Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc-test-automation / 124ebef5929e8e2f859d874a427a415ffa815d21 / . / redfish / account_service / test_user_account.robot
blob: db1f65de2d933e98535578af4be2227aa5348d88 [file] [log] [blame]
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]1*** Settings ***
2Documentation Test Redfish user account.
3
4Resource ../../lib/resource.robot
5Resource ../../lib/bmc_redfish_resource.robot
6Resource ../../lib/openbmc_ffdc.robot
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]7Resource ../../lib/bmc_redfish_utils.robot
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]8
manashsarma654cbc12021-09-23 02:28:12 -0500[diff] [blame]9Library SSHLibrary
10
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]11Test Setup Redfish.Login
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]12Test Teardown Test Teardown Execution
13
Sandhya Somashekar37122b62019-06-18 06:02:02 -0500[diff] [blame]14*** Variables ***
15
16${account_lockout_duration} ${30}
17${account_lockout_threshold} ${3}
18
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]19** Test Cases **
20
21Verify AccountService Available
Sivas SRRfa6831c2019-02-22 00:12:00 -0600[diff] [blame]22 [Documentation] Verify Redfish account service is available.
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]23 [Tags] Verify_AccountService_Available
24
George Keishing97c93942019-03-04 12:45:07 -0600[diff] [blame]25 ${resp} = Redfish_utils.Get Attribute /redfish/v1/AccountService ServiceEnabled
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]26 Should Be Equal As Strings ${resp} ${True}
27
Rahul Maheshwarid0aa72b2022-08-23 06:44:07 -0500[diff] [blame]28
29Verify Redfish Admin User Persistence After Reboot
30 [Documentation] Verify Redfish admin user persistence after reboot.
31 [Tags] Verify_Redfish_Admin_User_Persistence_After_Reboot
32 [Setup] Run Keywords Redfish.Login AND
33 ... Redfish Create User admin_user TestPwd123 Administrator ${True}
34 [Teardown] Run Keywords Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user
35 ... AND Test Teardown Execution
Sandhya Somashekara83fb472019-08-29 02:26:21 -0500[diff] [blame]36
37 # Reboot BMC.
38 Redfish OBMC Reboot (off) stack_mode=normal
Sandhya Somashekara83fb472019-08-29 02:26:21 -0500[diff] [blame]39
40 # Verify users after reboot.
41 Redfish Verify User admin_user TestPwd123 Administrator ${True}
Rahul Maheshwarid0aa72b2022-08-23 06:44:07 -0500[diff] [blame]42
43
44Verify Redfish Operator User Persistence After Reboot
45 [Documentation] Verify Redfish operator user persistence after reboot.
46 [Tags] Verify_Redfish_Operator_User_Persistence_After_Reboot
47 [Setup] Run Keywords Redfish.Login AND
48 ... Redfish Create User operator_user TestPwd123 Operator ${True}
49 [Teardown] Run Keywords Redfish.Delete /redfish/v1/AccountService/Accounts/operator_user
50 ... AND Test Teardown Execution
51
52 # Reboot BMC.
53 Redfish OBMC Reboot (off) stack_mode=normal
54
55 # Verify users after reboot.
Sandhya Somashekara83fb472019-08-29 02:26:21 -0500[diff] [blame]56 Redfish Verify User operator_user TestPwd123 Operator ${True}
Rahul Maheshwarid0aa72b2022-08-23 06:44:07 -0500[diff] [blame]57
58
59Verify Redfish Readonly User Persistence After Reboot
60 [Documentation] Verify Redfish readonly user persistence after reboot.
61 [Tags] Verify_Redfish_Readonly_User_Persistence_After_Reboot
62 [Setup] Run Keywords Redfish.Login AND
63 ... Redfish Create User readonly_user TestPwd123 ReadOnly ${True}
64 [Teardown] Run Keywords Redfish.Delete /redfish/v1/AccountService/Accounts/readonly_user
65 ... AND Test Teardown Execution
66
67 # Reboot BMC.
68 Redfish OBMC Reboot (off) stack_mode=normal
69
70 # Verify users after reboot.
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]71 Redfish Verify User readonly_user TestPwd123 ReadOnly ${True}
Sandhya Somashekara83fb472019-08-29 02:26:21 -0500[diff] [blame]72
Sandhya Somashekara83fb472019-08-29 02:26:21 -0500[diff] [blame]73
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]74Redfish Create and Verify Admin User
75 [Documentation] Create a Redfish user with administrator role and verify.
George Keishingf5176902022-05-12 04:23:59 -0500[diff] [blame]76 [Tags] Redfish_Create_and_Verify_Admin_User
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]77 [Template] Redfish Create And Verify User
78
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]79 #username password role_id enabled
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]80 admin_user TestPwd123 Administrator ${True}
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]81
82
83Redfish Create and Verify Operator User
84 [Documentation] Create a Redfish user with operator role and verify.
85 [Tags] Redfish_Create_and_Verify_Operator_User
86 [Template] Redfish Create And Verify User
87
88 #username password role_id enabled
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]89 operator_user TestPwd123 Operator ${True}
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]90
91
92Redfish Create and Verify Readonly User
93 [Documentation] Create a Redfish user with readonly role and verify.
94 [Tags] Redfish_Create_and_Verify_Readonly_User
95 [Template] Redfish Create And Verify User
96
97 #username password role_id enabled
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]98 readonly_user TestPwd123 ReadOnly ${True}
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]99
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]100
101Verify Redfish Admin User With Wrong Password
102 [Documentation] Verify Redfish admin user with wrong password.
103 [Tags] Verify_Redfish_Admin_User_With_Wrong_Password
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]104 [Template] Verify Redfish User with Wrong Password
105
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]106 #username password role_id enabled wrong_password
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]107 admin_user TestPwd123 Administrator ${True} alskjhfwurh
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]108
109
110Verify Redfish Operator User with Wrong Password
111 [Documentation] Verify Redfish operator user with wrong password.
112 [Tags] Verify_Redfish_Operator_User_with_Wrong_Password
113 [Template] Verify Redfish User with Wrong Password
114
115 #username password role_id enabled wrong_password
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]116 operator_user TestPwd123 Operator ${True} 12j8a8uakjhdaosiruf024
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]117
118
119Verify Redfish Readonly User With Wrong Password
120 [Documentation] Verify Redfish readonly user with wrong password.
121 [Tags] Verify_Redfish_Readonly_User_With_Wrong_Password
122 [Template] Verify Redfish User with Wrong Password
123
124 #username password role_id enabled wrong_password
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]125 readonly_user TestPwd123 ReadOnly ${True} 12
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]126
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]127
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]128Verify Login with Deleted Redfish Admin User
129 [Documentation] Verify login with deleted Redfish admin user.
130 [Tags] Verify_Login_with_Deleted_Redfish_Admin_User
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]131 [Template] Verify Login with Deleted Redfish User
132
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]133 #username password role_id enabled
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]134 admin_user TestPwd123 Administrator ${True}
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]135
136
137Verify Login with Deleted Redfish Operator User
138 [Documentation] Verify login with deleted Redfish operator user.
139 [Tags] Verify_Login_with_Deleted_Redfish_Operator_User
140 [Template] Verify Login with Deleted Redfish User
141
142 #username password role_id enabled
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]143 operator_user TestPwd123 Operator ${True}
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]144
145
146Verify Login with Deleted Redfish Readonly User
147 [Documentation] Verify login with deleted Redfish readonly user.
148 [Tags] Verify_Login_with_Deleted_Redfish_Readonly_User
149 [Template] Verify Login with Deleted Redfish User
150
151 #username password role_id enabled
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]152 readonly_user TestPwd123 ReadOnly ${True}
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]153
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]154
155Verify Admin User Creation Without Enabling It
156 [Documentation] Verify admin user creation without enabling it.
157 [Tags] Verify_Admin_User_Creation_Without_Enabling_It
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]158 [Template] Verify Create User Without Enabling
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]159
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]160 #username password role_id enabled
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]161 admin_user TestPwd123 Administrator ${False}
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]162
163
164Verify Operator User Creation Without Enabling It
165 [Documentation] Verify operator user creation without enabling it.
166 [Tags] Verify_Operator_User_Creation_Without_Enabling_It
167 [Template] Verify Create User Without Enabling
168
169 #username password role_id enabled
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]170 operator_user TestPwd123 Operator ${False}
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]171
172
173Verify Readonly User Creation Without Enabling It
174 [Documentation] Verify readonly user creation without enabling it.
175 [Tags] Verify_Readonly_User_Creation_Without_Enabling_It
176 [Template] Verify Create User Without Enabling
177
178 #username password role_id enabled
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]179 readonly_user TestPwd123 ReadOnly ${False}
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]180
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]181
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]182Verify User Creation With Invalid Role Id
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]183 [Documentation] Verify user creation with invalid role ID.
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]184 [Tags] Verify_User_Creation_With_Invalid_Role_Id
185
186 # Make sure the user account in question does not already exist.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]187 Redfish.Delete /redfish/v1/AccountService/Accounts/test_user
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]188 ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
189
190 # Create specified user.
191 ${payload}= Create Dictionary
192 ... UserName=test_user Password=TestPwd123 RoleId=wrongroleid Enabled=${True}
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]193 Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload}
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]194 ... valid_status_codes=[${HTTP_BAD_REQUEST}]
195
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]196Verify Error Upon Creating Same Users With Different Privileges
197 [Documentation] Verify error upon creating same users with different privileges.
198 [Tags] Verify_Error_Upon_Creating_Same_Users_With_Different_Privileges
199
200 Redfish Create User test_user TestPwd123 Administrator ${True}
201
202 # Create specified user.
203 ${payload}= Create Dictionary
204 ... UserName=test_user Password=TestPwd123 RoleId=Operator Enabled=${True}
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]205 Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload}
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]206 ... valid_status_codes=[${HTTP_BAD_REQUEST}]
207
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]208 Redfish.Delete /redfish/v1/AccountService/Accounts/test_user
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]209
Rahul Maheshwari124ebef2022-08-23 12:06:59 -0500[diff] [blame^]210
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]211Verify Modifying User Attributes
212 [Documentation] Verify modifying user attributes.
213 [Tags] Verify_Modifying_User_Attributes
Rahul Maheshwari124ebef2022-08-23 12:06:59 -0500[diff] [blame^]214
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]215 # Create Redfish users.
216 Redfish Create User admin_user TestPwd123 Administrator ${True}
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]217 Redfish Create User readonly_user TestPwd123 ReadOnly ${True}
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]218
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]219 # Make sure the new user account does not already exist.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]220 Redfish.Delete /redfish/v1/AccountService/Accounts/newadmin_user
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]221 ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
222
223 # Update admin_user username using Redfish.
224 ${payload}= Create Dictionary UserName=newadmin_user
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]225 Redfish.Patch /redfish/v1/AccountService/Accounts/admin_user body=&{payload}
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]226
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]227 # Update readonly_user role using Redfish.
Rahul Maheshwari124ebef2022-08-23 12:06:59 -0500[diff] [blame^]228 ${payload}= Create Dictionary RoleId=Administrator
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]229 Redfish.Patch /redfish/v1/AccountService/Accounts/readonly_user body=&{payload}
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]230
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]231 # Verify users after updating
232 Redfish Verify User newadmin_user TestPwd123 Administrator ${True}
Rahul Maheshwari124ebef2022-08-23 12:06:59 -0500[diff] [blame^]233 Redfish Verify User readonly_user TestPwd123 Administrator ${True}
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]234
235 # Delete created users.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]236 Redfish.Delete /redfish/v1/AccountService/Accounts/newadmin_user
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]237 Redfish.Delete /redfish/v1/AccountService/Accounts/readonly_user
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]238
Rahul Maheshwari124ebef2022-08-23 12:06:59 -0500[diff] [blame^]239
240Verify Modifying Operator User Attributes
241 [Documentation] Verify modifying operator user attributes.
242 [Tags] Verify_Modifying_Operator_User_Attributes
243 [Setup] Run Keywords Redfish.Login AND
244 ... Redfish Create User operator_user TestPwd123 Operator ${True}
245 [Teardown] Run Keywords Redfish.Delete /redfish/v1/AccountService/Accounts/operator_user
246 ... AND Test Teardown Execution
247
248 # Update operator_user password using Redfish.
249 ${payload}= Create Dictionary Password=NewTestPwd123
250 Redfish.Patch /redfish/v1/AccountService/Accounts/operator_user body=&{payload}
251
252 # Verify users after updating
253 Redfish Verify User operator_user NewTestPwd123 Operator ${True}
254
255
Sandhya Somashekar37122b62019-06-18 06:02:02 -0500[diff] [blame]256Verify User Account Locked
257 [Documentation] Verify user account locked upon trying with invalid password.
258 [Tags] Verify_User_Account_Locked
259
260 Redfish Create User admin_user TestPwd123 Administrator ${True}
261
Joy Onyerikwu1483ce02019-06-26 14:56:36 -0500[diff] [blame]262 ${payload}= Create Dictionary AccountLockoutThreshold=${account_lockout_threshold}
263 ... AccountLockoutDuration=${account_lockout_duration}
264 Redfish.Patch ${REDFISH_ACCOUNTS_SERVICE_URI} body=${payload}
Sandhya Somashekar37122b62019-06-18 06:02:02 -0500[diff] [blame]265
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]266 Redfish.Logout
267
Sandhya Somashekar37122b62019-06-18 06:02:02 -0500[diff] [blame]268 # Make ${account_lockout_threshold} failed login attempts.
269 Repeat Keyword ${account_lockout_threshold} times
270 ... Run Keyword And Expect Error InvalidCredentialsError* Redfish.Login admin_user abc123
271
272 # Verify that legitimate login fails due to lockout.
273 Run Keyword And Expect Error InvalidCredentialsError*
274 ... Redfish.Login admin_user TestPwd123
275
276 # Wait for lockout duration to expire and then verify that login works.
277 Sleep ${account_lockout_duration}s
278 Redfish.Login admin_user TestPwd123
279
280 Redfish.Logout
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]281
Sandhya Somashekar7a237472019-07-15 02:06:39 -0500[diff] [blame]282 Redfish.Login
283
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]284 Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user
Sandhya Somashekar7a237472019-07-15 02:06:39 -0500[diff] [blame]285
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]286Verify Admin User Privilege
287 [Documentation] Verify admin user privilege.
288 [Tags] Verify_Admin_User_Privilege
289
290 Redfish Create User admin_user TestPwd123 Administrator ${True}
291 Redfish Create User operator_user TestPwd123 Operator ${True}
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]292 Redfish Create User readonly_user TestPwd123 ReadOnly ${True}
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]293
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]294 Redfish.Logout
295
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]296 # Change role ID of operator user with admin user.
297 # Login with admin user.
298 Redfish.Login admin_user TestPwd123
299
300 # Modify Role ID of Operator user.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]301 Redfish.Patch /redfish/v1/AccountService/Accounts/operator_user body={'RoleId': 'Administrator'}
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]302
303 # Verify modified user.
304 Redfish Verify User operator_user TestPwd123 Administrator ${True}
305
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]306 Redfish.Logout
307 Redfish.Login admin_user TestPwd123
308
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]309 # Change password of 'user' user with admin user.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]310 Redfish.Patch /redfish/v1/AccountService/Accounts/readonly_user body={'Password': 'NewTestPwd123'}
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]311
312 # Verify modified user.
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]313 Redfish Verify User readonly_user NewTestPwd123 ReadOnly ${True}
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]314
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]315 Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user
316 Redfish.Delete /redfish/v1/AccountService/Accounts/operator_user
317 Redfish.Delete /redfish/v1/AccountService/Accounts/readonly_user
Sandhya Somashekar7a237472019-07-15 02:06:39 -0500[diff] [blame]318
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]319Verify Operator User Privilege
320 [Documentation] Verify operator user privilege.
George Keishing5236ec52022-01-31 12:07:58 -0600[diff] [blame]321 [Tags] Verify_Operator_User_Privilege
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]322
323 Redfish Create User admin_user TestPwd123 Administrator ${True}
324 Redfish Create User operator_user TestPwd123 Operator ${True}
325
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]326 Redfish.Logout
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]327 # Login with operator user.
328 Redfish.Login operator_user TestPwd123
329
George Keishing093c1bd2020-02-10 09:47:34 -0600[diff] [blame]330 # Verify BMC reset.
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]331 Run Keyword And Expect Error ValueError* Redfish BMC Reset Operation
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]332
333 # Attempt to change password of admin user with operator user.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]334 Redfish.Patch /redfish/v1/AccountService/Accounts/admin_user body={'Password': 'NewTestPwd123'}
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]335 ... valid_status_codes=[${HTTP_FORBIDDEN}]
336
337 Redfish.Logout
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]338
Sandhya Somashekar7a237472019-07-15 02:06:39 -0500[diff] [blame]339 Redfish.Login
340
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]341 Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user
342 Redfish.Delete /redfish/v1/AccountService/Accounts/operator_user
Sandhya Somashekar7a237472019-07-15 02:06:39 -0500[diff] [blame]343
344
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]345Verify ReadOnly User Privilege
346 [Documentation] Verify ReadOnly user privilege.
347 [Tags] Verify_ReadOnly_User_Privilege
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]348
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]349 Redfish Create User readonly_user TestPwd123 ReadOnly ${True}
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]350 Redfish.Logout
351
352 # Login with read_only user.
353 Redfish.Login readonly_user TestPwd123
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]354
355 # Read system level data.
356 ${system_model}= Redfish_Utils.Get Attribute
357 ... ${SYSTEM_BASE_URI} Model
358
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]359 Redfish.Logout
Sandhya Somashekar7a237472019-07-15 02:06:39 -0500[diff] [blame]360 Redfish.Login
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]361 Redfish.Delete ${REDFISH_ACCOUNTS_URI}readonly_user
Sandhya Somashekar7a237472019-07-15 02:06:39 -0500[diff] [blame]362
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]363
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]364Verify Minimum Password Length For Redfish User
365 [Documentation] Verify minimum password length for new and existing user.
366 [Tags] Verify_Minimum_Password_Length_For_Redfish_User
367
368 ${user_name}= Set Variable testUser
369
370 # Make sure the user account in question does not already exist.
371 Redfish.Delete /redfish/v1/AccountService/Accounts/${user_name}
372 ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
373
374 # Try to create a user with invalid length password.
375 ${payload}= Create Dictionary
376 ... UserName=${user_name} Password=UserPwd RoleId=Administrator Enabled=${True}
377 Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload}
378 ... valid_status_codes=[${HTTP_BAD_REQUEST}]
379
380 # Create specified user with valid length password.
381 Set To Dictionary ${payload} Password UserPwd1
382 Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload}
383 ... valid_status_codes=[${HTTP_CREATED}]
384
385 # Try to change to an invalid password.
386 Redfish.Patch /redfish/v1/AccountService/Accounts/${user_name} body={'Password': 'UserPwd'}
387 ... valid_status_codes=[${HTTP_BAD_REQUEST}]
388
389 # Change to a valid password.
390 Redfish.Patch /redfish/v1/AccountService/Accounts/${user_name} body={'Password': 'UserPwd1'}
391
392 # Verify login.
393 Redfish.Logout
394 Redfish.Login ${user_name} UserPwd1
395 Redfish.Logout
396 Redfish.Login
397 Redfish.Delete /redfish/v1/AccountService/Accounts/${user_name}
398
399
Tony Lee94335f42021-02-04 15:16:39 +0800[diff] [blame]400Verify Standard User Roles Defined By Redfish
401 [Documentation] Verify standard user roles defined by Redfish.
402 [Tags] Verify_Standard_User_Roles_Defined_By_Redfish
403
404 ${member_list}= Redfish_Utils.Get Member List
405 ... /redfish/v1/AccountService/Roles
406
407 @{roles}= Create List
408 ... /redfish/v1/AccountService/Roles/Administrator
409 ... /redfish/v1/AccountService/Roles/Operator
410 ... /redfish/v1/AccountService/Roles/ReadOnly
411
412 List Should Contain Sub List ${member_list} ${roles}
413
414 # The standard roles are:
415
416 # | Role name | Assigned privileges |
417 # | Administrator | Login, ConfigureManager, ConfigureUsers, ConfigureComponents, ConfigureSelf |
418 # | Operator | Login, ConfigureComponents, ConfigureSelf |
419 # | ReadOnly | Login, ConfigureSelf |
420
421 @{admin}= Create List Login ConfigureManager ConfigureUsers ConfigureComponents ConfigureSelf
422 @{operator}= Create List Login ConfigureComponents ConfigureSelf
423 @{readOnly}= Create List Login ConfigureSelf
424
425 ${roles_dict}= create dictionary admin_privileges=${admin} operator_privileges=${operator}
426 ... readOnly_privileges=${readOnly}
427
428 ${resp}= redfish.Get /redfish/v1/AccountService/Roles/Administrator
429 List Should Contain Sub List ${resp.dict['AssignedPrivileges']} ${roles_dict['admin_privileges']}
430
431 ${resp}= redfish.Get /redfish/v1/AccountService/Roles/Operator
432 List Should Contain Sub List ${resp.dict['AssignedPrivileges']} ${roles_dict['operator_privileges']}
433
434 ${resp}= redfish.Get /redfish/v1/AccountService/Roles/ReadOnly
435 List Should Contain Sub List ${resp.dict['AssignedPrivileges']} ${roles_dict['readOnly_privileges']}
436
437
manashsarma4910aa22021-07-26 09:12:36 -0500[diff] [blame]438Verify Error While Deleting Root User
439 [Documentation] Verify error while deleting root user.
440 [Tags] Verify_Error_While_Deleting_Root_User
441
442 Redfish.Delete /redfish/v1/AccountService/Accounts/root valid_status_codes=[${HTTP_FORBIDDEN}]
443
444
manashsarma654cbc12021-09-23 02:28:12 -0500[diff] [blame]445Verify SSH Login Access With Admin User
446 [Documentation] Verify that admin user does not have SSH login access.
447 [Tags] Verify_SSH_Login_Access_With_Admin_User
448
449 # Create an admin User.
450 Redfish Create User new_admin TestPwd1 Administrator ${True}
451
452 # Attempt SSH login with admin user.
453 SSHLibrary.Open Connection ${OPENBMC_HOST}
454 ${status}= Run Keyword And Return Status SSHLibrary.Login new_admin TestPwd1
455 Should Be Equal ${status} ${False}
456
457
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]458*** Keywords ***
459
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]460Test Teardown Execution
461 [Documentation] Do the post test teardown.
462
Anusha Dathatridb769702020-02-12 01:02:30 -0600[diff] [blame]463 Run Keyword And Ignore Error Redfish.Logout
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]464 FFDC On Test Case Fail
465
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]466
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]467Redfish Create User
468 [Documentation] Redfish create user.
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]469 [Arguments] ${username} ${password} ${role_id} ${enabled} ${login_check}=${True}
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]470
471 # Description of argument(s):
472 # username The username to be created.
473 # password The password to be assigned.
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]474 # role_id The role ID of the user to be created
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]475 # (e.g. "Administrator", "Operator", etc.).
476 # enabled Indicates whether the username being created
477 # should be enabled (${True}, ${False}).
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]478 # login_check Checks user login for created user.
479 # (e.g. ${True}, ${False}).
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]480
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]481 # Make sure the user account in question does not already exist.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]482 Redfish.Delete /redfish/v1/AccountService/Accounts/${userName}
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]483 ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
484
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]485 # Create specified user.
486 ${payload}= Create Dictionary
487 ... UserName=${username} Password=${password} RoleId=${role_id} Enabled=${enabled}
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]488 Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload}
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]489 ... valid_status_codes=[${HTTP_CREATED}]
490
Rahul Maheshwari9928b1d2021-07-19 04:59:55 -0500[diff] [blame]491 # Resetting faillock count as a workaround for issue
Anusha Dathatrif7268b52020-02-19 01:03:49 -0600[diff] [blame]492 # openbmc/phosphor-user-manager#4
nagarjunb2261267e92022-03-30 21:04:16 +0530[diff] [blame]493 ${cmd}= Catenate test -f /usr/sbin/faillock && /usr/sbin/faillock --user USER --reset
494 ... || /usr/sbin/pam_tally2 -u ${username} --reset
Anusha Dathatrif7268b52020-02-19 01:03:49 -0600[diff] [blame]495 Bmc Execute Command ${cmd}
496
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]497 # Verify login with created user.
498 ${status}= Run Keyword If '${login_check}' == '${True}'
499 ... Verify Redfish User Login ${username} ${password}
500 Run Keyword If '${login_check}' == '${True}' Should Be Equal ${status} ${enabled}
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]501
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]502 # Validate Role ID of created user.
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]503 ${role_config}= Redfish_Utils.Get Attribute
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]504 ... /redfish/v1/AccountService/Accounts/${username} RoleId
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]505 Should Be Equal ${role_id} ${role_config}
506
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]507
508Redfish Verify User
509 [Documentation] Redfish user verification.
510 [Arguments] ${username} ${password} ${role_id} ${enabled}
511
512 # Description of argument(s):
513 # username The username to be created.
514 # password The password to be assigned.
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]515 # role_id The role ID of the user to be created
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]516 # (e.g. "Administrator", "Operator", etc.).
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]517 # enabled Indicates whether the username being created
518 # should be enabled (${True}, ${False}).
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]519
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]520 ${status}= Verify Redfish User Login ${username} ${password}
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]521 # Doing a check of the returned status.
522 Should Be Equal ${status} ${enabled}
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]523
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]524 # Validate Role Id of user.
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]525 ${role_config}= Redfish_Utils.Get Attribute
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]526 ... /redfish/v1/AccountService/Accounts/${username} RoleId
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]527 Should Be Equal ${role_id} ${role_config}
528
529
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]530Verify Redfish User Login
531 [Documentation] Verify Redfish login with given user id.
532 [Teardown] Run Keywords Run Keyword And Ignore Error Redfish.Logout AND Redfish.Login
533 [Arguments] ${username} ${password}
534
535 # Description of argument(s):
536 # username Login username.
537 # password Login password.
538
539 # Logout from current Redfish session.
George Keishing1cf2a422021-02-02 22:59:29 -0600[diff] [blame]540 # We don't really care if the current session is flushed out since we are going to login
541 # with new credential in next.
542 Run Keyword And Ignore Error Redfish.Logout
543
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]544 ${status}= Run Keyword And Return Status Redfish.Login ${username} ${password}
545 [Return] ${status}
546
547
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]548Redfish Create And Verify User
549 [Documentation] Redfish create and verify user.
550 [Arguments] ${username} ${password} ${role_id} ${enabled}
551
552 # Description of argument(s):
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]553 # username The username to be created.
554 # password The password to be assigned.
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]555 # role_id The role ID of the user to be created
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]556 # (e.g. "Administrator", "Operator", etc.).
557 # enabled Indicates whether the username being created
558 # should be enabled (${True}, ${False}).
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]559
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]560 # Example:
561 #{
562 #"@odata.context": "/redfish/v1/$metadata#ManagerAccount.ManagerAccount",
563 #"@odata.id": "/redfish/v1/AccountService/Accounts/test1",
564 #"@odata.type": "#ManagerAccount.v1_0_3.ManagerAccount",
565 #"Description": "User Account",
566 #"Enabled": true,
567 #"Id": "test1",
568 #"Links": {
569 # "Role": {
570 # "@odata.id": "/redfish/v1/AccountService/Roles/Administrator"
571 # }
572 #},
573
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]574 Redfish Create User ${username} ${password} ${role_id} ${enabled}
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]575
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]576 Redfish Verify User ${username} ${password} ${role_id} ${enabled}
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]577
578 # Delete Specified User
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]579 Redfish.Delete /redfish/v1/AccountService/Accounts/${username}
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]580
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]581Verify Redfish User with Wrong Password
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]582 [Documentation] Verify Redfish User with Wrong Password.
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]583 [Arguments] ${username} ${password} ${role_id} ${enabled} ${wrong_password}
584
585 # Description of argument(s):
586 # username The username to be created.
587 # password The password to be assigned.
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]588 # role_id The role ID of the user to be created
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]589 # (e.g. "Administrator", "Operator", etc.).
590 # enabled Indicates whether the username being created
591 # should be enabled (${True}, ${False}).
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]592 # wrong_password Any invalid password.
593
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]594 Redfish Create User ${username} ${password} ${role_id} ${enabled}
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]595
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]596 Redfish.Logout
597
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]598 # Attempt to login with created user with invalid password.
599 Run Keyword And Expect Error InvalidCredentialsError*
600 ... Redfish.Login ${username} ${wrong_password}
601
602 Redfish.Login
603
604 # Delete newly created user.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]605 Redfish.Delete /redfish/v1/AccountService/Accounts/${username}
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]606
607
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]608Verify Login with Deleted Redfish User
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]609 [Documentation] Verify Login with Deleted Redfish User.
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]610 [Arguments] ${username} ${password} ${role_id} ${enabled}
611
612 # Description of argument(s):
613 # username The username to be created.
614 # password The password to be assigned.
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]615 # role_id The role ID of the user to be created
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]616 # (e.g. "Administrator", "Operator", etc.).
617 # enabled Indicates whether the username being created
618 # should be enabled (${True}, ${False}).
619
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]620 Redfish Create User ${username} ${password} ${role_id} ${enabled}
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]621
622 # Delete newly created user.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]623 Redfish.Delete /redfish/v1/AccountService/Accounts/${userName}
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]624
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]625 Redfish.Logout
626
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]627 # Attempt to login with deleted user account.
628 Run Keyword And Expect Error InvalidCredentialsError*
629 ... Redfish.Login ${username} ${password}
630
631 Redfish.Login
632
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]633
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]634Verify Create User Without Enabling
635 [Documentation] Verify Create User Without Enabling.
636 [Arguments] ${username} ${password} ${role_id} ${enabled}
637
638 # Description of argument(s):
639 # username The username to be created.
640 # password The password to be assigned.
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]641 # role_id The role ID of the user to be created
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]642 # (e.g. "Administrator", "Operator", etc.).
643 # enabled Indicates whether the username being created
644 # should be enabled (${True}, ${False}).
645
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]646 Redfish Create User ${username} ${password} ${role_id} ${enabled} ${False}
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]647
648 Redfish.Logout
649
650 # Login with created user.
651 Run Keyword And Expect Error InvalidCredentialsError*
652 ... Redfish.Login ${username} ${password}
653
654 Redfish.Login
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]655
656 # Delete newly created user.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]657 Redfish.Delete /redfish/v1/AccountService/Accounts/${username}
George Keishing07fb41f2020-06-16 08:09:19 -0500[diff] [blame]658