blob: 27c5d30d15ae08ec3bc9d1ef259e29599423095e [file] [log] [blame]
manashsarma9ca0d372020-05-26 04:49:05 -05001*** Settings ***
2
3
4Documentation Suite to test local user management.
5
6Library OperatingSystem
7Library String
8Library Collections
9
10Resource ../../lib/resource.robot
11Resource ../../lib/bmc_redfish_resource.robot
12Resource ../../lib/openbmc_ffdc.robot
13Resource ../../lib/certificate_utils.robot
manashsarma579d8252020-05-28 08:10:51 -050014Resource ../../lib/dmtf_redfishtool_utils.robot
manashsarma9ca0d372020-05-26 04:49:05 -050015
16Suite Setup Suite Setup Execution
17
18
19*** Variables ***
20
21${root_cmd_args} = SEPARATOR=
George Keishingd4ba2492022-01-10 08:27:34 -060022... redfishtool raw -r ${OPENBMC_HOST}:${HTTPS_PORT} -u ${OPENBMC_USERNAME} -p ${OPENBMC_PASSWORD} -S Always
manashsarma9ca0d372020-05-26 04:49:05 -050023
24
25*** Test Cases ***
26
manashsarma9ca0d372020-05-26 04:49:05 -050027Verify Redfishtool Create Users
28 [Documentation] Create user via Redfishtool and verify.
29 [Tags] Verify_Redfishtool_Create_Users
30 [Teardown] Redfishtool Delete User "UserT100"
31
32 Redfishtool Create User "UserT100" "TestPwd123" "Operator" true
33 Redfishtool Verify User "UserT100" "Operator"
34
35
36Verify Redfishtool Modify Users
37 [Documentation] Modify user via Redfishtool and verify.
38 [Tags] Verify_Redfishtool_Modify_Users
39 [Teardown] Redfishtool Delete User "UserT100"
40
41 Redfishtool Create User "UserT100" "TestPwd123" "Operator" true
42 Redfishtool Update User Role "UserT100" "Administrator"
43 Redfishtool Verify User "UserT100" "Administrator"
44
45
46Verify Redfishtool Delete Users
47 [Documentation] Delete user via Redfishtool and verify.
48 [Tags] Verify_Redfishtool_Delete_Users
49
50 Redfishtool Create User "UserT100" "TestPwd123" "Operator" true
51 Redfishtool Delete User "UserT100"
52 ${status}= Redfishtool Verify User Name Exists "UserT100"
53 Should Be True ${status} == False
54
55
56Verify Redfishtool Login With Deleted Redfish Users
57 [Documentation] Verify login with deleted user via Redfishtool.
58 [Tags] Verify_Redfishtool_Login_With_Deleted_Redfish_Users
59
60 Redfishtool Create User "UserT100" "TestPwd123" "Operator" true
61 Redfishtool Delete User "UserT100"
62 Redfishtool Access Resource /redfish/v1/AccountService/Accounts "UserT100" "TestPwd123"
63 ... ${HTTP_UNAUTHORIZED}
64
65
66Verify Redfishtool Error Upon Creating Same Users With Different Privileges
67 [Documentation] Verify error upon creating same users with different privileges.
68 [Tags] Verify_Redfishtool_Error_Upon_Creating_Same_Users_With_Different_Privileges
69 [Teardown] Redfishtool Delete User "UserT100"
70
71 Redfishtool Create User "UserT100" "TestPwd123" "Operator" true
72 Redfishtool Create User "UserT100" "TestPwd123" "Administrator" true
73 ... expected_error=${HTTP_BAD_REQUEST}
74
75
76Verify Redfishtool Admin User Privilege
77 [Documentation] Verify privilege of admin user.
78 [Tags] Verify_Redfishtool_Admin_User_Privilege
79 [Teardown] Run Keywords Redfishtool Delete User "UserT100" AND
80 ... Redfishtool Delete User "UserT101"
81
82 Redfishtool Create User "UserT100" "TestPwd123" "Administrator" true
83
84 # Verify if an user can be added by admin
85 Redfishtool Create User "UserT101" "TestPwd123" "Operator" true "UserT100" "TestPwd123"
86
87
88Verify Redfishtool ReadOnly User Privilege
89 [Documentation] Verify Redfishtool ReadOnly user privilege works.
90 [Tags] Verify_Redfishtool_ReadOnly_User_Privilege
91 [Teardown] Redfishtool Delete User "UserT100"
92
93 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true
94 Redfishtool Access Resource /redfish/v1/Systems/ "UserT100" "TestPwd123"
95
96 Redfishtool Create User
97 ... "UserT101" "TestPwd123" "Operator" true "UserT100" "TestPwd123" ${HTTP_FORBIDDEN}
98
99
manashsarma75e79832020-06-24 07:08:38 -0500100Verify Redfishtool Operator User Privilege
101 [Documentation] Verify that an operator user is able to perform operator privilege
102 ... task(e.g. create user, delete user).
103 [Tags] Verify_Redfishtool_Operator_User_Privilege
104 [Teardown] Redfishtool Delete User "UserT100"
105
106 Redfishtool Create User "UserT100" "TestPwd123" "ReadOnly" true
107 Redfishtool Access Resource /redfish/v1/Systems/ "UserT100" "TestPwd123"
108
109 Redfishtool Create User
110 ... "UserT101" "TestPwd123" "Operator" true "UserT100" "TestPwd123" ${HTTP_FORBIDDEN}
111
112
113Verify Error While Creating User With Invalid Role
114 [Documentation] Verify error while creating a user with invalid role using Redfishtool.
115 [Tags] Verify_Error_While_Creating_User_With_Invalid_Role
manashsarma26103d92020-12-08 00:46:28 -0600116 [Teardown] Redfishtool Delete User "UserT100" ${HTTP_NOT_FOUND}
manashsarma75e79832020-06-24 07:08:38 -0500117
118 Redfishtool Create User "UserT100" "TestPwd123" "wrongroleid" true expected_error=${HTTP_BAD_REQUEST}
119
120
121Verify Minimum Password Length For Redfish User
122 [Documentation] Verify minimum password length of eight characters for new and existing user.
123 [Tags] Verify_Minimum_Password_Length_For_Redfish_User
124 [Teardown] Redfishtool Delete User "UserT100"
125
126 Redfishtool Create User "UserT100" "TestPwd" "Operator" true expected_error=${HTTP_BAD_REQUEST}
127 Redfishtool Create User "UserT100" "TestPwd1" "Operator" true
128
129
130Verify Create User Without Enabling
131 [Documentation] Create an user without enabling it and verify that it does not have access.
132 [Teardown] Redfishtool Delete User "UserT100"
133
134 Redfishtool Create User "UserT100" "TestPwd123" "Operator" false
135 Redfishtool Access Resource /redfish/v1/AccountService/Accounts "UserT100" "TestPwd123"
136 ... ${HTTP_UNAUTHORIZED}
137
manashsarmac0efe582020-06-15 09:51:48 -0500138
139Verify Error While Running Redfishtool With Incorrect Password
140 [Documentation] Verify error while running redfishtool with incorrect Password.
141 [Tags] Verify_Error_While_Running_Redfishtool_With_Incorrect_Password
142 [Teardown] Redfishtool Delete User "UserT100"
143
144 Redfishtool Create User "UserT100" "TestPwd123" "Administrator" true
145 Redfishtool Access Resource /redfish/v1/Systems/ "UserT100" "TestPwd234" ${HTTP_UNAUTHORIZED}
146
manashsarma9ca0d372020-05-26 04:49:05 -0500147*** Keywords ***
148
149
150Redfishtool Access Resource
151 [Documentation] Access resource.
manashsarma579d8252020-05-28 08:10:51 -0500152 [Arguments] ${uri} ${login_user} ${login_pasword} ${expected_error}=200
manashsarma9ca0d372020-05-26 04:49:05 -0500153
154 # Description of argument(s):
155 # uri URI for resource access.
156 # login_user The login user name used other than default root user.
157 # login_pasword The login password.
158 # expected_error Expected error optionally provided in testcase (e.g. 401 /
159 # authentication error, etc. )
160
161 ${user_cmd_args}= Set Variable
162 ... redfishtool raw -r ${OPENBMC_HOST} -u ${login_user} -p ${login_pasword} -S Always
163 Redfishtool Get ${uri} ${user_cmd_args} ${expected_error}
164
165
manashsarma9ca0d372020-05-26 04:49:05 -0500166Redfishtool Create User
167 [Documentation] Create new user.
168 [Arguments] ${user_name} ${password} ${roleID} ${enable} ${login_user}="" ${login_pasword}=""
manashsarma579d8252020-05-28 08:10:51 -0500169 ... ${expected_error}=200
manashsarma9ca0d372020-05-26 04:49:05 -0500170
171 # Description of argument(s):
172 # user_name The user name (e.g. "test", "robert", etc.).
173 # password The user password (e.g. "0penBmc", "0penBmc1", etc.).
174 # roleID The role of user (e.g. "Administrator", "Operator", etc.).
175 # enable Enabled attribute of (e.g. true or false).
176 # expected_error Expected error optionally provided in testcase (e.g. 401 /
177 # authentication error, etc. )
178
179 ${user_cmd_args}= Set Variable
180 ... redfishtool raw -r ${OPENBMC_HOST} -u ${login_user} -p ${login_pasword} -S Always
181 ${data}= Set Variable
182 ... '{"UserName":${user_name},"Password":${password},"RoleId":${roleId},"Enabled":${enable}}'
183 Run Keyword If ${login_user} == ""
184 ... Redfishtool Post ${data} /redfish/v1/AccountService/Accounts ${root_cmd_args} ${expected_error}
185 ... ELSE
186 ... Redfishtool Post ${data} /redfish/v1/AccountService/Accounts ${user_cmd_args} ${expected_error}
187
188
189Redfishtool Update User Role
190 [Documentation] Update user role.
191 [Arguments] ${user_name} ${newRole} ${login_user}="" ${login_pasword}=""
manashsarma579d8252020-05-28 08:10:51 -0500192 ... ${expected_error}=200
manashsarma9ca0d372020-05-26 04:49:05 -0500193
194 # Description of argument(s):
195 # user_name The user name (e.g. "test", "robert", etc.).
196 # newRole The new role of user (e.g. "Administrator", "Operator", etc.).
197 # login_user The login user name used other than default root user.
198 # login_pasword The login password.
199 # expected_error Expected error optionally provided in testcase (e.g. 401 /
200 # authentication error, etc. )
201
202 ${user_cmd_args}= Set Variable
203 ... redfishtool raw -r ${OPENBMC_HOST} -u ${login_user} -p ${login_pasword} -S Always
204 Run Keyword If ${login_user} == ""
205 ... Redfishtool Patch '{"RoleId":${newRole}}'
206 ... /redfish/v1/AccountService/Accounts/${user_name} ${root_cmd_args} ${expected_error}
207 ... ELSE
208 ... Redfishtool Patch '{"RoleId":${newRole}}'
209 ... /redfish/v1/AccountService/Accounts/${user_name} ${user_cmd_args} ${expected_error}
210
211
212Redfishtool Delete User
213 [Documentation] Delete an user.
manashsarma579d8252020-05-28 08:10:51 -0500214 [Arguments] ${user_name} ${expected_error}=200
manashsarma9ca0d372020-05-26 04:49:05 -0500215
216 # Description of argument(s):
217 # user_name The user name (e.g. "test", "robert", etc.).
218 # expected_error Expected error optionally provided in testcase (e.g. 401 /
219 # authentication error, etc. ).
220
221 Redfishtool Delete /redfish/v1/AccountService/Accounts/${user_name}
222 ... ${root_cmd_args} ${expected_error}
223
224
225Redfishtool Verify User
226 [Documentation] Verify role of the user.
227 [Arguments] ${user_name} ${role}
228
229 # Description of argument(s):
230 # user_name The user name (e.g. "test", "robert", etc.).
231 # role The new role of user (e.g. "Administrator", "Operator", etc.).
232
233 ${user_account}= Redfishtool Get /redfish/v1/AccountService/Accounts/${user_name}
234 ${json_obj}= Evaluate json.loads('''${user_account}''') json
235 Should Be equal "${json_obj["RoleId"]}" ${role}
236
237
238Redfishtool Verify User Name Exists
239 [Documentation] Verify user name exists.
240 [Arguments] ${user_name}
241
242 # Description of argument(s):
243 # user_name The user name (e.g. "test", "robert", etc.).
244
245 ${status}= Run Keyword And Return Status redfishtool Get
246 ... /redfish/v1/AccountService/Accounts/${user_name}
247
248 [return] ${status}
249
250
manashsarma75e79832020-06-24 07:08:38 -0500251Redfishtool GetAttribute
252 [Documentation] Execute redfishtool for GET operation.
253 [Arguments] ${uri} ${Attribute} ${cmd_args}=${root_cmd_args} ${expected_error}=""
254
255 # Description of argument(s):
256 # uri URI for GET operation (e.g. /redfish/v1/AccountService/Accounts/).
257 # Attribute The specific attribute to be retrieved with the URI.
258 # cmd_args Commandline arguments.
259 # expected_error Expected error optionally provided in testcase (e.g. 401 /
260 # authentication error, etc. ).
261
262 ${rc} ${cmd_output}= Run and Return RC and Output ${cmd_args} GET ${uri}
263 Run Keyword If ${rc} != 0 Is HTTP error Expected ${cmd_output} ${expected_error}
264 ${json_object}= To JSON ${cmd_output}
265
266 [Return] ${json_object["${Attribute}"]}
267
268
manashsarma9ca0d372020-05-26 04:49:05 -0500269Suite Setup Execution
270 [Documentation] Do suite setup execution.
271
272 ${tool_exist}= Run which redfishtool
273 Should Not Be Empty ${tool_exist}