1*** Settings *** 2 3 4Documentation Suite to test local user management. 5 6Library OperatingSystem 7Library String 8Library Collections 9 10Resource ../../lib/resource.robot 11Resource ../../lib/bmc_redfish_resource.robot 12Resource ../../lib/openbmc_ffdc.robot 13Resource ../../lib/certificate_utils.robot 14Resource ../../lib/dmtf_redfishtool_utils.robot 15 16Suite Setup Suite Setup Execution 17 18 19*** Variables *** 20 21${root_cmd_args} = SEPARATOR= 22... redfishtool raw -r ${OPENBMC_HOST}:${HTTPS_PORT} -u ${OPENBMC_USERNAME} -p ${OPENBMC_PASSWORD} -S Always 23 24 25*** Test Cases *** 26 27Verify Redfishtool Create Users 28 [Documentation] Create user via Redfishtool and verify. 29 [Tags] Verify_Redfishtool_Create_Users 30 [Teardown] Redfishtool Delete User "UserT100" 31 32 Redfishtool Create User "UserT100" "TestPwd123" "Operator" true 33 Redfishtool Verify User "UserT100" "Operator" 34 35 36Verify Redfishtool Modify Users 37 [Documentation] Modify user via Redfishtool and verify. 38 [Tags] Verify_Redfishtool_Modify_Users 39 [Teardown] Redfishtool Delete User "UserT100" 40 41 Redfishtool Create User "UserT100" "TestPwd123" "Operator" true 42 Redfishtool Update User Role "UserT100" "Administrator" 43 Redfishtool Verify User "UserT100" "Administrator" 44 45 46Verify Redfishtool Delete Users 47 [Documentation] Delete user via Redfishtool and verify. 48 [Tags] Verify_Redfishtool_Delete_Users 49 50 Redfishtool Create User "UserT100" "TestPwd123" "Operator" true 51 Redfishtool Delete User "UserT100" 52 ${status}= Redfishtool Verify User Name Exists "UserT100" 53 Should Be True ${status} == False 54 55 56Verify Redfishtool Login With Deleted Redfish Users 57 [Documentation] Verify login with deleted user via Redfishtool. 58 [Tags] Verify_Redfishtool_Login_With_Deleted_Redfish_Users 59 60 Redfishtool Create User "UserT100" "TestPwd123" "Operator" true 61 Redfishtool Delete User "UserT100" 62 Redfishtool Access Resource /redfish/v1/AccountService/Accounts "UserT100" "TestPwd123" 63 ... ${HTTP_UNAUTHORIZED} 64 65 66Verify Redfishtool Error Upon Creating Same Users With Different Privileges 67 [Documentation] Verify error upon creating same users with different privileges. 68 [Tags] Verify_Redfishtool_Error_Upon_Creating_Same_Users_With_Different_Privileges 69 [Teardown] Redfishtool Delete User "UserT100" 70 71 Redfishtool Create User "UserT100" "TestPwd123" "Operator" true 72 Redfishtool Create User "UserT100" "TestPwd123" "Administrator" true 73 ... expected_error=${HTTP_BAD_REQUEST} 74 75 76Verify Redfishtool Admin User Privilege 77 [Documentation] Verify privilege of admin user. 78 [Tags] Verify_Redfishtool_Admin_User_Privilege 79 [Teardown] Run Keywords Redfishtool Delete User "UserT100" AND 80 ... Redfishtool Delete User "UserT101" 81 82 Redfishtool Create User "UserT100" "TestPwd123" "Administrator" true 83 84 # Verify if an user can be added by admin 85 Redfishtool Create User "UserT101" "TestPwd123" "Operator" true "UserT100" "TestPwd123" 86 87 88Verify Redfishtool ReadOnly User Privilege 89 [Documentation] Verify Redfishtool ReadOnly user privilege works. 90 [Tags] Verify_Redfishtool_ReadOnly_User_Privilege 91 [Teardown] Redfishtool Delete User "UserT100" 92 93 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true 94 Redfishtool Access Resource /redfish/v1/Systems/ "UserT100" "TestPwd123" 95 96 Redfishtool Create User 97 ... "UserT101" "TestPwd123" "Operator" true "UserT100" "TestPwd123" ${HTTP_FORBIDDEN} 98 99 100Verify Redfishtool Operator User Privilege 101 [Documentation] Verify that an operator user is able to perform operator privilege 102 ... task(e.g. create user, delete user). 103 [Tags] Verify_Redfishtool_Operator_User_Privilege 104 [Teardown] Redfishtool Delete User "UserT100" 105 106 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true 107 Redfishtool Access Resource /redfish/v1/Systems/ "UserT100" "TestPwd123" 108 109 Redfishtool Create User 110 ... "UserT101" "TestPwd123" "Operator" true "UserT100" "TestPwd123" ${HTTP_FORBIDDEN} 111 112 113Verify Error While Creating User With Invalid Role 114 [Documentation] Verify error while creating a user with invalid role using Redfishtool. 115 [Tags] Verify_Error_While_Creating_User_With_Invalid_Role 116 [Teardown] Redfishtool Delete User "UserT100" ${HTTP_NOT_FOUND} 117 118 Redfishtool Create User "UserT100" "TestPwd123" "wrongroleid" true expected_error=${HTTP_BAD_REQUEST} 119 120 121Verify Minimum Password Length For Redfish User 122 [Documentation] Verify minimum password length of eight characters for new and existing user. 123 [Tags] Verify_Minimum_Password_Length_For_Redfish_User 124 [Teardown] Redfishtool Delete User "UserT100" 125 126 Redfishtool Create User "UserT100" "TestPwd" "Operator" true expected_error=${HTTP_BAD_REQUEST} 127 Redfishtool Create User "UserT100" "TestPwd1" "Operator" true 128 129 130Verify Create User Without Enabling 131 [Documentation] Create an user without enabling it and verify that it does not have access. 132 [Teardown] Redfishtool Delete User "UserT100" 133 134 Redfishtool Create User "UserT100" "TestPwd123" "Operator" false 135 Redfishtool Access Resource /redfish/v1/AccountService/Accounts "UserT100" "TestPwd123" 136 ... ${HTTP_UNAUTHORIZED} 137 138 139Verify Error While Running Redfishtool With Incorrect Password 140 [Documentation] Verify error while running redfishtool with incorrect Password. 141 [Tags] Verify_Error_While_Running_Redfishtool_With_Incorrect_Password 142 [Teardown] Redfishtool Delete User "UserT100" 143 144 Redfishtool Create User "UserT100" "TestPwd123" "Administrator" true 145 Redfishtool Access Resource /redfish/v1/Systems/ "UserT100" "TestPwd234" ${HTTP_UNAUTHORIZED} 146 147*** Keywords *** 148 149 150Redfishtool Access Resource 151 [Documentation] Access resource. 152 [Arguments] ${uri} ${login_user} ${login_pasword} ${expected_error}=200 153 154 # Description of argument(s): 155 # uri URI for resource access. 156 # login_user The login user name used other than default root user. 157 # login_pasword The login password. 158 # expected_error Expected error optionally provided in testcase (e.g. 401 / 159 # authentication error, etc. ) 160 161 ${user_cmd_args}= Set Variable 162 ... redfishtool raw -r ${OPENBMC_HOST} -u ${login_user} -p ${login_pasword} -S Always 163 Redfishtool Get ${uri} ${user_cmd_args} ${expected_error} 164 165 166Redfishtool Create User 167 [Documentation] Create new user. 168 [Arguments] ${user_name} ${password} ${roleID} ${enable} ${login_user}="" ${login_pasword}="" 169 ... ${expected_error}=200 170 171 # Description of argument(s): 172 # user_name The user name (e.g. "test", "robert", etc.). 173 # password The user password (e.g. "0penBmc", "0penBmc1", etc.). 174 # roleID The role of user (e.g. "Administrator", "Operator", etc.). 175 # enable Enabled attribute of (e.g. true or false). 176 # expected_error Expected error optionally provided in testcase (e.g. 401 / 177 # authentication error, etc. ) 178 179 ${user_cmd_args}= Set Variable 180 ... redfishtool raw -r ${OPENBMC_HOST} -u ${login_user} -p ${login_pasword} -S Always 181 ${data}= Set Variable 182 ... '{"UserName":${user_name},"Password":${password},"RoleId":${roleId},"Enabled":${enable}}' 183 Run Keyword If ${login_user} == "" 184 ... Redfishtool Post ${data} /redfish/v1/AccountService/Accounts ${root_cmd_args} ${expected_error} 185 ... ELSE 186 ... Redfishtool Post ${data} /redfish/v1/AccountService/Accounts ${user_cmd_args} ${expected_error} 187 188 189Redfishtool Update User Role 190 [Documentation] Update user role. 191 [Arguments] ${user_name} ${newRole} ${login_user}="" ${login_pasword}="" 192 ... ${expected_error}=200 193 194 # Description of argument(s): 195 # user_name The user name (e.g. "test", "robert", etc.). 196 # newRole The new role of user (e.g. "Administrator", "Operator", etc.). 197 # login_user The login user name used other than default root user. 198 # login_pasword The login password. 199 # expected_error Expected error optionally provided in testcase (e.g. 401 / 200 # authentication error, etc. ) 201 202 ${user_cmd_args}= Set Variable 203 ... redfishtool raw -r ${OPENBMC_HOST} -u ${login_user} -p ${login_pasword} -S Always 204 Run Keyword If ${login_user} == "" 205 ... Redfishtool Patch '{"RoleId":${newRole}}' 206 ... /redfish/v1/AccountService/Accounts/${user_name} ${root_cmd_args} ${expected_error} 207 ... ELSE 208 ... Redfishtool Patch '{"RoleId":${newRole}}' 209 ... /redfish/v1/AccountService/Accounts/${user_name} ${user_cmd_args} ${expected_error} 210 211 212Redfishtool Delete User 213 [Documentation] Delete an user. 214 [Arguments] ${user_name} ${expected_error}=200 215 216 # Description of argument(s): 217 # user_name The user name (e.g. "test", "robert", etc.). 218 # expected_error Expected error optionally provided in testcase (e.g. 401 / 219 # authentication error, etc. ). 220 221 Redfishtool Delete /redfish/v1/AccountService/Accounts/${user_name} 222 ... ${root_cmd_args} ${expected_error} 223 224 225Redfishtool Verify User 226 [Documentation] Verify role of the user. 227 [Arguments] ${user_name} ${role} 228 229 # Description of argument(s): 230 # user_name The user name (e.g. "test", "robert", etc.). 231 # role The new role of user (e.g. "Administrator", "Operator", etc.). 232 233 ${user_account}= Redfishtool Get /redfish/v1/AccountService/Accounts/${user_name} 234 ${json_obj}= Evaluate json.loads('''${user_account}''') json 235 Should Be equal "${json_obj["RoleId"]}" ${role} 236 237 238Redfishtool Verify User Name Exists 239 [Documentation] Verify user name exists. 240 [Arguments] ${user_name} 241 242 # Description of argument(s): 243 # user_name The user name (e.g. "test", "robert", etc.). 244 245 ${status}= Run Keyword And Return Status redfishtool Get 246 ... /redfish/v1/AccountService/Accounts/${user_name} 247 248 [return] ${status} 249 250 251Redfishtool GetAttribute 252 [Documentation] Execute redfishtool for GET operation. 253 [Arguments] ${uri} ${Attribute} ${cmd_args}=${root_cmd_args} ${expected_error}="" 254 255 # Description of argument(s): 256 # uri URI for GET operation (e.g. /redfish/v1/AccountService/Accounts/). 257 # Attribute The specific attribute to be retrieved with the URI. 258 # cmd_args Commandline arguments. 259 # expected_error Expected error optionally provided in testcase (e.g. 401 / 260 # authentication error, etc. ). 261 262 ${rc} ${cmd_output}= Run and Return RC and Output ${cmd_args} GET ${uri} 263 Run Keyword If ${rc} != 0 Is HTTP error Expected ${cmd_output} ${expected_error} 264 ${json_object}= To JSON ${cmd_output} 265 266 [Return] ${json_object["${Attribute}"]} 267 268 269Suite Setup Execution 270 [Documentation] Do suite setup execution. 271 272 ${tool_exist}= Run which redfishtool 273 Should Not Be Empty ${tool_exist} 274