| manashsarma | 148e36c | 2021-08-16 07:15:18 -0500 | [diff] [blame] | 1 | *** Settings *** |
| 2 | Documentation This suite is to test service user login functionality. |
| 3 | ... This test expects SERVICE_FILE_PATH, PRODUCTION_KEY_FILE_PATH and |
| 4 | ... SERVICE_USER_PASSWORD to be provided. |
| 5 | ... |
| 6 | ... Execution Method : |
| 7 | ... python -m robot -v OPENBMC_HOST:<hostname> -v SERVICE_FILE_PATH:<service file path> |
| 8 | ... -v PRODUCTION_KEY_FILE_PATH:<production key file path> |
| 9 | ... -v SERVICE_USER_PASSWORD:<service user password> |
| 10 | ... openpower/service_account/test_service_login.robot |
| 11 | |
| 12 | Resource ../../lib/connection_client.robot |
| 13 | Resource ../../lib/openbmc_ffdc.robot |
| 14 | Resource ../../lib/bmc_redfish_utils.robot |
| 15 | |
| 16 | Library SSHLibrary |
| 17 | |
| 18 | Suite Setup Suite Setup Execution |
| 19 | Test Teardown FFDC On Test Case Fail |
| 20 | |
| George Keishing | 7c32f30 | 2023-10-10 16:11:46 +0530 | [diff] [blame^] | 21 | Force Tags Service_Login |
| manashsarma | 148e36c | 2021-08-16 07:15:18 -0500 | [diff] [blame] | 22 | |
| 23 | *** Variables *** |
| 24 | |
| 25 | ${acf_dir} /etc/acf |
| 26 | |
| 27 | *** Test Cases *** |
| 28 | |
| 29 | Verify Service User Login With Valid ACF file |
| 30 | [Documentation] Verify service user login with valid ACF file. |
| 31 | [Tags] Verify_Service_User_Login_With_Valid_ACF_file |
| 32 | |
| 33 | Upload Valid ACF |
| 34 | Redfish.Login service ${SERVICE_USER_PASSWORD} |
| 35 | |
| 36 | |
| 37 | Verify Service User Login Without ACF file |
| 38 | [Documentation] Verify service user login without ACF file. |
| 39 | [Tags] Verify_Service_User_Login_Without_ACF_file |
| 40 | |
| 41 | Remove Existing ACF |
| 42 | Run Keyword And Expect Error InvalidCredentialsError* |
| 43 | ... Redfish.Login service ${SERVICE_USER_PASSWORD} |
| 44 | |
| 45 | |
| manashsarma | 3746be3 | 2021-11-10 06:32:31 -0600 | [diff] [blame] | 46 | Verify Service User SSH Login Without ACF file |
| 47 | [Documentation] Verify service user ssh login failure without ACF file. |
| 48 | [Tags] Verify_Service_User_SSH_Login_Without_ACF_file |
| 49 | |
| 50 | Remove Existing ACF |
| 51 | SSHLibrary.Open Connection ${OPENBMC_HOST} |
| 52 | ${status}= Run Keyword And Return Status SSHLibrary.Login service ${SERVICE_USER_PASSWORD} |
| 53 | Should Be Equal ${status} ${False} |
| 54 | |
| 55 | |
| manashsarma | e7b973f | 2021-08-20 06:49:32 -0500 | [diff] [blame] | 56 | Verify Service Login Failure With Expired ACF |
| 57 | [Documentation] Verify service user login failure with expired ACF. |
| 58 | [Tags] Verify_Service_Login_Failure_With_Expired_ACF |
| George Keishing | 405d537 | 2023-08-10 20:56:05 +0530 | [diff] [blame] | 59 | [Setup] Valid Value EXPIRED_SERVICE_FILE_PATH |
| manashsarma | e7b973f | 2021-08-20 06:49:32 -0500 | [diff] [blame] | 60 | |
| 61 | Remove Existing ACF |
| 62 | Open Connection for SCP |
| 63 | scp.Put File ${EXPIRED_SERVICE_FILE_PATH} ${acf_dir} |
| 64 | Run Keyword And Expect Error InvalidCredentialsError* |
| manashsarma | 75b58fe | 2021-08-20 09:01:32 -0500 | [diff] [blame] | 65 | ... Redfish.Login service ${SERVICE_USER_PASSWORD} |
| 66 | |
| 67 | |
| 68 | Verify Service Login Failure With Incorrect Password |
| 69 | [Documentation] Verify service login failure with incorrect password. |
| 70 | [Tags] Verify_Service_Login_Failure_With_Incorrect_Password |
| 71 | |
| 72 | Remove Existing ACF |
| 73 | Upload Valid ACF |
| 74 | ${incorrect_service_password} = Catenate SEPARATOR= ${SERVICE_USER_PASSWORD} 123 |
| 75 | Run Keyword And Expect Error InvalidCredentialsError* |
| 76 | ... Redfish.Login service ${incorrect_service_password} |
| manashsarma | e7b973f | 2021-08-20 06:49:32 -0500 | [diff] [blame] | 77 | |
| 78 | |
| manashsarma | 99eb108 | 2021-09-21 09:30:06 -0500 | [diff] [blame] | 79 | Verify SSH Login Access With Service User |
| 80 | [Documentation] Verify SSH login access with service user. |
| 81 | [Tags] Verify_SSH_Login_Access_With_Service_User |
| George Keishing | 405d537 | 2023-08-10 20:56:05 +0530 | [diff] [blame] | 82 | [Setup] Run keywords Remove Existing ACF AND Upload Valid ACF |
| manashsarma | 99eb108 | 2021-09-21 09:30:06 -0500 | [diff] [blame] | 83 | |
| 84 | # Attempt SSH login with service user. |
| 85 | SSHLibrary.Open Connection ${OPENBMC_HOST} |
| 86 | ${status}= Run Keyword And Return Status SSHLibrary.Login service ${SERVICE_USER_PASSWORD} |
| 87 | Should Be Equal ${status} ${True} |
| 88 | |
| 89 | |
| manashsarma | 9f0eff4 | 2021-09-22 09:12:41 -0500 | [diff] [blame] | 90 | Verify SSH Login Failure With Incorrect Service User Password |
| 91 | [Documentation] Verify SSH login failure with incorrect service user password. |
| 92 | [Tags] Verify_SSH_Login_Failure_With_Incorrect_Service_User_Password |
| George Keishing | 405d537 | 2023-08-10 20:56:05 +0530 | [diff] [blame] | 93 | [Setup] Run keywords Remove Existing ACF AND Upload Valid ACF |
| manashsarma | 9f0eff4 | 2021-09-22 09:12:41 -0500 | [diff] [blame] | 94 | |
| 95 | # Attempt SSH login with service user. |
| 96 | SSHLibrary.Open Connection ${OPENBMC_HOST} |
| 97 | # Attempt login with invalid password |
| 98 | ${status}= Run Keyword And Return Status SSHLibrary.Login service ${SERVICE_USER_PASSWORD}123 |
| 99 | Should Be Equal ${status} ${False} |
| 100 | |
| 101 | |
| manashsarma | 0f74c80 | 2021-11-10 04:37:02 -0600 | [diff] [blame] | 102 | Verify Service User Sets Admin Password |
| 103 | [Documentation] Verify that service user can update admin password. |
| 104 | [Tags] Verify_Service_User_Sets_Admin_Password |
| 105 | [Teardown] Restore Admin Password |
| 106 | |
| 107 | Redfish.Login service ${SERVICE_USER_PASSWORD} |
| 108 | |
| 109 | # Update admin user password using Redfish. |
| 110 | ${payload}= Create Dictionary Password=NewTestPwd123 |
| 111 | Redfish.Patch /redfish/v1/AccountService/Accounts/admin body=&{payload} |
| 112 | ... valid_status_codes=[${HTTP_OK}] |
| 113 | |
| manashsarma | 148e36c | 2021-08-16 07:15:18 -0500 | [diff] [blame] | 114 | *** Keywords *** |
| 115 | |
| 116 | Suite Setup Execution |
| 117 | [Documentation] Do suite setup tasks. |
| 118 | |
| 119 | # Upload production key in BMC because it is not part of OpenBMC build yet. |
| manashsarma | e7b973f | 2021-08-20 06:49:32 -0500 | [diff] [blame] | 120 | Open Connection for SCP |
| manashsarma | 148e36c | 2021-08-16 07:15:18 -0500 | [diff] [blame] | 121 | scp.Put File ${PRODUCTION_KEY_FILE_PATH} ${acf_dir} |
| 122 | |
| 123 | |
| 124 | Remove Existing ACF |
| 125 | [Documentation] Remove existing ACF. |
| 126 | |
| 127 | BMC Execute Command rm -f ${acf_dir}/*.acf |
| 128 | |
| manashsarma | 148e36c | 2021-08-16 07:15:18 -0500 | [diff] [blame] | 129 | Upload Valid ACF |
| 130 | [Documentation] Upload valid ACF. |
| 131 | |
| 132 | Run Keywords Open Connection for SCP |
| 133 | scp.Put File ${SERVICE_FILE_PATH} ${acf_dir} |
| manashsarma | 0f74c80 | 2021-11-10 04:37:02 -0600 | [diff] [blame] | 134 | |
| 135 | |
| 136 | Restore Admin Password |
| 137 | [Documentation] Restore original password of admin user. |
| 138 | |
| 139 | ${payload}= Create Dictionary Password=${OPENBMC_ADMIN_PASSWORD} |
| 140 | Redfish.Patch /redfish/v1/AccountService/Accounts/admin body=&{payload} |
| 141 | ... valid_status_codes=[${HTTP_OK}] |