Sivas SRR | 6aa101f | 2019-02-19 22:31:55 -0600 | [diff] [blame] | 1 | *** Settings *** |
| 2 | Documentation Test Redfish user account. |
| 3 | |
| 4 | Resource ../../lib/resource.robot |
| 5 | Resource ../../lib/bmc_redfish_resource.robot |
| 6 | Resource ../../lib/openbmc_ffdc.robot |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 7 | Resource ../../lib/bmc_redfish_utils.robot |
Sivas SRR | 6aa101f | 2019-02-19 22:31:55 -0600 | [diff] [blame] | 8 | |
manashsarma | 654cbc1 | 2021-09-23 02:28:12 -0500 | [diff] [blame] | 9 | Library SSHLibrary |
| 10 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 11 | Test Setup Redfish.Login |
Sivas SRR | 6aa101f | 2019-02-19 22:31:55 -0600 | [diff] [blame] | 12 | Test Teardown Test Teardown Execution |
| 13 | |
Sandhya Somashekar | 37122b6 | 2019-06-18 06:02:02 -0500 | [diff] [blame] | 14 | *** Variables *** |
| 15 | |
| 16 | ${account_lockout_duration} ${30} |
| 17 | ${account_lockout_threshold} ${3} |
| 18 | |
Sivas SRR | 6aa101f | 2019-02-19 22:31:55 -0600 | [diff] [blame] | 19 | ** Test Cases ** |
| 20 | |
| 21 | Verify AccountService Available |
Sivas SRR | fa6831c | 2019-02-22 00:12:00 -0600 | [diff] [blame] | 22 | [Documentation] Verify Redfish account service is available. |
Sivas SRR | 6aa101f | 2019-02-19 22:31:55 -0600 | [diff] [blame] | 23 | [Tags] Verify_AccountService_Available |
| 24 | |
George Keishing | 97c9394 | 2019-03-04 12:45:07 -0600 | [diff] [blame] | 25 | ${resp} = Redfish_utils.Get Attribute /redfish/v1/AccountService ServiceEnabled |
Sivas SRR | 6aa101f | 2019-02-19 22:31:55 -0600 | [diff] [blame] | 26 | Should Be Equal As Strings ${resp} ${True} |
| 27 | |
Rahul Maheshwari | d0aa72b | 2022-08-23 06:44:07 -0500 | [diff] [blame] | 28 | |
| 29 | Verify Redfish Admin User Persistence After Reboot |
| 30 | [Documentation] Verify Redfish admin user persistence after reboot. |
| 31 | [Tags] Verify_Redfish_Admin_User_Persistence_After_Reboot |
| 32 | [Setup] Run Keywords Redfish.Login AND |
| 33 | ... Redfish Create User admin_user TestPwd123 Administrator ${True} |
| 34 | [Teardown] Run Keywords Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user |
| 35 | ... AND Test Teardown Execution |
Sandhya Somashekar | a83fb47 | 2019-08-29 02:26:21 -0500 | [diff] [blame] | 36 | |
| 37 | # Reboot BMC. |
| 38 | Redfish OBMC Reboot (off) stack_mode=normal |
Sandhya Somashekar | a83fb47 | 2019-08-29 02:26:21 -0500 | [diff] [blame] | 39 | |
| 40 | # Verify users after reboot. |
| 41 | Redfish Verify User admin_user TestPwd123 Administrator ${True} |
Rahul Maheshwari | d0aa72b | 2022-08-23 06:44:07 -0500 | [diff] [blame] | 42 | |
| 43 | |
| 44 | Verify Redfish Operator User Persistence After Reboot |
| 45 | [Documentation] Verify Redfish operator user persistence after reboot. |
| 46 | [Tags] Verify_Redfish_Operator_User_Persistence_After_Reboot |
| 47 | [Setup] Run Keywords Redfish.Login AND |
| 48 | ... Redfish Create User operator_user TestPwd123 Operator ${True} |
| 49 | [Teardown] Run Keywords Redfish.Delete /redfish/v1/AccountService/Accounts/operator_user |
| 50 | ... AND Test Teardown Execution |
| 51 | |
| 52 | # Reboot BMC. |
| 53 | Redfish OBMC Reboot (off) stack_mode=normal |
| 54 | |
| 55 | # Verify users after reboot. |
Sandhya Somashekar | a83fb47 | 2019-08-29 02:26:21 -0500 | [diff] [blame] | 56 | Redfish Verify User operator_user TestPwd123 Operator ${True} |
Rahul Maheshwari | d0aa72b | 2022-08-23 06:44:07 -0500 | [diff] [blame] | 57 | |
| 58 | |
| 59 | Verify Redfish Readonly User Persistence After Reboot |
| 60 | [Documentation] Verify Redfish readonly user persistence after reboot. |
| 61 | [Tags] Verify_Redfish_Readonly_User_Persistence_After_Reboot |
| 62 | [Setup] Run Keywords Redfish.Login AND |
| 63 | ... Redfish Create User readonly_user TestPwd123 ReadOnly ${True} |
| 64 | [Teardown] Run Keywords Redfish.Delete /redfish/v1/AccountService/Accounts/readonly_user |
| 65 | ... AND Test Teardown Execution |
| 66 | |
| 67 | # Reboot BMC. |
| 68 | Redfish OBMC Reboot (off) stack_mode=normal |
| 69 | |
| 70 | # Verify users after reboot. |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 71 | Redfish Verify User readonly_user TestPwd123 ReadOnly ${True} |
Sandhya Somashekar | a83fb47 | 2019-08-29 02:26:21 -0500 | [diff] [blame] | 72 | |
Sandhya Somashekar | a83fb47 | 2019-08-29 02:26:21 -0500 | [diff] [blame] | 73 | |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 74 | Redfish Create and Verify Admin User |
| 75 | [Documentation] Create a Redfish user with administrator role and verify. |
George Keishing | f517690 | 2022-05-12 04:23:59 -0500 | [diff] [blame] | 76 | [Tags] Redfish_Create_and_Verify_Admin_User |
Sandhya Somashekar | 00f59cc | 2019-03-05 03:39:47 -0600 | [diff] [blame] | 77 | [Template] Redfish Create And Verify User |
| 78 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 79 | #username password role_id enabled |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 80 | admin_user TestPwd123 Administrator ${True} |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 81 | |
| 82 | |
| 83 | Redfish Create and Verify Operator User |
| 84 | [Documentation] Create a Redfish user with operator role and verify. |
| 85 | [Tags] Redfish_Create_and_Verify_Operator_User |
| 86 | [Template] Redfish Create And Verify User |
| 87 | |
| 88 | #username password role_id enabled |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 89 | operator_user TestPwd123 Operator ${True} |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 90 | |
| 91 | |
| 92 | Redfish Create and Verify Readonly User |
| 93 | [Documentation] Create a Redfish user with readonly role and verify. |
| 94 | [Tags] Redfish_Create_and_Verify_Readonly_User |
| 95 | [Template] Redfish Create And Verify User |
| 96 | |
| 97 | #username password role_id enabled |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 98 | readonly_user TestPwd123 ReadOnly ${True} |
Sivas SRR | 6aa101f | 2019-02-19 22:31:55 -0600 | [diff] [blame] | 99 | |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 100 | |
| 101 | Verify Redfish Admin User With Wrong Password |
| 102 | [Documentation] Verify Redfish admin user with wrong password. |
| 103 | [Tags] Verify_Redfish_Admin_User_With_Wrong_Password |
Sandhya Somashekar | 33aa48c | 2019-03-13 05:54:49 -0500 | [diff] [blame] | 104 | [Template] Verify Redfish User with Wrong Password |
| 105 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 106 | #username password role_id enabled wrong_password |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 107 | admin_user TestPwd123 Administrator ${True} alskjhfwurh |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 108 | |
| 109 | |
| 110 | Verify Redfish Operator User with Wrong Password |
| 111 | [Documentation] Verify Redfish operator user with wrong password. |
| 112 | [Tags] Verify_Redfish_Operator_User_with_Wrong_Password |
| 113 | [Template] Verify Redfish User with Wrong Password |
| 114 | |
| 115 | #username password role_id enabled wrong_password |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 116 | operator_user TestPwd123 Operator ${True} 12j8a8uakjhdaosiruf024 |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 117 | |
| 118 | |
| 119 | Verify Redfish Readonly User With Wrong Password |
| 120 | [Documentation] Verify Redfish readonly user with wrong password. |
| 121 | [Tags] Verify_Redfish_Readonly_User_With_Wrong_Password |
| 122 | [Template] Verify Redfish User with Wrong Password |
| 123 | |
| 124 | #username password role_id enabled wrong_password |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 125 | readonly_user TestPwd123 ReadOnly ${True} 12 |
Sandhya Somashekar | 33aa48c | 2019-03-13 05:54:49 -0500 | [diff] [blame] | 126 | |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 127 | |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 128 | Verify Login with Deleted Redfish Admin User |
| 129 | [Documentation] Verify login with deleted Redfish admin user. |
| 130 | [Tags] Verify_Login_with_Deleted_Redfish_Admin_User |
Sandhya Somashekar | af402ca | 2019-03-18 05:59:19 -0500 | [diff] [blame] | 131 | [Template] Verify Login with Deleted Redfish User |
| 132 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 133 | #username password role_id enabled |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 134 | admin_user TestPwd123 Administrator ${True} |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 135 | |
| 136 | |
| 137 | Verify Login with Deleted Redfish Operator User |
| 138 | [Documentation] Verify login with deleted Redfish operator user. |
| 139 | [Tags] Verify_Login_with_Deleted_Redfish_Operator_User |
| 140 | [Template] Verify Login with Deleted Redfish User |
| 141 | |
| 142 | #username password role_id enabled |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 143 | operator_user TestPwd123 Operator ${True} |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 144 | |
| 145 | |
| 146 | Verify Login with Deleted Redfish Readonly User |
| 147 | [Documentation] Verify login with deleted Redfish readonly user. |
| 148 | [Tags] Verify_Login_with_Deleted_Redfish_Readonly_User |
| 149 | [Template] Verify Login with Deleted Redfish User |
| 150 | |
| 151 | #username password role_id enabled |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 152 | readonly_user TestPwd123 ReadOnly ${True} |
Sandhya Somashekar | af402ca | 2019-03-18 05:59:19 -0500 | [diff] [blame] | 153 | |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 154 | |
| 155 | Verify Admin User Creation Without Enabling It |
| 156 | [Documentation] Verify admin user creation without enabling it. |
| 157 | [Tags] Verify_Admin_User_Creation_Without_Enabling_It |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 158 | [Template] Verify Create User Without Enabling |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 159 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 160 | #username password role_id enabled |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 161 | admin_user TestPwd123 Administrator ${False} |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 162 | |
| 163 | |
| 164 | Verify Operator User Creation Without Enabling It |
| 165 | [Documentation] Verify operator user creation without enabling it. |
| 166 | [Tags] Verify_Operator_User_Creation_Without_Enabling_It |
| 167 | [Template] Verify Create User Without Enabling |
| 168 | |
| 169 | #username password role_id enabled |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 170 | operator_user TestPwd123 Operator ${False} |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 171 | |
| 172 | |
| 173 | Verify Readonly User Creation Without Enabling It |
| 174 | [Documentation] Verify readonly user creation without enabling it. |
| 175 | [Tags] Verify_Readonly_User_Creation_Without_Enabling_It |
| 176 | [Template] Verify Create User Without Enabling |
| 177 | |
| 178 | #username password role_id enabled |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 179 | readonly_user TestPwd123 ReadOnly ${False} |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 180 | |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 181 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 182 | Verify User Creation With Invalid Role Id |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 183 | [Documentation] Verify user creation with invalid role ID. |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 184 | [Tags] Verify_User_Creation_With_Invalid_Role_Id |
| 185 | |
| 186 | # Make sure the user account in question does not already exist. |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 187 | Redfish.Delete /redfish/v1/AccountService/Accounts/test_user |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 188 | ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}] |
| 189 | |
| 190 | # Create specified user. |
| 191 | ${payload}= Create Dictionary |
| 192 | ... UserName=test_user Password=TestPwd123 RoleId=wrongroleid Enabled=${True} |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 193 | Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload} |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 194 | ... valid_status_codes=[${HTTP_BAD_REQUEST}] |
| 195 | |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 196 | Verify Error Upon Creating Same Users With Different Privileges |
| 197 | [Documentation] Verify error upon creating same users with different privileges. |
| 198 | [Tags] Verify_Error_Upon_Creating_Same_Users_With_Different_Privileges |
| 199 | |
| 200 | Redfish Create User test_user TestPwd123 Administrator ${True} |
| 201 | |
| 202 | # Create specified user. |
| 203 | ${payload}= Create Dictionary |
Nandish-Matti | 232a6f0 | 2023-04-07 05:54:32 -0500 | [diff] [blame] | 204 | ... UserName=test_user Password=TestPwd123 RoleId=ReadOnly Enabled=${True} |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 205 | Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload} |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 206 | ... valid_status_codes=[${HTTP_BAD_REQUEST}] |
| 207 | |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 208 | Redfish.Delete /redfish/v1/AccountService/Accounts/test_user |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 209 | |
Rahul Maheshwari | 124ebef | 2022-08-23 12:06:59 -0500 | [diff] [blame] | 210 | |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 211 | Verify Modifying User Attributes |
| 212 | [Documentation] Verify modifying user attributes. |
| 213 | [Tags] Verify_Modifying_User_Attributes |
Rahul Maheshwari | 124ebef | 2022-08-23 12:06:59 -0500 | [diff] [blame] | 214 | |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 215 | # Create Redfish users. |
| 216 | Redfish Create User admin_user TestPwd123 Administrator ${True} |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 217 | Redfish Create User readonly_user TestPwd123 ReadOnly ${True} |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 218 | |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 219 | # Make sure the new user account does not already exist. |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 220 | Redfish.Delete /redfish/v1/AccountService/Accounts/newadmin_user |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 221 | ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}] |
| 222 | |
| 223 | # Update admin_user username using Redfish. |
| 224 | ${payload}= Create Dictionary UserName=newadmin_user |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 225 | Redfish.Patch /redfish/v1/AccountService/Accounts/admin_user body=&{payload} |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 226 | |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 227 | # Update readonly_user role using Redfish. |
Rahul Maheshwari | 124ebef | 2022-08-23 12:06:59 -0500 | [diff] [blame] | 228 | ${payload}= Create Dictionary RoleId=Administrator |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 229 | Redfish.Patch /redfish/v1/AccountService/Accounts/readonly_user body=&{payload} |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 230 | |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 231 | # Verify users after updating |
| 232 | Redfish Verify User newadmin_user TestPwd123 Administrator ${True} |
Rahul Maheshwari | 124ebef | 2022-08-23 12:06:59 -0500 | [diff] [blame] | 233 | Redfish Verify User readonly_user TestPwd123 Administrator ${True} |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 234 | |
| 235 | # Delete created users. |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 236 | Redfish.Delete /redfish/v1/AccountService/Accounts/newadmin_user |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 237 | Redfish.Delete /redfish/v1/AccountService/Accounts/readonly_user |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 238 | |
Rahul Maheshwari | 124ebef | 2022-08-23 12:06:59 -0500 | [diff] [blame] | 239 | |
| 240 | Verify Modifying Operator User Attributes |
| 241 | [Documentation] Verify modifying operator user attributes. |
| 242 | [Tags] Verify_Modifying_Operator_User_Attributes |
| 243 | [Setup] Run Keywords Redfish.Login AND |
| 244 | ... Redfish Create User operator_user TestPwd123 Operator ${True} |
| 245 | [Teardown] Run Keywords Redfish.Delete /redfish/v1/AccountService/Accounts/operator_user |
| 246 | ... AND Test Teardown Execution |
| 247 | |
| 248 | # Update operator_user password using Redfish. |
| 249 | ${payload}= Create Dictionary Password=NewTestPwd123 |
| 250 | Redfish.Patch /redfish/v1/AccountService/Accounts/operator_user body=&{payload} |
| 251 | |
| 252 | # Verify users after updating |
| 253 | Redfish Verify User operator_user NewTestPwd123 Operator ${True} |
| 254 | |
| 255 | |
Sandhya Somashekar | 37122b6 | 2019-06-18 06:02:02 -0500 | [diff] [blame] | 256 | Verify User Account Locked |
| 257 | [Documentation] Verify user account locked upon trying with invalid password. |
| 258 | [Tags] Verify_User_Account_Locked |
| 259 | |
| 260 | Redfish Create User admin_user TestPwd123 Administrator ${True} |
| 261 | |
Joy Onyerikwu | 1483ce0 | 2019-06-26 14:56:36 -0500 | [diff] [blame] | 262 | ${payload}= Create Dictionary AccountLockoutThreshold=${account_lockout_threshold} |
| 263 | ... AccountLockoutDuration=${account_lockout_duration} |
| 264 | Redfish.Patch ${REDFISH_ACCOUNTS_SERVICE_URI} body=${payload} |
Sandhya Somashekar | 37122b6 | 2019-06-18 06:02:02 -0500 | [diff] [blame] | 265 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 266 | Redfish.Logout |
| 267 | |
Sandhya Somashekar | 37122b6 | 2019-06-18 06:02:02 -0500 | [diff] [blame] | 268 | # Make ${account_lockout_threshold} failed login attempts. |
| 269 | Repeat Keyword ${account_lockout_threshold} times |
| 270 | ... Run Keyword And Expect Error InvalidCredentialsError* Redfish.Login admin_user abc123 |
| 271 | |
| 272 | # Verify that legitimate login fails due to lockout. |
| 273 | Run Keyword And Expect Error InvalidCredentialsError* |
| 274 | ... Redfish.Login admin_user TestPwd123 |
| 275 | |
| 276 | # Wait for lockout duration to expire and then verify that login works. |
| 277 | Sleep ${account_lockout_duration}s |
| 278 | Redfish.Login admin_user TestPwd123 |
| 279 | |
| 280 | Redfish.Logout |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 281 | |
Sandhya Somashekar | 7a23747 | 2019-07-15 02:06:39 -0500 | [diff] [blame] | 282 | Redfish.Login |
| 283 | |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 284 | Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user |
Sandhya Somashekar | 7a23747 | 2019-07-15 02:06:39 -0500 | [diff] [blame] | 285 | |
aravinth0510 | 746884b | 2022-09-29 16:04:07 +0000 | [diff] [blame^] | 286 | |
| 287 | Verify User Account Unlock |
| 288 | [Documentation] Verify manually unlocking the account before lockout time |
| 289 | [Tags] Verify_User_Account_Unlock |
| 290 | [Teardown] Run Keywords Redfish.Logout AND Redfish.Login AND |
| 291 | ... AND Redfish.Delete /redfish/v1/AccountService/Accounts/test_user |
| 292 | ... AND SSHLibrary.Close All Connections |
| 293 | |
| 294 | Redfish Create User test_user TestPwd123 Administrator ${True} |
| 295 | |
| 296 | ${payload}= Create Dictionary |
| 297 | ... AccountLockoutThreshold=${account_lockout_threshold} |
| 298 | ... AccountLockoutDuration=${account_lockout_duration} |
| 299 | Redfish.Patch ${REDFISH_ACCOUNTS_SERVICE_URI} body=${payload} |
| 300 | |
| 301 | Redfish.Logout |
| 302 | |
| 303 | # Make ${account_lockout_threshold} failed login attempts. |
| 304 | Repeat Keyword ${account_lockout_threshold} times |
| 305 | ... Run Keyword And Expect Error InvalidCredentialsError* |
| 306 | ... Redfish.Login test_user abc123 |
| 307 | |
| 308 | # Ensure SSH Login with locked account gets failed |
| 309 | SSHLibrary.Open Connection ${OPENBMC_HOST} |
| 310 | Run Keyword And Expect Error Authentication failed* |
| 311 | ... SSHLibrary.Login test_user TestPwd123 |
| 312 | |
| 313 | # Verify that legitimate login fails due to lockout. |
| 314 | Run Keyword And Expect Error InvalidCredentialsError* |
| 315 | ... Redfish.Login test_user TestPwd123 |
| 316 | |
| 317 | ${payload}= Create Dictionary Locked=${FALSE} |
| 318 | |
| 319 | # Manually unlock the account before lockout threshold expires |
| 320 | Redfish.Login |
| 321 | Redfish.Patch ${REDFISH_ACCOUNTS_URI}test_user body=${payload} |
| 322 | Redfish.Logout |
| 323 | |
| 324 | # Try redfish login with the recently unlocked account |
| 325 | Redfish.Login test_user TestPwd123 |
| 326 | |
| 327 | # Try SSH login with the unlocked account |
| 328 | SSHLibrary.Open Connection ${OPENBMC_HOST} |
| 329 | SSHLibrary.Login test_user TestPwd123 |
| 330 | |
| 331 | |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 332 | Verify Admin User Privilege |
| 333 | [Documentation] Verify admin user privilege. |
| 334 | [Tags] Verify_Admin_User_Privilege |
| 335 | |
| 336 | Redfish Create User admin_user TestPwd123 Administrator ${True} |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 337 | Redfish Create User readonly_user TestPwd123 ReadOnly ${True} |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 338 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 339 | Redfish.Logout |
| 340 | |
Rahul Maheshwari | 3bc0864 | 2022-08-23 12:49:48 -0500 | [diff] [blame] | 341 | Redfish.Login admin_user TestPwd123 |
| 342 | |
| 343 | # Change password of 'readonly' user with admin user. |
| 344 | Redfish.Patch /redfish/v1/AccountService/Accounts/readonly_user body={'Password': 'NewTestPwd123'} |
| 345 | |
| 346 | # Verify modified user. |
| 347 | Redfish Verify User readonly_user NewTestPwd123 ReadOnly ${True} |
| 348 | |
| 349 | # Note: Delete user would work here because a root login is |
| 350 | # performed as part of "Redfish Verify User" keyword's teardown. |
| 351 | Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user |
| 352 | Redfish.Delete /redfish/v1/AccountService/Accounts/readonly_user |
| 353 | |
| 354 | |
| 355 | Verify Operator User Role Change Using Admin Privilege User |
| 356 | [Documentation] Verify operator user role change using admin privilege user |
| 357 | [Tags] Verify_Operator_User_Role_Change_Using_Admin_Privilege_User |
| 358 | |
| 359 | Redfish Create User admin_user TestPwd123 Administrator ${True} |
| 360 | Redfish Create User operator_user TestPwd123 Operator ${True} |
| 361 | |
| 362 | Redfish.Logout |
| 363 | |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 364 | # Change role ID of operator user with admin user. |
| 365 | # Login with admin user. |
| 366 | Redfish.Login admin_user TestPwd123 |
| 367 | |
| 368 | # Modify Role ID of Operator user. |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 369 | Redfish.Patch /redfish/v1/AccountService/Accounts/operator_user body={'RoleId': 'Administrator'} |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 370 | |
| 371 | # Verify modified user. |
| 372 | Redfish Verify User operator_user TestPwd123 Administrator ${True} |
| 373 | |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 374 | Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user |
| 375 | Redfish.Delete /redfish/v1/AccountService/Accounts/operator_user |
Rahul Maheshwari | 3bc0864 | 2022-08-23 12:49:48 -0500 | [diff] [blame] | 376 | |
Sandhya Somashekar | 7a23747 | 2019-07-15 02:06:39 -0500 | [diff] [blame] | 377 | |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 378 | Verify Operator User Privilege |
| 379 | [Documentation] Verify operator user privilege. |
George Keishing | 5236ec5 | 2022-01-31 12:07:58 -0600 | [diff] [blame] | 380 | [Tags] Verify_Operator_User_Privilege |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 381 | |
| 382 | Redfish Create User admin_user TestPwd123 Administrator ${True} |
| 383 | Redfish Create User operator_user TestPwd123 Operator ${True} |
| 384 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 385 | Redfish.Logout |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 386 | # Login with operator user. |
| 387 | Redfish.Login operator_user TestPwd123 |
| 388 | |
George Keishing | 093c1bd | 2020-02-10 09:47:34 -0600 | [diff] [blame] | 389 | # Verify BMC reset. |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 390 | Run Keyword And Expect Error ValueError* Redfish BMC Reset Operation |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 391 | |
| 392 | # Attempt to change password of admin user with operator user. |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 393 | Redfish.Patch /redfish/v1/AccountService/Accounts/admin_user body={'Password': 'NewTestPwd123'} |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 394 | ... valid_status_codes=[${HTTP_FORBIDDEN}] |
| 395 | |
| 396 | Redfish.Logout |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 397 | |
Sandhya Somashekar | 7a23747 | 2019-07-15 02:06:39 -0500 | [diff] [blame] | 398 | Redfish.Login |
| 399 | |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 400 | Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user |
| 401 | Redfish.Delete /redfish/v1/AccountService/Accounts/operator_user |
Sandhya Somashekar | 7a23747 | 2019-07-15 02:06:39 -0500 | [diff] [blame] | 402 | |
| 403 | |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 404 | Verify ReadOnly User Privilege |
| 405 | [Documentation] Verify ReadOnly user privilege. |
| 406 | [Tags] Verify_ReadOnly_User_Privilege |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 407 | |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 408 | Redfish Create User readonly_user TestPwd123 ReadOnly ${True} |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 409 | Redfish.Logout |
| 410 | |
| 411 | # Login with read_only user. |
| 412 | Redfish.Login readonly_user TestPwd123 |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 413 | |
| 414 | # Read system level data. |
| 415 | ${system_model}= Redfish_Utils.Get Attribute |
| 416 | ... ${SYSTEM_BASE_URI} Model |
| 417 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 418 | Redfish.Logout |
Sandhya Somashekar | 7a23747 | 2019-07-15 02:06:39 -0500 | [diff] [blame] | 419 | Redfish.Login |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 420 | Redfish.Delete ${REDFISH_ACCOUNTS_URI}readonly_user |
Sandhya Somashekar | 7a23747 | 2019-07-15 02:06:39 -0500 | [diff] [blame] | 421 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 422 | |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 423 | Verify Minimum Password Length For Redfish User |
| 424 | [Documentation] Verify minimum password length for new and existing user. |
| 425 | [Tags] Verify_Minimum_Password_Length_For_Redfish_User |
| 426 | |
| 427 | ${user_name}= Set Variable testUser |
| 428 | |
| 429 | # Make sure the user account in question does not already exist. |
| 430 | Redfish.Delete /redfish/v1/AccountService/Accounts/${user_name} |
| 431 | ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}] |
| 432 | |
| 433 | # Try to create a user with invalid length password. |
| 434 | ${payload}= Create Dictionary |
| 435 | ... UserName=${user_name} Password=UserPwd RoleId=Administrator Enabled=${True} |
| 436 | Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload} |
| 437 | ... valid_status_codes=[${HTTP_BAD_REQUEST}] |
| 438 | |
| 439 | # Create specified user with valid length password. |
| 440 | Set To Dictionary ${payload} Password UserPwd1 |
| 441 | Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload} |
| 442 | ... valid_status_codes=[${HTTP_CREATED}] |
| 443 | |
| 444 | # Try to change to an invalid password. |
| 445 | Redfish.Patch /redfish/v1/AccountService/Accounts/${user_name} body={'Password': 'UserPwd'} |
| 446 | ... valid_status_codes=[${HTTP_BAD_REQUEST}] |
| 447 | |
| 448 | # Change to a valid password. |
| 449 | Redfish.Patch /redfish/v1/AccountService/Accounts/${user_name} body={'Password': 'UserPwd1'} |
| 450 | |
| 451 | # Verify login. |
| 452 | Redfish.Logout |
| 453 | Redfish.Login ${user_name} UserPwd1 |
| 454 | Redfish.Logout |
| 455 | Redfish.Login |
| 456 | Redfish.Delete /redfish/v1/AccountService/Accounts/${user_name} |
| 457 | |
| 458 | |
Tony Lee | 94335f4 | 2021-02-04 15:16:39 +0800 | [diff] [blame] | 459 | Verify Standard User Roles Defined By Redfish |
| 460 | [Documentation] Verify standard user roles defined by Redfish. |
| 461 | [Tags] Verify_Standard_User_Roles_Defined_By_Redfish |
| 462 | |
| 463 | ${member_list}= Redfish_Utils.Get Member List |
| 464 | ... /redfish/v1/AccountService/Roles |
| 465 | |
| 466 | @{roles}= Create List |
| 467 | ... /redfish/v1/AccountService/Roles/Administrator |
| 468 | ... /redfish/v1/AccountService/Roles/Operator |
| 469 | ... /redfish/v1/AccountService/Roles/ReadOnly |
| 470 | |
| 471 | List Should Contain Sub List ${member_list} ${roles} |
| 472 | |
| 473 | # The standard roles are: |
| 474 | |
| 475 | # | Role name | Assigned privileges | |
| 476 | # | Administrator | Login, ConfigureManager, ConfigureUsers, ConfigureComponents, ConfigureSelf | |
| 477 | # | Operator | Login, ConfigureComponents, ConfigureSelf | |
| 478 | # | ReadOnly | Login, ConfigureSelf | |
| 479 | |
| 480 | @{admin}= Create List Login ConfigureManager ConfigureUsers ConfigureComponents ConfigureSelf |
| 481 | @{operator}= Create List Login ConfigureComponents ConfigureSelf |
| 482 | @{readOnly}= Create List Login ConfigureSelf |
| 483 | |
| 484 | ${roles_dict}= create dictionary admin_privileges=${admin} operator_privileges=${operator} |
| 485 | ... readOnly_privileges=${readOnly} |
| 486 | |
| 487 | ${resp}= redfish.Get /redfish/v1/AccountService/Roles/Administrator |
| 488 | List Should Contain Sub List ${resp.dict['AssignedPrivileges']} ${roles_dict['admin_privileges']} |
| 489 | |
| 490 | ${resp}= redfish.Get /redfish/v1/AccountService/Roles/Operator |
| 491 | List Should Contain Sub List ${resp.dict['AssignedPrivileges']} ${roles_dict['operator_privileges']} |
| 492 | |
| 493 | ${resp}= redfish.Get /redfish/v1/AccountService/Roles/ReadOnly |
| 494 | List Should Contain Sub List ${resp.dict['AssignedPrivileges']} ${roles_dict['readOnly_privileges']} |
| 495 | |
| 496 | |
manashsarma | 4910aa2 | 2021-07-26 09:12:36 -0500 | [diff] [blame] | 497 | Verify Error While Deleting Root User |
| 498 | [Documentation] Verify error while deleting root user. |
| 499 | [Tags] Verify_Error_While_Deleting_Root_User |
| 500 | |
| 501 | Redfish.Delete /redfish/v1/AccountService/Accounts/root valid_status_codes=[${HTTP_FORBIDDEN}] |
| 502 | |
| 503 | |
manashsarma | 654cbc1 | 2021-09-23 02:28:12 -0500 | [diff] [blame] | 504 | Verify SSH Login Access With Admin User |
| 505 | [Documentation] Verify that admin user does not have SSH login access. |
| 506 | [Tags] Verify_SSH_Login_Access_With_Admin_User |
| 507 | |
| 508 | # Create an admin User. |
| 509 | Redfish Create User new_admin TestPwd1 Administrator ${True} |
| 510 | |
| 511 | # Attempt SSH login with admin user. |
| 512 | SSHLibrary.Open Connection ${OPENBMC_HOST} |
| 513 | ${status}= Run Keyword And Return Status SSHLibrary.Login new_admin TestPwd1 |
| 514 | Should Be Equal ${status} ${False} |
| 515 | |
George Keishing | e8015b3 | 2022-09-19 09:38:47 -0500 | [diff] [blame] | 516 | Redfish.Login |
| 517 | Redfish.Delete /redfish/v1/AccountService/Accounts/new_admin |
| 518 | |
manashsarma | 654cbc1 | 2021-09-23 02:28:12 -0500 | [diff] [blame] | 519 | |
aravinth0510 | 746884b | 2022-09-29 16:04:07 +0000 | [diff] [blame^] | 520 | Verify Configure BasicAuth Enable And Disable |
| 521 | [Documentation] Verify configure basicauth enable and disable |
| 522 | [Tags] Verify_Configure_BasicAuth_Enable_And_Disable |
| 523 | [Template] Template For Configure Auth Methods |
| 524 | |
| 525 | # auth_method |
| 526 | BasicAuth |
| 527 | XToken |
| 528 | |
Sivas SRR | 6aa101f | 2019-02-19 22:31:55 -0600 | [diff] [blame] | 529 | *** Keywords *** |
| 530 | |
Sivas SRR | 6aa101f | 2019-02-19 22:31:55 -0600 | [diff] [blame] | 531 | Test Teardown Execution |
| 532 | [Documentation] Do the post test teardown. |
| 533 | |
Anusha Dathatri | db76970 | 2020-02-12 01:02:30 -0600 | [diff] [blame] | 534 | Run Keyword And Ignore Error Redfish.Logout |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 535 | FFDC On Test Case Fail |
| 536 | |
Sandhya Somashekar | 00f59cc | 2019-03-05 03:39:47 -0600 | [diff] [blame] | 537 | |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 538 | Redfish Create User |
| 539 | [Documentation] Redfish create user. |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 540 | [Arguments] ${username} ${password} ${role_id} ${enabled} ${login_check}=${True} |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 541 | |
| 542 | # Description of argument(s): |
| 543 | # username The username to be created. |
| 544 | # password The password to be assigned. |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 545 | # role_id The role ID of the user to be created |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 546 | # (e.g. "Administrator", "Operator", etc.). |
| 547 | # enabled Indicates whether the username being created |
| 548 | # should be enabled (${True}, ${False}). |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 549 | # login_check Checks user login for created user. |
| 550 | # (e.g. ${True}, ${False}). |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 551 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 552 | # Make sure the user account in question does not already exist. |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 553 | Redfish.Delete /redfish/v1/AccountService/Accounts/${userName} |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 554 | ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}] |
| 555 | |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 556 | # Create specified user. |
| 557 | ${payload}= Create Dictionary |
| 558 | ... UserName=${username} Password=${password} RoleId=${role_id} Enabled=${enabled} |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 559 | Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload} |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 560 | ... valid_status_codes=[${HTTP_CREATED}] |
| 561 | |
Rahul Maheshwari | 9928b1d | 2021-07-19 04:59:55 -0500 | [diff] [blame] | 562 | # Resetting faillock count as a workaround for issue |
Anusha Dathatri | f7268b5 | 2020-02-19 01:03:49 -0600 | [diff] [blame] | 563 | # openbmc/phosphor-user-manager#4 |
nagarjunb22 | 61267e9 | 2022-03-30 21:04:16 +0530 | [diff] [blame] | 564 | ${cmd}= Catenate test -f /usr/sbin/faillock && /usr/sbin/faillock --user USER --reset |
| 565 | ... || /usr/sbin/pam_tally2 -u ${username} --reset |
Anusha Dathatri | f7268b5 | 2020-02-19 01:03:49 -0600 | [diff] [blame] | 566 | Bmc Execute Command ${cmd} |
| 567 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 568 | # Verify login with created user. |
| 569 | ${status}= Run Keyword If '${login_check}' == '${True}' |
| 570 | ... Verify Redfish User Login ${username} ${password} |
| 571 | Run Keyword If '${login_check}' == '${True}' Should Be Equal ${status} ${enabled} |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 572 | |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 573 | # Validate Role ID of created user. |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 574 | ${role_config}= Redfish_Utils.Get Attribute |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 575 | ... /redfish/v1/AccountService/Accounts/${username} RoleId |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 576 | Should Be Equal ${role_id} ${role_config} |
| 577 | |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 578 | |
| 579 | Redfish Verify User |
| 580 | [Documentation] Redfish user verification. |
| 581 | [Arguments] ${username} ${password} ${role_id} ${enabled} |
| 582 | |
| 583 | # Description of argument(s): |
| 584 | # username The username to be created. |
| 585 | # password The password to be assigned. |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 586 | # role_id The role ID of the user to be created |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 587 | # (e.g. "Administrator", "Operator", etc.). |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 588 | # enabled Indicates whether the username being created |
| 589 | # should be enabled (${True}, ${False}). |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 590 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 591 | ${status}= Verify Redfish User Login ${username} ${password} |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 592 | # Doing a check of the returned status. |
| 593 | Should Be Equal ${status} ${enabled} |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 594 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 595 | # Validate Role Id of user. |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 596 | ${role_config}= Redfish_Utils.Get Attribute |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 597 | ... /redfish/v1/AccountService/Accounts/${username} RoleId |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 598 | Should Be Equal ${role_id} ${role_config} |
| 599 | |
| 600 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 601 | Verify Redfish User Login |
| 602 | [Documentation] Verify Redfish login with given user id. |
| 603 | [Teardown] Run Keywords Run Keyword And Ignore Error Redfish.Logout AND Redfish.Login |
| 604 | [Arguments] ${username} ${password} |
| 605 | |
| 606 | # Description of argument(s): |
| 607 | # username Login username. |
| 608 | # password Login password. |
| 609 | |
| 610 | # Logout from current Redfish session. |
George Keishing | 1cf2a42 | 2021-02-02 22:59:29 -0600 | [diff] [blame] | 611 | # We don't really care if the current session is flushed out since we are going to login |
| 612 | # with new credential in next. |
| 613 | Run Keyword And Ignore Error Redfish.Logout |
| 614 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 615 | ${status}= Run Keyword And Return Status Redfish.Login ${username} ${password} |
| 616 | [Return] ${status} |
| 617 | |
| 618 | |
Sandhya Somashekar | 00f59cc | 2019-03-05 03:39:47 -0600 | [diff] [blame] | 619 | Redfish Create And Verify User |
| 620 | [Documentation] Redfish create and verify user. |
| 621 | [Arguments] ${username} ${password} ${role_id} ${enabled} |
| 622 | |
| 623 | # Description of argument(s): |
Sandhya Somashekar | 33aa48c | 2019-03-13 05:54:49 -0500 | [diff] [blame] | 624 | # username The username to be created. |
| 625 | # password The password to be assigned. |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 626 | # role_id The role ID of the user to be created |
Sandhya Somashekar | af402ca | 2019-03-18 05:59:19 -0500 | [diff] [blame] | 627 | # (e.g. "Administrator", "Operator", etc.). |
| 628 | # enabled Indicates whether the username being created |
| 629 | # should be enabled (${True}, ${False}). |
Sandhya Somashekar | 00f59cc | 2019-03-05 03:39:47 -0600 | [diff] [blame] | 630 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 631 | # Example: |
| 632 | #{ |
| 633 | #"@odata.context": "/redfish/v1/$metadata#ManagerAccount.ManagerAccount", |
| 634 | #"@odata.id": "/redfish/v1/AccountService/Accounts/test1", |
| 635 | #"@odata.type": "#ManagerAccount.v1_0_3.ManagerAccount", |
| 636 | #"Description": "User Account", |
| 637 | #"Enabled": true, |
| 638 | #"Id": "test1", |
| 639 | #"Links": { |
| 640 | # "Role": { |
| 641 | # "@odata.id": "/redfish/v1/AccountService/Roles/Administrator" |
| 642 | # } |
| 643 | #}, |
| 644 | |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 645 | Redfish Create User ${username} ${password} ${role_id} ${enabled} |
Sandhya Somashekar | 00f59cc | 2019-03-05 03:39:47 -0600 | [diff] [blame] | 646 | |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 647 | Redfish Verify User ${username} ${password} ${role_id} ${enabled} |
Sandhya Somashekar | 00f59cc | 2019-03-05 03:39:47 -0600 | [diff] [blame] | 648 | |
| 649 | # Delete Specified User |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 650 | Redfish.Delete /redfish/v1/AccountService/Accounts/${username} |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 651 | |
Sandhya Somashekar | 33aa48c | 2019-03-13 05:54:49 -0500 | [diff] [blame] | 652 | Verify Redfish User with Wrong Password |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 653 | [Documentation] Verify Redfish User with Wrong Password. |
Sandhya Somashekar | 33aa48c | 2019-03-13 05:54:49 -0500 | [diff] [blame] | 654 | [Arguments] ${username} ${password} ${role_id} ${enabled} ${wrong_password} |
| 655 | |
| 656 | # Description of argument(s): |
| 657 | # username The username to be created. |
| 658 | # password The password to be assigned. |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 659 | # role_id The role ID of the user to be created |
Sandhya Somashekar | af402ca | 2019-03-18 05:59:19 -0500 | [diff] [blame] | 660 | # (e.g. "Administrator", "Operator", etc.). |
| 661 | # enabled Indicates whether the username being created |
| 662 | # should be enabled (${True}, ${False}). |
Sandhya Somashekar | 33aa48c | 2019-03-13 05:54:49 -0500 | [diff] [blame] | 663 | # wrong_password Any invalid password. |
| 664 | |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 665 | Redfish Create User ${username} ${password} ${role_id} ${enabled} |
Sandhya Somashekar | 33aa48c | 2019-03-13 05:54:49 -0500 | [diff] [blame] | 666 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 667 | Redfish.Logout |
| 668 | |
Sandhya Somashekar | 33aa48c | 2019-03-13 05:54:49 -0500 | [diff] [blame] | 669 | # Attempt to login with created user with invalid password. |
| 670 | Run Keyword And Expect Error InvalidCredentialsError* |
| 671 | ... Redfish.Login ${username} ${wrong_password} |
| 672 | |
| 673 | Redfish.Login |
| 674 | |
| 675 | # Delete newly created user. |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 676 | Redfish.Delete /redfish/v1/AccountService/Accounts/${username} |
Sandhya Somashekar | 33aa48c | 2019-03-13 05:54:49 -0500 | [diff] [blame] | 677 | |
| 678 | |
Sandhya Somashekar | af402ca | 2019-03-18 05:59:19 -0500 | [diff] [blame] | 679 | Verify Login with Deleted Redfish User |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 680 | [Documentation] Verify Login with Deleted Redfish User. |
Sandhya Somashekar | af402ca | 2019-03-18 05:59:19 -0500 | [diff] [blame] | 681 | [Arguments] ${username} ${password} ${role_id} ${enabled} |
| 682 | |
| 683 | # Description of argument(s): |
| 684 | # username The username to be created. |
| 685 | # password The password to be assigned. |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 686 | # role_id The role ID of the user to be created |
Sandhya Somashekar | af402ca | 2019-03-18 05:59:19 -0500 | [diff] [blame] | 687 | # (e.g. "Administrator", "Operator", etc.). |
| 688 | # enabled Indicates whether the username being created |
| 689 | # should be enabled (${True}, ${False}). |
| 690 | |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 691 | Redfish Create User ${username} ${password} ${role_id} ${enabled} |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 692 | |
| 693 | # Delete newly created user. |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 694 | Redfish.Delete /redfish/v1/AccountService/Accounts/${userName} |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 695 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 696 | Redfish.Logout |
| 697 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 698 | # Attempt to login with deleted user account. |
| 699 | Run Keyword And Expect Error InvalidCredentialsError* |
| 700 | ... Redfish.Login ${username} ${password} |
| 701 | |
| 702 | Redfish.Login |
| 703 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 704 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 705 | Verify Create User Without Enabling |
| 706 | [Documentation] Verify Create User Without Enabling. |
| 707 | [Arguments] ${username} ${password} ${role_id} ${enabled} |
| 708 | |
| 709 | # Description of argument(s): |
| 710 | # username The username to be created. |
| 711 | # password The password to be assigned. |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 712 | # role_id The role ID of the user to be created |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 713 | # (e.g. "Administrator", "Operator", etc.). |
| 714 | # enabled Indicates whether the username being created |
| 715 | # should be enabled (${True}, ${False}). |
| 716 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 717 | Redfish Create User ${username} ${password} ${role_id} ${enabled} ${False} |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 718 | |
| 719 | Redfish.Logout |
| 720 | |
| 721 | # Login with created user. |
| 722 | Run Keyword And Expect Error InvalidCredentialsError* |
| 723 | ... Redfish.Login ${username} ${password} |
| 724 | |
| 725 | Redfish.Login |
Sandhya Somashekar | af402ca | 2019-03-18 05:59:19 -0500 | [diff] [blame] | 726 | |
| 727 | # Delete newly created user. |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 728 | Redfish.Delete /redfish/v1/AccountService/Accounts/${username} |
George Keishing | 07fb41f | 2020-06-16 08:09:19 -0500 | [diff] [blame] | 729 | |
aravinth0510 | 746884b | 2022-09-29 16:04:07 +0000 | [diff] [blame^] | 730 | Template For Configure Auth Methods |
| 731 | [Documentation] Template to configure auth methods. |
| 732 | [Arguments] ${auth_method} |
| 733 | [Teardown] Configure AuthMethods ${auth_method}=${initial_value} |
| 734 | |
| 735 | # Description of Argument(s): |
| 736 | # authmethods The authmethod setting which needs to be |
| 737 | # set in account service URI. |
| 738 | # valid values BasicAuth, XToken. |
| 739 | |
| 740 | Get AuthMethods Default Values ${auth_method} |
| 741 | |
| 742 | # Patch basicauth to TRUE |
| 743 | Configure AuthMethods ${auth_method}=${TRUE} |
| 744 | |
| 745 | Run Keyword IF "${auth_method}" == "XToken" |
| 746 | ... Check XToken Works Fine ${HTTP_OK} |
| 747 | ... ELSE |
| 748 | ... Check BasicAuth Works Fine ${HTTP_OK} |
| 749 | |
| 750 | # Patch basicauth to FALSE |
| 751 | Configure AuthMethods ${auth_method}=${FALSE} |
| 752 | |
| 753 | Run Keyword IF "${auth_method}" == "BasicAuth" |
| 754 | ... Check BasicAuth Works Fine ${HTTP_UNAUTHORIZED} |
| 755 | ... ELSE |
| 756 | ... Check XToken Works Fine ${HTTP_UNAUTHORIZED} |
| 757 | |
| 758 | Configure AuthMethods |
| 759 | [Documentation] Enable/disable authmethod types. |
| 760 | [Arguments] &{authmethods} |
| 761 | |
| 762 | # Description of argument(s): |
| 763 | # authmethods The authmethod setting which needs to be |
| 764 | # set in account service URI. |
| 765 | # Usage Example Configure AuthMethods XToken=${TRUE} BasicAuth=${TRUE} |
| 766 | # This will set the value of "XToken" and "BasicAuth" |
| 767 | # property in accountservice uri to TRUE. |
| 768 | |
| 769 | ${openbmc}= Create Dictionary AuthMethods=${authmethods} |
| 770 | ${oem}= Create Dictionary OpenBMC=${openbmc} |
| 771 | ${payload}= Create Dictionary Oem=${oem} |
| 772 | |
| 773 | # Setting authmethod properties using Redfish session based auth |
| 774 | ${status}= Run Keyword And Return Status |
| 775 | ... Redfish.Patch ${REDFISH_BASE_URI}AccountService |
| 776 | ... body=${payload} valid_status_codes=[${HTTP_OK},${HTTP_NO_CONTENT}] |
| 777 | |
| 778 | # Setting authmethod properties using basic auth incase the former fails |
| 779 | IF ${status}==${FALSE} |
| 780 | # Payload dictionary pre-process to match json formatting |
| 781 | ${payload}= Convert To String ${payload} |
| 782 | ${payload}= Replace String ${payload} ' " |
| 783 | ${payload}= Replace String ${payload} False false |
| 784 | ${payload}= Replace String ${payload} True true |
| 785 | |
| 786 | # Curl Command Framing for PATCH authmethod |
| 787 | ${cmd}= Catenate curl -k -i -u ${OPENBMC_USERNAME}:${OPENBMC_PASSWORD} |
| 788 | ... -X PATCH '${AUTH_URI}${REDFISH_ACCOUNTS_SERVICE_URI}' |
| 789 | ... -H 'content-type:application/json' -H 'If-Match:*' |
| 790 | ... -d '${payload}' |
| 791 | ${rc} ${out}= Run And Return Rc And Output ${cmd} |
| 792 | |
| 793 | # Check the response of curl command is 200 or 204 |
| 794 | ${check_no_content}= |
| 795 | ... Run Keyword and Return Status Should Contain ${out} 204 |
| 796 | ${check_ok}= |
| 797 | ... Run Keyword and Return Status Should Contain ${out} 200 |
| 798 | Pass Execution If ${check_no_content}==${TRUE} |
| 799 | ... OR ${check_ok}==${TRUE} |
| 800 | END |
| 801 | |
| 802 | |
| 803 | Get AuthMethods Default Values |
| 804 | [Documentation] Get enabled/disabled status of all authmethods |
| 805 | ... from Redfish account service URI |
| 806 | [Arguments] ${authmethod} |
| 807 | |
| 808 | # Description of argument(s): |
| 809 | # authmethod The authmethod property whose value needs to be |
| 810 | # retrieved from account service URI. |
| 811 | # Usage Example Get AuthMethods Default Values BasicAuth |
| 812 | # returns >> ${TRUE} |
| 813 | # Example: |
| 814 | # { |
| 815 | # "@odata.id": "/redfish/v1/AccountService", |
| 816 | # (...) |
| 817 | # "Oem": { |
| 818 | # "OpenBMC": { |
| 819 | # "AuthMethods": { |
| 820 | # "BasicAuth": true, |
| 821 | # "Cookie": true, |
| 822 | # "SessionToken": true, |
| 823 | # "TLS": true, |
| 824 | # "XToken": true |
| 825 | # } |
| 826 | # } |
| 827 | # } |
| 828 | # } |
| 829 | |
| 830 | ${resp}= Redfish.Get Attribute ${REDFISH_ACCOUNTS_SERVICE_URI} Oem |
| 831 | ${authmethods}= Set Variable ${resp['OpenBMC']['AuthMethods']} |
| 832 | ${initial_value}= Get From Dictionary ${authmethods} ${authmethod} |
| 833 | Set Test Variable ${initial_value} |
| 834 | |
| 835 | Check XToken Works Fine |
| 836 | [Documentation] Verify Xtoken works fine. |
| 837 | [Arguments] ${status_code} |
| 838 | |
| 839 | # Description of Argument(s): |
| 840 | # status_code : 200, 401. |
| 841 | |
| 842 | # Verify xtoken auth works for xtoken |
| 843 | Redfish.Get ${REDFISH_ACCOUNTS_SERVICE_URI} |
| 844 | ... valid_status_codes=[${status_code}] |
| 845 | |
| 846 | Check BasicAuth Works Fine |
| 847 | [Documentation] Verify Basic Auth works fine. |
| 848 | [Arguments] ${status_code} |
| 849 | |
| 850 | # Description of Argument(s): |
| 851 | # status_code : 200, 401. |
| 852 | |
| 853 | # Verify basic auth works based on basic auth. |
| 854 | ${cmd}= Catenate curl -k -i -u ${OPENBMC_USERNAME}:${OPENBMC_PASSWORD} |
| 855 | ... ${AUTH_URI}/redfish/v1/AccountService |
| 856 | ${rc} ${out}= Run And Return Rc And Output ${cmd} |
| 857 | |
| 858 | # Check the response of curl command is 200/401 |
| 859 | Should Contain ${out} ${status_code} |