commit 67e0620be7083513d2abe665c887d6ae6a546294
author Prashanth Katti <prkatti1@in.ibm.com> Wed May 20 06:16:51 2020 -0500
committer George Keishing <gkeishin@in.ibm.com> Tue May 26 05:41:47 2020 +0000
tree 66a8ccc0458b47da47aa0920798b252829fed05b
parent 3cddd032a470227e1bf42bc7203044038bd32908

Read network configuration via different LDAP user roles

Signed-off-by: Prashanth Katti <prkatti1@in.ibm.com>
Change-Id: Iaaab568e18bb1f86f16e1ad307960229a446f38f

redfish/account_service/test_ldap_configuration.robot

diff --git a/redfish/account_service/test_ldap_configuration.robot b/redfish/account_service/test_ldap_configuration.robot
index bb22b0d..2cb31ee 100644
--- a/redfish/account_service/test_ldap_configuration.robot
+++ b/redfish/account_service/test_ldap_configuration.robot
@@ -471,7 +471,7 @@
     ${LDAP_TYPE}  ReadOnly         ${GROUP_NAME}  ${HTTP_FORBIDDEN}
 
     # Verify LDAP user with NoAccess privilege is forbidden to configure IP address.
-    ${LDAP_TYPE}  ReadOnly         ${GROUP_NAME}  ${HTTP_FORBIDDEN}
+    ${LDAP_TYPE}  NoAccess         ${GROUP_NAME}  ${HTTP_FORBIDDEN}
 
     # Verify LDAP user with Operator privilege is able to configure IP address.
     ${LDAP_TYPE}  Operator         ${GROUP_NAME}  ${HTTP_OK}
@@ -490,12 +490,27 @@
     ${LDAP_TYPE}  ReadOnly         ${GROUP_NAME}  ${HTTP_FORBIDDEN}
 
     # Verify LDAP user with NoAccess privilege is forbidden to delete IP address.
-    ${LDAP_TYPE}  ReadOnly         ${GROUP_NAME}  ${HTTP_FORBIDDEN}
+    ${LDAP_TYPE}  NoAccess         ${GROUP_NAME}  ${HTTP_FORBIDDEN}
 
     # Verify LDAP user with Operator privilege is able to delete IP address.
     ${LDAP_TYPE}  Operator         ${GROUP_NAME}  ${HTTP_OK}
 
 
+Read Network Configuration Via Different User Roles And Verify
+    [Documentation]  Read network configuraton via different user roles and verify.
+    [Tags]  Read_Network_configuration_Via_Different_User_Roles_And_Verify
+    [Teardown]  Restore LDAP Privilege
+
+    [Template]  Update LDAP User Role And Read Network Configuration
+    ${LDAP_TYPE}  Administrator  ${GROUP_NAME}  ${HTTP_OK}
+
+    ${LDAP_TYPE}  ReadOnly       ${GROUP_NAME}  ${HTTP_OK}
+
+    ${LDAP_TYPE}  NoAccess       ${GROUP_NAME}  ${HTTP_FORBIDDEN}
+
+    ${LDAP_TYPE}  Operator       ${GROUP_NAME}  ${HTTP_OK}
+
+
 *** Keywords ***
 
 Redfish Verify LDAP Login
@@ -807,3 +822,23 @@
     Redfish.Login  ${LDAP_USER}  ${LDAP_USER_PASSWORD}
 
     Delete IP Address  ${test_ip}  ${valid_status_code}
+
+
+Update LDAP User Role And Read Network Configuration
+    [Documentation]  Update LDAP user role and read network configuration.
+    [Arguments]  ${ldap_type}  ${group_privilege}  ${group_name}  ${valid_status_code}=${HTTP_OK}
+    [Teardown]  Run Keywords  Redfish.Logout  AND  Redfish.Login
+
+    # Description of argument(s):
+    # ldap_type          The LDAP type ("ActiveDirectory" or "LDAP").
+    # group_privilege    The group privilege ("Administrator", "Operator", "ReadOnly" or "NoAccess").
+    # group_name         The group name of user.
+    # valid_status_code  The expected valid status code.
+
+    Update LDAP Configuration with LDAP User Role And Group  ${ldap_type}
+    ...  ${group_privilege}  ${group_name}
+
+    Redfish.Logout
+
+    Redfish.Login  ${LDAP_USER}  ${LDAP_USER_PASSWORD}
+    Redfish.Get  ${REDFISH_NW_ETH0_URI}  valid_status_codes=[${valid_status_code}]