Modified Testcases for NoAccess Userrole, Power operation and Added Global Variables
Changes made to verify Redfish login would not
succeed for LDAP user with "NoAccess" user role.
Added Host power On/Off operation for in below testcases.
Update LDAP User Role And Host Poweron
Update LDAP User Role And Host Poweroff
Above testcase will check power operation for each ldap userrole,
After verifying the power operation, adding power on/off to get
back the host state as so, next userrole will verify the host power on/off.
Added LDAP global variables like ldap server uri,group privilege,
group name which are used to create ldap user, in resource.robot file.
Modified Administrator as default value for old_ldap_privilege in script file.
Tested Run robot redfish/account_service/test_ldap_configuration.robot
Signed-off-by: Nagarjun B <nagarjunb@ami.com>
Change-Id: I2544da73cd190859315b74b06688ce193e061fdd
diff --git a/lib/resource.robot b/lib/resource.robot
index 121defe..9a023ce 100755
--- a/lib/resource.robot
+++ b/lib/resource.robot
@@ -145,6 +145,9 @@
${LDAP_TYPE} ${EMPTY}
${LDAP_USER} ${EMPTY}
${LDAP_USER_PASSWORD} ${EMPTY}
+${GROUP_PRIVILEGE} ${EMPTY}
+${GROUP_NAME} ${EMPTY}
+${LDAP_SERVER_URI} ldap://${LDAP_SERVER_HOST}
# General tool variables
# FFDC_DEFAULT == 1; use Default FFDC methods
diff --git a/redfish/account_service/test_ldap_configuration.robot b/redfish/account_service/test_ldap_configuration.robot
index 510a325..9559b82 100644
--- a/redfish/account_service/test_ldap_configuration.robot
+++ b/redfish/account_service/test_ldap_configuration.robot
@@ -16,7 +16,7 @@
Force Tags LDAP_Test
*** Variables ***
-${old_ldap_privilege} ${EMPTY}
+${old_ldap_privilege} Administrator
&{old_account_service} &{EMPTY}
&{old_ldap_config} &{EMPTY}
${hostname} ${EMPTY}
@@ -550,8 +550,9 @@
[Documentation] Update LDAP config and verify by attempting to set host name.
[Arguments] ${group_name} ${group_privilege}=Administrator
... ${valid_status_codes}=[${HTTP_OK}]
- [Teardown] Run Keywords Redfish.Logout AND Redfish.Login
-
+ [Teardown] Run Keyword If '${group_privilege}'=='NoAccess' Redfish.Login
+ ... ELSE Run Keywords Redfish.Logout AND Redfish.Login
+
# Description of argument(s):
# group_name The group name of user.
# group_privilege The group privilege ("Administrator",
@@ -562,12 +563,21 @@
# method in redfish_plut.py for details.
Update LDAP Configuration with LDAP User Role And Group ${LDAP_TYPE}
... ${group_privilege} ${group_name}
+
+ Run Keyword If '${group_privilege}'=='NoAccess'
+ ... Run Keyword And Return Verify Redfish Login for LDAP Userrole NoAccess
+
Redfish.Login ${LDAP_USER} ${LDAP_USER_PASSWORD}
# Verify that the LDAP user in ${group_name} with the given privilege is
# allowed to change the hostname.
Redfish.Patch ${REDFISH_NW_ETH0_URI} body={'HostName': '${hostname}'}
... valid_status_codes=${valid_status_codes}
+Verify Redfish Login for LDAP Userrole NoAccess
+ [Documentation] Verify Redfish login should not be able to login for LDAP Userrole NoAccess.
+
+ ${status}= Run Keyword And Return Status Redfish.Login ${LDAP_USER} ${LDAP_USER_PASSWORD}
+ Valid Value status [${False}]
Disable Other LDAP
[Documentation] Disable other LDAP configuration.
@@ -632,7 +642,6 @@
Redfish.Login
# Call 'Get LDAP Configuration' to verify that LDAP configuration exists.
Get LDAP Configuration ${LDAP_TYPE}
- ${old_ldap_privilege}= Get LDAP Privilege
Set Suite Variable ${old_ldap_privilege}
Disable Other LDAP
Create LDAP Configuration
@@ -715,7 +724,8 @@
Restore LDAP Privilege
[Documentation] Restore the LDAP privilege to its original value.
-
+
+ Redfish.Login
Return From Keyword If '${old_ldap_privilege}' == '${EMPTY}' or '${old_ldap_privilege}' == '[]'
# Log back in to restore the original privilege.
Update LDAP Configuration with LDAP User Role And Group ${LDAP_TYPE}
@@ -723,6 +733,15 @@
Sleep 18s
+Verify Host Power Status
+ [Documentation] Verify the Host power status and do host power on/off respectively.
+ [Arguments] ${expected_power_status}
+
+ ${power_status}= Redfish.Get Attribute /redfish/v1/Chassis/${CHASSIS_ID} PowerState
+ Return From Keyword If '${power_status}' == '${expected_power_status}'
+
+ Run Keyword If '${power_status}' == 'Off' Redfish Power On
+ ... ELSE Redfish Power Off
Update LDAP User Role And Host Poweroff
[Documentation] Update LDAP user role and do host poweroff.
@@ -735,6 +754,9 @@
# group_name The group name of user.
# valid_status_code The expected valid status code.
+ # check Host state and do the power on/off if needed.
+ Verify Host Power Status On
+
Update LDAP Configuration with LDAP User Role And Group ${ldap_type}
... ${group_privilege} ${group_name}
@@ -743,7 +765,6 @@
Redfish.Post ${REDFISH_POWER_URI}
... body={'ResetType': 'ForceOff'} valid_status_codes=[${valid_status_code}]
-
Update LDAP User Role And Host Poweron
[Documentation] Update LDAP user role and do host poweron.
[Arguments] ${ldap_type} ${group_privilege} ${group_name} ${valid_status_code}
@@ -755,6 +776,9 @@
# group_name The group name of user.
# valid_status_code The expected valid status code.
+ # check Host state and do the power on/off if needed.
+ Verify Host Power Status Off
+
Update LDAP Configuration with LDAP User Role And Group ${ldap_type}
... ${group_privilege} ${group_name}