Added new test for Expired password menu
Changes:
- Added test
"Verify Maximum Failed Attempts For
Admin User And Check Account Locked"
Tested:
- Ran successfully test_bmc_expire_password.robot
Change-Id: I76845e87ec5ca9997fdebfc89eb508138c456210
Signed-off-by: Megha G N <Megha.G.N@ibm.com>
diff --git a/security/test_bmc_expire_password.robot b/security/test_bmc_expire_password.robot
index b7820a9..b408b11 100644
--- a/security/test_bmc_expire_password.robot
+++ b/security/test_bmc_expire_password.robot
@@ -10,15 +10,17 @@
Test Setup Set Account Lockout Threshold
-Test Tags BMC_Expire_Password
+Test Tags BMC_Expire_Password
*** Variables ***
# If user re-tries more than 5 time incorrectly, the user gets locked for 5 minutes.
${default_lockout_duration} ${300}
+${defaultlockout_threshold} ${5}
${admin_user} admin_user
${default_adminuser_passwd} AdminUser1
${admin_password} AdminUser2
+${invalid_password} abcd12345
*** Test Cases ***
@@ -291,6 +293,41 @@
Redfish.Login ${admin_user} AdminUser2
+Verify Maximum Failed Attempts For Admin User And Check Account Locked
+ [Documentation] Verify maximum failed attempts for admin user
+ ... and check whether admin user account is locked.
+ [Tags] Verify_Maximum_Failed_Attempts_For_Admin_User_And_Check_Account_Locked
+ [Teardown] Run Keywords Set Account Lockout Threshold account_lockout_threshold=${defaultlockout_threshold}
+ ... AND Redfish.Delete /redfish/v1/AccountService/Accounts/${admin_user}
+ ... AND Redfish.Logout
+
+ # Create admin user and set account lockout threshold value.
+ Redfish Create User ${admin_user} ${default_adminuser_passwd} Administrator ${True}
+ Set Account Lockout Threshold account_lockout_threshold=${5}
+
+ Expire Password ${admin_user}
+
+ Set Password Via Redfish ${admin_password} ${True}
+
+ # Try to login with expired password and check account is locked.
+ Repeat Keyword ${5} times
+ ... Run Keyword And Expect Error InvalidCredentialsError*
+ ... Redfish.Login ${admin_user} ${default_adminuser_passwd}
+
+ # Check whether the admin user locked value is set to true.
+ Redfish.Login
+ ${resp}= Redfish.Get /redfish/v1/AccountService/Accounts/${admin_user}
+ Should Be Equal ${resp.dict["Locked"]} ${True}
+
+ # Verify that login fails with admin user new password due to lockout.
+ Run Keyword And Expect Error InvalidCredentialsError*
+ ... Redfish.Login ${admin_user} ${admin_password}
+
+ # Wait for lockout duration to expire and then verify that login with admin user works.
+ Sleep ${default_lockout_duration}s
+ Redfish.Login ${admin_user} ${admin_password}
+
+
*** Keywords ***
Set Account Lockout Threshold
@@ -306,7 +343,7 @@
... AccountLockoutDuration=${account_lockout_duration}
Redfish.Patch /redfish/v1/AccountService/ body=&{payload}
gen_robot_valid.Valid Length OPENBMC_PASSWORD min_length=8
- Redfish.Logout
+
Restore Default Password For Root User
[Documentation] Restore default password for root user (i.e. 0penBmc).
@@ -366,8 +403,8 @@
# new_password New password set.
# expect_result Expected result (eg:true or false).
- ${status}= Run Keyword And Return Status
- ... Redfish.Patch /redfish/v1/AccountService/Accounts/${admin_user}
- ... body={'Password': '${new_password}'}
+ ${status}= Run Keyword And Return Status
+ ... Redfish.Patch /redfish/v1/AccountService/Accounts/${admin_user}
+ ... body={'Password': '${new_password}'}
Should be Equal ${status} ${expect_result}