LDAP server type search scope binddn password related test cases
- Verify LDAP Server Type Is Set.
- Verify LDAP Search Scope Is Set.
- Verify LDAP Binddn Password Is Set.
- Used REST call instead of BMC execute command.
- Removed test case "Verify LDAP Secure Mode Is Set" not required anymore.
Change-Id: I013b796fdfeb120cbbef269ac49b5c06b99e3f8b
Signed-off-by: Sivas SRR <sivas.srr@in.ibm.com>
Signed-off-by: George Keishing <gkeishin@in.ibm.com>
diff --git a/data/variables.py b/data/variables.py
index 8c9ce19..a435df3 100755
--- a/data/variables.py
+++ b/data/variables.py
@@ -133,6 +133,9 @@
# User manager variable.
BMC_USER_URI = OPENBMC_BASE_URI + 'user/'
+# LDAP User manager variable.
+BMC_LDAP_URI = BMC_USER_URI + 'ldap'
+
# The path on the BMC where signed keys are stored.
ACTIVATION_DIR_PATH = "/etc/activationdata/"
diff --git a/tests_ldap/test_user_ldap_management.robot b/tests_ldap/test_user_ldap_management.robot
index 59957ad..13828bb 100644
--- a/tests_ldap/test_user_ldap_management.robot
+++ b/tests_ldap/test_user_ldap_management.robot
@@ -3,6 +3,7 @@
Resource ../lib/rest_client.robot
Resource ../lib/openbmc_ffdc.robot
+Library ../lib/bmc_ssh_utils.py
Suite Setup Suite Setup Execution
Test Teardown FFDC On Test Case Fail
@@ -11,20 +12,19 @@
*** Test Cases ***
-Verify LDAP Client Service Is Running And API Available
+Verify LDAP API Available
[Documentation] Verify LDAP client service is running and API available.
- [Tags] Verify_LDAP_Client_Service_Is_Running_And_API_Available
+ [Tags] Verify_LDAP_API_Available
- Check LDAP Service Running
${resp}= Read Properties ${BMC_LDAP_URI}
- Should Not Be Empty ${resp}
+ Should Be Empty ${resp}
Verify LDAP Config Is Created
[Documentation] Verify LDAP config is created in BMC.
[Tags] Verify_LDAP_Config_Is_Created
- Populate All Attributes for LDAP Config
+ Configure LDAP Server On BMC
Check LDAP Config File Generated
@@ -40,11 +40,13 @@
[Documentation] Verify LDAP user able to login using REST.
[Tags] Verify_LDAP_User_Able_To_Login_Using_REST
- Populate All Attributes for LDAP Config
+ Configure LDAP Server On BMC
Check LDAP Config File Generated
+ Log Out OpenBMC
+ Sleep 60s
# REST Login to BMC with LDAP user and password.
- Initialize OpenBMC OPENBMC_USER=${LDAP_USER}
+ Initialize OpenBMC 60 1 OPENBMC_USER=${LDAP_USER}
... OPENBMC_PASSWORD=${LDAP_USER_PASSWORD}
${bmc_user_uris}= Read Properties ${BMC_USER_URI}list
@@ -55,23 +57,75 @@
[Documentation] Verify LDAP user able to logout using REST.
[Tags] Verify_LDAP_User_Able_To_Logout_Using_REST
- Populate All Attributes for LDAP Config
+ Configure LDAP Server On BMC
+ Sleep 60s
Check LDAP Config File Generated
+ Log Out OpenBMC
+ Sleep 60s
# REST Login to BMC with LDAP user and password.
- Initialize OpenBMC OPENBMC_USER=${LDAP_USER}
+ Initialize OpenBMC 60 1 OPENBMC_USER=${LDAP_USER}
... OPENBMC_PASSWORD=${LDAP_USER_PASSWORD}
# REST Logout from BMC.
Log Out OpenBMC
-Verify LDAP Secure_Mode Is Set
- [Documentation] Verify LDAP Secure Mode is set using REST.
- [Tags] Verify_LDAP_Secure_Mode_Is_Set
- ${ldap_mode}= Create Dictionary data=${False}
- Write Attribute ${BMC_LDAP_URI}/config/attr/LDAPType data=${ldap_mode}
- ... verify=${True} expected_value=${False}
+Verify LDAP Server URI Is Set
+ [Documentation] Verify LDAP Server URI is set using REST.
+ [Tags] Verify_LDAP_Server_URI_Is_Set
+
+ # Example: LDAP URI should be either ldap://<LDAP IP / Hostname> or
+ # ldaps://<LDAP IP / Hostname>
+ Should Contain ${LDAP_SERVER_URI} ldap
+ ${ldap_server}= Create Dictionary data=${LDAP_SERVER_URI}
+ Write Attribute ${BMC_LDAP_URI}/config LDAPServerURI data=${ldap_server}
+ ... verify=${True} expected_value=${LDAP_SERVER_URI}
+
+
+Verify LDAP Server BIND DN Is Set
+ [Documentation] Verify LDAP BIND DN is set using REST.
+ [Tags] Verify_LDAP_Server_BIND_DN_Is_Set
+
+ ${ldap_server_binddn}= Create Dictionary data=${LDAP_BIND_DN}
+ Write Attribute ${BMC_LDAP_URI}/config LDAPBindDN data=${ldap_server_binddn}
+ ... verify=${True} expected_value=${LDAP_BIND_DN}
+
+
+Verify LDAP Server BASE DN Is Set
+ [Documentation] Verify LDAP BASE DN is set using REST.
+ [Tags] Verify_LDAP_Server_BASE_DN_Is_Set
+
+ ${ldap_server_basedn}= Create Dictionary data=${LDAP_BASE_DN}
+ Write Attribute ${BMC_LDAP_URI}/config LDAPBaseDN data=${ldap_server_basedn}
+ ... verify=${True} expected_value=${LDAP_BASE_DN}
+
+
+Verify LDAP Server Type Is Set
+ [Documentation] Verify LDAP server type is set using REST.
+ [Tags] Verify_LDAP_Server_Type_Is_Set
+
+ ${ldap_type}= Create Dictionary data=${LDAP_SERVER_TYPE}
+ Write Attribute ${BMC_LDAP_URI}/config LDAPType data=${ldap_type}
+ ... verify=${True} expected_value=${LDAP_SERVER_TYPE}
+
+
+Verify LDAP Search Scope Is Set
+ [Documentation] Verify LDAP search scope is set using REST.
+ [Tags] Verify_LDAP_Search_Scope_Is_Set
+
+ ${search_scope}= Create Dictionary data=${LDAP_SEARCH_SCOPE}
+ Write Attribute ${BMC_LDAP_URI}/config LDAPSearchScope data=${search_scope}
+ ... verify=${True} expected_value=${LDAP_SEARCH_SCOPE}
+
+
+Verify LDAP Binddn Password Is Set
+ [Documentation] Verify LDAP Binddn password is set using REST.
+ [Tags] Verify_LDAP_Binddn_Password_Is_Set
+
+ ${ldap_binddn_passwd}= Create Dictionary data=${LDAP_BIND_DN_PASSWORD}
+ Write Attribute ${BMC_LDAP_URI}/config LDAPBINDDNpassword data=${ldap_binddn_passwd}
+ ... verify=${True} expected_value=${LDAP_BIND_DN_PASSWORD}
*** Keywords ***
@@ -79,25 +133,26 @@
Suite Setup Execution
[Documentation] Check for LDAP test readiness.
- Should Not Be Empty ${LDAP_SECURE_MODE}
Should Not Be Empty ${LDAP_SERVER_URI}
Should Not Be Empty ${LDAP_BIND_DN}
Should Not Be Empty ${LDAP_BASE_DN}
Should Not Be Empty ${LDAP_BIND_DN_PASSWORD}
Should Not Be Empty ${LDAP_SEARCH_SCOPE}
Should Not Be Empty ${LDAP_SERVER_TYPE}
- Check LDAP Service Running
Check LDAP Service Running
[Documentation] Check LDAP service running in BMC.
BMC Execute Command systemctl | grep -in ldap
-Populate All Attributes for LDAP Config
- [Documentation] Populate all attributes for LDAP configuration.
- @{ldap_parm_list}= Create List xyz.openbmc_project.User.Ldap.Create
- ... ${LDAP_SECURE_MODE} ${LDAP_SERVER_URI} ${LDAP_BIND_DN}
+Configure LDAP Server On BMC
+ [Documentation] Configure LDAP Server On BMC.
+
+ ${LDAP_SECURE_MODE} = Convert To Boolean ${LDAP_SECURE_MODE}
+
+ @{ldap_parm_list}= Create List
+ ... ${LDAP_SERVER_URI} ${LDAP_BIND_DN}
... ${LDAP_BASE_DN} ${LDAP_BIND_DN_PASSWORD} ${LDAP_SEARCH_SCOPE}
... ${LDAP_SERVER_TYPE}
@@ -107,26 +162,36 @@
... ${BMC_LDAP_URI}/action/CreateConfig data=${data}
Should Be Equal As Strings ${resp.status_code} ${HTTP_OK}
+
Check LDAP Config File Generated
[Documentation] Check LDAP file nslcd.conf generated.
[Arguments] ${ldap_server}=${LDAP_SERVER_URI}
- ${ldap_server_config} ${stderr} ${rc}= BMC Execute Command
- ... cat /etc/nslcd.conf
+ # Description of argument(s):
+ # Non-Secured ldap_server Contains ldap server URI eg. (e.g. "ldap://x.x.x.x/").
+ # Secured ldap_server Contains ldap server URI eg. (e.g. "ldaps://x.x.x.x/").
+ ${ldap_server_config}= Read Properties ${BMC_USER_URI}ldap/enumerate
+ ${ldap_server_config}= Convert To String ${ldap_server_config}
Should Contain ${ldap_server_config} ${ldap_server}
... msg=${ldap_server} is not configured.
+
Delete LDAP Config
[Documentation] Delete LDAP Config from REST.
${data}= Create Dictionary data=@{EMPTY}
${resp}= OpenBMC Post Request
- ... ${BMC_LDAP_URI}/action/delete data=${data}
+ ... ${BMC_LDAP_URI}/config/action/delete data=${data}
Should Be Equal As Strings ${resp.status_code} ${HTTP_OK}
+
Check LDAP Config File Deleted
[Documentation] Check LDAP file nslcd.conf deleted.
- BMC Execute Command [ ! -f /etc/nslcd.conf ]
+ ${ldap_server_config}= Read Properties ${BMC_USER_URI}ldap/enumerate
+ ${ldap_server_config}= Convert To String ${ldap_server_config}
+
+ Should Not Contain ${ldap_server_config} ${LDAP_SERVER_URI}
+ ... msg=${ldap_server_config} is not configured.