Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc-test-automation / 37122b631d23fd05cd079c16292db1b2b6d17e3d / . / redfish / account_service / test_user_account.robot
blob: 47dd6104b313d71abe16886b8dfccd26ba0f08bb [file] [log] [blame]
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]1*** Settings ***
2Documentation Test Redfish user account.
3
4Resource ../../lib/resource.robot
5Resource ../../lib/bmc_redfish_resource.robot
6Resource ../../lib/openbmc_ffdc.robot
7
8Test Setup Test Setup Execution
9Test Teardown Test Teardown Execution
10
Sandhya Somashekar37122b62019-06-18 06:02:02 -0500[diff] [blame^]11*** Variables ***
12
13${account_lockout_duration} ${30}
14${account_lockout_threshold} ${3}
15
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]16
17** Test Cases **
18
19Verify AccountService Available
Sivas SRRfa6831c2019-02-22 00:12:00 -0600[diff] [blame]20 [Documentation] Verify Redfish account service is available.
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]21 [Tags] Verify_AccountService_Available
22
George Keishing97c93942019-03-04 12:45:07 -0600[diff] [blame]23 ${resp} = Redfish_utils.Get Attribute /redfish/v1/AccountService ServiceEnabled
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]24 Should Be Equal As Strings ${resp} ${True}
25
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]26Redfish Create and Verify Users
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]27 [Documentation] Create Redfish users with various roles.
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]28 [Tags] Redfish_Create_and_Verify_Users
29 [Template] Redfish Create And Verify User
30
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]31 #username password role_id enabled
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]32 admin_user TestPwd123 Administrator ${True}
33 operator_user TestPwd123 Operator ${True}
34 user_user TestPwd123 User ${True}
35 callback_user TestPwd123 Callback ${True}
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]36
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]37Verify Redfish User with Wrong Password
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]38 [Documentation] Verify Redfish User with Wrong Password.
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]39 [Tags] Verify_Redfish_User_with_Wrong_Password
40 [Template] Verify Redfish User with Wrong Password
41
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]42 #username password role_id enabled wrong_password
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]43 admin_user TestPwd123 Administrator ${True} alskjhfwurh
44 operator_user TestPwd123 Operator ${True} 12j8a8uakjhdaosiruf024
45 user_user TestPwd123 User ${True} 12
46 callback_user TestPwd123 Callback ${True} !#@D#RF#@!D
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]47
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]48Verify Login with Deleted Redfish Users
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]49 [Documentation] Verify login with deleted Redfish Users.
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]50 [Tags] Verify_Login_with_Deleted_Redfish_Users
51 [Template] Verify Login with Deleted Redfish User
52
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]53 #username password role_id enabled
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]54 admin_user TestPwd123 Administrator ${True}
55 operator_user TestPwd123 Operator ${True}
56 user_user TestPwd123 User ${True}
57 callback_user TestPwd123 Callback ${True}
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]58
George Keishinge0c5ec32019-06-13 09:45:29 -0500[diff] [blame]59Verify User Creation Without Enabling It
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]60 [Documentation] Verify User Creation Without Enabling it.
George Keishinge0c5ec32019-06-13 09:45:29 -0500[diff] [blame]61 [Tags] Verify_User_Creation_Without_Enabling_It
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]62 [Template] Verify Create User Without Enabling
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]63
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]64 #username password role_id enabled
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]65 admin_user TestPwd123 Administrator ${False}
66 operator_user TestPwd123 Operator ${False}
67 user_user TestPwd123 User ${False}
68 callback_user TestPwd123 Callback ${False}
69
70Verify Redfish User Persistence After Reboot
71 [Documentation] Verify Redfish user persistence after reboot.
72 [Tags] Verify_Redfish_User_Persistence_After_Reboot
73
74 # Create Redfish users.
75 Redfish Create User admin_user TestPwd123 Administrator ${True}
76 Redfish Create User operator_user TestPwd123 Operator ${True}
77 Redfish Create User user_user TestPwd123 User ${True}
78 Redfish Create User callback_user TestPwd123 Callback ${True}
79
80 # Reboot BMC.
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]81 Redfish OBMC Reboot (off) stack_mode=normal
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]82
83 # Verify users after reboot.
84 Redfish Verify User admin_user TestPwd123 Administrator ${True}
85 Redfish Verify User operator_user TestPwd123 Operator ${True}
86 Redfish Verify User user_user TestPwd123 User ${True}
87 Redfish Verify User callback_user TestPwd123 Callback ${True}
88
89 # Delete created users.
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]90 Redfish.Delete ${REDFISH_ACCOUNTS_URI}admin_user
91 Redfish.Delete ${REDFISH_ACCOUNTS_URI}operator_user
92 Redfish.Delete ${REDFISH_ACCOUNTS_URI}user_user
93 Redfish.Delete ${REDFISH_ACCOUNTS_URI}callback_user
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]94
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]95Verify User Creation With Invalid Role Id
96 [Documentation] Verify user creation with invalid role id.
97 [Tags] Verify_User_Creation_With_Invalid_Role_Id
98
99 # Make sure the user account in question does not already exist.
100 Redfish.Delete ${REDFISH_ACCOUNTS_URI}test_user
101 ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
102
103 # Create specified user.
104 ${payload}= Create Dictionary
105 ... UserName=test_user Password=TestPwd123 RoleId=wrongroleid Enabled=${True}
106 Redfish.Post ${REDFISH_ACCOUNTS_URI} body=&{payload}
107 ... valid_status_codes=[${HTTP_BAD_REQUEST}]
108
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]109Verify Error Upon Creating Same Users With Different Privileges
110 [Documentation] Verify error upon creating same users with different privileges.
111 [Tags] Verify_Error_Upon_Creating_Same_Users_With_Different_Privileges
112
113 Redfish Create User test_user TestPwd123 Administrator ${True}
114
115 # Create specified user.
116 ${payload}= Create Dictionary
117 ... UserName=test_user Password=TestPwd123 RoleId=Operator Enabled=${True}
118 Redfish.Post ${REDFISH_ACCOUNTS_URI} body=&{payload}
119 ... valid_status_codes=[${HTTP_BAD_REQUEST}]
120
121
122Verify Modifying User Attributes
123 [Documentation] Verify modifying user attributes.
124 [Tags] Verify_Modifying_User_Attributes
125
126 # Create Redfish users.
127 Redfish Create User admin_user TestPwd123 Administrator ${True}
128 Redfish Create User operator_user TestPwd123 Operator ${True}
129 Redfish Create User user_user TestPwd123 User ${True}
130 Redfish Create User callback_user TestPwd123 Callback ${True}
131
132 Redfish.Login
133
134 # Make sure the new user account does not already exist.
135 Redfish.Delete ${REDFISH_ACCOUNTS_URI}newadmin_user
136 ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
137
138 # Update admin_user username using Redfish.
139 ${payload}= Create Dictionary UserName=newadmin_user
140 Redfish.Patch ${REDFISH_ACCOUNTS_URI}admin_user body=&{payload}
141
142 # Update operator_user password using Redfish.
143 ${payload}= Create Dictionary Password=NewTestPwd123
144 Redfish.Patch ${REDFISH_ACCOUNTS_URI}operator_user body=&{payload}
145
146 # Update user_user role using Redfish.
147 ${payload}= Create Dictionary RoleId=Operator
148 Redfish.Patch ${REDFISH_ACCOUNTS_URI}user_user body=&{payload}
149
150 # Update callback_user to disable using Redfish.
151 ${payload}= Create Dictionary Enabled=${False}
152 Redfish.Patch ${REDFISH_ACCOUNTS_URI}callback_user body=&{payload}
153
154 # Verify users after updating
155 Redfish Verify User newadmin_user TestPwd123 Administrator ${True}
156 Redfish Verify User operator_user NewTestPwd123 Operator ${True}
157 Redfish Verify User user_user TestPwd123 Operator ${True}
158 Redfish Verify User callback_user TestPwd123 Callback ${False}
159
160 # Delete created users.
161 Redfish.Delete ${REDFISH_ACCOUNTS_URI}newadmin_user
162 Redfish.Delete ${REDFISH_ACCOUNTS_URI}operator_user
163 Redfish.Delete ${REDFISH_ACCOUNTS_URI}user_user
164 Redfish.Delete ${REDFISH_ACCOUNTS_URI}callback_user
165
Sandhya Somashekar37122b62019-06-18 06:02:02 -0500[diff] [blame^]166Verify User Account Locked
167 [Documentation] Verify user account locked upon trying with invalid password.
168 [Tags] Verify_User_Account_Locked
169
170 Redfish Create User admin_user TestPwd123 Administrator ${True}
171
172 Redfish.Patch ${REDFISH_ACCOUNTS_SERVICE_URI}
173 ... body={'AccountLockoutThreshold': ${account_lockout_threshold}, 'AccountLockoutDuration': ${account_lockout_duration}}
174
175 # Make ${account_lockout_threshold} failed login attempts.
176 Repeat Keyword ${account_lockout_threshold} times
177 ... Run Keyword And Expect Error InvalidCredentialsError* Redfish.Login admin_user abc123
178
179 # Verify that legitimate login fails due to lockout.
180 Run Keyword And Expect Error InvalidCredentialsError*
181 ... Redfish.Login admin_user TestPwd123
182
183 # Wait for lockout duration to expire and then verify that login works.
184 Sleep ${account_lockout_duration}s
185 Redfish.Login admin_user TestPwd123
186
187 Redfish.Logout
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]188
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]189
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]190*** Keywords ***
191
192Test Setup Execution
193 [Documentation] Do test case setup tasks.
194
George Keishing97c93942019-03-04 12:45:07 -0600[diff] [blame]195 Redfish.Login
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]196
197
198Test Teardown Execution
199 [Documentation] Do the post test teardown.
200
Sandhya Somashekar37122b62019-06-18 06:02:02 -0500[diff] [blame^]201 FFDC On Test Case Fail
George Keishing97c93942019-03-04 12:45:07 -0600[diff] [blame]202 Redfish.Logout
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]203
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]204Redfish Create User
205 [Documentation] Redfish create user.
206 [Arguments] ${username} ${password} ${role_id} ${enabled}
207
208 # Description of argument(s):
209 # username The username to be created.
210 # password The password to be assigned.
211 # role_id The role id of the user to be created
212 # (e.g. "Administrator", "Operator", etc.).
213 # enabled Indicates whether the username being created
214 # should be enabled (${True}, ${False}).
215
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]216 Redfish.Login
217
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]218 # Make sure the user account in question does not already exist.
219 Redfish.Delete ${REDFISH_ACCOUNTS_URI}${userName}
220 ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
221
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]222 # Create specified user.
223 ${payload}= Create Dictionary
224 ... UserName=${username} Password=${password} RoleId=${role_id} Enabled=${enabled}
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]225 Redfish.Post ${REDFISH_ACCOUNTS_URI} body=&{payload}
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]226 ... valid_status_codes=[${HTTP_CREATED}]
227
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]228 Redfish.Logout
229
230 # Login with created user.
231 Run Keyword If ${enabled} == False
232 ... Run Keyword And Expect Error InvalidCredentialsError*
233 ... Redfish.Login ${username} ${password}
234 ... ELSE
235 ... Redfish.Login ${username} ${password}
236
237 Run Keyword If ${enabled} == False
238 ... Redfish.Login
239
240 # Validate Role Id of created user.
241 ${role_config}= Redfish_Utils.Get Attribute
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]242 ... ${REDFISH_ACCOUNTS_URI}${username} RoleId
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]243 Should Be Equal ${role_id} ${role_config}
244
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]245
246Redfish Verify User
247 [Documentation] Redfish user verification.
248 [Arguments] ${username} ${password} ${role_id} ${enabled}
249
250 # Description of argument(s):
251 # username The username to be created.
252 # password The password to be assigned.
253 # role_id The role id of the user to be created
254 # (e.g. "Administrator", "Operator", etc.).
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]255 # enabled Indicates whether the username being created
256 # should be enabled (${True}, ${False}).
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]257
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]258 # Trying to do a login with created user.
259 ${status}= Run Keyword And Return Status Redfish.Login ${username} ${password}
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]260
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]261 # Doing a check of the returned status.
262 Should Be Equal ${status} ${enabled}
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]263
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]264 # We do not need to login with created user (user could be in disabled status).
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]265 Redfish.Login
266
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]267 # Validate Role Id of user.
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]268 ${role_config}= Redfish_Utils.Get Attribute
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]269 ... ${REDFISH_ACCOUNTS_URI}${username} RoleId
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]270 Should Be Equal ${role_id} ${role_config}
271
272
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]273Redfish Create And Verify User
274 [Documentation] Redfish create and verify user.
275 [Arguments] ${username} ${password} ${role_id} ${enabled}
276
277 # Description of argument(s):
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]278 # username The username to be created.
279 # password The password to be assigned.
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]280 # role_id The role id of the user to be created
281 # (e.g. "Administrator", "Operator", etc.).
282 # enabled Indicates whether the username being created
283 # should be enabled (${True}, ${False}).
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]284
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]285 # Example:
286 #{
287 #"@odata.context": "/redfish/v1/$metadata#ManagerAccount.ManagerAccount",
288 #"@odata.id": "/redfish/v1/AccountService/Accounts/test1",
289 #"@odata.type": "#ManagerAccount.v1_0_3.ManagerAccount",
290 #"Description": "User Account",
291 #"Enabled": true,
292 #"Id": "test1",
293 #"Links": {
294 # "Role": {
295 # "@odata.id": "/redfish/v1/AccountService/Roles/Administrator"
296 # }
297 #},
298
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]299 Redfish Create User ${username} ${password} ${role_id} ${enabled}
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]300
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]301 Redfish Verify User ${username} ${password} ${role_id} ${enabled}
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]302
303 # Delete Specified User
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]304 Redfish.Delete ${REDFISH_ACCOUNTS_URI}${username}
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]305
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]306Verify Redfish User with Wrong Password
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]307 [Documentation] Verify Redfish User with Wrong Password.
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]308 [Arguments] ${username} ${password} ${role_id} ${enabled} ${wrong_password}
309
310 # Description of argument(s):
311 # username The username to be created.
312 # password The password to be assigned.
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]313 # role_id The role id of the user to be created
314 # (e.g. "Administrator", "Operator", etc.).
315 # enabled Indicates whether the username being created
316 # should be enabled (${True}, ${False}).
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]317 # wrong_password Any invalid password.
318
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]319 Redfish Create User ${username} ${password} ${role_id} ${enabled}
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]320
321 # Attempt to login with created user with invalid password.
322 Run Keyword And Expect Error InvalidCredentialsError*
323 ... Redfish.Login ${username} ${wrong_password}
324
325 Redfish.Login
326
327 # Delete newly created user.
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]328 Redfish.Delete ${REDFISH_ACCOUNTS_URI}${username}
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]329
330
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]331Verify Login with Deleted Redfish User
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]332 [Documentation] Verify Login with Deleted Redfish User.
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]333 [Arguments] ${username} ${password} ${role_id} ${enabled}
334
335 # Description of argument(s):
336 # username The username to be created.
337 # password The password to be assigned.
338 # role_id The role id of the user to be created
339 # (e.g. "Administrator", "Operator", etc.).
340 # enabled Indicates whether the username being created
341 # should be enabled (${True}, ${False}).
342
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]343 Redfish Create User ${username} ${password} ${role_id} ${enabled}
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]344 ${status}= Run Keyword And Return Status Redfish.Login ${username} ${password}
345
346 # Doing a check of the rerurned status
347 Should Be Equal ${status} ${True}
348
349 Redfish.Login
350
351 # Delete newly created user.
352 Redfish.Delete ${REDFISH_ACCOUNTS_URI}${userName}
353
354 # Attempt to login with deleted user account.
355 Run Keyword And Expect Error InvalidCredentialsError*
356 ... Redfish.Login ${username} ${password}
357
358 Redfish.Login
359
360Verify Create User Without Enabling
361 [Documentation] Verify Create User Without Enabling.
362 [Arguments] ${username} ${password} ${role_id} ${enabled}
363
364 # Description of argument(s):
365 # username The username to be created.
366 # password The password to be assigned.
367 # role_id The role id of the user to be created
368 # (e.g. "Administrator", "Operator", etc.).
369 # enabled Indicates whether the username being created
370 # should be enabled (${True}, ${False}).
371
372 Redfish.Login
373
374 Redfish Create User ${username} ${password} ${role_id} ${enabled}
375
376 Redfish.Logout
377
378 # Login with created user.
379 Run Keyword And Expect Error InvalidCredentialsError*
380 ... Redfish.Login ${username} ${password}
381
382 Redfish.Login
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]383
384 # Delete newly created user.
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]385 Redfish.Delete ${REDFISH_ACCOUNTS_URI}${username}