Added new cases for IPMI Set User access payload.
Testcases Added:
1) Verify Set User Access Payload For Standard Payload SOL
Disable standard payload 1(SOL) using set user access payload command
and verify it in get user access payload command and also check
sol activate is not working.
2) Verify Set User Access Payload For Operator Privileged User
Verify set user access payload command is not accessbile for Operator
privileged User.
Moved below keywords from ipmi/test_ipmi_user.robot to lib/ipmi_client.robot
for reuse purpose.
Enable IPMI User And Verify
Create Random IPMI User
Delete Created User
Added IPMI raw cmd for Set user access payload.
Tested: Run robot ipmi/test_ipmi_paylaod.robot.
Signed-off-by: Nagarjun B <nagarjunb@ami.com>
Change-Id: I8c7f3b0e46895fad0f6483043f76b714152a85be
diff --git a/ipmi/test_ipmi_payload.robot b/ipmi/test_ipmi_payload.robot
index ed9d47c..8fb65a4 100644
--- a/ipmi/test_ipmi_payload.robot
+++ b/ipmi/test_ipmi_payload.robot
@@ -3,7 +3,20 @@
Resource ../lib/ipmi_client.robot
Resource ../lib/openbmc_ffdc.robot
+Resource ../lib/bmc_network_utils.robot
Variables ../data/ipmi_raw_cmd_table.py
+Library ../lib/ipmi_utils.py
+
+
+Test Teardown FFDC On Test Case Fail
+
+
+*** Variables ***
+${user_priv} 2
+${operator_priv} 3
+${admin_level_priv} 4
+${no_access_priv} 15
+${new_user_passwd} 0penBmc1
*** Test Cases ***
@@ -67,6 +80,40 @@
Should Not Contain ${resp} ${IPMI_RAW_CMD['Payload']['Get_Payload_Instance_Info'][1]}
+Verify Set User Access Payload For Standard Payload SOL
+ [Documentation] Disable standard payload for SOL and verify IPMI sol activate command does not work.
+ [Tags] Verify_Set_User_Access_Payload_For_Standard_Payload_SOL
+ [Teardown] Run Keywords Set User Access Payload For Given User ${user_id_in_hex}
+ ... AND Delete Created User ${userid}
+ ... AND FFDC On Test Case Fail
+
+ ${userid} ${username}= Create And Verify IPMI User
+ ${user_id_in_hex}= Convert To Hex ${userid}
+ ${userid_in_hex_format}= Convert To Hex ${userid} prefix=0x length=2
+
+ # Get default user access payload values.
+ ${default_user_access_payload}= Get User Access Payload For Given Channel ${userid_in_hex_format}
+
+ # Disable Standard payload 1 via set user access payload command.
+ Set User Access Payload For Given User ${user_id_in_hex} Disable
+
+ Verify Standard Payload ${userid_in_hex_format} ${username} Disabled
+
+
+Verify Set User Access Payload For Operator Privileged User
+ [Documentation] Try to set user access payload using operator privileged user and expect error.
+ [Tags] Verify_Set_User_Access_Payload_For_Operator_Privileged_User
+ [Teardown] Run Keywords Delete Created User ${userid} AND FFDC On Test Case Fail
+
+ ${userid} ${username}= Create And Verify IPMI User ${operator_priv} Operator
+
+ ${payload_raw_cmd}= Catenate ${IPMI_RAW_CMD['Payload']['Set_User_Access_Payload'][0]}
+ ... ${CHANNEL_NUMBER} 0x${user_id} 0x02 0x00 0x00 0x00
+
+ Run Keyword and Expect Error *Unable to establish IPMI*
+ ... Run External IPMI Raw Command ${payload_raw_cmd} U=${userid} P=${new_user_passwd} L=Operator
+
+
*** Keywords ***
Get Payload Activation Status
@@ -96,3 +143,142 @@
${resp}= Run IPMI Command
... ${IPMI_RAW_CMD['Payload']['Deactivate_Payload'][0]}
Should Be Empty ${resp}
+
+
+Get User Access Payload For Given Channel
+ [Documentation] Execute get user access payload IPMI command for given channel
+ ... and return response.
+ [Arguments] ${user_id} ${channel_number}=${CHANNEL_NUMBER}
+
+ # Description of argument(s):
+ # user_id The user ID (e.g. "1", "2", etc.).
+ # channel_number Input channel number(e.g. "1", "2").
+
+ ${raw_command}= Catenate ${IPMI_RAW_CMD['Payload']['Get_User_Access_Payload'][0]}
+ ... ${channel_number} ${user_id}
+ ${resp}= Run External IPMI Raw Command ${raw_command}
+ [Return] ${resp}
+
+
+Create And Verify IPMI User
+ [Documentation] Create IPMI User, set password, set privilege and enable the user.
+ [Arguments] ${user_privilege_level}=${admin_level_priv} ${privilege}=Administrator
+
+ # Description of argument(s):
+ # user_privilege_level User Privilege level in integer.
+ # (e.g. 4-Administrator, 3-Operator, 2-Readonly).
+ # privilege User Privilege in Wordings.
+ # (e.g. "Administrator", "Operator", "ReadOnly").
+
+ ${random_user_id} ${random_user_name}= Create Random IPMI User
+ Set User Password ${random_user_id} ${new_user_passwd} 16
+ Set And Verify User Access Privilege ${random_user_id} ${user_privilege_level}
+ Verify Username And Password ${random_user_name} ${new_user_passwd} L=${privilege}
+
+ [Return] ${random_user_id} ${random_user_name}
+
+
+Set User Password
+ [Documentation] Set user password for given user ID.
+ [Arguments] ${user_id} ${password} ${password_option}
+
+ # Description of argument(s):
+ # user_id The user ID (e.g. "1", "2", etc.).
+ # password The user password (e.g. "0penBmc", "0penBmc1", etc.).
+ # password_option Password length option to be given in IPMI command (e.g. "16", "20").
+
+ Run IPMI Standard Command user set password ${user_id} ${password} ${password_option}
+
+Set And Verify User Access Privilege
+ [Documentation] Set User Access Privilege, enable and verify user for given user ID.
+ [Arguments] ${user_id} ${privilege_level}
+
+ # Description of argument(s):
+ # user_id The user ID (e.g. "1", "2", etc.).
+ # privilege_level User Privilege level in hex value.
+ # (e.g. 0x04-Administrator, 0x03-Operator, 0x02-Readonly).
+
+ Set Channel Access ${_user_id} ipmi=on privilege=${privilege_level}
+
+ # Delay added for user privilege to get set.
+ Sleep 5s
+
+ Enable IPMI User And Verify ${user_id}
+
+
+Verify Username And Password
+ [Documentation] Verify that newly created user is able to run IPMI command
+ ... with given username and password.
+ [Arguments] ${username} ${password} &{options}
+
+ # Description of argument(s):
+ # username The user name (e.g. "root", "robert", etc.).
+ # password The user password (e.g. "0penBmc", "0penBmc1", etc.).
+ # options Additional ipmitool command options (e.g "-L=Operator","-C=3").
+
+ Wait Until Keyword Succeeds 15 sec 5 sec Run External IPMI Raw Command
+ ... ${IPMI_RAW_CMD['Device GUID']['Get'][0]} U=${username} P=${password} &{options}
+
+
+Verify Standard Payload
+ [Documentation] Verify standard payload is disabled or enabled.
+ [Arguments] ${user_id} ${user_name} ${standard_payload}=Enabled
+
+ # Description of argument(s):
+ # user_id The user ID (e.g. "1", "2", etc.).
+ # username The user name (e.g. "root", "robert", etc.).
+ # standard_payload Enabled or Disabled.
+
+ # Verify the standard payload 1 (sol) is disabled.
+ ${get_user_access_payload}= Get User Access Payload For Given Channel ${user_id}
+ @{get_user_access_cmd_resp_list}= Split String ${get_user_access_payload}
+
+ Run Keyword If '${standard_payload}' == 'Disabled'
+ ... Should Be Equal ${get_user_access_cmd_resp_list}[0] 00
+ ... ELSE
+ ... Should Be Equal ${get_user_access_cmd_resp_list}[0] 02
+
+ Run Keyword If '${standard_payload}' == 'Disabled'
+ ... Verify Sol Activate Disabled ${user_name}
+
+
+Verify Sol Activate Disabled
+ [Documentation] Verify SOL activate IPMI command is not working.
+ [Arguments] ${user_name}
+
+ # Description of argument(s):
+ # username The user name (e.g. "root", "robert", etc.).
+
+ ${resp}= Run External IPMI Standard Command
+ ... sol activate expected_rc=${1} U=${username} P=${new_user_passwd}
+
+ Should Contain ${resp} SOL payload disabled
+
+
+Set User Access Payload For Given User
+ [Documentation] Set the user access payload on given user, channel and return response.
+ [Arguments] ${user_id} ${operation_mode}=Enable ${oempayload_value}=0x00 ${standard_payload_value}=0x02
+
+ # Description of argument(s):
+ # user_id The user ID (e.g. "1", "2", etc.).
+ # operation_mode Enable or Disable payload type.
+ # oempayload_value Oempayload in hex (e.g. "0x00", "0x01", "0x02", "0x04" etc).
+ # standard_payload_value Standard payload type IPMI or SOL.
+ # (e.g. 0x01 - IPMI, 0x02- SOL).
+
+ # If operation mode is disable 2nd byte of raw command is 4${user_id}.
+ # (e.g) 2n byte will be 0x4a (if user_id is a).
+ # If operation mode is enable 2nd byte of raw command is 0${user_id}.
+ # (e.g.) 3rd byte will be 0x0a (if user_id is a).
+ # 0x02- standard payload for SOL, 0x01 standard payload for IPMI.
+ # 3rd byte represent standard payload enables 1 (SOL).
+ # 4th to 6th byte represent standard payload enables 2 and OEM payload 1 & 2 respectively.
+
+ ${operation_mode_value}= Set Variable If '${operation_mode}' == 'Enable'
+ ... 0 4
+ ${set_cmd}= Catenate ${IPMI_RAW_CMD['Payload']['Set_User_Access_Payload'][0]}
+ ... ${CHANNEL_NUMBER} 0x${operation_mode_value}${user_id} ${standard_payload_value} 0x00 ${oempayload_value} 0x00
+
+ ${resp}= Run IPMI Command ${set_cmd}
+
+ [Return] ${resp}
\ No newline at end of file
diff --git a/ipmi/test_ipmi_user.robot b/ipmi/test_ipmi_user.robot
index a1d2c7e..5f2511a 100644
--- a/ipmi/test_ipmi_user.robot
+++ b/ipmi/test_ipmi_user.robot
@@ -521,27 +521,6 @@
*** Keywords ***
-Create Random IPMI User
- [Documentation] Create IPMI user with random username and userid and return those fields.
-
- ${random_username}= Generate Random String 8 [LETTERS]
- ${random_userid}= Find Free User Id
- IPMI Create User ${random_userid} ${random_username}
- [Return] ${random_userid} ${random_username}
-
-
-Enable IPMI User And Verify
- [Documentation] Enable the userid and verify that it has been enabled.
- [Arguments] ${userid}
-
- # Description of argument(s):
- # userid A numeric userid (e.g. "4").
-
- Run IPMI Standard Command user enable ${userid}
- ${user_info}= Get User Info ${userid}
- Valid Value user_info['enable_status'] ['enabled']
-
-
Set Default Password For IPMI Root User
[Documentation] Set default password for IPMI root user (i.e. 0penBmc).
# Set default password for root user.
@@ -655,16 +634,6 @@
FFDC On Test Case Fail
-Delete Created User
- [Documentation] Delete created IPMI user.
- [Arguments] ${userid}
- # Description of argument(s):
- # userid The user ID (e.g. "1", "2", etc.).
-
- Run IPMI Standard Command user set name ${userid} ""
- Sleep 5s
-
-
Check Active Ethernet Channels
[Documentation] Check active ethernet channels and set suite variables.
@@ -795,4 +764,4 @@
Exit For Loop If ${is_empty} == ${True}
END
- [Return] ${random_userid}
+ [Return] ${random_userid}
\ No newline at end of file