Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc-test-automation / f90c474ff9809759f55f24cfdd722c4fb10c4be1^! / . / redfish / account_service / test_ldap_configuration.robot
commitf90c474ff9809759f55f24cfdd722c4fb10c4be1[log] [tgz]
authorPrashanth Katti <prkatti1@in.ibm.com>Wed Mar 18 11:08:47 2020 -0500
committerGeorge Keishing <gkeishin@in.ibm.com>Tue Mar 24 05:41:31 2020 +0000
treed1420c83c8b914f4f657fd51169c5241400d5cef
parent5b2a6130c773c99183df7b628867dbd5be6b5b16 [diff] [blame]
Deleting network configuration using different LDAP user roles
Changes:
    - Add test case in LDAP to delete network configuration.

Signed-off-by: Prashanth Katti <prkatti1@in.ibm.com>
Change-Id: I2231a09ca66d2313b29b2bf752a3cb6ab9602bb2

diff --git a/redfish/account_service/test_ldap_configuration.robot b/redfish/account_service/test_ldap_configuration.robot
index a384c1f..bb22b0d 100644
--- a/redfish/account_service/test_ldap_configuration.robot
+++ b/redfish/account_service/test_ldap_configuration.robot

@@ -477,6 +477,25 @@
     ${LDAP_TYPE}  Operator         ${GROUP_NAME}  ${HTTP_OK}
 
 
+Delete IP Address Via Different User Roles And Verify
+    [Documentation]  Delete IP address via different user roles and verify.
+    [Tags]  Delete_IP_Address_Via_Different_User_Roles_And_Verify
+    [Teardown]  Run Keywords  Restore LDAP Privilege  AND  FFDC On Test Case Fail
+
+    [Template]  Update LDAP User Role And Delete IP Address
+    # Verify LDAP user with Administrator privilege is able to delete IP address.
+    ${LDAP_TYPE}  Administrator    ${GROUP_NAME}  ${HTTP_OK}
+
+    # Verify LDAP user with ReadOnly privilege is forbidden to delete IP address.
+    ${LDAP_TYPE}  ReadOnly         ${GROUP_NAME}  ${HTTP_FORBIDDEN}
+
+    # Verify LDAP user with NoAccess privilege is forbidden to delete IP address.
+    ${LDAP_TYPE}  ReadOnly         ${GROUP_NAME}  ${HTTP_FORBIDDEN}
+
+    # Verify LDAP user with Operator privilege is able to delete IP address.
+    ${LDAP_TYPE}  Operator         ${GROUP_NAME}  ${HTTP_OK}
+
+
 *** Keywords ***
 
 Redfish Verify LDAP Login
@@ -764,3 +783,27 @@
     Redfish.Login  ${LDAP_USER}  ${LDAP_USER_PASSWORD}
 
     Add IP Address  ${test_ip}  ${test_mask}  ${test_gw}  ${valid_status_code}
+
+
+Update LDAP User Role And Delete IP Address
+    [Documentation]  Update LDAP user role and delete IP address.
+    [Arguments]  ${ldap_type}  ${group_privilege}  ${group_name}  ${valid_status_code}=${HTTP_OK}
+    [Teardown]  Run Keywords  Redfish.Logout  AND  Redfish.Login  AND  Delete IP Address  ${test_ip}
+
+    # Description of argument(s):
+    # ldap_type          The LDAP type ("ActiveDirectory" or "LDAP").
+    # group_privilege    The group privilege ("Administrator", "Operator", "ReadOnly" or "NoAccess").
+    # group_name         The group name of user.
+    # valid_status_code  The expected valid status code.
+
+    # Configure IP address before deleting via LDAP user roles.
+    Add IP Address  ${test_ip}  ${test_mask}  ${test_gw}
+
+    Update LDAP Configuration with LDAP User Role And Group  ${ldap_type}
+    ...  ${group_privilege}  ${group_name}
+
+    Redfish.Logout
+
+    Redfish.Login  ${LDAP_USER}  ${LDAP_USER_PASSWORD}
+
+    Delete IP Address  ${test_ip}  ${valid_status_code}