blob: 1bd261b394231756919e536ed2d3c8c4bd5c550d [file] [log] [blame]
*** Settings ***
Documentation Test root user expire password.
Resource ../lib/resource.robot
Resource ../lib/bmc_redfish_resource.robot
Resource ../lib/ipmi_client.robot
Library ../lib/bmc_ssh_utils.py
Library SSHLibrary
Suite Setup Suite Setup Execution
Suite Teardown Suite Teardown Execution
Test Teardown Test Teardown Execution
*** Test Cases ***
Expire Root Password And Check IPMI Access Fails
[Documentation] Expire root user password and expect an error while access via IPMI.
[Tags] Expire_Root_Password_And_Check_IPMI_Access_Fails
Open Connection And Log In ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD}
${output} ${stderr} ${rc}= BMC Execute Command passwd --expire ${OPENBMC_USERNAME}
Should Contain ${output} password expiry information changed
${status}= Run Keyword And Return Status Run External IPMI Standard Command lan print -v
Should Be Equal ${status} ${False}
Expire Root Password And Check SSH Access Fails
[Documentation] Expire root user password and expect an error while access via SSH.
[Tags] Expire_Root_Password_And_Check_SSH_Access_Fails
Open Connection And Log In ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD}
${output} ${stderr} ${rc}= BMC Execute Command passwd --expire ${OPENBMC_USERNAME}
Should Contain ${output} password expiry information changed
${status}= Run Keyword And Return Status
... Open Connection And Log In ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD}
Should Be Equal ${status} ${False}
Expire And Change Root User Password And Access Via SSH
[Documentation] Expire and change root user password and access via SSH.
[Tags] Expire_Root_User_Password_And_Access_Via_SSH
[Teardown] Run Keywords Wait Until Keyword Succeeds 1 min 10 sec
... Restore Default Password For Root User AND FFDC On Test Case Fail
Open Connection And Log In ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD}
${output} ${stderr} ${rc}= BMC Execute Command passwd --expire ${OPENBMC_USERNAME}
Should Contain ${output} password expiry information changed
Redfish.Login
# Change to a valid password.
${resp}= Redfish.Patch /redfish/v1/AccountService/Accounts/${OPENBMC_USERNAME}
... body={'Password': '0penBmc123'} valid_status_codes=[${HTTP_OK}]
# Verify login with the new password through SSH.
Open Connection And Log In ${OPENBMC_USERNAME} 0penBmc123
Expire Root Password And Update Bad Password Length Via Redfish
[Documentation] Expire root password and update bad password via Redfish and expect an error.
[Tags] Expire_Root_Password_And_Update_Bad_Password_Length_Via_Redfish
[Teardown] Run Keywords Wait Until Keyword Succeeds 1 min 10 sec
... Restore Default Password For Root User AND FFDC On Test Case Fail
Open Connection And Log In ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD}
${output} ${stderr} ${rc}= BMC Execute Command passwd --expire ${OPENBMC_USERNAME}
Should Contain ${output} password expiry information changed
Redfish.Login
${status}= Run Keyword And Return Status
... Redfish.Patch /redfish/v1/AccountService/Accounts/${OPENBMC_USERNAME}
... body={'Password': '0penBmc0penBmc0penBmc'}
Should Be Equal ${status} ${False}
Expire And Change Root User Password Via Redfish And Verify
[Documentation] Expire and change root user password via Redfish and verify.
[Tags] Expire_And_Change_Root_User_Password_Via_Redfish_And_Verify
[Teardown] Run Keywords FFDC On Test Case Fail AND
... Wait Until Keyword Succeeds 1 min 10 sec
... Restore Default Password For Root User
Open Connection And Log In ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD}
${output} ${stderr} ${rc}= BMC Execute Command passwd --expire ${OPENBMC_USERNAME}
Should Contain ${output} password expiry information changed
Redfish.Login
Verify Root Password Expired
# Change to a valid password.
Redfish.Patch /redfish/v1/AccountService/Accounts/${OPENBMC_USERNAME}
... body={'Password': '0penBmc123'}
Redfish.Logout
# Verify login with the new password.
Redfish.Login ${OPENBMC_USERNAME} 0penBmc123
Verify Error While Creating User With Expired Password
[Documentation] Expire root password and expect an error while creating new user.
[Tags] Verify_Error_While_Creating_User_With_Expired_Password
[Teardown] Run Keywords Wait Until Keyword Succeeds 1 min 10 sec
... Restore Default Password For Root User AND FFDC On Test Case Fail
Open Connection And Log In ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD}
${output} ${stderr} ${rc}= BMC Execute Command passwd --expire ${OPENBMC_USERNAME}
Should Contain ${output} password expiry information changed
Verify Root Password Expired
Redfish.Login
${payload}= Create Dictionary
... UserName=admin_user Password=TestPwd123 RoleId=Administrator Enabled=${True}
Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload}
... valid_status_codes=[${HTTP_FORBIDDEN}]
*** Keywords ***
Suite Setup Execution
[Documentation] Suite setup execution.
Redfish.login
Redfish.Patch /redfish/v1/AccountService/ body={"AccountLockoutThreshold": 0}
Valid Length OPENBMC_PASSWORD min_length=8
Redfish.Logout
Restore Default Password For Root User
[Documentation] Restore default password for root user (i.e. 0penBmc).
# Set default password for root user.
Redfish.Patch /redfish/v1/AccountService/Accounts/${OPENBMC_USERNAME}
... body={'Password': '${OPENBMC_PASSWORD}'} valid_status_codes=[${HTTP_OK}]
# Verify that root user is able to run Redfish command using default password.
Redfish.Logout
Test Teardown Execution
[Documentation] Do test teardown task.
Redfish.Login
Wait Until Keyword Succeeds 1 min 10 sec Restore Default Password For Root User
FFDC On Test Case Fail
Suite Teardown Execution
[Documentation] Do suite teardown task.
Redfish.login
Redfish.Patch /redfish/v1/AccountService/ body={"AccountLockoutThreshold": 5}
Redfish.Logout
Verify Root Password Expired
[Documentation] Checking whether root password expired or not.
Create Session openbmc ${AUTH_URI}
${headers}= Create Dictionary Content-Type=application/json
@{credentials}= Create List ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD}
${data}= Create Dictionary data=@{credentials}
${resp}= Post Request openbmc /login data=${data} headers=${headers}
${json}= To JSON ${resp.content}
Should Contain ${json["extendedMessage"]} POST the new password