commit e92b1e64c70fab3b2265510a861b23b35df72dc3
author Sandhya Somashekar <sansomas@in.ibm.com> Thu Apr 25 05:27:45 2019 -0500
committer Michael Walsh <micwalsh@us.ibm.com> Wed May 15 15:04:30 2019 +0000
tree 1ff62a175af0bb9f34677be094d3b8aa0eeb8e06
parent 3118653d273bdd20b06b7f3d47d73a879d7ee48b

Summary:
Redfish local user management test case

Test Case Name:
Verify creating user id by providing invalid role id

Change-Id: I38843701f9c804450b99bfd5cf75c555129338a0
Signed-off-by: Sandhya Somashekar <sansomas@in.ibm.com>

data/variables.py

diff --git a/data/variables.py b/data/variables.py
index 65abbb9..ac6ee40 100755
--- a/data/variables.py
+++ b/data/variables.py
@@ -147,6 +147,8 @@
 REDFISH_NW_ETH0_URI = REDFISH_BASE_URI + REDFISH_NW_ETH0
 REDFISH_NW_PROTOCOL = 'Managers/bmc/NetworkProtocol'
 REDFISH_NW_PROTOCOL_URI = REDFISH_BASE_URI + REDFISH_NW_PROTOCOL
+REDFISH_ACCOUNTS = 'AccountService/Accounts/'
+REDFISH_ACCOUNTS_URI = REDFISH_BASE_URI + REDFISH_ACCOUNTS
 
 # Boot options and URI variables.
 POWER_ON = 'On'

redfish/account_service/test_user_account.robot

diff --git a/redfish/account_service/test_user_account.robot b/redfish/account_service/test_user_account.robot
index 98cd76b..6e57893 100644
--- a/redfish/account_service/test_user_account.robot
+++ b/redfish/account_service/test_user_account.robot
@@ -23,7 +23,7 @@
     [Tags]  Redfish_Create_and_Verify_Users
     [Template]  Redfish Create And Verify User
 
-    # username       password    role_id         enabled
+    #username      password    role_id         enabled
     admin_user     TestPwd123  Administrator   ${True}
     operator_user  TestPwd123  Operator        ${True}
     user_user      TestPwd123  User            ${True}
@@ -34,7 +34,7 @@
     [Tags]  Verify_Redfish_User_with_Wrong_Password
     [Template]  Verify Redfish User with Wrong Password
 
-    # username       password    role_id         enabled  wrong_password
+    #username      password    role_id         enabled  wrong_password
     admin_user     TestPwd123  Administrator   ${True}  alskjhfwurh
     operator_user  TestPwd123  Operator        ${True}  12j8a8uakjhdaosiruf024
     user_user      TestPwd123  User            ${True}  12
@@ -45,7 +45,7 @@
     [Tags]  Verify_Login_with_Deleted_Redfish_Users
     [Template]  Verify Login with Deleted Redfish User
 
-    # username       password    role_id         enabled
+    #username     password    role_id         enabled
     admin_user     TestPwd123  Administrator   ${True}
     operator_user  TestPwd123  Operator        ${True}
     user_user      TestPwd123  User            ${True}
@@ -54,9 +54,9 @@
 Verify User Creation Without Enabling it
     [Documentation]  Verify User Creation Without Enabling it.
     [Tags]  Verify_User_Creation_Without_Enabling_it
-    [Template]  Redfish Create And Verify User
+    [Template]  Verify Create User Without Enabling
 
-    # username       password    role_id         enabled
+    #username      password    role_id         enabled
     admin_user     TestPwd123  Administrator   ${False}
     operator_user  TestPwd123  Operator        ${False}
     user_user      TestPwd123  User            ${False}
@@ -73,7 +73,7 @@
     Redfish Create User  callback_user  TestPwd123  Callback        ${True}
 
     # Reboot BMC.
-    Redfish OBMC Reboot (off)
+    Redfish OBMC Reboot (off)  stack_mode=normal
 
     # Verify users after reboot.
     Redfish Verify User  admin_user     TestPwd123  Administrator   ${True}
@@ -87,6 +87,21 @@
     Redfish.Delete  /redfish/v1/AccountService/Accounts/user_user
     Redfish.Delete  /redfish/v1/AccountService/Accounts/callback_user
 
+Verify User Creation With Invalid Role Id
+    [Documentation]  Verify user creation with invalid role id.
+    [Tags]  Verify_User_Creation_With_Invalid_Role_Id
+
+    # Make sure the user account in question does not already exist.
+    Redfish.Delete  ${REDFISH_ACCOUNTS_URI}test_user
+    ...  valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
+
+    # Create specified user.
+    ${payload}=  Create Dictionary
+    ...  UserName=test_user  Password=TestPwd123  RoleId=wrongroleid  Enabled=${True}
+    Redfish.Post  ${REDFISH_ACCOUNTS_URI}  body=&{payload}
+    ...  valid_status_codes=[${HTTP_BAD_REQUEST}]
+
+
 *** Keywords ***
 
 Test Setup Execution
@@ -113,12 +128,33 @@
     # enabled             Indicates whether the username being created
     #                     should be enabled (${True}, ${False}).
 
+    # Make sure the user account in question does not already exist.
+    Redfish.Delete  ${REDFISH_ACCOUNTS_URI}${userName}
+    ...  valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
+
     # Create specified user.
     ${payload}=  Create Dictionary
     ...  UserName=${username}  Password=${password}  RoleId=${role_id}  Enabled=${enabled}
-    Redfish.Post  /redfish/v1/AccountService/Accounts  body=&{payload}
+    Redfish.Post  ${REDFISH_ACCOUNTS_URI}  body=&{payload}
     ...  valid_status_codes=[${HTTP_CREATED}]
 
+    Redfish.Logout
+
+    # Login with created user.
+    Run Keyword If  ${enabled} == False
+    ...    Run Keyword And Expect Error  InvalidCredentialsError*
+    ...    Redfish.Login  ${username}  ${password}
+    ...  ELSE
+    ...    Redfish.Login  ${username}  ${password}
+
+    Run Keyword If  ${enabled} == False
+    ...  Redfish.Login
+
+    # Validate Role Id of created user.
+    ${role_config}=  Redfish_Utils.Get Attribute
+    ...  /redfish/v1/AccountService/Accounts/${username}  RoleId
+    Should Be Equal  ${role_id}  ${role_config}
+
 
 Redfish Verify User
     [Documentation]  Redfish user verification.
@@ -129,17 +165,19 @@
     # password            The password to be assigned.
     # role_id             The role id of the user to be created
     #                     (e.g. "Administrator", "Operator", etc.).
+    # enabled             Indicates whether the username being created
+    #                     should be enabled (${True}, ${False}).
 
-    # Trying todo a login with created user
-    ${is_redfish}=  Run Keyword And Return Status  Redfish.Login  ${username}  ${password}
+    # Trying to do a login with created user.
+    ${status}=  Run Keyword And Return Status  Redfish.Login  ${username}  ${password}
 
-    # Doing a check of the rerurned status
-    Should Be Equal  ${is_redfish}  ${enabled}
+    # Doing a check of the returned status.
+    Should Be Equal  ${status}  ${enabled}
 
-    # We do not needed to login with created user (user could be in disabled status)
+    # We do not need to login with created user (user could be in disabled status).
     Redfish.Login
 
-    # Validate Role Id of created user.
+    # Validate Role Id of user.
     ${role_config}=  Redfish_Utils.Get Attribute
     ...  /redfish/v1/AccountService/Accounts/${username}  RoleId
     Should Be Equal  ${role_id}  ${role_config}
@@ -157,6 +195,20 @@
     # enabled             Indicates whether the username being created
     #                     should be enabled (${True}, ${False}).
 
+    # Example:
+    #{
+    #"@odata.context": "/redfish/v1/$metadata#ManagerAccount.ManagerAccount",
+    #"@odata.id": "/redfish/v1/AccountService/Accounts/test1",
+    #"@odata.type": "#ManagerAccount.v1_0_3.ManagerAccount",
+    #"Description": "User Account",
+    #"Enabled": true,
+    #"Id": "test1",
+    #"Links": {
+    #  "Role": {
+    #    "@odata.id": "/redfish/v1/AccountService/Roles/Administrator"
+    #  }
+    #},
+
     Redfish Create User  ${username}  ${password}  ${role_id}  ${enabled}
 
     Redfish Verify User  ${username}  ${password}  ${role_id}  ${enabled}
@@ -164,7 +216,6 @@
     # Delete Specified User
     Redfish.Delete  /redfish/v1/AccountService/Accounts/${username}
 
-
 Verify Redfish User with Wrong Password
     [Documentation]  Verify Redfish User with Wrong Password.
     [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}  ${wrong_password}
@@ -187,7 +238,7 @@
     Redfish.Login
 
     # Delete newly created user.
-    Redfish.Delete  /redfish/v1/AccountService/Accounts/${username}
+    Redfish.Delete  ${REDFISH_ACCOUNTS_URI}${username}
 
 
 Verify Login with Deleted Redfish User
@@ -203,13 +254,45 @@
     #                     should be enabled (${True}, ${False}).
 
     Redfish Create User  ${username}  ${password}  ${role_id}  ${enabled}
+    ${status}=  Run Keyword And Return Status  Redfish.Login  ${username}  ${password}
+
+    # Doing a check of the rerurned status
+    Should Be Equal  ${status}  ${True}
+
+    Redfish.Login
+
+    # Delete newly created user.
+    Redfish.Delete  ${REDFISH_ACCOUNTS_URI}${userName}
+
+    # Attempt to login with deleted user account.
+    Run Keyword And Expect Error  InvalidCredentialsError*
+    ...  Redfish.Login  ${username}  ${password}
+
+    Redfish.Login
+
+Verify Create User Without Enabling
+    [Documentation]  Verify Create User Without Enabling.
+    [Arguments]   ${username}  ${password}  ${role_id}  ${enabled}
+
+    # Description of argument(s):
+    # username            The username to be created.
+    # password            The password to be assigned.
+    # role_id             The role id of the user to be created
+    #                     (e.g. "Administrator", "Operator", etc.).
+    # enabled             Indicates whether the username being created
+    #                     should be enabled (${True}, ${False}).
+
+    Redfish.Login
+
+    Redfish Create User  ${username}  ${password}  ${role_id}  ${enabled}
+
+    Redfish.Logout
+
+    # Login with created user.
+    Run Keyword And Expect Error  InvalidCredentialsError*
+    ...  Redfish.Login  ${username}  ${password}
+
+    Redfish.Login
 
     # Delete newly created user.
     Redfish.Delete  /redfish/v1/AccountService/Accounts/${username}
-
-    ${is_redfish}=  Run Keyword And Return Status  Redfish.Login  ${username}  ${password}
-
-    # Doing a check of the rerurned status
-    Should Be Equal  ${is_redfish}  ${False}
-
-    Redfish.Login