blob: da56462142064732ee1ab78d2d9b1112f5aea957 [file] [log] [blame]
*** Settings ***
Documentation Test IPMI and Redfish combinations for user management.
Resource ../../lib/openbmc_ffdc.robot
Resource ../../lib/ipmi_client.robot
Resource ../../lib/resource.robot
Resource ../../lib/bmc_redfish_resource.robot
Resource ../../lib/openbmc_ffdc.robot
Resource ../../lib/ipmi_client.robot
Library ../../lib/ipmi_utils.py
Test Setup Test Setup Execution
Test Teardown Test Teardown Execution
Force Tags IPMI_Redfish_User
*** Variables ***
${valid_password} 0penBmc1
${valid_password2} 0penBmc2
*** Test Cases ***
Create IPMI User Without Any Privilege And Verify Via Redfish
[Documentation] Create user using IPMI without privilege and verify user privilege
... via Redfish.
[Tags] Create_IPMI_User_Without_Any_Privilege_And_Verify_Via_Redfish
# Create IPMI user with random id and username.
${random_userid}= Evaluate random.randint(2, 15) modules=random
${random_username}= Generate Random String 8 [LETTERS]
Run IPMI Standard Command
... user set name ${random_userid} ${random_username}
# Verify new user privilege level via Redfish.
${privilege}= Redfish_Utils.Get Attribute
... /redfish/v1/AccountService/Accounts/${random_username} RoleId
Valid Value privilege ['ReadOnly']
Create Admin User Via Redfish And Verify Login Via IPMI
[Documentation] Create user via redfish and verify via IPMI.
[Tags] Create_Admin_User_Via_Redfish_And_Verify_Login_Via_IPMI
${random_username}= Generate Random String 8 [LETTERS]
Set Test Variable ${random_username}
${payload}= Create Dictionary
... UserName=${random_username} Password=${valid_password}
... RoleId=Administrator Enabled=${True}
Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload}
... valid_status_codes=[${HTTP_CREATED}]
# Add delay for a new admin user password to set.
Sleep 5s
Enable IPMI Access To User Using Redfish ${random_username}
# Update user password using Redfish.
${payload}= Create Dictionary Password=${valid_password2}
Redfish.Patch /redfish/v1/AccountService/Accounts/${random_username} body=&{payload}
Verify IPMI Username And Password ${random_username} ${valid_password2}
Delete User Via Redfish And Verify Using IPMI
[Documentation] Delete user via redfish and verify using IPMI.
[Tags] Delete_User_Via_Redfish_And_Verify_Using_IPMI
# Create user using Redfish.
${random_username}= Generate Random String 8 [LETTERS]
Set Test Variable ${random_username}
${payload}= Create Dictionary
... UserName=${random_username} Password=${valid_password}
... RoleId=Administrator Enabled=${True}
Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload}
... valid_status_codes=[${HTTP_CREATED}]
Enable IPMI Access To User Using Redfish ${random_username}
# Update user password using Redfish.
${payload}= Create Dictionary Password=${valid_password2}
Redfish.Patch /redfish/v1/AccountService/Accounts/${random_username} body=&{payload}
# Delete user using Redfish.
Redfish.Delete /redfish/v1/AccountService/Accounts/${random_username}
# Verify that IPMI command fails with deleted user.
Run Keyword And Expect Error *Error: Unable to establish IPMI*
... Verify IPMI Username And Password ${random_username} ${valid_password2}
Update User Password Via Redfish And Verify Using IPMI
[Documentation] Update user password via Redfish and verify using IPMI.
[Tags] Update_User_Password_Via_Redfish_And_Verify_Using_IPMI
# Create user using Redfish.
${random_username}= Generate Random String 8 [LETTERS]
Set Test Variable ${random_username}
${payload}= Create Dictionary
... UserName=${random_username} Password=${valid_password}
... RoleId=Administrator Enabled=${True}
Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload}
... valid_status_codes=[${HTTP_CREATED}]
Enable IPMI Access To User Using Redfish ${random_username}
# Update user password using Redfish.
${payload}= Create Dictionary Password=${valid_password2}
Redfish.Patch /redfish/v1/AccountService/Accounts/${random_username} body=&{payload}
# Verify that IPMI command works with new password and fails with older password.
Verify IPMI Username And Password ${random_username} ${valid_password2}
Run Keyword And Expect Error *Error: Unable to establish IPMI*
... Verify IPMI Username And Password ${random_username} ${valid_password}
Update User Privilege Via Redfish And Verify Using IPMI
[Documentation] Update user privilege via Redfish and verify using IPMI.
[Tags] Update_User_Privilege_Via_Redfish_And_Verify_Using_IPMI
# Create user using Redfish with admin privilege.
${random_username}= Generate Random String 8 [LETTERS]
Set Test Variable ${random_username}
${payload}= Create Dictionary
... UserName=${random_username} Password=${valid_password}
... RoleId=Administrator Enabled=${True}
Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload}
... valid_status_codes=[${HTTP_CREATED}]
Enable IPMI Access To User Using Redfish ${random_username}
# Update user password using Redfish.
${payload}= Create Dictionary Password=${valid_password2}
Redfish.Patch /redfish/v1/AccountService/Accounts/${random_username} body=&{payload}
# Update user privilege to readonly using Redfish.
${payload}= Create Dictionary RoleId=ReadOnly
Redfish.Patch /redfish/v1/AccountService/Accounts/${random_username} body=&{payload}
# Verify new user privilege level via IPMI.
${resp}= Run IPMI Standard Command user list
# Example of response data:
# ID Name Callin Link Auth IPMI Msg Channel Priv Limit
# 1 ipmi_admin false true true ADMINISTRATOR
# 2 OAvCxjMv false true true USER
# 3 true false false NO ACCESS
# ..
# ..
# 15 true false false NO ACCESS
${user_info}=
... Get Lines Containing String ${resp} ${random_username}
Should Contain ${user_info} USER
*** Keywords ***
Create IPMI Random User With Password And Privilege
[Documentation] Create random IPMI user with given password and privilege
... level.
[Arguments] ${password} ${privilege}=0
# Description of argument(s):
# password Password to be assigned for the user.
# privilege Privilege level for the user (e.g. "1", "2", "3", etc.).
# Create IPMI user.
${random_username}= Generate Random String 8 [LETTERS]
Set Suite Variable ${random_username}
${random_userid}= Find And Return Free User Id
IPMI Create User ${random_userid} ${random_username}
# Set given password for newly created user.
Run IPMI Standard Command
... user set password ${random_userid} ${password}
# Enable IPMI user.
Run IPMI Standard Command user enable ${random_userid}
# Set given privilege and enable IPMI messaging for newly created user.
Run Keyword If '${privilege}' != '0'
... Set Channel Access ${random_userid} ipmi=on privilege=${privilege}
[Return] ${random_username} ${random_userid}
Delete Users Via Redfish
[Documentation] Delete all the users via redfish from given list.
[Arguments] ${user_list}
# Description of argument(s):
# user_list List of user which are to be deleted.
Redfish.Login
FOR ${user} IN @{user_list}
Redfish.Delete ${user}
END
Redfish.Logout
Enable IPMI Access To User Using Redfish
[Documentation] Add IPMI access to a user through Redfish.
[Arguments] ${user_name}
# Description of argument(s):
# user_name User name to which IPMI access is to be added.
# Adding IPMI access to user name.
Redfish.Patch /redfish/v1/AccountService/Accounts/${user_name}
... body={"AccountTypes": ["Redfish", "HostConsole", "ManagerConsole", "WebUI", "IPMI"]}
Test Setup Execution
[Documentation] Do test case setup tasks.
Redfish.Login
Test Teardown Execution
[Documentation] Do the post test teardown.
FFDC On Test Case Fail
# Delete the test user.
Run Keyword And Ignore Error
... Redfish.Delete /redfish/v1/AccountService/Accounts/${random_username}
Redfish.Logout
Find And Return Free User Id
[Documentation] Find and return userid that is not being used.
FOR ${index} IN RANGE 300
# IPMI maximum users count (i.e. 15 users).
${random_userid}= Evaluate random.randint(1, ${ipmi_max_num_users}) modules=random
${access_output}= Run IPMI Standard Command channel getaccess 1 ${random_userid}
${name_line}= Get Lines Containing String ${access_output} User Name
Log To Console For ID ${random_userid}: ${name_line}
${is_empty}= Run Keyword And Return Status
... Should Match Regexp ${name_line} ${empty_name_pattern}
Exit For Loop If ${is_empty} == ${True}
END
Run Keyword If '${index}' == '299' Fail msg=A free user ID could not be found.
[Return] ${random_userid}