Sivas SRR | 6aa101f | 2019-02-19 22:31:55 -0600 | [diff] [blame] | 1 | *** Settings *** |
| 2 | Documentation Test Redfish user account. |
| 3 | |
| 4 | Resource ../../lib/resource.robot |
| 5 | Resource ../../lib/bmc_redfish_resource.robot |
| 6 | Resource ../../lib/openbmc_ffdc.robot |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 7 | Resource ../../lib/bmc_redfish_utils.robot |
Sivas SRR | 6aa101f | 2019-02-19 22:31:55 -0600 | [diff] [blame] | 8 | |
manashsarma | 654cbc1 | 2021-09-23 02:28:12 -0500 | [diff] [blame] | 9 | Library SSHLibrary |
| 10 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 11 | Test Setup Redfish.Login |
Sivas SRR | 6aa101f | 2019-02-19 22:31:55 -0600 | [diff] [blame] | 12 | Test Teardown Test Teardown Execution |
| 13 | |
Sandhya Somashekar | 37122b6 | 2019-06-18 06:02:02 -0500 | [diff] [blame] | 14 | *** Variables *** |
| 15 | |
| 16 | ${account_lockout_duration} ${30} |
| 17 | ${account_lockout_threshold} ${3} |
| 18 | |
George Keishing | f8e1819 | 2023-07-05 14:26:27 +0530 | [diff] [blame] | 19 | ${ssh_status} ${True} |
| 20 | |
Sivas SRR | 6aa101f | 2019-02-19 22:31:55 -0600 | [diff] [blame] | 21 | ** Test Cases ** |
| 22 | |
| 23 | Verify AccountService Available |
Sivas SRR | fa6831c | 2019-02-22 00:12:00 -0600 | [diff] [blame] | 24 | [Documentation] Verify Redfish account service is available. |
Sivas SRR | 6aa101f | 2019-02-19 22:31:55 -0600 | [diff] [blame] | 25 | [Tags] Verify_AccountService_Available |
| 26 | |
George Keishing | 97c9394 | 2019-03-04 12:45:07 -0600 | [diff] [blame] | 27 | ${resp} = Redfish_utils.Get Attribute /redfish/v1/AccountService ServiceEnabled |
Sivas SRR | 6aa101f | 2019-02-19 22:31:55 -0600 | [diff] [blame] | 28 | Should Be Equal As Strings ${resp} ${True} |
| 29 | |
Rahul Maheshwari | d0aa72b | 2022-08-23 06:44:07 -0500 | [diff] [blame] | 30 | |
| 31 | Verify Redfish Admin User Persistence After Reboot |
| 32 | [Documentation] Verify Redfish admin user persistence after reboot. |
| 33 | [Tags] Verify_Redfish_Admin_User_Persistence_After_Reboot |
| 34 | [Setup] Run Keywords Redfish.Login AND |
| 35 | ... Redfish Create User admin_user TestPwd123 Administrator ${True} |
| 36 | [Teardown] Run Keywords Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user |
| 37 | ... AND Test Teardown Execution |
Sandhya Somashekar | a83fb47 | 2019-08-29 02:26:21 -0500 | [diff] [blame] | 38 | |
| 39 | # Reboot BMC. |
| 40 | Redfish OBMC Reboot (off) stack_mode=normal |
Sandhya Somashekar | a83fb47 | 2019-08-29 02:26:21 -0500 | [diff] [blame] | 41 | |
| 42 | # Verify users after reboot. |
| 43 | Redfish Verify User admin_user TestPwd123 Administrator ${True} |
Rahul Maheshwari | d0aa72b | 2022-08-23 06:44:07 -0500 | [diff] [blame] | 44 | |
| 45 | |
| 46 | Verify Redfish Operator User Persistence After Reboot |
| 47 | [Documentation] Verify Redfish operator user persistence after reboot. |
| 48 | [Tags] Verify_Redfish_Operator_User_Persistence_After_Reboot |
| 49 | [Setup] Run Keywords Redfish.Login AND |
| 50 | ... Redfish Create User operator_user TestPwd123 Operator ${True} |
| 51 | [Teardown] Run Keywords Redfish.Delete /redfish/v1/AccountService/Accounts/operator_user |
| 52 | ... AND Test Teardown Execution |
| 53 | |
| 54 | # Reboot BMC. |
| 55 | Redfish OBMC Reboot (off) stack_mode=normal |
| 56 | |
| 57 | # Verify users after reboot. |
Sandhya Somashekar | a83fb47 | 2019-08-29 02:26:21 -0500 | [diff] [blame] | 58 | Redfish Verify User operator_user TestPwd123 Operator ${True} |
Rahul Maheshwari | d0aa72b | 2022-08-23 06:44:07 -0500 | [diff] [blame] | 59 | |
| 60 | |
| 61 | Verify Redfish Readonly User Persistence After Reboot |
| 62 | [Documentation] Verify Redfish readonly user persistence after reboot. |
| 63 | [Tags] Verify_Redfish_Readonly_User_Persistence_After_Reboot |
| 64 | [Setup] Run Keywords Redfish.Login AND |
| 65 | ... Redfish Create User readonly_user TestPwd123 ReadOnly ${True} |
| 66 | [Teardown] Run Keywords Redfish.Delete /redfish/v1/AccountService/Accounts/readonly_user |
| 67 | ... AND Test Teardown Execution |
| 68 | |
| 69 | # Reboot BMC. |
| 70 | Redfish OBMC Reboot (off) stack_mode=normal |
| 71 | |
| 72 | # Verify users after reboot. |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 73 | Redfish Verify User readonly_user TestPwd123 ReadOnly ${True} |
Sandhya Somashekar | a83fb47 | 2019-08-29 02:26:21 -0500 | [diff] [blame] | 74 | |
Sandhya Somashekar | a83fb47 | 2019-08-29 02:26:21 -0500 | [diff] [blame] | 75 | |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 76 | Redfish Create and Verify Admin User |
| 77 | [Documentation] Create a Redfish user with administrator role and verify. |
George Keishing | f517690 | 2022-05-12 04:23:59 -0500 | [diff] [blame] | 78 | [Tags] Redfish_Create_and_Verify_Admin_User |
Sandhya Somashekar | 00f59cc | 2019-03-05 03:39:47 -0600 | [diff] [blame] | 79 | [Template] Redfish Create And Verify User |
| 80 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 81 | #username password role_id enabled |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 82 | admin_user TestPwd123 Administrator ${True} |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 83 | |
| 84 | |
| 85 | Redfish Create and Verify Operator User |
| 86 | [Documentation] Create a Redfish user with operator role and verify. |
| 87 | [Tags] Redfish_Create_and_Verify_Operator_User |
| 88 | [Template] Redfish Create And Verify User |
| 89 | |
| 90 | #username password role_id enabled |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 91 | operator_user TestPwd123 Operator ${True} |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 92 | |
| 93 | |
| 94 | Redfish Create and Verify Readonly User |
| 95 | [Documentation] Create a Redfish user with readonly role and verify. |
| 96 | [Tags] Redfish_Create_and_Verify_Readonly_User |
| 97 | [Template] Redfish Create And Verify User |
| 98 | |
| 99 | #username password role_id enabled |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 100 | readonly_user TestPwd123 ReadOnly ${True} |
Sivas SRR | 6aa101f | 2019-02-19 22:31:55 -0600 | [diff] [blame] | 101 | |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 102 | |
| 103 | Verify Redfish Admin User With Wrong Password |
| 104 | [Documentation] Verify Redfish admin user with wrong password. |
| 105 | [Tags] Verify_Redfish_Admin_User_With_Wrong_Password |
Sandhya Somashekar | 33aa48c | 2019-03-13 05:54:49 -0500 | [diff] [blame] | 106 | [Template] Verify Redfish User with Wrong Password |
| 107 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 108 | #username password role_id enabled wrong_password |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 109 | admin_user TestPwd123 Administrator ${True} alskjhfwurh |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 110 | |
| 111 | |
| 112 | Verify Redfish Operator User with Wrong Password |
| 113 | [Documentation] Verify Redfish operator user with wrong password. |
| 114 | [Tags] Verify_Redfish_Operator_User_with_Wrong_Password |
| 115 | [Template] Verify Redfish User with Wrong Password |
| 116 | |
| 117 | #username password role_id enabled wrong_password |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 118 | operator_user TestPwd123 Operator ${True} 12j8a8uakjhdaosiruf024 |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 119 | |
| 120 | |
| 121 | Verify Redfish Readonly User With Wrong Password |
| 122 | [Documentation] Verify Redfish readonly user with wrong password. |
| 123 | [Tags] Verify_Redfish_Readonly_User_With_Wrong_Password |
| 124 | [Template] Verify Redfish User with Wrong Password |
| 125 | |
| 126 | #username password role_id enabled wrong_password |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 127 | readonly_user TestPwd123 ReadOnly ${True} 12 |
Sandhya Somashekar | 33aa48c | 2019-03-13 05:54:49 -0500 | [diff] [blame] | 128 | |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 129 | |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 130 | Verify Login with Deleted Redfish Admin User |
| 131 | [Documentation] Verify login with deleted Redfish admin user. |
| 132 | [Tags] Verify_Login_with_Deleted_Redfish_Admin_User |
Sandhya Somashekar | af402ca | 2019-03-18 05:59:19 -0500 | [diff] [blame] | 133 | [Template] Verify Login with Deleted Redfish User |
| 134 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 135 | #username password role_id enabled |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 136 | admin_user TestPwd123 Administrator ${True} |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 137 | |
| 138 | |
| 139 | Verify Login with Deleted Redfish Operator User |
| 140 | [Documentation] Verify login with deleted Redfish operator user. |
| 141 | [Tags] Verify_Login_with_Deleted_Redfish_Operator_User |
| 142 | [Template] Verify Login with Deleted Redfish User |
| 143 | |
| 144 | #username password role_id enabled |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 145 | operator_user TestPwd123 Operator ${True} |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 146 | |
| 147 | |
| 148 | Verify Login with Deleted Redfish Readonly User |
| 149 | [Documentation] Verify login with deleted Redfish readonly user. |
| 150 | [Tags] Verify_Login_with_Deleted_Redfish_Readonly_User |
| 151 | [Template] Verify Login with Deleted Redfish User |
| 152 | |
| 153 | #username password role_id enabled |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 154 | readonly_user TestPwd123 ReadOnly ${True} |
Sandhya Somashekar | af402ca | 2019-03-18 05:59:19 -0500 | [diff] [blame] | 155 | |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 156 | |
| 157 | Verify Admin User Creation Without Enabling It |
| 158 | [Documentation] Verify admin user creation without enabling it. |
| 159 | [Tags] Verify_Admin_User_Creation_Without_Enabling_It |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 160 | [Template] Verify Create User Without Enabling |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 161 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 162 | #username password role_id enabled |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 163 | admin_user TestPwd123 Administrator ${False} |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 164 | |
| 165 | |
| 166 | Verify Operator User Creation Without Enabling It |
| 167 | [Documentation] Verify operator user creation without enabling it. |
| 168 | [Tags] Verify_Operator_User_Creation_Without_Enabling_It |
| 169 | [Template] Verify Create User Without Enabling |
| 170 | |
| 171 | #username password role_id enabled |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 172 | operator_user TestPwd123 Operator ${False} |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 173 | |
| 174 | |
| 175 | Verify Readonly User Creation Without Enabling It |
| 176 | [Documentation] Verify readonly user creation without enabling it. |
| 177 | [Tags] Verify_Readonly_User_Creation_Without_Enabling_It |
| 178 | [Template] Verify Create User Without Enabling |
| 179 | |
| 180 | #username password role_id enabled |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 181 | readonly_user TestPwd123 ReadOnly ${False} |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 182 | |
Rahul Maheshwari | cbc4c0b | 2022-04-25 05:29:25 -0500 | [diff] [blame] | 183 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 184 | Verify User Creation With Invalid Role Id |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 185 | [Documentation] Verify user creation with invalid role ID. |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 186 | [Tags] Verify_User_Creation_With_Invalid_Role_Id |
| 187 | |
| 188 | # Make sure the user account in question does not already exist. |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 189 | Redfish.Delete /redfish/v1/AccountService/Accounts/test_user |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 190 | ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}] |
| 191 | |
| 192 | # Create specified user. |
| 193 | ${payload}= Create Dictionary |
| 194 | ... UserName=test_user Password=TestPwd123 RoleId=wrongroleid Enabled=${True} |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 195 | Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload} |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 196 | ... valid_status_codes=[${HTTP_BAD_REQUEST}] |
| 197 | |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 198 | Verify Error Upon Creating Same Users With Different Privileges |
| 199 | [Documentation] Verify error upon creating same users with different privileges. |
| 200 | [Tags] Verify_Error_Upon_Creating_Same_Users_With_Different_Privileges |
| 201 | |
| 202 | Redfish Create User test_user TestPwd123 Administrator ${True} |
| 203 | |
| 204 | # Create specified user. |
| 205 | ${payload}= Create Dictionary |
Nandish-Matti | 232a6f0 | 2023-04-07 05:54:32 -0500 | [diff] [blame] | 206 | ... UserName=test_user Password=TestPwd123 RoleId=ReadOnly Enabled=${True} |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 207 | Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload} |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 208 | ... valid_status_codes=[${HTTP_BAD_REQUEST}] |
| 209 | |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 210 | Redfish.Delete /redfish/v1/AccountService/Accounts/test_user |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 211 | |
Rahul Maheshwari | 124ebef | 2022-08-23 12:06:59 -0500 | [diff] [blame] | 212 | |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 213 | Verify Modifying User Attributes |
| 214 | [Documentation] Verify modifying user attributes. |
| 215 | [Tags] Verify_Modifying_User_Attributes |
Rahul Maheshwari | 124ebef | 2022-08-23 12:06:59 -0500 | [diff] [blame] | 216 | |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 217 | # Create Redfish users. |
| 218 | Redfish Create User admin_user TestPwd123 Administrator ${True} |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 219 | Redfish Create User readonly_user TestPwd123 ReadOnly ${True} |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 220 | |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 221 | # Make sure the new user account does not already exist. |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 222 | Redfish.Delete /redfish/v1/AccountService/Accounts/newadmin_user |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 223 | ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}] |
| 224 | |
| 225 | # Update admin_user username using Redfish. |
| 226 | ${payload}= Create Dictionary UserName=newadmin_user |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 227 | Redfish.Patch /redfish/v1/AccountService/Accounts/admin_user body=&{payload} |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 228 | |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 229 | # Update readonly_user role using Redfish. |
Rahul Maheshwari | 124ebef | 2022-08-23 12:06:59 -0500 | [diff] [blame] | 230 | ${payload}= Create Dictionary RoleId=Administrator |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 231 | Redfish.Patch /redfish/v1/AccountService/Accounts/readonly_user body=&{payload} |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 232 | |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 233 | # Verify users after updating |
| 234 | Redfish Verify User newadmin_user TestPwd123 Administrator ${True} |
Rahul Maheshwari | 124ebef | 2022-08-23 12:06:59 -0500 | [diff] [blame] | 235 | Redfish Verify User readonly_user TestPwd123 Administrator ${True} |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 236 | |
| 237 | # Delete created users. |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 238 | Redfish.Delete /redfish/v1/AccountService/Accounts/newadmin_user |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 239 | Redfish.Delete /redfish/v1/AccountService/Accounts/readonly_user |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 240 | |
Rahul Maheshwari | 124ebef | 2022-08-23 12:06:59 -0500 | [diff] [blame] | 241 | |
| 242 | Verify Modifying Operator User Attributes |
| 243 | [Documentation] Verify modifying operator user attributes. |
| 244 | [Tags] Verify_Modifying_Operator_User_Attributes |
| 245 | [Setup] Run Keywords Redfish.Login AND |
| 246 | ... Redfish Create User operator_user TestPwd123 Operator ${True} |
| 247 | [Teardown] Run Keywords Redfish.Delete /redfish/v1/AccountService/Accounts/operator_user |
| 248 | ... AND Test Teardown Execution |
| 249 | |
| 250 | # Update operator_user password using Redfish. |
| 251 | ${payload}= Create Dictionary Password=NewTestPwd123 |
| 252 | Redfish.Patch /redfish/v1/AccountService/Accounts/operator_user body=&{payload} |
| 253 | |
| 254 | # Verify users after updating |
| 255 | Redfish Verify User operator_user NewTestPwd123 Operator ${True} |
| 256 | |
| 257 | |
Sandhya Somashekar | 37122b6 | 2019-06-18 06:02:02 -0500 | [diff] [blame] | 258 | Verify User Account Locked |
| 259 | [Documentation] Verify user account locked upon trying with invalid password. |
| 260 | [Tags] Verify_User_Account_Locked |
| 261 | |
| 262 | Redfish Create User admin_user TestPwd123 Administrator ${True} |
| 263 | |
Joy Onyerikwu | 1483ce0 | 2019-06-26 14:56:36 -0500 | [diff] [blame] | 264 | ${payload}= Create Dictionary AccountLockoutThreshold=${account_lockout_threshold} |
| 265 | ... AccountLockoutDuration=${account_lockout_duration} |
| 266 | Redfish.Patch ${REDFISH_ACCOUNTS_SERVICE_URI} body=${payload} |
Sandhya Somashekar | 37122b6 | 2019-06-18 06:02:02 -0500 | [diff] [blame] | 267 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 268 | Redfish.Logout |
| 269 | |
Sandhya Somashekar | 37122b6 | 2019-06-18 06:02:02 -0500 | [diff] [blame] | 270 | # Make ${account_lockout_threshold} failed login attempts. |
| 271 | Repeat Keyword ${account_lockout_threshold} times |
| 272 | ... Run Keyword And Expect Error InvalidCredentialsError* Redfish.Login admin_user abc123 |
| 273 | |
| 274 | # Verify that legitimate login fails due to lockout. |
| 275 | Run Keyword And Expect Error InvalidCredentialsError* |
| 276 | ... Redfish.Login admin_user TestPwd123 |
| 277 | |
| 278 | # Wait for lockout duration to expire and then verify that login works. |
| 279 | Sleep ${account_lockout_duration}s |
| 280 | Redfish.Login admin_user TestPwd123 |
| 281 | |
| 282 | Redfish.Logout |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 283 | |
Sandhya Somashekar | 7a23747 | 2019-07-15 02:06:39 -0500 | [diff] [blame] | 284 | Redfish.Login |
| 285 | |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 286 | Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user |
Sandhya Somashekar | 7a23747 | 2019-07-15 02:06:39 -0500 | [diff] [blame] | 287 | |
aravinth0510 | 746884b | 2022-09-29 16:04:07 +0000 | [diff] [blame] | 288 | |
| 289 | Verify User Account Unlock |
| 290 | [Documentation] Verify manually unlocking the account before lockout time |
| 291 | [Tags] Verify_User_Account_Unlock |
George Keishing | a36926b | 2023-05-17 21:54:34 +0530 | [diff] [blame] | 292 | [Teardown] Run Keywords Redfish.Logout |
| 293 | ... AND Redfish.Login |
aravinth0510 | 746884b | 2022-09-29 16:04:07 +0000 | [diff] [blame] | 294 | ... AND Redfish.Delete /redfish/v1/AccountService/Accounts/test_user |
| 295 | ... AND SSHLibrary.Close All Connections |
| 296 | |
| 297 | Redfish Create User test_user TestPwd123 Administrator ${True} |
| 298 | |
| 299 | ${payload}= Create Dictionary |
| 300 | ... AccountLockoutThreshold=${account_lockout_threshold} |
| 301 | ... AccountLockoutDuration=${account_lockout_duration} |
| 302 | Redfish.Patch ${REDFISH_ACCOUNTS_SERVICE_URI} body=${payload} |
| 303 | |
| 304 | Redfish.Logout |
| 305 | |
| 306 | # Make ${account_lockout_threshold} failed login attempts. |
| 307 | Repeat Keyword ${account_lockout_threshold} times |
| 308 | ... Run Keyword And Expect Error InvalidCredentialsError* |
| 309 | ... Redfish.Login test_user abc123 |
| 310 | |
| 311 | # Ensure SSH Login with locked account gets failed |
| 312 | SSHLibrary.Open Connection ${OPENBMC_HOST} |
| 313 | Run Keyword And Expect Error Authentication failed* |
| 314 | ... SSHLibrary.Login test_user TestPwd123 |
| 315 | |
| 316 | # Verify that legitimate login fails due to lockout. |
| 317 | Run Keyword And Expect Error InvalidCredentialsError* |
| 318 | ... Redfish.Login test_user TestPwd123 |
| 319 | |
| 320 | ${payload}= Create Dictionary Locked=${FALSE} |
| 321 | |
| 322 | # Manually unlock the account before lockout threshold expires |
| 323 | Redfish.Login |
| 324 | Redfish.Patch ${REDFISH_ACCOUNTS_URI}test_user body=${payload} |
| 325 | Redfish.Logout |
| 326 | |
| 327 | # Try redfish login with the recently unlocked account |
| 328 | Redfish.Login test_user TestPwd123 |
| 329 | |
| 330 | # Try SSH login with the unlocked account |
| 331 | SSHLibrary.Open Connection ${OPENBMC_HOST} |
| 332 | SSHLibrary.Login test_user TestPwd123 |
| 333 | |
| 334 | |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 335 | Verify Admin User Privilege |
| 336 | [Documentation] Verify admin user privilege. |
| 337 | [Tags] Verify_Admin_User_Privilege |
| 338 | |
| 339 | Redfish Create User admin_user TestPwd123 Administrator ${True} |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 340 | Redfish Create User readonly_user TestPwd123 ReadOnly ${True} |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 341 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 342 | Redfish.Logout |
| 343 | |
Rahul Maheshwari | 3bc0864 | 2022-08-23 12:49:48 -0500 | [diff] [blame] | 344 | Redfish.Login admin_user TestPwd123 |
| 345 | |
| 346 | # Change password of 'readonly' user with admin user. |
| 347 | Redfish.Patch /redfish/v1/AccountService/Accounts/readonly_user body={'Password': 'NewTestPwd123'} |
| 348 | |
| 349 | # Verify modified user. |
| 350 | Redfish Verify User readonly_user NewTestPwd123 ReadOnly ${True} |
| 351 | |
| 352 | # Note: Delete user would work here because a root login is |
| 353 | # performed as part of "Redfish Verify User" keyword's teardown. |
| 354 | Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user |
| 355 | Redfish.Delete /redfish/v1/AccountService/Accounts/readonly_user |
| 356 | |
| 357 | |
| 358 | Verify Operator User Role Change Using Admin Privilege User |
| 359 | [Documentation] Verify operator user role change using admin privilege user |
| 360 | [Tags] Verify_Operator_User_Role_Change_Using_Admin_Privilege_User |
| 361 | |
| 362 | Redfish Create User admin_user TestPwd123 Administrator ${True} |
| 363 | Redfish Create User operator_user TestPwd123 Operator ${True} |
| 364 | |
| 365 | Redfish.Logout |
| 366 | |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 367 | # Change role ID of operator user with admin user. |
| 368 | # Login with admin user. |
| 369 | Redfish.Login admin_user TestPwd123 |
| 370 | |
| 371 | # Modify Role ID of Operator user. |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 372 | Redfish.Patch /redfish/v1/AccountService/Accounts/operator_user body={'RoleId': 'Administrator'} |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 373 | |
| 374 | # Verify modified user. |
| 375 | Redfish Verify User operator_user TestPwd123 Administrator ${True} |
| 376 | |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 377 | Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user |
| 378 | Redfish.Delete /redfish/v1/AccountService/Accounts/operator_user |
Rahul Maheshwari | 3bc0864 | 2022-08-23 12:49:48 -0500 | [diff] [blame] | 379 | |
Sandhya Somashekar | 7a23747 | 2019-07-15 02:06:39 -0500 | [diff] [blame] | 380 | |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 381 | Verify Operator User Privilege |
| 382 | [Documentation] Verify operator user privilege. |
George Keishing | 5236ec5 | 2022-01-31 12:07:58 -0600 | [diff] [blame] | 383 | [Tags] Verify_Operator_User_Privilege |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 384 | |
| 385 | Redfish Create User admin_user TestPwd123 Administrator ${True} |
| 386 | Redfish Create User operator_user TestPwd123 Operator ${True} |
| 387 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 388 | Redfish.Logout |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 389 | # Login with operator user. |
| 390 | Redfish.Login operator_user TestPwd123 |
| 391 | |
George Keishing | 093c1bd | 2020-02-10 09:47:34 -0600 | [diff] [blame] | 392 | # Verify BMC reset. |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 393 | Run Keyword And Expect Error ValueError* Redfish BMC Reset Operation |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 394 | |
| 395 | # Attempt to change password of admin user with operator user. |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 396 | Redfish.Patch /redfish/v1/AccountService/Accounts/admin_user body={'Password': 'NewTestPwd123'} |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 397 | ... valid_status_codes=[${HTTP_FORBIDDEN}] |
| 398 | |
| 399 | Redfish.Logout |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 400 | |
Sandhya Somashekar | 7a23747 | 2019-07-15 02:06:39 -0500 | [diff] [blame] | 401 | Redfish.Login |
| 402 | |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 403 | Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user |
| 404 | Redfish.Delete /redfish/v1/AccountService/Accounts/operator_user |
Sandhya Somashekar | 7a23747 | 2019-07-15 02:06:39 -0500 | [diff] [blame] | 405 | |
| 406 | |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 407 | Verify ReadOnly User Privilege |
| 408 | [Documentation] Verify ReadOnly user privilege. |
| 409 | [Tags] Verify_ReadOnly_User_Privilege |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 410 | |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 411 | Redfish Create User readonly_user TestPwd123 ReadOnly ${True} |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 412 | Redfish.Logout |
| 413 | |
| 414 | # Login with read_only user. |
| 415 | Redfish.Login readonly_user TestPwd123 |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 416 | |
| 417 | # Read system level data. |
| 418 | ${system_model}= Redfish_Utils.Get Attribute |
| 419 | ... ${SYSTEM_BASE_URI} Model |
| 420 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 421 | Redfish.Logout |
Sandhya Somashekar | 7a23747 | 2019-07-15 02:06:39 -0500 | [diff] [blame] | 422 | Redfish.Login |
Anusha Dathatri | 4062b44 | 2020-02-03 04:39:15 -0600 | [diff] [blame] | 423 | Redfish.Delete ${REDFISH_ACCOUNTS_URI}readonly_user |
Sandhya Somashekar | 7a23747 | 2019-07-15 02:06:39 -0500 | [diff] [blame] | 424 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 425 | |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 426 | Verify Minimum Password Length For Redfish User |
| 427 | [Documentation] Verify minimum password length for new and existing user. |
| 428 | [Tags] Verify_Minimum_Password_Length_For_Redfish_User |
| 429 | |
| 430 | ${user_name}= Set Variable testUser |
| 431 | |
| 432 | # Make sure the user account in question does not already exist. |
| 433 | Redfish.Delete /redfish/v1/AccountService/Accounts/${user_name} |
| 434 | ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}] |
| 435 | |
| 436 | # Try to create a user with invalid length password. |
| 437 | ${payload}= Create Dictionary |
| 438 | ... UserName=${user_name} Password=UserPwd RoleId=Administrator Enabled=${True} |
| 439 | Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload} |
| 440 | ... valid_status_codes=[${HTTP_BAD_REQUEST}] |
| 441 | |
| 442 | # Create specified user with valid length password. |
| 443 | Set To Dictionary ${payload} Password UserPwd1 |
| 444 | Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload} |
| 445 | ... valid_status_codes=[${HTTP_CREATED}] |
| 446 | |
| 447 | # Try to change to an invalid password. |
| 448 | Redfish.Patch /redfish/v1/AccountService/Accounts/${user_name} body={'Password': 'UserPwd'} |
| 449 | ... valid_status_codes=[${HTTP_BAD_REQUEST}] |
| 450 | |
| 451 | # Change to a valid password. |
| 452 | Redfish.Patch /redfish/v1/AccountService/Accounts/${user_name} body={'Password': 'UserPwd1'} |
| 453 | |
| 454 | # Verify login. |
| 455 | Redfish.Logout |
| 456 | Redfish.Login ${user_name} UserPwd1 |
| 457 | Redfish.Logout |
| 458 | Redfish.Login |
| 459 | Redfish.Delete /redfish/v1/AccountService/Accounts/${user_name} |
| 460 | |
| 461 | |
Tony Lee | 94335f4 | 2021-02-04 15:16:39 +0800 | [diff] [blame] | 462 | Verify Standard User Roles Defined By Redfish |
| 463 | [Documentation] Verify standard user roles defined by Redfish. |
| 464 | [Tags] Verify_Standard_User_Roles_Defined_By_Redfish |
| 465 | |
| 466 | ${member_list}= Redfish_Utils.Get Member List |
| 467 | ... /redfish/v1/AccountService/Roles |
| 468 | |
| 469 | @{roles}= Create List |
| 470 | ... /redfish/v1/AccountService/Roles/Administrator |
| 471 | ... /redfish/v1/AccountService/Roles/Operator |
| 472 | ... /redfish/v1/AccountService/Roles/ReadOnly |
| 473 | |
| 474 | List Should Contain Sub List ${member_list} ${roles} |
| 475 | |
| 476 | # The standard roles are: |
| 477 | |
| 478 | # | Role name | Assigned privileges | |
| 479 | # | Administrator | Login, ConfigureManager, ConfigureUsers, ConfigureComponents, ConfigureSelf | |
| 480 | # | Operator | Login, ConfigureComponents, ConfigureSelf | |
| 481 | # | ReadOnly | Login, ConfigureSelf | |
| 482 | |
| 483 | @{admin}= Create List Login ConfigureManager ConfigureUsers ConfigureComponents ConfigureSelf |
| 484 | @{operator}= Create List Login ConfigureComponents ConfigureSelf |
| 485 | @{readOnly}= Create List Login ConfigureSelf |
| 486 | |
| 487 | ${roles_dict}= create dictionary admin_privileges=${admin} operator_privileges=${operator} |
| 488 | ... readOnly_privileges=${readOnly} |
| 489 | |
| 490 | ${resp}= redfish.Get /redfish/v1/AccountService/Roles/Administrator |
| 491 | List Should Contain Sub List ${resp.dict['AssignedPrivileges']} ${roles_dict['admin_privileges']} |
| 492 | |
| 493 | ${resp}= redfish.Get /redfish/v1/AccountService/Roles/Operator |
| 494 | List Should Contain Sub List ${resp.dict['AssignedPrivileges']} ${roles_dict['operator_privileges']} |
| 495 | |
| 496 | ${resp}= redfish.Get /redfish/v1/AccountService/Roles/ReadOnly |
| 497 | List Should Contain Sub List ${resp.dict['AssignedPrivileges']} ${roles_dict['readOnly_privileges']} |
| 498 | |
| 499 | |
manashsarma | 4910aa2 | 2021-07-26 09:12:36 -0500 | [diff] [blame] | 500 | Verify Error While Deleting Root User |
| 501 | [Documentation] Verify error while deleting root user. |
| 502 | [Tags] Verify_Error_While_Deleting_Root_User |
| 503 | |
| 504 | Redfish.Delete /redfish/v1/AccountService/Accounts/root valid_status_codes=[${HTTP_FORBIDDEN}] |
| 505 | |
| 506 | |
manashsarma | 654cbc1 | 2021-09-23 02:28:12 -0500 | [diff] [blame] | 507 | Verify SSH Login Access With Admin User |
George Keishing | f8e1819 | 2023-07-05 14:26:27 +0530 | [diff] [blame] | 508 | [Documentation] Verify that admin user have SSH login access. |
| 509 | ... By default, admin should have access but there could be |
| 510 | ... case where admin user shell access is restricted by design |
| 511 | ... in the community sphere.. |
manashsarma | 654cbc1 | 2021-09-23 02:28:12 -0500 | [diff] [blame] | 512 | [Tags] Verify_SSH_Login_Access_With_Admin_User |
| 513 | |
| 514 | # Create an admin User. |
| 515 | Redfish Create User new_admin TestPwd1 Administrator ${True} |
| 516 | |
| 517 | # Attempt SSH login with admin user. |
| 518 | SSHLibrary.Open Connection ${OPENBMC_HOST} |
| 519 | ${status}= Run Keyword And Return Status SSHLibrary.Login new_admin TestPwd1 |
George Keishing | f8e1819 | 2023-07-05 14:26:27 +0530 | [diff] [blame] | 520 | |
| 521 | # By default ssh_status is True, user can change the status via CLI |
| 522 | # -v ssh_status:False |
| 523 | Should Be Equal As Strings "${status}" "${ssh_status}" |
manashsarma | 654cbc1 | 2021-09-23 02:28:12 -0500 | [diff] [blame] | 524 | |
George Keishing | e8015b3 | 2022-09-19 09:38:47 -0500 | [diff] [blame] | 525 | Redfish.Login |
| 526 | Redfish.Delete /redfish/v1/AccountService/Accounts/new_admin |
| 527 | |
manashsarma | 654cbc1 | 2021-09-23 02:28:12 -0500 | [diff] [blame] | 528 | |
aravinth0510 | 746884b | 2022-09-29 16:04:07 +0000 | [diff] [blame] | 529 | Verify Configure BasicAuth Enable And Disable |
| 530 | [Documentation] Verify configure basicauth enable and disable |
| 531 | [Tags] Verify_Configure_BasicAuth_Enable_And_Disable |
| 532 | [Template] Template For Configure Auth Methods |
| 533 | |
| 534 | # auth_method |
| 535 | BasicAuth |
| 536 | XToken |
| 537 | |
Sivas SRR | 6aa101f | 2019-02-19 22:31:55 -0600 | [diff] [blame] | 538 | *** Keywords *** |
| 539 | |
Sivas SRR | 6aa101f | 2019-02-19 22:31:55 -0600 | [diff] [blame] | 540 | Test Teardown Execution |
| 541 | [Documentation] Do the post test teardown. |
| 542 | |
Anusha Dathatri | db76970 | 2020-02-12 01:02:30 -0600 | [diff] [blame] | 543 | Run Keyword And Ignore Error Redfish.Logout |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 544 | FFDC On Test Case Fail |
| 545 | |
Sandhya Somashekar | 00f59cc | 2019-03-05 03:39:47 -0600 | [diff] [blame] | 546 | |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 547 | Redfish Create User |
| 548 | [Documentation] Redfish create user. |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 549 | [Arguments] ${username} ${password} ${role_id} ${enabled} ${login_check}=${True} |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 550 | |
| 551 | # Description of argument(s): |
| 552 | # username The username to be created. |
| 553 | # password The password to be assigned. |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 554 | # role_id The role ID of the user to be created |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 555 | # (e.g. "Administrator", "Operator", etc.). |
| 556 | # enabled Indicates whether the username being created |
| 557 | # should be enabled (${True}, ${False}). |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 558 | # login_check Checks user login for created user. |
| 559 | # (e.g. ${True}, ${False}). |
Sandhya Somashekar | 8c5b249 | 2019-05-16 05:19:03 -0500 | [diff] [blame] | 560 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 561 | # Make sure the user account in question does not already exist. |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 562 | Redfish.Delete /redfish/v1/AccountService/Accounts/${userName} |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 563 | ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}] |
| 564 | |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 565 | # Create specified user. |
| 566 | ${payload}= Create Dictionary |
| 567 | ... UserName=${username} Password=${password} RoleId=${role_id} Enabled=${enabled} |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 568 | Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload} |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 569 | ... valid_status_codes=[${HTTP_CREATED}] |
| 570 | |
Rahul Maheshwari | 9928b1d | 2021-07-19 04:59:55 -0500 | [diff] [blame] | 571 | # Resetting faillock count as a workaround for issue |
Anusha Dathatri | f7268b5 | 2020-02-19 01:03:49 -0600 | [diff] [blame] | 572 | # openbmc/phosphor-user-manager#4 |
Alagiridhilipank | b9c9377 | 2024-04-02 10:04:27 +0000 | [diff] [blame^] | 573 | ${cmd}= Catenate test -f /usr/sbin/faillock && /usr/sbin/faillock --user ${username} --reset |
| 574 | |
Anusha Dathatri | f7268b5 | 2020-02-19 01:03:49 -0600 | [diff] [blame] | 575 | Bmc Execute Command ${cmd} |
| 576 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 577 | # Verify login with created user. |
| 578 | ${status}= Run Keyword If '${login_check}' == '${True}' |
| 579 | ... Verify Redfish User Login ${username} ${password} |
| 580 | Run Keyword If '${login_check}' == '${True}' Should Be Equal ${status} ${enabled} |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 581 | |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 582 | # Validate Role ID of created user. |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 583 | ${role_config}= Redfish_Utils.Get Attribute |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 584 | ... /redfish/v1/AccountService/Accounts/${username} RoleId |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 585 | Should Be Equal ${role_id} ${role_config} |
| 586 | |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 587 | |
| 588 | Redfish Verify User |
| 589 | [Documentation] Redfish user verification. |
| 590 | [Arguments] ${username} ${password} ${role_id} ${enabled} |
| 591 | |
| 592 | # Description of argument(s): |
| 593 | # username The username to be created. |
| 594 | # password The password to be assigned. |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 595 | # role_id The role ID of the user to be created |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 596 | # (e.g. "Administrator", "Operator", etc.). |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 597 | # enabled Indicates whether the username being created |
| 598 | # should be enabled (${True}, ${False}). |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 599 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 600 | ${status}= Verify Redfish User Login ${username} ${password} |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 601 | # Doing a check of the returned status. |
| 602 | Should Be Equal ${status} ${enabled} |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 603 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 604 | # Validate Role Id of user. |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 605 | ${role_config}= Redfish_Utils.Get Attribute |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 606 | ... /redfish/v1/AccountService/Accounts/${username} RoleId |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 607 | Should Be Equal ${role_id} ${role_config} |
| 608 | |
| 609 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 610 | Verify Redfish User Login |
| 611 | [Documentation] Verify Redfish login with given user id. |
| 612 | [Teardown] Run Keywords Run Keyword And Ignore Error Redfish.Logout AND Redfish.Login |
| 613 | [Arguments] ${username} ${password} |
| 614 | |
| 615 | # Description of argument(s): |
| 616 | # username Login username. |
| 617 | # password Login password. |
| 618 | |
| 619 | # Logout from current Redfish session. |
George Keishing | 1cf2a42 | 2021-02-02 22:59:29 -0600 | [diff] [blame] | 620 | # We don't really care if the current session is flushed out since we are going to login |
| 621 | # with new credential in next. |
| 622 | Run Keyword And Ignore Error Redfish.Logout |
| 623 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 624 | ${status}= Run Keyword And Return Status Redfish.Login ${username} ${password} |
| 625 | [Return] ${status} |
| 626 | |
| 627 | |
Sandhya Somashekar | 00f59cc | 2019-03-05 03:39:47 -0600 | [diff] [blame] | 628 | Redfish Create And Verify User |
| 629 | [Documentation] Redfish create and verify user. |
| 630 | [Arguments] ${username} ${password} ${role_id} ${enabled} |
| 631 | |
| 632 | # Description of argument(s): |
Sandhya Somashekar | 33aa48c | 2019-03-13 05:54:49 -0500 | [diff] [blame] | 633 | # username The username to be created. |
| 634 | # password The password to be assigned. |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 635 | # role_id The role ID of the user to be created |
Sandhya Somashekar | af402ca | 2019-03-18 05:59:19 -0500 | [diff] [blame] | 636 | # (e.g. "Administrator", "Operator", etc.). |
| 637 | # enabled Indicates whether the username being created |
| 638 | # should be enabled (${True}, ${False}). |
Sandhya Somashekar | 00f59cc | 2019-03-05 03:39:47 -0600 | [diff] [blame] | 639 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 640 | # Example: |
| 641 | #{ |
| 642 | #"@odata.context": "/redfish/v1/$metadata#ManagerAccount.ManagerAccount", |
| 643 | #"@odata.id": "/redfish/v1/AccountService/Accounts/test1", |
| 644 | #"@odata.type": "#ManagerAccount.v1_0_3.ManagerAccount", |
| 645 | #"Description": "User Account", |
| 646 | #"Enabled": true, |
| 647 | #"Id": "test1", |
| 648 | #"Links": { |
| 649 | # "Role": { |
| 650 | # "@odata.id": "/redfish/v1/AccountService/Roles/Administrator" |
| 651 | # } |
| 652 | #}, |
| 653 | |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 654 | Redfish Create User ${username} ${password} ${role_id} ${enabled} |
Sandhya Somashekar | 00f59cc | 2019-03-05 03:39:47 -0600 | [diff] [blame] | 655 | |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 656 | Redfish Verify User ${username} ${password} ${role_id} ${enabled} |
Sandhya Somashekar | 00f59cc | 2019-03-05 03:39:47 -0600 | [diff] [blame] | 657 | |
| 658 | # Delete Specified User |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 659 | Redfish.Delete /redfish/v1/AccountService/Accounts/${username} |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 660 | |
Sandhya Somashekar | 33aa48c | 2019-03-13 05:54:49 -0500 | [diff] [blame] | 661 | Verify Redfish User with Wrong Password |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 662 | [Documentation] Verify Redfish User with Wrong Password. |
Sandhya Somashekar | 33aa48c | 2019-03-13 05:54:49 -0500 | [diff] [blame] | 663 | [Arguments] ${username} ${password} ${role_id} ${enabled} ${wrong_password} |
| 664 | |
| 665 | # Description of argument(s): |
| 666 | # username The username to be created. |
| 667 | # password The password to be assigned. |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 668 | # role_id The role ID of the user to be created |
Sandhya Somashekar | af402ca | 2019-03-18 05:59:19 -0500 | [diff] [blame] | 669 | # (e.g. "Administrator", "Operator", etc.). |
| 670 | # enabled Indicates whether the username being created |
| 671 | # should be enabled (${True}, ${False}). |
Sandhya Somashekar | 33aa48c | 2019-03-13 05:54:49 -0500 | [diff] [blame] | 672 | # wrong_password Any invalid password. |
| 673 | |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 674 | Redfish Create User ${username} ${password} ${role_id} ${enabled} |
Sandhya Somashekar | 33aa48c | 2019-03-13 05:54:49 -0500 | [diff] [blame] | 675 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 676 | Redfish.Logout |
| 677 | |
Sandhya Somashekar | 33aa48c | 2019-03-13 05:54:49 -0500 | [diff] [blame] | 678 | # Attempt to login with created user with invalid password. |
| 679 | Run Keyword And Expect Error InvalidCredentialsError* |
| 680 | ... Redfish.Login ${username} ${wrong_password} |
| 681 | |
| 682 | Redfish.Login |
| 683 | |
| 684 | # Delete newly created user. |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 685 | Redfish.Delete /redfish/v1/AccountService/Accounts/${username} |
Sandhya Somashekar | 33aa48c | 2019-03-13 05:54:49 -0500 | [diff] [blame] | 686 | |
| 687 | |
Sandhya Somashekar | af402ca | 2019-03-18 05:59:19 -0500 | [diff] [blame] | 688 | Verify Login with Deleted Redfish User |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 689 | [Documentation] Verify Login with Deleted Redfish User. |
Sandhya Somashekar | af402ca | 2019-03-18 05:59:19 -0500 | [diff] [blame] | 690 | [Arguments] ${username} ${password} ${role_id} ${enabled} |
| 691 | |
| 692 | # Description of argument(s): |
| 693 | # username The username to be created. |
| 694 | # password The password to be assigned. |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 695 | # role_id The role ID of the user to be created |
Sandhya Somashekar | af402ca | 2019-03-18 05:59:19 -0500 | [diff] [blame] | 696 | # (e.g. "Administrator", "Operator", etc.). |
| 697 | # enabled Indicates whether the username being created |
| 698 | # should be enabled (${True}, ${False}). |
| 699 | |
Sandhya Somashekar | aa280aa | 2019-04-01 04:15:06 -0500 | [diff] [blame] | 700 | Redfish Create User ${username} ${password} ${role_id} ${enabled} |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 701 | |
| 702 | # Delete newly created user. |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 703 | Redfish.Delete /redfish/v1/AccountService/Accounts/${userName} |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 704 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 705 | Redfish.Logout |
| 706 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 707 | # Attempt to login with deleted user account. |
| 708 | Run Keyword And Expect Error InvalidCredentialsError* |
| 709 | ... Redfish.Login ${username} ${password} |
| 710 | |
| 711 | Redfish.Login |
| 712 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 713 | |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 714 | Verify Create User Without Enabling |
| 715 | [Documentation] Verify Create User Without Enabling. |
| 716 | [Arguments] ${username} ${password} ${role_id} ${enabled} |
| 717 | |
| 718 | # Description of argument(s): |
| 719 | # username The username to be created. |
| 720 | # password The password to be assigned. |
Sandhya Somashekar | d7d46c0 | 2019-06-26 05:10:25 -0500 | [diff] [blame] | 721 | # role_id The role ID of the user to be created |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 722 | # (e.g. "Administrator", "Operator", etc.). |
| 723 | # enabled Indicates whether the username being created |
| 724 | # should be enabled (${True}, ${False}). |
| 725 | |
Anusha Dathatri | e0dddcf | 2020-06-18 05:23:16 -0500 | [diff] [blame] | 726 | Redfish Create User ${username} ${password} ${role_id} ${enabled} ${False} |
Sandhya Somashekar | e92b1e6 | 2019-04-25 05:27:45 -0500 | [diff] [blame] | 727 | |
| 728 | Redfish.Logout |
| 729 | |
| 730 | # Login with created user. |
| 731 | Run Keyword And Expect Error InvalidCredentialsError* |
| 732 | ... Redfish.Login ${username} ${password} |
| 733 | |
| 734 | Redfish.Login |
Sandhya Somashekar | af402ca | 2019-03-18 05:59:19 -0500 | [diff] [blame] | 735 | |
| 736 | # Delete newly created user. |
Anusha Dathatri | 466816f | 2020-01-30 05:12:36 -0600 | [diff] [blame] | 737 | Redfish.Delete /redfish/v1/AccountService/Accounts/${username} |
George Keishing | 07fb41f | 2020-06-16 08:09:19 -0500 | [diff] [blame] | 738 | |
aravinth0510 | 746884b | 2022-09-29 16:04:07 +0000 | [diff] [blame] | 739 | Template For Configure Auth Methods |
| 740 | [Documentation] Template to configure auth methods. |
| 741 | [Arguments] ${auth_method} |
| 742 | [Teardown] Configure AuthMethods ${auth_method}=${initial_value} |
| 743 | |
| 744 | # Description of Argument(s): |
| 745 | # authmethods The authmethod setting which needs to be |
| 746 | # set in account service URI. |
| 747 | # valid values BasicAuth, XToken. |
| 748 | |
| 749 | Get AuthMethods Default Values ${auth_method} |
| 750 | |
| 751 | # Patch basicauth to TRUE |
| 752 | Configure AuthMethods ${auth_method}=${TRUE} |
| 753 | |
| 754 | Run Keyword IF "${auth_method}" == "XToken" |
| 755 | ... Check XToken Works Fine ${HTTP_OK} |
| 756 | ... ELSE |
| 757 | ... Check BasicAuth Works Fine ${HTTP_OK} |
| 758 | |
| 759 | # Patch basicauth to FALSE |
| 760 | Configure AuthMethods ${auth_method}=${FALSE} |
| 761 | |
| 762 | Run Keyword IF "${auth_method}" == "BasicAuth" |
| 763 | ... Check BasicAuth Works Fine ${HTTP_UNAUTHORIZED} |
| 764 | ... ELSE |
| 765 | ... Check XToken Works Fine ${HTTP_UNAUTHORIZED} |
| 766 | |
| 767 | Configure AuthMethods |
| 768 | [Documentation] Enable/disable authmethod types. |
| 769 | [Arguments] &{authmethods} |
| 770 | |
| 771 | # Description of argument(s): |
| 772 | # authmethods The authmethod setting which needs to be |
| 773 | # set in account service URI. |
| 774 | # Usage Example Configure AuthMethods XToken=${TRUE} BasicAuth=${TRUE} |
| 775 | # This will set the value of "XToken" and "BasicAuth" |
| 776 | # property in accountservice uri to TRUE. |
| 777 | |
| 778 | ${openbmc}= Create Dictionary AuthMethods=${authmethods} |
| 779 | ${oem}= Create Dictionary OpenBMC=${openbmc} |
| 780 | ${payload}= Create Dictionary Oem=${oem} |
| 781 | |
| 782 | # Setting authmethod properties using Redfish session based auth |
| 783 | ${status}= Run Keyword And Return Status |
| 784 | ... Redfish.Patch ${REDFISH_BASE_URI}AccountService |
| 785 | ... body=${payload} valid_status_codes=[${HTTP_OK},${HTTP_NO_CONTENT}] |
| 786 | |
George Keishing | c63bfe6 | 2023-11-15 19:09:59 +0530 | [diff] [blame] | 787 | # Setting authmethod properties using basic auth in case the former fails |
aravinth0510 | 746884b | 2022-09-29 16:04:07 +0000 | [diff] [blame] | 788 | IF ${status}==${FALSE} |
| 789 | # Payload dictionary pre-process to match json formatting |
| 790 | ${payload}= Convert To String ${payload} |
| 791 | ${payload}= Replace String ${payload} ' " |
| 792 | ${payload}= Replace String ${payload} False false |
| 793 | ${payload}= Replace String ${payload} True true |
| 794 | |
| 795 | # Curl Command Framing for PATCH authmethod |
| 796 | ${cmd}= Catenate curl -k -i -u ${OPENBMC_USERNAME}:${OPENBMC_PASSWORD} |
| 797 | ... -X PATCH '${AUTH_URI}${REDFISH_ACCOUNTS_SERVICE_URI}' |
| 798 | ... -H 'content-type:application/json' -H 'If-Match:*' |
| 799 | ... -d '${payload}' |
| 800 | ${rc} ${out}= Run And Return Rc And Output ${cmd} |
| 801 | |
| 802 | # Check the response of curl command is 200 or 204 |
| 803 | ${check_no_content}= |
| 804 | ... Run Keyword and Return Status Should Contain ${out} 204 |
| 805 | ${check_ok}= |
| 806 | ... Run Keyword and Return Status Should Contain ${out} 200 |
| 807 | Pass Execution If ${check_no_content}==${TRUE} |
| 808 | ... OR ${check_ok}==${TRUE} |
| 809 | END |
| 810 | |
| 811 | |
| 812 | Get AuthMethods Default Values |
| 813 | [Documentation] Get enabled/disabled status of all authmethods |
| 814 | ... from Redfish account service URI |
| 815 | [Arguments] ${authmethod} |
| 816 | |
| 817 | # Description of argument(s): |
| 818 | # authmethod The authmethod property whose value needs to be |
| 819 | # retrieved from account service URI. |
| 820 | # Usage Example Get AuthMethods Default Values BasicAuth |
| 821 | # returns >> ${TRUE} |
| 822 | # Example: |
| 823 | # { |
| 824 | # "@odata.id": "/redfish/v1/AccountService", |
| 825 | # (...) |
| 826 | # "Oem": { |
| 827 | # "OpenBMC": { |
| 828 | # "AuthMethods": { |
| 829 | # "BasicAuth": true, |
| 830 | # "Cookie": true, |
| 831 | # "SessionToken": true, |
| 832 | # "TLS": true, |
| 833 | # "XToken": true |
| 834 | # } |
| 835 | # } |
| 836 | # } |
| 837 | # } |
| 838 | |
| 839 | ${resp}= Redfish.Get Attribute ${REDFISH_ACCOUNTS_SERVICE_URI} Oem |
| 840 | ${authmethods}= Set Variable ${resp['OpenBMC']['AuthMethods']} |
| 841 | ${initial_value}= Get From Dictionary ${authmethods} ${authmethod} |
| 842 | Set Test Variable ${initial_value} |
| 843 | |
| 844 | Check XToken Works Fine |
| 845 | [Documentation] Verify Xtoken works fine. |
| 846 | [Arguments] ${status_code} |
| 847 | |
| 848 | # Description of Argument(s): |
| 849 | # status_code : 200, 401. |
| 850 | |
| 851 | # Verify xtoken auth works for xtoken |
| 852 | Redfish.Get ${REDFISH_ACCOUNTS_SERVICE_URI} |
| 853 | ... valid_status_codes=[${status_code}] |
| 854 | |
| 855 | Check BasicAuth Works Fine |
| 856 | [Documentation] Verify Basic Auth works fine. |
| 857 | [Arguments] ${status_code} |
| 858 | |
| 859 | # Description of Argument(s): |
| 860 | # status_code : 200, 401. |
| 861 | |
| 862 | # Verify basic auth works based on basic auth. |
| 863 | ${cmd}= Catenate curl -k -i -u ${OPENBMC_USERNAME}:${OPENBMC_PASSWORD} |
| 864 | ... ${AUTH_URI}/redfish/v1/AccountService |
| 865 | ${rc} ${out}= Run And Return Rc And Output ${cmd} |
| 866 | |
| 867 | # Check the response of curl command is 200/401 |
| 868 | Should Contain ${out} ${status_code} |