Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc-test-automation / 7353f5b0c43a6b39916293dc5e4e311900089942 / . / tests_ldap / test_user_ldap_management.robot
blob: 1d5cca8c8b94861feda3736c6c0f30b7c9b80772 [file] [log] [blame]
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]1*** Settings ***
2Documentation OpenBMC LDAP user management test.
3
4Resource ../lib/rest_client.robot
5Resource ../lib/openbmc_ffdc.robot
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]6Library ../lib/bmc_ssh_utils.py
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]7
8Suite Setup Suite Setup Execution
9Test Teardown FFDC On Test Case Fail
10
11*** Variables ****
12
13*** Test Cases ***
14
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]15Verify LDAP API Available
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]16 [Documentation] Verify LDAP client service is running and API available.
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]17 [Tags] Verify_LDAP_API_Available
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]18
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]19 ${resp}= Read Properties ${BMC_LDAP_URI}
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]20 Should Be Empty ${resp}
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]21
22
23Verify LDAP Config Is Created
24 [Documentation] Verify LDAP config is created in BMC.
25 [Tags] Verify_LDAP_Config_Is_Created
26
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]27 Configure LDAP Server On BMC
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]28 Check LDAP Config File Generated
29
30
31Verify LDAP Config Is Deleted
32 [Documentation] Verify LDAP config is deleted in BMC.
33 [Tags] Verify_LDAP_Config_Is_Deleted
34
35 Delete LDAP Config
36 Check LDAP Config File Deleted
37
38
39Verify LDAP User Able To Login Using REST
40 [Documentation] Verify LDAP user able to login using REST.
41 [Tags] Verify_LDAP_User_Able_To_Login_Using_REST
42
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]43 Configure LDAP Server On BMC
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]44 Check LDAP Config File Generated
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]45 Sleep 60s
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]46
47 # REST Login to BMC with LDAP user and password.
Sivas SRR7353f5b2018-11-21 02:43:18 -0600[diff] [blame^]48 Initialize OpenBMC 60 1 ${LDAP_USER} ${LDAP_USER_PASSWORD}
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]49
50 ${bmc_user_uris}= Read Properties ${BMC_USER_URI}list
51 Should Not Be Empty ${bmc_user_uris}
52
53
54Verify LDAP User Able to Logout Using REST
55 [Documentation] Verify LDAP user able to logout using REST.
56 [Tags] Verify_LDAP_User_Able_To_Logout_Using_REST
57
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]58 Configure LDAP Server On BMC
59 Sleep 60s
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]60 Check LDAP Config File Generated
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]61 Sleep 60s
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]62
63 # REST Login to BMC with LDAP user and password.
Sivas SRR7353f5b2018-11-21 02:43:18 -0600[diff] [blame^]64 Initialize OpenBMC 60 1 ${LDAP_USER} ${LDAP_USER_PASSWORD}
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]65
66 # REST Logout from BMC.
67 Log Out OpenBMC
68
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]69
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]70Verify LDAP Server URI Is Set
71 [Documentation] Verify LDAP Server URI is set using REST.
72 [Tags] Verify_LDAP_Server_URI_Is_Set
73
74 # Example: LDAP URI should be either ldap://<LDAP IP / Hostname> or
75 # ldaps://<LDAP IP / Hostname>
76 Should Contain ${LDAP_SERVER_URI} ldap
77 ${ldap_server}= Create Dictionary data=${LDAP_SERVER_URI}
78 Write Attribute ${BMC_LDAP_URI}/config LDAPServerURI data=${ldap_server}
79 ... verify=${True} expected_value=${LDAP_SERVER_URI}
80
81
82Verify LDAP Server BIND DN Is Set
83 [Documentation] Verify LDAP BIND DN is set using REST.
84 [Tags] Verify_LDAP_Server_BIND_DN_Is_Set
85
86 ${ldap_server_binddn}= Create Dictionary data=${LDAP_BIND_DN}
87 Write Attribute ${BMC_LDAP_URI}/config LDAPBindDN data=${ldap_server_binddn}
88 ... verify=${True} expected_value=${LDAP_BIND_DN}
89
90
91Verify LDAP Server BASE DN Is Set
92 [Documentation] Verify LDAP BASE DN is set using REST.
93 [Tags] Verify_LDAP_Server_BASE_DN_Is_Set
94
95 ${ldap_server_basedn}= Create Dictionary data=${LDAP_BASE_DN}
96 Write Attribute ${BMC_LDAP_URI}/config LDAPBaseDN data=${ldap_server_basedn}
97 ... verify=${True} expected_value=${LDAP_BASE_DN}
98
99
Sivas SRR7353f5b2018-11-21 02:43:18 -0600[diff] [blame^]100Verify LDAP Server Type Is Set As Active Directory
101 [Documentation] Verify LDAP server type is set as "Active Directory"
102 ... using REST.
103 [Tags] Verify_LDAP_Server_Type_Is_Set_As_Active_Directory
104 [Template] Modify LDAP Server Type
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]105
Sivas SRR7353f5b2018-11-21 02:43:18 -0600[diff] [blame^]106 # Server type as ActiveDirectory
107 xyz.openbmc_project.User.Ldap.Config.Type.ActiveDirectory
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]108
109
Sivas SRR7353f5b2018-11-21 02:43:18 -0600[diff] [blame^]110Verify LDAP Server Type Is Set As Open LDAP
111 [Documentation] Verify LDAP server type is set as "OpenLDAP"
112 ... using REST.
113 [Tags] Verify_LDAP_Server_Type_Is_Set_As_Open_LDAP
114 [Template] Modify LDAP Server Type
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]115
Sivas SRR7353f5b2018-11-21 02:43:18 -0600[diff] [blame^]116 # Server type as OpenLdap
117 xyz.openbmc_project.User.Ldap.Config.Type.OpenLdap
118
119
120Verify LDAP Search Scope Is Set As One
121 [Documentation] Verify LDAP search scope is set as "one" using REST.
122 [Tags] Verify_LDAP_Search_Scope_Is_Set_As_One
123 [Template] Modify LDAP Search Scope
124
125 # Search Scope as one
126 xyz.openbmc_project.User.Ldap.Config.SearchScope.one
127
128
129Verify LDAP Search Scope Is Set As Base
130 [Documentation] Verify LDAP search scope is set as "base" using REST.
131 [Tags] Verify_LDAP_Search_Scope_Is_Set_As_Base
132 [Template] Modify LDAP Search Scope
133
134 # Search Scope as base
135 xyz.openbmc_project.User.Ldap.Config.SearchScope.base
136
137Verify LDAP Search Scope Is Set As Sub
138 [Documentation] Verify LDAP search scope is set as "sub" using REST.
139 [Tags] Verify_LDAP_Search_Scope_Is_Set_As_Sub
140 [Template] Modify LDAP Search Scope
141
142 # Search Scope as sub
143 xyz.openbmc_project.User.Ldap.Config.SearchScope.sub
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]144
145
146Verify LDAP Binddn Password Is Set
147 [Documentation] Verify LDAP Binddn password is set using REST.
148 [Tags] Verify_LDAP_Binddn_Password_Is_Set
149
150 ${ldap_binddn_passwd}= Create Dictionary data=${LDAP_BIND_DN_PASSWORD}
151 Write Attribute ${BMC_LDAP_URI}/config LDAPBINDDNpassword data=${ldap_binddn_passwd}
152 ... verify=${True} expected_value=${LDAP_BIND_DN_PASSWORD}
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]153
154
155*** Keywords ***
156
157Suite Setup Execution
158 [Documentation] Check for LDAP test readiness.
159
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]160 Should Not Be Empty ${LDAP_SERVER_URI}
161 Should Not Be Empty ${LDAP_BIND_DN}
162 Should Not Be Empty ${LDAP_BASE_DN}
163 Should Not Be Empty ${LDAP_BIND_DN_PASSWORD}
164 Should Not Be Empty ${LDAP_SEARCH_SCOPE}
165 Should Not Be Empty ${LDAP_SERVER_TYPE}
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]166
167Check LDAP Service Running
168 [Documentation] Check LDAP service running in BMC.
169
170 BMC Execute Command systemctl | grep -in ldap
171
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]172
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]173Configure LDAP Server On BMC
174 [Documentation] Configure LDAP Server On BMC.
175
176 ${LDAP_SECURE_MODE} = Convert To Boolean ${LDAP_SECURE_MODE}
177
178 @{ldap_parm_list}= Create List
179 ... ${LDAP_SERVER_URI} ${LDAP_BIND_DN}
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]180 ... ${LDAP_BASE_DN} ${LDAP_BIND_DN_PASSWORD} ${LDAP_SEARCH_SCOPE}
181 ... ${LDAP_SERVER_TYPE}
182
183 ${data}= Create Dictionary data=@{ldap_parm_list}
184
185 ${resp}= OpenBMC Post Request
186 ... ${BMC_LDAP_URI}/action/CreateConfig data=${data}
187 Should Be Equal As Strings ${resp.status_code} ${HTTP_OK}
188
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]189
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]190Check LDAP Config File Generated
191 [Documentation] Check LDAP file nslcd.conf generated.
192 [Arguments] ${ldap_server}=${LDAP_SERVER_URI}
193
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]194 # Description of argument(s):
195 # Non-Secured ldap_server Contains ldap server URI eg. (e.g. "ldap://x.x.x.x/").
196 # Secured ldap_server Contains ldap server URI eg. (e.g. "ldaps://x.x.x.x/").
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]197
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]198 ${ldap_server_config}= Read Properties ${BMC_USER_URI}ldap/enumerate
199 ${ldap_server_config}= Convert To String ${ldap_server_config}
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]200 Should Contain ${ldap_server_config} ${ldap_server}
201 ... msg=${ldap_server} is not configured.
202
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]203
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]204Delete LDAP Config
205 [Documentation] Delete LDAP Config from REST.
206
207 ${data}= Create Dictionary data=@{EMPTY}
208 ${resp}= OpenBMC Post Request
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]209 ... ${BMC_LDAP_URI}/config/action/delete data=${data}
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]210
211 Should Be Equal As Strings ${resp.status_code} ${HTTP_OK}
212
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]213
Sivas SRR3ef3bea2018-10-03 09:59:32 -0500[diff] [blame]214Check LDAP Config File Deleted
215 [Documentation] Check LDAP file nslcd.conf deleted.
216
Sivas SRR39909e32018-11-09 18:58:36 -0600[diff] [blame]217 ${ldap_server_config}= Read Properties ${BMC_USER_URI}ldap/enumerate
218 ${ldap_server_config}= Convert To String ${ldap_server_config}
219
220 Should Not Contain ${ldap_server_config} ${LDAP_SERVER_URI}
221 ... msg=${ldap_server_config} is not configured.
Sivas SRR7353f5b2018-11-21 02:43:18 -0600[diff] [blame^]222
223
224
225Modify LDAP Search Scope
226 [Documentation] Modify LDAP search scope parameter in LDAP config.
227 [Arguments] ${search_scope}=${LDAP_SEARCH_SCOPE}
228
229 # Description of argument(s):
230 # search_scope Contains ldap search scope (e.g. "xyz.openbmc_project.User.Ldap.Config.SearchScope.one").
231
232 ${search_scope_dict}= Create Dictionary data=${search_scope}
233 Write Attribute ${BMC_LDAP_URI}/config LDAPSearchScope data=${search_scope_dict}
234 ... verify=${True} expected_value=${search_scope}
235
236
237Modify LDAP Server Type
238 [Documentation] Modify LDAP server type parameter in LDAP config.
239 [Arguments] ${ldap_type}=${LDAP_SERVER_TYPE}
240
241 # Description of argument(s):
242 # ldap_type Contains ldap server type (e.g. "xyz.openbmc_project.User.Ldap.Config.Type.ActiveDirectory").
243
244 ${ldap_type_dict}= Create Dictionary data=${ldap_type}
245 Write Attribute ${BMC_LDAP_URI}/config LDAPType data=${ldap_type_dict}
246 ... verify=${True} expected_value=${ldap_type}
247
248