1*** Settings *** 2 3 4Documentation Suite to test local user management. 5 6Library OperatingSystem 7Library String 8Library Collections 9 10Resource ../../lib/resource.robot 11Resource ../../lib/bmc_redfish_resource.robot 12Resource ../../lib/openbmc_ffdc.robot 13Resource ../../lib/certificate_utils.robot 14Resource ../../lib/dmtf_redfishtool_utils.robot 15 16Suite Setup Suite Setup Execution 17 18 19*** Variables *** 20 21${root_cmd_args} = SEPARATOR= 22... redfishtool raw -r ${OPENBMC_HOST}:${HTTPS_PORT} -u ${OPENBMC_USERNAME} -p ${OPENBMC_PASSWORD} -S Always 23 24 25*** Test Cases *** 26 27Verify Redfishtool Create Users 28 [Documentation] Create user via Redfishtool and verify. 29 [Tags] Verify_Redfishtool_Create_Users 30 [Teardown] Redfishtool Delete User "UserT100" 31 32 Redfishtool Create User "UserT100" "TestPwd123" "Operator" true 33 Redfishtool Verify User "UserT100" "Operator" 34 35 36Verify Redfishtool Modify Users 37 [Documentation] Modify user via Redfishtool and verify. 38 [Tags] Verify_Redfishtool_Modify_Users 39 [Teardown] Redfishtool Delete User "UserT100" 40 41 Redfishtool Create User "UserT100" "TestPwd123" "Operator" true 42 Redfishtool Update User Role "UserT100" "Administrator" 43 Redfishtool Verify User "UserT100" "Administrator" 44 45 46Verify Redfishtool Delete Users 47 [Documentation] Delete user via Redfishtool and verify. 48 [Tags] Verify_Redfishtool_Delete_Users 49 50 Redfishtool Create User "UserT100" "TestPwd123" "Operator" true 51 Redfishtool Delete User "UserT100" 52 ${status}= Redfishtool Verify User Name Exists "UserT100" 53 Should Be True ${status} == False 54 55 56Verify Redfishtool Login With Deleted Redfish Users 57 [Documentation] Verify login with deleted user via Redfishtool. 58 [Tags] Verify_Redfishtool_Login_With_Deleted_Redfish_Users 59 60 Redfishtool Create User "UserT100" "TestPwd123" "Operator" true 61 Redfishtool Delete User "UserT100" 62 Redfishtool Access Resource /redfish/v1/AccountService/Accounts "UserT100" "TestPwd123" 63 ... ${HTTP_UNAUTHORIZED} 64 65 66Verify Redfishtool Error Upon Creating Same Users With Different Privileges 67 [Documentation] Verify error upon creating same users with different privileges. 68 [Tags] Verify_Redfishtool_Error_Upon_Creating_Same_Users_With_Different_Privileges 69 [Teardown] Redfishtool Delete User "UserT100" 70 71 Redfishtool Create User "UserT100" "TestPwd123" "Operator" true 72 Redfishtool Create User "UserT100" "TestPwd123" "Administrator" true 73 ... expected_error=${HTTP_BAD_REQUEST} 74 75 76Verify Redfishtool Admin User Privilege 77 [Documentation] Verify privilege of admin user. 78 [Tags] Verify_Redfishtool_Admin_User_Privilege 79 [Teardown] Run Keywords Redfishtool Delete User "UserT100" AND 80 ... Redfishtool Delete User "UserT101" 81 82 Redfishtool Create User "UserT100" "TestPwd123" "Administrator" true 83 84 # Verify if a user can be added by admin 85 Redfishtool Create User "UserT101" "TestPwd123" "Operator" true "UserT100" "TestPwd123" 86 87 88Verify Redfishtool ReadOnly User Privilege 89 [Documentation] Verify Redfishtool ReadOnly user privilege works. 90 [Tags] Verify_Redfishtool_ReadOnly_User_Privilege 91 [Teardown] Redfishtool Delete User "UserT100" 92 93 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true 94 Redfishtool Access Resource /redfish/v1/Systems/ "UserT100" "TestPwd123" 95 96 Redfishtool Create User 97 ... "UserT101" "TestPwd123" "Operator" true "UserT100" "TestPwd123" ${HTTP_FORBIDDEN} 98 99 100Verify Redfishtool Operator User Privilege 101 [Documentation] Verify that an operator user is able to perform operator privilege 102 ... task(e.g. create user, delete user). 103 [Tags] Verify_Redfishtool_Operator_User_Privilege 104 [Teardown] Redfishtool Delete User "UserT100" 105 106 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true 107 Redfishtool Access Resource /redfish/v1/Systems/ "UserT100" "TestPwd123" 108 109 Redfishtool Create User 110 ... "UserT101" "TestPwd123" "Operator" true "UserT100" "TestPwd123" ${HTTP_FORBIDDEN} 111 112 113Verify Error While Creating User With Invalid Role 114 [Documentation] Verify error while creating a user with invalid role using Redfishtool. 115 [Tags] Verify_Error_While_Creating_User_With_Invalid_Role 116 [Teardown] Redfishtool Delete User "UserT100" ${HTTP_NOT_FOUND} 117 118 Redfishtool Create User "UserT100" "TestPwd123" "wrongroleid" true expected_error=${HTTP_BAD_REQUEST} 119 120 121Verify Minimum Password Length For Redfish User 122 [Documentation] Verify minimum password length of eight characters for new and existing user. 123 [Tags] Verify_Minimum_Password_Length_For_Redfish_User 124 [Teardown] Redfishtool Delete User "UserT100" 125 126 Redfishtool Create User "UserT100" "TestPwd" "Operator" true expected_error=${HTTP_BAD_REQUEST} 127 Redfishtool Create User "UserT100" "TestPwd1" "Operator" true 128 129 130Verify Create User Without Enabling 131 [Documentation] Create a user without enabling it and verify that it does not have access. 132 [Tags] Verify_Create_User_Without_Enabling 133 [Teardown] Redfishtool Delete User "UserT100" 134 135 Redfishtool Create User "UserT100" "TestPwd123" "Operator" false 136 Redfishtool Access Resource /redfish/v1/AccountService/Accounts "UserT100" "TestPwd123" 137 ... ${HTTP_UNAUTHORIZED} 138 139 140Verify Error While Running Redfishtool With Incorrect Password 141 [Documentation] Verify error while running redfishtool with incorrect Password. 142 [Tags] Verify_Error_While_Running_Redfishtool_With_Incorrect_Password 143 [Teardown] Redfishtool Delete User "UserT100" 144 145 Redfishtool Create User "UserT100" "TestPwd123" "Administrator" true 146 Redfishtool Access Resource /redfish/v1/Systems/ "UserT100" "TestPwd234" ${HTTP_UNAUTHORIZED} 147 148*** Keywords *** 149 150 151Redfishtool Access Resource 152 [Documentation] Access resource. 153 [Arguments] ${uri} ${login_user} ${login_pasword} ${expected_error}=200 154 155 # Description of argument(s): 156 # uri URI for resource access. 157 # login_user The login user name used other than default root user. 158 # login_pasword The login password. 159 # expected_error Expected error optionally provided in testcase (e.g. 401 / 160 # authentication error, etc. ) 161 162 ${user_cmd_args}= Set Variable 163 ... redfishtool raw -r ${OPENBMC_HOST} -u ${login_user} -p ${login_pasword} -S Always 164 Redfishtool Get ${uri} ${user_cmd_args} ${expected_error} 165 166 167Redfishtool Create User 168 [Documentation] Create new user. 169 [Arguments] ${user_name} ${password} ${roleId} ${enable} ${login_user}="" ${login_pasword}="" 170 ... ${expected_error}=200 171 172 # Description of argument(s): 173 # user_name The user name (e.g. "test", "robert", etc.). 174 # password The user password (e.g. "0penBmc", "0penBmc1", etc.). 175 # roleId The role of user (e.g. "Administrator", "Operator", etc.). 176 # enable Enabled attribute of (e.g. true or false). 177 # expected_error Expected error optionally provided in testcase (e.g. 401 / 178 # authentication error, etc. ) 179 180 ${user_cmd_args}= Set Variable 181 ... redfishtool raw -r ${OPENBMC_HOST} -u ${login_user} -p ${login_pasword} -S Always 182 ${data}= Set Variable 183 ... '{"UserName":${user_name},"Password":${password},"RoleId":${roleId},"Enabled":${enable}}' 184 Run Keyword If ${login_user} == "" 185 ... Redfishtool Post ${data} /redfish/v1/AccountService/Accounts ${root_cmd_args} ${expected_error} 186 ... ELSE 187 ... Redfishtool Post ${data} /redfish/v1/AccountService/Accounts ${user_cmd_args} ${expected_error} 188 189 190Redfishtool Update User Role 191 [Documentation] Update user role. 192 [Arguments] ${user_name} ${newRole} ${login_user}="" ${login_pasword}="" 193 ... ${expected_error}=200 194 195 # Description of argument(s): 196 # user_name The user name (e.g. "test", "robert", etc.). 197 # newRole The new role of user (e.g. "Administrator", "Operator", etc.). 198 # login_user The login user name used other than default root user. 199 # login_pasword The login password. 200 # expected_error Expected error optionally provided in testcase (e.g. 401 / 201 # authentication error, etc. ) 202 203 ${user_cmd_args}= Set Variable 204 ... redfishtool raw -r ${OPENBMC_HOST} -u ${login_user} -p ${login_pasword} -S Always 205 Run Keyword If ${login_user} == "" 206 ... Redfishtool Patch '{"RoleId":${newRole}}' 207 ... /redfish/v1/AccountService/Accounts/${user_name} ${root_cmd_args} ${expected_error} 208 ... ELSE 209 ... Redfishtool Patch '{"RoleId":${newRole}}' 210 ... /redfish/v1/AccountService/Accounts/${user_name} ${user_cmd_args} ${expected_error} 211 212 213Redfishtool Delete User 214 [Documentation] Delete a user. 215 [Arguments] ${user_name} ${expected_error}=200 216 217 # Description of argument(s): 218 # user_name The user name (e.g. "test", "robert", etc.). 219 # expected_error Expected error optionally provided in testcase (e.g. 401 / 220 # authentication error, etc. ). 221 222 Redfishtool Delete /redfish/v1/AccountService/Accounts/${user_name} 223 ... ${root_cmd_args} ${expected_error} 224 225 226Redfishtool Verify User 227 [Documentation] Verify role of the user. 228 [Arguments] ${user_name} ${role} 229 230 # Description of argument(s): 231 # user_name The user name (e.g. "test", "robert", etc.). 232 # role The new role of user (e.g. "Administrator", "Operator", etc.). 233 234 ${user_account}= Redfishtool Get /redfish/v1/AccountService/Accounts/${user_name} 235 ${json_obj}= Evaluate json.loads('''${user_account}''') json 236 Should Be equal "${json_obj["RoleId"]}" ${role} 237 238 239Redfishtool Verify User Name Exists 240 [Documentation] Verify user name exists. 241 [Arguments] ${user_name} 242 243 # Description of argument(s): 244 # user_name The user name (e.g. "test", "robert", etc.). 245 246 ${status}= Run Keyword And Return Status redfishtool Get 247 ... /redfish/v1/AccountService/Accounts/${user_name} 248 249 [return] ${status} 250 251 252Redfishtool GetAttribute 253 [Documentation] Execute redfishtool for GET operation. 254 [Arguments] ${uri} ${Attribute} ${cmd_args}=${root_cmd_args} ${expected_error}="" 255 256 # Description of argument(s): 257 # uri URI for GET operation (e.g. /redfish/v1/AccountService/Accounts/). 258 # Attribute The specific attribute to be retrieved with the URI. 259 # cmd_args Commandline arguments. 260 # expected_error Expected error optionally provided in testcase (e.g. 401 / 261 # authentication error, etc. ). 262 263 ${rc} ${cmd_output}= Run and Return RC and Output ${cmd_args} GET ${uri} 264 Run Keyword If ${rc} != 0 Is HTTP error Expected ${cmd_output} ${expected_error} 265 ${json_object}= To JSON ${cmd_output} 266 267 [Return] ${json_object["${Attribute}"]} 268 269 270Suite Setup Execution 271 [Documentation] Do suite setup execution. 272 273 ${tool_exist}= Run which redfishtool 274 Should Not Be Empty ${tool_exist} 275