blob: c6913abf5966d411a5168eb715e0f252a601e1c4 [file] [log] [blame]
manashsarma9ca0d372020-05-26 04:49:05 -05001*** Settings ***
2
3
4Documentation Suite to test local user management.
5
6Library OperatingSystem
7Library String
8Library Collections
9
10Resource ../../lib/resource.robot
11Resource ../../lib/bmc_redfish_resource.robot
12Resource ../../lib/openbmc_ffdc.robot
13Resource ../../lib/certificate_utils.robot
manashsarma579d8252020-05-28 08:10:51 -050014Resource ../../lib/dmtf_redfishtool_utils.robot
manashsarma9ca0d372020-05-26 04:49:05 -050015
16Suite Setup Suite Setup Execution
17
George Keishing54316852023-10-16 14:03:29 +053018Force Tags Redfishtool_Local_User
manashsarma9ca0d372020-05-26 04:49:05 -050019
20*** Variables ***
21
22${root_cmd_args} = SEPARATOR=
George Keishingd4ba2492022-01-10 08:27:34 -060023... redfishtool raw -r ${OPENBMC_HOST}:${HTTPS_PORT} -u ${OPENBMC_USERNAME} -p ${OPENBMC_PASSWORD} -S Always
manashsarma9ca0d372020-05-26 04:49:05 -050024
25
26*** Test Cases ***
27
manashsarma9ca0d372020-05-26 04:49:05 -050028Verify Redfishtool Create Users
29 [Documentation] Create user via Redfishtool and verify.
30 [Tags] Verify_Redfishtool_Create_Users
31 [Teardown] Redfishtool Delete User "UserT100"
32
manashsarma841ac3032022-08-24 01:28:22 -050033 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true
34 Redfishtool Verify User "UserT100" "ReadOnly"
manashsarma9ca0d372020-05-26 04:49:05 -050035
36
37Verify Redfishtool Modify Users
38 [Documentation] Modify user via Redfishtool and verify.
39 [Tags] Verify_Redfishtool_Modify_Users
40 [Teardown] Redfishtool Delete User "UserT100"
41
manashsarma841ac3032022-08-24 01:28:22 -050042 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true
manashsarma9ca0d372020-05-26 04:49:05 -050043 Redfishtool Update User Role "UserT100" "Administrator"
44 Redfishtool Verify User "UserT100" "Administrator"
45
46
47Verify Redfishtool Delete Users
48 [Documentation] Delete user via Redfishtool and verify.
49 [Tags] Verify_Redfishtool_Delete_Users
50
manashsarma841ac3032022-08-24 01:28:22 -050051 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true
manashsarma9ca0d372020-05-26 04:49:05 -050052 Redfishtool Delete User "UserT100"
53 ${status}= Redfishtool Verify User Name Exists "UserT100"
54 Should Be True ${status} == False
55
56
57Verify Redfishtool Login With Deleted Redfish Users
58 [Documentation] Verify login with deleted user via Redfishtool.
59 [Tags] Verify_Redfishtool_Login_With_Deleted_Redfish_Users
60
manashsarma841ac3032022-08-24 01:28:22 -050061 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true
manashsarma9ca0d372020-05-26 04:49:05 -050062 Redfishtool Delete User "UserT100"
63 Redfishtool Access Resource /redfish/v1/AccountService/Accounts "UserT100" "TestPwd123"
64 ... ${HTTP_UNAUTHORIZED}
65
66
67Verify Redfishtool Error Upon Creating Same Users With Different Privileges
68 [Documentation] Verify error upon creating same users with different privileges.
69 [Tags] Verify_Redfishtool_Error_Upon_Creating_Same_Users_With_Different_Privileges
70 [Teardown] Redfishtool Delete User "UserT100"
71
manashsarma841ac3032022-08-24 01:28:22 -050072 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true
manashsarma9ca0d372020-05-26 04:49:05 -050073 Redfishtool Create User "UserT100" "TestPwd123" "Administrator" true
74 ... expected_error=${HTTP_BAD_REQUEST}
75
76
77Verify Redfishtool Admin User Privilege
78 [Documentation] Verify privilege of admin user.
79 [Tags] Verify_Redfishtool_Admin_User_Privilege
80 [Teardown] Run Keywords Redfishtool Delete User "UserT100" AND
81 ... Redfishtool Delete User "UserT101"
82
83 Redfishtool Create User "UserT100" "TestPwd123" "Administrator" true
84
Gene Ratzlaffba7e33e2022-05-21 08:51:45 -040085 # Verify if a user can be added by admin
manashsarma841ac3032022-08-24 01:28:22 -050086 Redfishtool Create User "UserT101" "TestPwd123" "ReadOnly" true "UserT100" "TestPwd123"
manashsarma9ca0d372020-05-26 04:49:05 -050087
88
89Verify Redfishtool ReadOnly User Privilege
90 [Documentation] Verify Redfishtool ReadOnly user privilege works.
91 [Tags] Verify_Redfishtool_ReadOnly_User_Privilege
92 [Teardown] Redfishtool Delete User "UserT100"
93
94 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true
95 Redfishtool Access Resource /redfish/v1/Systems/ "UserT100" "TestPwd123"
96
97 Redfishtool Create User
98 ... "UserT101" "TestPwd123" "Operator" true "UserT100" "TestPwd123" ${HTTP_FORBIDDEN}
99
100
manashsarma75e79832020-06-24 07:08:38 -0500101Verify Redfishtool Operator User Privilege
102 [Documentation] Verify that an operator user is able to perform operator privilege
103 ... task(e.g. create user, delete user).
104 [Tags] Verify_Redfishtool_Operator_User_Privilege
105 [Teardown] Redfishtool Delete User "UserT100"
106
107 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true
108 Redfishtool Access Resource /redfish/v1/Systems/ "UserT100" "TestPwd123"
109
110 Redfishtool Create User
111 ... "UserT101" "TestPwd123" "Operator" true "UserT100" "TestPwd123" ${HTTP_FORBIDDEN}
112
113
114Verify Error While Creating User With Invalid Role
115 [Documentation] Verify error while creating a user with invalid role using Redfishtool.
116 [Tags] Verify_Error_While_Creating_User_With_Invalid_Role
manashsarma26103d92020-12-08 00:46:28 -0600117 [Teardown] Redfishtool Delete User "UserT100" ${HTTP_NOT_FOUND}
manashsarma75e79832020-06-24 07:08:38 -0500118
119 Redfishtool Create User "UserT100" "TestPwd123" "wrongroleid" true expected_error=${HTTP_BAD_REQUEST}
120
121
George Keishing8d87d7b2023-11-08 09:31:07 +0530122Verify Minimum Password Length For Redfish User Using Redfishtool
manashsarma75e79832020-06-24 07:08:38 -0500123 [Documentation] Verify minimum password length of eight characters for new and existing user.
George Keishing8d87d7b2023-11-08 09:31:07 +0530124 [Tags] Verify_Minimum_Password_Length_For_Redfish_User_Using_Redfishtool
manashsarma75e79832020-06-24 07:08:38 -0500125 [Teardown] Redfishtool Delete User "UserT100"
126
manashsarma841ac3032022-08-24 01:28:22 -0500127 Redfishtool Create User "UserT100" "TestPwd" "ReadOnly" true expected_error=${HTTP_BAD_REQUEST}
128 Redfishtool Create User "UserT100" "TestPwd1" "ReadOnly" true
manashsarma75e79832020-06-24 07:08:38 -0500129
130
131Verify Create User Without Enabling
Gene Ratzlaffba7e33e2022-05-21 08:51:45 -0400132 [Documentation] Create a user without enabling it and verify that it does not have access.
133 [Tags] Verify_Create_User_Without_Enabling
manashsarma75e79832020-06-24 07:08:38 -0500134 [Teardown] Redfishtool Delete User "UserT100"
135
manashsarma841ac3032022-08-24 01:28:22 -0500136 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" false
manashsarma75e79832020-06-24 07:08:38 -0500137 Redfishtool Access Resource /redfish/v1/AccountService/Accounts "UserT100" "TestPwd123"
138 ... ${HTTP_UNAUTHORIZED}
139
manashsarmac0efe582020-06-15 09:51:48 -0500140
141Verify Error While Running Redfishtool With Incorrect Password
142 [Documentation] Verify error while running redfishtool with incorrect Password.
143 [Tags] Verify_Error_While_Running_Redfishtool_With_Incorrect_Password
144 [Teardown] Redfishtool Delete User "UserT100"
145
146 Redfishtool Create User "UserT100" "TestPwd123" "Administrator" true
147 Redfishtool Access Resource /redfish/v1/Systems/ "UserT100" "TestPwd234" ${HTTP_UNAUTHORIZED}
148
manashsarma9ca0d372020-05-26 04:49:05 -0500149*** Keywords ***
150
151
152Redfishtool Access Resource
153 [Documentation] Access resource.
manashsarma579d8252020-05-28 08:10:51 -0500154 [Arguments] ${uri} ${login_user} ${login_pasword} ${expected_error}=200
manashsarma9ca0d372020-05-26 04:49:05 -0500155
156 # Description of argument(s):
157 # uri URI for resource access.
158 # login_user The login user name used other than default root user.
159 # login_pasword The login password.
160 # expected_error Expected error optionally provided in testcase (e.g. 401 /
161 # authentication error, etc. )
162
163 ${user_cmd_args}= Set Variable
164 ... redfishtool raw -r ${OPENBMC_HOST} -u ${login_user} -p ${login_pasword} -S Always
165 Redfishtool Get ${uri} ${user_cmd_args} ${expected_error}
166
167
manashsarma9ca0d372020-05-26 04:49:05 -0500168Redfishtool Create User
169 [Documentation] Create new user.
Gene Ratzlaffba7e33e2022-05-21 08:51:45 -0400170 [Arguments] ${user_name} ${password} ${roleId} ${enable} ${login_user}="" ${login_pasword}=""
manashsarma579d8252020-05-28 08:10:51 -0500171 ... ${expected_error}=200
manashsarma9ca0d372020-05-26 04:49:05 -0500172
173 # Description of argument(s):
174 # user_name The user name (e.g. "test", "robert", etc.).
175 # password The user password (e.g. "0penBmc", "0penBmc1", etc.).
Gene Ratzlaffba7e33e2022-05-21 08:51:45 -0400176 # roleId The role of user (e.g. "Administrator", "Operator", etc.).
manashsarma9ca0d372020-05-26 04:49:05 -0500177 # enable Enabled attribute of (e.g. true or false).
178 # expected_error Expected error optionally provided in testcase (e.g. 401 /
179 # authentication error, etc. )
180
181 ${user_cmd_args}= Set Variable
182 ... redfishtool raw -r ${OPENBMC_HOST} -u ${login_user} -p ${login_pasword} -S Always
183 ${data}= Set Variable
184 ... '{"UserName":${user_name},"Password":${password},"RoleId":${roleId},"Enabled":${enable}}'
185 Run Keyword If ${login_user} == ""
186 ... Redfishtool Post ${data} /redfish/v1/AccountService/Accounts ${root_cmd_args} ${expected_error}
187 ... ELSE
188 ... Redfishtool Post ${data} /redfish/v1/AccountService/Accounts ${user_cmd_args} ${expected_error}
189
190
191Redfishtool Update User Role
192 [Documentation] Update user role.
193 [Arguments] ${user_name} ${newRole} ${login_user}="" ${login_pasword}=""
manashsarma579d8252020-05-28 08:10:51 -0500194 ... ${expected_error}=200
manashsarma9ca0d372020-05-26 04:49:05 -0500195
196 # Description of argument(s):
197 # user_name The user name (e.g. "test", "robert", etc.).
198 # newRole The new role of user (e.g. "Administrator", "Operator", etc.).
199 # login_user The login user name used other than default root user.
200 # login_pasword The login password.
201 # expected_error Expected error optionally provided in testcase (e.g. 401 /
202 # authentication error, etc. )
203
204 ${user_cmd_args}= Set Variable
205 ... redfishtool raw -r ${OPENBMC_HOST} -u ${login_user} -p ${login_pasword} -S Always
206 Run Keyword If ${login_user} == ""
207 ... Redfishtool Patch '{"RoleId":${newRole}}'
208 ... /redfish/v1/AccountService/Accounts/${user_name} ${root_cmd_args} ${expected_error}
209 ... ELSE
210 ... Redfishtool Patch '{"RoleId":${newRole}}'
211 ... /redfish/v1/AccountService/Accounts/${user_name} ${user_cmd_args} ${expected_error}
212
213
214Redfishtool Delete User
Gene Ratzlaffba7e33e2022-05-21 08:51:45 -0400215 [Documentation] Delete a user.
manashsarma579d8252020-05-28 08:10:51 -0500216 [Arguments] ${user_name} ${expected_error}=200
manashsarma9ca0d372020-05-26 04:49:05 -0500217
218 # Description of argument(s):
219 # user_name The user name (e.g. "test", "robert", etc.).
220 # expected_error Expected error optionally provided in testcase (e.g. 401 /
221 # authentication error, etc. ).
222
223 Redfishtool Delete /redfish/v1/AccountService/Accounts/${user_name}
224 ... ${root_cmd_args} ${expected_error}
225
226
227Redfishtool Verify User
228 [Documentation] Verify role of the user.
229 [Arguments] ${user_name} ${role}
230
231 # Description of argument(s):
232 # user_name The user name (e.g. "test", "robert", etc.).
233 # role The new role of user (e.g. "Administrator", "Operator", etc.).
234
235 ${user_account}= Redfishtool Get /redfish/v1/AccountService/Accounts/${user_name}
236 ${json_obj}= Evaluate json.loads('''${user_account}''') json
237 Should Be equal "${json_obj["RoleId"]}" ${role}
238
239
240Redfishtool Verify User Name Exists
241 [Documentation] Verify user name exists.
242 [Arguments] ${user_name}
243
244 # Description of argument(s):
245 # user_name The user name (e.g. "test", "robert", etc.).
246
247 ${status}= Run Keyword And Return Status redfishtool Get
248 ... /redfish/v1/AccountService/Accounts/${user_name}
249
250 [return] ${status}
251
252
manashsarma9ca0d372020-05-26 04:49:05 -0500253Suite Setup Execution
254 [Documentation] Do suite setup execution.
255
256 ${tool_exist}= Run which redfishtool
257 Should Not Be Empty ${tool_exist}