Users
609ca0d370Smanashsarma
61841ac303Smanashsarma    Redfishtool Create User  "UserT100"  "TestPwd123"  "ReadOnly"  true
629ca0d370Smanashsarma    Redfishtool Delete User  "UserT100"
639ca0d370Smanashsarma    Redfishtool Access Resource  /redfish/v1/AccountService/Accounts  "UserT100"  "TestPwd123"
649ca0d370Smanashsarma    ...  ${HTTP_UNAUTHORIZED}
659ca0d370Smanashsarma
669ca0d370Smanashsarma
679ca0d370SmanashsarmaVerify Redfishtool Error Upon Creating Same Users With Different Privileges
689ca0d370Smanashsarma    [Documentation]  Verify error upon creating same users with different privileges.
699ca0d370Smanashsarma    [Tags]  Verify_Redfishtool_Error_Upon_Creating_Same_Users_With_Different_Privileges
709ca0d370Smanashsarma    [Teardown]  Redfishtool Delete User  "UserT100"
719ca0d370Smanashsarma
72841ac303Smanashsarma    Redfishtool Create User  "UserT100"  "TestPwd123"  "ReadOnly"  true
739ca0d370Smanashsarma    Redfishtool Create User  "UserT100"  "TestPwd123"  "Administrator"  true
749ca0d370Smanashsarma    ...  expected_error=${HTTP_BAD_REQUEST}
759ca0d370Smanashsarma
769ca0d370Smanashsarma
779ca0d370SmanashsarmaVerify Redfishtool Admin User Privilege
789ca0d370Smanashsarma    [Documentation]  Verify privilege of admin user.
799ca0d370Smanashsarma    [Tags]  Verify_Redfishtool_Admin_User_Privilege
809ca0d370Smanashsarma    [Teardown]  Run Keywords  Redfishtool Delete User  "UserT100"  AND
819ca0d370Smanashsarma    ...  Redfishtool Delete User  "UserT101"
829ca0d370Smanashsarma
839ca0d370Smanashsarma    Redfishtool Create User  "UserT100"  "TestPwd123"  "Administrator"  true
849ca0d370Smanashsarma
85ba7e33e2SGene Ratzlaff    # Verify if a user can be added by admin
86841ac303Smanashsarma    Redfishtool Create User  "UserT101"  "TestPwd123"  "ReadOnly"  true  "UserT100"  "TestPwd123"
879ca0d370Smanashsarma
889ca0d370Smanashsarma
899ca0d370SmanashsarmaVerify Redfishtool ReadOnly User Privilege
909ca0d370Smanashsarma    [Documentation]  Verify Redfishtool ReadOnly user privilege works.
919ca0d370Smanashsarma    [Tags]  Verify_Redfishtool_ReadOnly_User_Privilege
929ca0d370Smanashsarma    [Teardown]  Redfishtool Delete User  "UserT100"
939ca0d370Smanashsarma
949ca0d370Smanashsarma    Redfishtool Create User  "UserT100"  "TestPwd123"  "ReadOnly"  true
959ca0d370Smanashsarma    Redfishtool Access Resource  /redfish/v1/Systems/  "UserT100"  "TestPwd123"
969ca0d370Smanashsarma
979ca0d370Smanashsarma    Redfishtool Create User
989ca0d370Smanashsarma    ...  "UserT101"  "TestPwd123"  "Operator"  true  "UserT100"  "TestPwd123"  ${HTTP_FORBIDDEN}
999ca0d370Smanashsarma
1009ca0d370Smanashsarma
10175e7983eSmanashsarmaVerify Redfishtool Operator User Privilege
10275e7983eSmanashsarma    [Documentation]  Verify that an operator user is able to perform operator privilege
10375e7983eSmanashsarma    ...  task(e.g. create user, delete user).
10475e7983eSmanashsarma    [Tags]  Verify_Redfishtool_Operator_User_Privilege
10575e7983eSmanashsarma    [Teardown]  Redfishtool Delete User  "UserT100"
10675e7983eSmanashsarma
10775e7983eSmanashsarma    Redfishtool Create User  "UserT100"  "TestPwd123"  "ReadOnly"  true
10875e7983eSmanashsarma    Redfishtool Access Resource  /redfish/v1/Systems/  "UserT100"  "TestPwd123"
10975e7983eSmanashsarma
11075e7983eSmanashsarma    Redfishtool Create User
11175e7983eSmanashsarma    ...  "UserT101"  "TestPwd123"  "Operator"  true  "UserT100"  "TestPwd123"  ${HTTP_FORBIDDEN}
11275e7983eSmanashsarma
11375e7983eSmanashsarma
11475e7983eSmanashsarmaVerify Error While Creating User With Invalid Role
11575e7983eSmanashsarma    [Documentation]  Verify error while creating a user with invalid role using Redfishtool.
11675e7983eSmanashsarma    [Tags]  Verify_Error_While_Creating_User_With_Invalid_Role
11726103d96Smanashsarma    [Teardown]  Redfishtool Delete User  "UserT100"  ${HTTP_NOT_FOUND}
11875e7983eSmanashsarma
11975e7983eSmanashsarma    Redfishtool Create User  "UserT100"  "TestPwd123"  "wrongroleid"  true  expected_error=${HTTP_BAD_REQUEST}
12075e7983eSmanashsarma
12175e7983eSmanashsarma
1228d87d7bcSGeorge KeishingVerify Minimum Password Length For Redfish User Using Redfishtool
12375e7983eSmanashsarma    [Documentation]  Verify minimum password length of eight characters for new and existing user.
1248d87d7bcSGeorge Keishing    [Tags]  Verify_Minimum_Password_Length_For_Redfish_User_Using_Redfishtool
12575e7983eSmanashsarma    [Teardown]  Redfishtool Delete User  "UserT100"
12675e7983eSmanashsarma
127841ac303Smanashsarma    Redfishtool Create User  "UserT100"  "TestPwd"  "ReadOnly"  true  expected_error=${HTTP_BAD_REQUEST}
128841ac303Smanashsarma    Redfishtool Create User  "UserT100"  "TestPwd1"  "ReadOnly"  true
12975e7983eSmanashsarma
13075e7983eSmanashsarma
13175e7983eSmanashsarmaVerify Create User Without Enabling
132ba7e33e2SGene Ratzlaff    [Documentation]  Create a user without enabling it and verify that it does not have access.
133ba7e33e2SGene Ratzlaff    [Tags]  Verify_Create_User_Without_Enabling
13475e7983eSmanashsarma    [Teardown]  Redfishtool Delete User  "UserT100"
13575e7983eSmanashsarma
136841ac303Smanashsarma    Redfishtool Create User  "UserT100"  "TestPwd123"  "ReadOnly"  false
13775e7983eSmanashsarma    Redfishtool Access Resource  /redfish/v1/AccountService/Accounts  "UserT100"  "TestPwd123"
13875e7983eSmanashsarma    ...  ${HTTP_UNAUTHORIZED}
13975e7983eSmanashsarma
140c0efe585Smanashsarma
141c0efe585SmanashsarmaVerify Error While Running Redfishtool With Incorrect Password
142c0efe585Smanashsarma    [Documentation]  Verify error while running redfishtool with incorrect Password.
143c0efe585Smanashsarma    [Tags]  Verify_Error_While_Running_Redfishtool_With_Incorrect_Password
144c0efe585Smanashsarma    [Teardown]  Redfishtool Delete User  "UserT100"
145c0efe585Smanashsarma
146c0efe585Smanashsarma    Redfishtool Create User  "UserT100"  "TestPwd123"  "Administrator"  true
147c0efe585Smanashsarma    Redfishtool Access Resource  /redfish/v1/Systems/  "UserT100"  "TestPwd234"  ${HTTP_UNAUTHORIZED}
148c0efe585Smanashsarma
1499ca0d370Smanashsarma*** Keywords ***
1509ca0d370Smanashsarma
1519ca0d370Smanashsarma
1529ca0d370SmanashsarmaRedfishtool Access Resource
1539ca0d370Smanashsarma    [Documentation]  Access resource.
154579d8253Smanashsarma    [Arguments]  ${uri}   ${login_user}  ${login_pasword}  ${expected_error}=200
1559ca0d370Smanashsarma
1569ca0d370Smanashsarma    # Description of argument(s):
1579ca0d370Smanashsarma    # uri            URI for resource access.
1589ca0d370Smanashsarma    # login_user     The login user name used other than default root user.
1599ca0d370Smanashsarma    # login_pasword  The login password.
1609ca0d370Smanashsarma    # expected_error Expected error optionally provided in testcase (e.g. 401 /
1619ca0d370Smanashsarma    #                authentication error, etc. )
1629ca0d370Smanashsarma
1639ca0d370Smanashsarma    ${user_cmd_args}=  Set Variable
1649ca0d370Smanashsarma    ...  redfishtool raw -r ${OPENBMC_HOST} -u ${login_user} -p ${login_pasword} -S Always
1659ca0d370Smanashsarma    Redfishtool Get  ${uri}  ${user_cmd_args}  ${expected_error}
1669ca0d370Smanashsarma
1679ca0d370Smanashsarma
1689ca0d370SmanashsarmaRedfishtool Create User
1699ca0d370Smanashsarma    [Documentation]  Create new user.
170ba7e33e2SGene Ratzlaff    [Arguments]  ${user_name}  ${password}  ${roleId}  ${enable}  ${login_user}=""  ${login_pasword}=""
171579d8253Smanashsarma    ...  ${expected_error}=200
1729ca0d370Smanashsarma
1739ca0d370Smanashsarma    # Description of argument(s):
1749ca0d370Smanashsarma    # user_name      The user name (e.g. "test", "robert", etc.).
1759ca0d370Smanashsarma    # password       The user password (e.g. "0penBmc", "0penBmc1", etc.).
176ba7e33e2SGene Ratzlaff    # roleId         The role of user (e.g. "Administrator", "Operator", etc.).
1779ca0d370Smanashsarma    # enable         Enabled attribute of (e.g. true or false).
1789ca0d370Smanashsarma    # expected_error Expected error optionally provided in testcase (e.g. 401 /
1799ca0d370Smanashsarma    #                authentication error, etc. )
1809ca0d370Smanashsarma
1819ca0d370Smanashsarma    ${user_cmd_args}=  Set Variable
1829ca0d370Smanashsarma    ...  redfishtool raw -r ${OPENBMC_HOST} -u ${login_user} -p ${login_pasword} -S Always
1839ca0d370Smanashsarma    ${data}=  Set Variable
1849ca0d370Smanashsarma    ...  '{"UserName":${user_name},"Password":${password},"RoleId":${roleId},"Enabled":${enable}}'
1859ca0d370Smanashsarma    Run Keyword If  ${login_user} == ""
1869ca0d370Smanashsarma    ...   Redfishtool Post  ${data}  /redfish/v1/AccountService/Accounts  ${root_cmd_args}  ${expected_error}
1879ca0d370Smanashsarma    ...   ELSE
1889ca0d370Smanashsarma    ...   Redfishtool Post  ${data}  /redfish/v1/AccountService/Accounts  ${user_cmd_args}  ${expected_error}
1899ca0d370Smanashsarma
1909ca0d370Smanashsarma
1919ca0d370SmanashsarmaRedfishtool Update User Role
1929ca0d370Smanashsarma    [Documentation]  Update user role.
1939ca0d370Smanashsarma    [Arguments]  ${user_name}  ${newRole}  ${login_user}=""  ${login_pasword}=""
194579d8253Smanashsarma    ...  ${expected_error}=200
1959ca0d370Smanashsarma
1969ca0d370Smanashsarma    # Description of argument(s):
1979ca0d370Smanashsarma    # user_name      The user name (e.g. "test", "robert", etc.).
1989ca0d370Smanashsarma    # newRole        The new role of user (e.g. "Administrator", "Operator", etc.).
1999ca0d370Smanashsarma    # login_user     The login user name used other than default root user.
2009ca0d370Smanashsarma    # login_pasword  The login password.
2019ca0d370Smanashsarma    # expected_error Expected error optionally provided in testcase (e.g. 401 /
2029ca0d370Smanashsarma    #                authentication error, etc. )
2039ca0d370Smanashsarma
2049ca0d370Smanashsarma    ${user_cmd_args}=  Set Variable
2059ca0d370Smanashsarma    ...  redfishtool raw -r ${OPENBMC_HOST} -u ${login_user} -p ${login_pasword} -S Always
2069ca0d370Smanashsarma    Run Keyword If  ${login_user} == ""
2079ca0d370Smanashsarma    ...   Redfishtool Patch  '{"RoleId":${newRole}}'
2089ca0d370Smanashsarma          ...  /redfish/v1/AccountService/Accounts/${user_name}  ${root_cmd_args}  ${expected_error}
2099ca0d370Smanashsarma    ...   ELSE
2109ca0d370Smanashsarma    ...   Redfishtool Patch  '{"RoleId":${newRole}}'
2119ca0d370Smanashsarma          ...  /redfish/v1/AccountService/Accounts/${user_name}  ${user_cmd_args}  ${expected_error}
2129ca0d370Smanashsarma
2139ca0d370Smanashsarma
2149ca0d370SmanashsarmaRedfishtool Delete User
215ba7e33e2SGene Ratzlaff    [Documentation]  Delete a user.
216579d8253Smanashsarma    [Arguments]  ${user_name}  ${expected_error}=200
2179ca0d370Smanashsarma
2189ca0d370Smanashsarma    # Description of argument(s):
2199ca0d370Smanashsarma    # user_name       The user name (e.g. "test", "robert", etc.).
2209ca0d370Smanashsarma    # expected_error  Expected error optionally provided in testcase (e.g. 401 /
2219ca0d370Smanashsarma    #                 authentication error, etc. ).
2229ca0d370Smanashsarma
2239ca0d370Smanashsarma    Redfishtool Delete  /redfish/v1/AccountService/Accounts/${user_name}
2249ca0d370Smanashsarma    ...  ${root_cmd_args}  ${expected_error}
2259ca0d370Smanashsarma
2269ca0d370Smanashsarma
2279ca0d370SmanashsarmaRedfishtool Verify User
2289ca0d370Smanashsarma    [Documentation]  Verify role of the user.
2299ca0d370Smanashsarma    [Arguments]  ${user_name}  ${role}
2309ca0d370Smanashsarma
2319ca0d370Smanashsarma    # Description of argument(s):
2329ca0d370Smanashsarma    # user_name  The user name (e.g. "test", "robert", etc.).
2339ca0d370Smanashsarma    # role       The new role of user (e.g. "Administrator", "Operator", etc.).
2349ca0d370Smanashsarma
2359ca0d370Smanashsarma    ${user_account}=  Redfishtool Get  /redfish/v1/AccountService/Accounts/${user_name}
2369ca0d370Smanashsarma    ${json_obj}=   Evaluate  json.loads('''${user_account}''')  json
2379ca0d370Smanashsarma    Should Be equal  "${json_obj["RoleId"]}"  ${role}
2389ca0d370Smanashsarma
2399ca0d370Smanashsarma
2409ca0d370SmanashsarmaRedfishtool Verify User Name Exists
2419ca0d370Smanashsarma    [Documentation]  Verify user name exists.
2429ca0d370Smanashsarma    [Arguments]  ${user_name}
2439ca0d370Smanashsarma
2449ca0d370Smanashsarma    # Description of argument(s):
2459ca0d370Smanashsarma    # user_name  The user name (e.g. "test", "robert", etc.).
2469ca0d370Smanashsarma
2479ca0d370Smanashsarma    ${status}=  Run Keyword And Return Status  redfishtool Get
2489ca0d370Smanashsarma    ...  /redfish/v1/AccountService/Accounts/${user_name}
2499ca0d370Smanashsarma
250409df05dSGeorge Keishing    RETURN  ${status}
2519ca0d370Smanashsarma
2529ca0d370Smanashsarma
2539ca0d370SmanashsarmaSuite Setup Execution
2549ca0d370Smanashsarma    [Documentation]  Do suite setup execution.
2559ca0d370Smanashsarma
2569ca0d370Smanashsarma    ${tool_exist}=  Run  which redfishtool
2579ca0d370Smanashsarma    Should Not Be Empty  ${tool_exist}
258