commit 9f42121d4e2da6c473aff0a46a467af637d4c713
author Anvesh Kumar <anvesr77@in.ibm.com> Mon Apr 27 01:42:50 2020 -0500
committer George Keishing <gkeishin@in.ibm.com> Fri Jun 26 04:43:30 2020 +0000
tree c8913d477122d949a1e4638865565ab87dfe4a5e
parent 721f970a23ebb93b6cf9f3768444bae75880bda1

Expire And Change Root Password Via Redfish And Verify

Change-Id: I1c42b246f546362b3e995257b4a677dc1f09e240
Signed-off-by: Anvesh Kumar <anvesr77@in.ibm.com>

security/test_bmc_expire_password.robot

diff --git a/security/test_bmc_expire_password.robot b/security/test_bmc_expire_password.robot
index 4e93495..bcbca0e 100644
--- a/security/test_bmc_expire_password.robot
+++ b/security/test_bmc_expire_password.robot
@@ -7,15 +7,16 @@
 Library           ../lib/bmc_ssh_utils.py
 Library           SSHLibrary
 
-Test Setup        Test Setup Execution
+Suite Setup       Suite Setup Execution
+Suite Teardown    Suite Teardown Execution
+
+Test Teardown     Test Teardown Execution
 
 *** Test Cases ***
 
 Expire Root Password And Check IPMI Access Fails
     [Documentation]   Expire root user password and expect an error while access via IPMI.
     [Tags]  Expire_Root_Password_And_Check_IPMI_Access_Fails
-    [Teardown]  Run Keywords  Wait Until Keyword Succeeds  1 min  10 sec
-    ...  Restore Default Password For Root User  AND  FFDC On Test Case Fail
 
     Open Connection And Log In  ${OPENBMC_USERNAME}  ${OPENBMC_PASSWORD}
 
@@ -36,6 +37,7 @@
     ${output}  ${stderr}  ${rc}=  BMC Execute Command  passwd --expire ${OPENBMC_USERNAME}
     Should Contain  ${output}  password expiry information changed
 
+    Redfish.Login
     # Change to a valid password.
     ${resp}=  Redfish.Patch  /redfish/v1/AccountService/Accounts/${OPENBMC_USERNAME}
     ...  body={'Password': '0penBmc123'}  valid_status_codes=[${HTTP_OK}]
@@ -54,18 +56,47 @@
    ${output}  ${stderr}  ${rc}=  BMC Execute Command  passwd --expire ${OPENBMC_USERNAME}
    Should Contain  ${output}  password expiry information changed
 
+   Redfish.Login
    ${status}=  Run Keyword And Return Status
    ...  Redfish.Patch  /redfish/v1/AccountService/Accounts/${OPENBMC_USERNAME}
    ...  body={'Password': '0penBmc0penBmc0penBmc'}
    Should Be Equal  ${status}  ${False}
 
+
+Expire And Change Root User Password Via Redfish And Verify
+   [Documentation]   Expire and change root user password via Redfish and verify.
+   [Tags]  Expire_And_Change_Root_User_Password_Via_Redfish_And_Verify
+   [Teardown]  Run Keywords  FFDC On Test Case Fail  AND
+   ...  Wait Until Keyword Succeeds  1 min  10 sec
+   ...  Restore Default Password For Root User
+
+   Open Connection And Log In  ${OPENBMC_USERNAME}  ${OPENBMC_PASSWORD}
+
+   ${output}  ${stderr}  ${rc}=  BMC Execute Command  passwd --expire ${OPENBMC_USERNAME}
+   Should Contain  ${output}  password expiry information changed
+
+
+   Redfish.Login
+   Verify Root Password Expired
+   # Change to a valid password.
+   Redfish.Patch  /redfish/v1/AccountService/Accounts/${OPENBMC_USERNAME}
+   ...  body={'Password': '0penBmc123'}
+   Redfish.Logout
+
+   # Verify login with the new password.
+   Redfish.Login  ${OPENBMC_USERNAME}  0penBmc123
+
+
 *** Keywords ***
 
-Test Setup Execution
+Suite Setup Execution
    [Documentation]  Test setup  execution.
 
    Redfish.login
+   Redfish.Patch  /redfish/v1/AccountService/  body={"AccountLockoutThreshold": 0}
    Valid Length  OPENBMC_PASSWORD  min_length=8
+   Redfish.Logout
+
 
 Restore Default Password For Root User
     [Documentation]  Restore default password for root user (i.e. 0penBmc).
@@ -74,5 +105,34 @@
     Redfish.Patch  /redfish/v1/AccountService/Accounts/${OPENBMC_USERNAME}
     ...   body={'Password': '${OPENBMC_PASSWORD}'}  valid_status_codes=[${HTTP_OK}]
     # Verify that root user is able to run Redfish command using default password.
+    Redfish.Logout
+
+
+Test Teardown Execution
+    [Documentation]  Do test teardown task.
+
+    Redfish.Login
+    Wait Until Keyword Succeeds  1 min  10 sec  Restore Default Password For Root User
+    FFDC On Test Case Fail
+
+
+Suite Teardown Execution
+    [Documentation]  Do suite teardown task.
+
     Redfish.login
+    Redfish.Patch  /redfish/v1/AccountService/  body={"AccountLockoutThreshold": 5}
+    Redfish.Logout
+
+Verify Root Password Expired
+    [Documentation]  Checking whether root password expired or not.
+
+    Create Session  openbmc  ${AUTH_URI}
+    ${headers}=  Create Dictionary  Content-Type=application/json
+    @{credentials}=  Create List  ${OPENBMC_USERNAME}  ${OPENBMC_PASSWORD}
+    ${data}=  Create Dictionary  data=@{credentials}
+    ${resp}=  Post Request  openbmc  /login  data=${data}  headers=${headers}
+    ${json}=  To JSON  ${resp.content}
+    Should Contain  ${json["extendedMessage"]}  POST the new password
+    Post Request  openbmc   /xyz/openbmc_project/user/root/action/SetPassword
+    ...  data={"data":["0penBmc006"]}  headers=${headers}