Automated Verifying Flood Put method without auth token.
Changes:
- Added "Verify Flood Put Method Without Auth Token" testcase
Tested:
- Ran successfully test_bmc_connections.robot
Change-Id: I9a0b5c2bf967f63b5f175bafdbaa8a0ff8f027af
Signed-off-by: Megha G N <Megha.G.N@ibm.com>
diff --git a/security/test_bmc_connections.robot b/security/test_bmc_connections.robot
index bbc9eb7..80009a2 100644
--- a/security/test_bmc_connections.robot
+++ b/security/test_bmc_connections.robot
@@ -183,6 +183,7 @@
${fail_count}= Count Values In List ${status_list} False
Run Keyword If ${fail_count} > ${0} FAIL Could not open BMC GUI ${fail_count} times
+
Test BMC GUI Stability On Continuous Refresh Of GUI Home Page
[Documentation] Login to BMC GUI and keep refreshing home page and verify stability
... by login at times in another browser.
@@ -214,6 +215,7 @@
${fail_count}= Get Length ${failed_list}
Run Keyword If ${fail_count} > ${0} FAIL Could not open BMC GUI ${fail_count} times
+
Test BMCweb Stability On Continuous Redfish Login Attempts With Invalid Credentials
[Documentation] Make invalid credentials Redfish login attempts continuously and
... verify bmcweb stability by login to Redfish with valid credentials.
@@ -221,6 +223,7 @@
Invalid Credentials Redfish Login Attempts
+
Test User Delete Operation Without Session Token And Expect Failure
[Documentation] Try to delete an object without valid session token and verifies it throws
... an unauthorised error.
@@ -254,6 +257,34 @@
${fail_count}= Get Length ${failed_iter_list}
Run Keyword If ${fail_count} > ${0} FAIL Could not do Redfish delete operation ${fail_count} times
+
+Verify Flood Put Method Without Auth Token
+ [Documentation] Flood put method without auth token and check BMC stability.
+ [Tags] Verify_Flood_Put_Method_Without_Auth_Token
+ [Teardown] Delete All BMC Partition File
+
+ @{status_list}= Create List
+
+ FOR ${iter} IN RANGE ${1} ${iterations}
+ Log To Console ${iter}th iteration
+ Run Keyword And Ignore Error
+ ... Redfish.Put ${LED_LAMP_TEST_ASSERTED_URI}attr/Asserted body={"data":1}
+ # Every 100th iteration, check BMC allows put with auth token.
+ ${status}= Run Keyword If ${iter} % 100 == 0
+ ... Run Keyword And Return Status
+ ... Login And Upload Partition File To BMC
+ Run Keyword If ${status} == ${False}
+ ... Append To List ${status_list} ${status}
+ END
+
+ # Note the count for every 100 iterations.
+ ${verify_count}= Evaluate ${iterations}/100
+ ${fail_count}= Get Length ${status_list}
+
+ Should Be Equal ${fail_count} ${0}
+ ... msg=Put operation failed ${fail_count} times in ${verify_count} attempts.
+
+
*** Keywords ***
Login And Configure Hostname
@@ -279,10 +310,11 @@
Redfish.Login
${user_info}= Create Dictionary
- ... UserName=test_user Password=TestPwd123 RoleId=Operator Enabled=${True}
+ ... UserName=test_user Password=TestPwd123 RoleId=ReadOnly Enabled=${True}
Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{user_info}
... valid_status_codes=[${HTTP_OK}, ${HTTP_CREATED}]
+
Login And Delete User
[Documentation] Login create and delete user
@@ -291,11 +323,12 @@
Redfish.Login
${user_info}= Create Dictionary
- ... UserName=test_user Password=TestPwd123 RoleId=Operator Enabled=${True}
+ ... UserName=test_user Password=TestPwd123 RoleId=ReadOnly Enabled=${True}
Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{user_info}
... valid_status_codes=[${HTTP_OK}, ${HTTP_CREATED}]
Redfish.Delete /redfish/v1/AccountService/Accounts/test_user
+
Set Account Lockout Threshold
[Documentation] Set user account lockout threshold.
@@ -312,6 +345,7 @@
Input Password ${xpath_login_password_input} incorrect_password
Click Button ${xpath_login_button}
+
Invalid Credentials Redfish Login Attempts
[Documentation] Continuous invalid credentials login attempts to Redfish and
... login to Redfish with valid credentials at times and get failed login attempts.
@@ -349,3 +383,51 @@
... SSHLibrary.Login ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD}
Skip If ${status} == ${False} msg= SSH Login failed: test will be skipped
SSHLibrary.Close All Connections
+
+
+Login And Upload Partition File To BMC
+ [Documentation] Upload partition file to BMC.
+
+ Create Partition File
+ Initialize OpenBMC
+
+ # Get the content of the file and upload to BMC.
+ ${image_data}= OperatingSystem.Get Binary File 100-file
+ ${headers}= Create Dictionary X-Auth-Token=${XAUTH_TOKEN} Content-Type=application/octet-stream
+
+ ${kwargs}= Create Dictionary data=${image_data}
+ Set To Dictionary ${kwargs} headers ${headers}
+ ${resp}= Put Request openbmc ${OEM_HOST_CONFIG_URI}/100-file &{kwargs} timeout=10
+ Should Be Equal As Strings ${resp.status_code} ${HTTP_OK}
+ Delete Local Partition File
+
+
+Delete Local Partition File
+ [Documentation] Delete local partition file.
+
+ ${file_exist}= Run Keyword And Return Status OperatingSystem.File Should Exist 100-file
+ Run Keyword If 'True' == '${file_exist}' Remove File 100-file
+
+
+Create Partition File
+ [Documentation] Create Partition file.
+
+ Delete Local Partition File
+
+ @{words}= Split String 100-file -
+ Run dd if=/dev/zero of=100-file bs=${words}[-0] count=1
+ OperatingSystem.File Should Exist 100-file
+
+
+Delete All BMC Partition File
+ [Documentation] Delete multiple partition file on BMC via Redfish.
+
+ Initialize OpenBMC
+ ${data}= Create Dictionary
+ ${headers}= Create Dictionary X-Auth-Token=${XAUTH_TOKEN}
+ Set To Dictionary ${data} headers ${headers}
+
+ ${resp}= Put Request openbmc ${OEM_HOST_CONFIG_URI}.DeleteAll &{data}
+ Should Be Equal As Strings ${resp.status_code} ${HTTP_OK}
+
+ Delete All Sessions