Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 1 | *** Settings *** |
| 2 | Documentation OpenBMC LDAP user management test. |
| 3 | |
| 4 | Resource ../lib/rest_client.robot |
| 5 | Resource ../lib/openbmc_ffdc.robot |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 6 | Library ../lib/bmc_ssh_utils.py |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 7 | |
| 8 | Suite Setup Suite Setup Execution |
| 9 | Test Teardown FFDC On Test Case Fail |
| 10 | |
| 11 | *** Variables **** |
| 12 | |
| 13 | *** Test Cases *** |
| 14 | |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 15 | Verify LDAP API Available |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 16 | [Documentation] Verify LDAP client service is running and API available. |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 17 | [Tags] Verify_LDAP_API_Available |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 18 | |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 19 | ${resp}= Read Properties ${BMC_LDAP_URI} |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 20 | Should Be Empty ${resp} |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 21 | |
| 22 | |
| 23 | Verify LDAP Config Is Created |
| 24 | [Documentation] Verify LDAP config is created in BMC. |
| 25 | [Tags] Verify_LDAP_Config_Is_Created |
| 26 | |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 27 | Configure LDAP Server On BMC |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 28 | Check LDAP Config File Generated |
| 29 | |
| 30 | |
| 31 | Verify LDAP Config Is Deleted |
| 32 | [Documentation] Verify LDAP config is deleted in BMC. |
| 33 | [Tags] Verify_LDAP_Config_Is_Deleted |
| 34 | |
| 35 | Delete LDAP Config |
| 36 | Check LDAP Config File Deleted |
| 37 | |
| 38 | |
| 39 | Verify LDAP User Able To Login Using REST |
| 40 | [Documentation] Verify LDAP user able to login using REST. |
| 41 | [Tags] Verify_LDAP_User_Able_To_Login_Using_REST |
| 42 | |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 43 | Configure LDAP Server On BMC |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 44 | Check LDAP Config File Generated |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 45 | Log Out OpenBMC |
| 46 | Sleep 60s |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 47 | |
| 48 | # REST Login to BMC with LDAP user and password. |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 49 | Initialize OpenBMC 60 1 OPENBMC_USER=${LDAP_USER} |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 50 | ... OPENBMC_PASSWORD=${LDAP_USER_PASSWORD} |
| 51 | |
| 52 | ${bmc_user_uris}= Read Properties ${BMC_USER_URI}list |
| 53 | Should Not Be Empty ${bmc_user_uris} |
| 54 | |
| 55 | |
| 56 | Verify LDAP User Able to Logout Using REST |
| 57 | [Documentation] Verify LDAP user able to logout using REST. |
| 58 | [Tags] Verify_LDAP_User_Able_To_Logout_Using_REST |
| 59 | |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 60 | Configure LDAP Server On BMC |
| 61 | Sleep 60s |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 62 | Check LDAP Config File Generated |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 63 | Log Out OpenBMC |
| 64 | Sleep 60s |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 65 | |
| 66 | # REST Login to BMC with LDAP user and password. |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 67 | Initialize OpenBMC 60 1 OPENBMC_USER=${LDAP_USER} |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 68 | ... OPENBMC_PASSWORD=${LDAP_USER_PASSWORD} |
| 69 | |
| 70 | # REST Logout from BMC. |
| 71 | Log Out OpenBMC |
| 72 | |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 73 | |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 74 | Verify LDAP Server URI Is Set |
| 75 | [Documentation] Verify LDAP Server URI is set using REST. |
| 76 | [Tags] Verify_LDAP_Server_URI_Is_Set |
| 77 | |
| 78 | # Example: LDAP URI should be either ldap://<LDAP IP / Hostname> or |
| 79 | # ldaps://<LDAP IP / Hostname> |
| 80 | Should Contain ${LDAP_SERVER_URI} ldap |
| 81 | ${ldap_server}= Create Dictionary data=${LDAP_SERVER_URI} |
| 82 | Write Attribute ${BMC_LDAP_URI}/config LDAPServerURI data=${ldap_server} |
| 83 | ... verify=${True} expected_value=${LDAP_SERVER_URI} |
| 84 | |
| 85 | |
| 86 | Verify LDAP Server BIND DN Is Set |
| 87 | [Documentation] Verify LDAP BIND DN is set using REST. |
| 88 | [Tags] Verify_LDAP_Server_BIND_DN_Is_Set |
| 89 | |
| 90 | ${ldap_server_binddn}= Create Dictionary data=${LDAP_BIND_DN} |
| 91 | Write Attribute ${BMC_LDAP_URI}/config LDAPBindDN data=${ldap_server_binddn} |
| 92 | ... verify=${True} expected_value=${LDAP_BIND_DN} |
| 93 | |
| 94 | |
| 95 | Verify LDAP Server BASE DN Is Set |
| 96 | [Documentation] Verify LDAP BASE DN is set using REST. |
| 97 | [Tags] Verify_LDAP_Server_BASE_DN_Is_Set |
| 98 | |
| 99 | ${ldap_server_basedn}= Create Dictionary data=${LDAP_BASE_DN} |
| 100 | Write Attribute ${BMC_LDAP_URI}/config LDAPBaseDN data=${ldap_server_basedn} |
| 101 | ... verify=${True} expected_value=${LDAP_BASE_DN} |
| 102 | |
| 103 | |
| 104 | Verify LDAP Server Type Is Set |
| 105 | [Documentation] Verify LDAP server type is set using REST. |
| 106 | [Tags] Verify_LDAP_Server_Type_Is_Set |
| 107 | |
| 108 | ${ldap_type}= Create Dictionary data=${LDAP_SERVER_TYPE} |
| 109 | Write Attribute ${BMC_LDAP_URI}/config LDAPType data=${ldap_type} |
| 110 | ... verify=${True} expected_value=${LDAP_SERVER_TYPE} |
| 111 | |
| 112 | |
| 113 | Verify LDAP Search Scope Is Set |
| 114 | [Documentation] Verify LDAP search scope is set using REST. |
| 115 | [Tags] Verify_LDAP_Search_Scope_Is_Set |
| 116 | |
| 117 | ${search_scope}= Create Dictionary data=${LDAP_SEARCH_SCOPE} |
| 118 | Write Attribute ${BMC_LDAP_URI}/config LDAPSearchScope data=${search_scope} |
| 119 | ... verify=${True} expected_value=${LDAP_SEARCH_SCOPE} |
| 120 | |
| 121 | |
| 122 | Verify LDAP Binddn Password Is Set |
| 123 | [Documentation] Verify LDAP Binddn password is set using REST. |
| 124 | [Tags] Verify_LDAP_Binddn_Password_Is_Set |
| 125 | |
| 126 | ${ldap_binddn_passwd}= Create Dictionary data=${LDAP_BIND_DN_PASSWORD} |
| 127 | Write Attribute ${BMC_LDAP_URI}/config LDAPBINDDNpassword data=${ldap_binddn_passwd} |
| 128 | ... verify=${True} expected_value=${LDAP_BIND_DN_PASSWORD} |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 129 | |
| 130 | |
| 131 | *** Keywords *** |
| 132 | |
| 133 | Suite Setup Execution |
| 134 | [Documentation] Check for LDAP test readiness. |
| 135 | |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 136 | Should Not Be Empty ${LDAP_SERVER_URI} |
| 137 | Should Not Be Empty ${LDAP_BIND_DN} |
| 138 | Should Not Be Empty ${LDAP_BASE_DN} |
| 139 | Should Not Be Empty ${LDAP_BIND_DN_PASSWORD} |
| 140 | Should Not Be Empty ${LDAP_SEARCH_SCOPE} |
| 141 | Should Not Be Empty ${LDAP_SERVER_TYPE} |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 142 | |
| 143 | Check LDAP Service Running |
| 144 | [Documentation] Check LDAP service running in BMC. |
| 145 | |
| 146 | BMC Execute Command systemctl | grep -in ldap |
| 147 | |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 148 | |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 149 | Configure LDAP Server On BMC |
| 150 | [Documentation] Configure LDAP Server On BMC. |
| 151 | |
| 152 | ${LDAP_SECURE_MODE} = Convert To Boolean ${LDAP_SECURE_MODE} |
| 153 | |
| 154 | @{ldap_parm_list}= Create List |
| 155 | ... ${LDAP_SERVER_URI} ${LDAP_BIND_DN} |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 156 | ... ${LDAP_BASE_DN} ${LDAP_BIND_DN_PASSWORD} ${LDAP_SEARCH_SCOPE} |
| 157 | ... ${LDAP_SERVER_TYPE} |
| 158 | |
| 159 | ${data}= Create Dictionary data=@{ldap_parm_list} |
| 160 | |
| 161 | ${resp}= OpenBMC Post Request |
| 162 | ... ${BMC_LDAP_URI}/action/CreateConfig data=${data} |
| 163 | Should Be Equal As Strings ${resp.status_code} ${HTTP_OK} |
| 164 | |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 165 | |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 166 | Check LDAP Config File Generated |
| 167 | [Documentation] Check LDAP file nslcd.conf generated. |
| 168 | [Arguments] ${ldap_server}=${LDAP_SERVER_URI} |
| 169 | |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 170 | # Description of argument(s): |
| 171 | # Non-Secured ldap_server Contains ldap server URI eg. (e.g. "ldap://x.x.x.x/"). |
| 172 | # Secured ldap_server Contains ldap server URI eg. (e.g. "ldaps://x.x.x.x/"). |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 173 | |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 174 | ${ldap_server_config}= Read Properties ${BMC_USER_URI}ldap/enumerate |
| 175 | ${ldap_server_config}= Convert To String ${ldap_server_config} |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 176 | Should Contain ${ldap_server_config} ${ldap_server} |
| 177 | ... msg=${ldap_server} is not configured. |
| 178 | |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 179 | |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 180 | Delete LDAP Config |
| 181 | [Documentation] Delete LDAP Config from REST. |
| 182 | |
| 183 | ${data}= Create Dictionary data=@{EMPTY} |
| 184 | ${resp}= OpenBMC Post Request |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 185 | ... ${BMC_LDAP_URI}/config/action/delete data=${data} |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 186 | |
| 187 | Should Be Equal As Strings ${resp.status_code} ${HTTP_OK} |
| 188 | |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 189 | |
Sivas SRR | 3ef3bea | 2018-10-03 09:59:32 -0500 | [diff] [blame] | 190 | Check LDAP Config File Deleted |
| 191 | [Documentation] Check LDAP file nslcd.conf deleted. |
| 192 | |
Sivas SRR | 39909e3 | 2018-11-09 18:58:36 -0600 | [diff] [blame^] | 193 | ${ldap_server_config}= Read Properties ${BMC_USER_URI}ldap/enumerate |
| 194 | ${ldap_server_config}= Convert To String ${ldap_server_config} |
| 195 | |
| 196 | Should Not Contain ${ldap_server_config} ${LDAP_SERVER_URI} |
| 197 | ... msg=${ldap_server_config} is not configured. |