Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc-test-automation / d0aa72b7acb1a13983d7e60dea5196a8d0025301 / . / redfish / account_service / test_user_account.robot
blob: b1e24e6adea320f8f96d7b4fe9ff8f9afc3b6a05 [file] [log] [blame]
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]1*** Settings ***
2Documentation Test Redfish user account.
3
4Resource ../../lib/resource.robot
5Resource ../../lib/bmc_redfish_resource.robot
6Resource ../../lib/openbmc_ffdc.robot
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]7Resource ../../lib/bmc_redfish_utils.robot
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]8
manashsarma654cbc12021-09-23 02:28:12 -0500[diff] [blame]9Library SSHLibrary
10
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]11Test Setup Redfish.Login
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]12Test Teardown Test Teardown Execution
13
Sandhya Somashekar37122b62019-06-18 06:02:02 -0500[diff] [blame]14*** Variables ***
15
16${account_lockout_duration} ${30}
17${account_lockout_threshold} ${3}
18
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]19** Test Cases **
20
21Verify AccountService Available
Sivas SRRfa6831c2019-02-22 00:12:00 -0600[diff] [blame]22 [Documentation] Verify Redfish account service is available.
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]23 [Tags] Verify_AccountService_Available
24
George Keishing97c93942019-03-04 12:45:07 -0600[diff] [blame]25 ${resp} = Redfish_utils.Get Attribute /redfish/v1/AccountService ServiceEnabled
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]26 Should Be Equal As Strings ${resp} ${True}
27
Rahul Maheshwarid0aa72b2022-08-23 06:44:07 -0500[diff] [blame^]28
29Verify Redfish Admin User Persistence After Reboot
30 [Documentation] Verify Redfish admin user persistence after reboot.
31 [Tags] Verify_Redfish_Admin_User_Persistence_After_Reboot
32 [Setup] Run Keywords Redfish.Login AND
33 ... Redfish Create User admin_user TestPwd123 Administrator ${True}
34 [Teardown] Run Keywords Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user
35 ... AND Test Teardown Execution
Sandhya Somashekara83fb472019-08-29 02:26:21 -0500[diff] [blame]36
37 # Reboot BMC.
38 Redfish OBMC Reboot (off) stack_mode=normal
Sandhya Somashekara83fb472019-08-29 02:26:21 -0500[diff] [blame]39
40 # Verify users after reboot.
41 Redfish Verify User admin_user TestPwd123 Administrator ${True}
Rahul Maheshwarid0aa72b2022-08-23 06:44:07 -0500[diff] [blame^]42
43
44Verify Redfish Operator User Persistence After Reboot
45 [Documentation] Verify Redfish operator user persistence after reboot.
46 [Tags] Verify_Redfish_Operator_User_Persistence_After_Reboot
47 [Setup] Run Keywords Redfish.Login AND
48 ... Redfish Create User operator_user TestPwd123 Operator ${True}
49 [Teardown] Run Keywords Redfish.Delete /redfish/v1/AccountService/Accounts/operator_user
50 ... AND Test Teardown Execution
51
52 # Reboot BMC.
53 Redfish OBMC Reboot (off) stack_mode=normal
54
55 # Verify users after reboot.
Sandhya Somashekara83fb472019-08-29 02:26:21 -0500[diff] [blame]56 Redfish Verify User operator_user TestPwd123 Operator ${True}
Rahul Maheshwarid0aa72b2022-08-23 06:44:07 -0500[diff] [blame^]57
58
59Verify Redfish Readonly User Persistence After Reboot
60 [Documentation] Verify Redfish readonly user persistence after reboot.
61 [Tags] Verify_Redfish_Readonly_User_Persistence_After_Reboot
62 [Setup] Run Keywords Redfish.Login AND
63 ... Redfish Create User readonly_user TestPwd123 ReadOnly ${True}
64 [Teardown] Run Keywords Redfish.Delete /redfish/v1/AccountService/Accounts/readonly_user
65 ... AND Test Teardown Execution
66
67 # Reboot BMC.
68 Redfish OBMC Reboot (off) stack_mode=normal
69
70 # Verify users after reboot.
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]71 Redfish Verify User readonly_user TestPwd123 ReadOnly ${True}
Sandhya Somashekara83fb472019-08-29 02:26:21 -0500[diff] [blame]72
Sandhya Somashekara83fb472019-08-29 02:26:21 -0500[diff] [blame]73
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]74Redfish Create and Verify Admin User
75 [Documentation] Create a Redfish user with administrator role and verify.
George Keishingf5176902022-05-12 04:23:59 -0500[diff] [blame]76 [Tags] Redfish_Create_and_Verify_Admin_User
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]77 [Template] Redfish Create And Verify User
78
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]79 #username password role_id enabled
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]80 admin_user TestPwd123 Administrator ${True}
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]81
82
83Redfish Create and Verify Operator User
84 [Documentation] Create a Redfish user with operator role and verify.
85 [Tags] Redfish_Create_and_Verify_Operator_User
86 [Template] Redfish Create And Verify User
87
88 #username password role_id enabled
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]89 operator_user TestPwd123 Operator ${True}
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]90
91
92Redfish Create and Verify Readonly User
93 [Documentation] Create a Redfish user with readonly role and verify.
94 [Tags] Redfish_Create_and_Verify_Readonly_User
95 [Template] Redfish Create And Verify User
96
97 #username password role_id enabled
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]98 readonly_user TestPwd123 ReadOnly ${True}
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]99
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]100
101Verify Redfish Admin User With Wrong Password
102 [Documentation] Verify Redfish admin user with wrong password.
103 [Tags] Verify_Redfish_Admin_User_With_Wrong_Password
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]104 [Template] Verify Redfish User with Wrong Password
105
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]106 #username password role_id enabled wrong_password
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]107 admin_user TestPwd123 Administrator ${True} alskjhfwurh
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]108
109
110Verify Redfish Operator User with Wrong Password
111 [Documentation] Verify Redfish operator user with wrong password.
112 [Tags] Verify_Redfish_Operator_User_with_Wrong_Password
113 [Template] Verify Redfish User with Wrong Password
114
115 #username password role_id enabled wrong_password
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]116 operator_user TestPwd123 Operator ${True} 12j8a8uakjhdaosiruf024
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]117
118
119Verify Redfish Readonly User With Wrong Password
120 [Documentation] Verify Redfish readonly user with wrong password.
121 [Tags] Verify_Redfish_Readonly_User_With_Wrong_Password
122 [Template] Verify Redfish User with Wrong Password
123
124 #username password role_id enabled wrong_password
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]125 readonly_user TestPwd123 ReadOnly ${True} 12
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]126
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]127
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]128Verify Login with Deleted Redfish Admin User
129 [Documentation] Verify login with deleted Redfish admin user.
130 [Tags] Verify_Login_with_Deleted_Redfish_Admin_User
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]131 [Template] Verify Login with Deleted Redfish User
132
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]133 #username password role_id enabled
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]134 admin_user TestPwd123 Administrator ${True}
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]135
136
137Verify Login with Deleted Redfish Operator User
138 [Documentation] Verify login with deleted Redfish operator user.
139 [Tags] Verify_Login_with_Deleted_Redfish_Operator_User
140 [Template] Verify Login with Deleted Redfish User
141
142 #username password role_id enabled
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]143 operator_user TestPwd123 Operator ${True}
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]144
145
146Verify Login with Deleted Redfish Readonly User
147 [Documentation] Verify login with deleted Redfish readonly user.
148 [Tags] Verify_Login_with_Deleted_Redfish_Readonly_User
149 [Template] Verify Login with Deleted Redfish User
150
151 #username password role_id enabled
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]152 readonly_user TestPwd123 ReadOnly ${True}
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]153
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]154
155Verify Admin User Creation Without Enabling It
156 [Documentation] Verify admin user creation without enabling it.
157 [Tags] Verify_Admin_User_Creation_Without_Enabling_It
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]158 [Template] Verify Create User Without Enabling
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]159
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]160 #username password role_id enabled
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]161 admin_user TestPwd123 Administrator ${False}
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]162
163
164Verify Operator User Creation Without Enabling It
165 [Documentation] Verify operator user creation without enabling it.
166 [Tags] Verify_Operator_User_Creation_Without_Enabling_It
167 [Template] Verify Create User Without Enabling
168
169 #username password role_id enabled
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]170 operator_user TestPwd123 Operator ${False}
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]171
172
173Verify Readonly User Creation Without Enabling It
174 [Documentation] Verify readonly user creation without enabling it.
175 [Tags] Verify_Readonly_User_Creation_Without_Enabling_It
176 [Template] Verify Create User Without Enabling
177
178 #username password role_id enabled
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]179 readonly_user TestPwd123 ReadOnly ${False}
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]180
Rahul Maheshwaricbc4c0b2022-04-25 05:29:25 -0500[diff] [blame]181
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]182Verify User Creation With Invalid Role Id
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]183 [Documentation] Verify user creation with invalid role ID.
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]184 [Tags] Verify_User_Creation_With_Invalid_Role_Id
185
186 # Make sure the user account in question does not already exist.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]187 Redfish.Delete /redfish/v1/AccountService/Accounts/test_user
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]188 ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
189
190 # Create specified user.
191 ${payload}= Create Dictionary
192 ... UserName=test_user Password=TestPwd123 RoleId=wrongroleid Enabled=${True}
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]193 Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload}
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]194 ... valid_status_codes=[${HTTP_BAD_REQUEST}]
195
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]196Verify Error Upon Creating Same Users With Different Privileges
197 [Documentation] Verify error upon creating same users with different privileges.
198 [Tags] Verify_Error_Upon_Creating_Same_Users_With_Different_Privileges
199
200 Redfish Create User test_user TestPwd123 Administrator ${True}
201
202 # Create specified user.
203 ${payload}= Create Dictionary
204 ... UserName=test_user Password=TestPwd123 RoleId=Operator Enabled=${True}
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]205 Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload}
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]206 ... valid_status_codes=[${HTTP_BAD_REQUEST}]
207
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]208 Redfish.Delete /redfish/v1/AccountService/Accounts/test_user
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]209
210Verify Modifying User Attributes
211 [Documentation] Verify modifying user attributes.
212 [Tags] Verify_Modifying_User_Attributes
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]213 # Create Redfish users.
214 Redfish Create User admin_user TestPwd123 Administrator ${True}
215 Redfish Create User operator_user TestPwd123 Operator ${True}
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]216 Redfish Create User readonly_user TestPwd123 ReadOnly ${True}
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]217
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]218 # Make sure the new user account does not already exist.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]219 Redfish.Delete /redfish/v1/AccountService/Accounts/newadmin_user
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]220 ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
221
222 # Update admin_user username using Redfish.
223 ${payload}= Create Dictionary UserName=newadmin_user
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]224 Redfish.Patch /redfish/v1/AccountService/Accounts/admin_user body=&{payload}
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]225
226 # Update operator_user password using Redfish.
227 ${payload}= Create Dictionary Password=NewTestPwd123
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]228 Redfish.Patch /redfish/v1/AccountService/Accounts/operator_user body=&{payload}
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]229
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]230 # Update readonly_user role using Redfish.
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]231 ${payload}= Create Dictionary RoleId=Operator
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]232 Redfish.Patch /redfish/v1/AccountService/Accounts/readonly_user body=&{payload}
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]233
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]234 # Verify users after updating
235 Redfish Verify User newadmin_user TestPwd123 Administrator ${True}
236 Redfish Verify User operator_user NewTestPwd123 Operator ${True}
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]237 Redfish Verify User readonly_user TestPwd123 Operator ${True}
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]238
239 # Delete created users.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]240 Redfish.Delete /redfish/v1/AccountService/Accounts/newadmin_user
241 Redfish.Delete /redfish/v1/AccountService/Accounts/operator_user
242 Redfish.Delete /redfish/v1/AccountService/Accounts/readonly_user
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]243
Sandhya Somashekar37122b62019-06-18 06:02:02 -0500[diff] [blame]244Verify User Account Locked
245 [Documentation] Verify user account locked upon trying with invalid password.
246 [Tags] Verify_User_Account_Locked
247
248 Redfish Create User admin_user TestPwd123 Administrator ${True}
249
Joy Onyerikwu1483ce02019-06-26 14:56:36 -0500[diff] [blame]250 ${payload}= Create Dictionary AccountLockoutThreshold=${account_lockout_threshold}
251 ... AccountLockoutDuration=${account_lockout_duration}
252 Redfish.Patch ${REDFISH_ACCOUNTS_SERVICE_URI} body=${payload}
Sandhya Somashekar37122b62019-06-18 06:02:02 -0500[diff] [blame]253
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]254 Redfish.Logout
255
Sandhya Somashekar37122b62019-06-18 06:02:02 -0500[diff] [blame]256 # Make ${account_lockout_threshold} failed login attempts.
257 Repeat Keyword ${account_lockout_threshold} times
258 ... Run Keyword And Expect Error InvalidCredentialsError* Redfish.Login admin_user abc123
259
260 # Verify that legitimate login fails due to lockout.
261 Run Keyword And Expect Error InvalidCredentialsError*
262 ... Redfish.Login admin_user TestPwd123
263
264 # Wait for lockout duration to expire and then verify that login works.
265 Sleep ${account_lockout_duration}s
266 Redfish.Login admin_user TestPwd123
267
268 Redfish.Logout
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]269
Sandhya Somashekar7a237472019-07-15 02:06:39 -0500[diff] [blame]270 Redfish.Login
271
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]272 Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user
Sandhya Somashekar7a237472019-07-15 02:06:39 -0500[diff] [blame]273
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]274Verify Admin User Privilege
275 [Documentation] Verify admin user privilege.
276 [Tags] Verify_Admin_User_Privilege
277
278 Redfish Create User admin_user TestPwd123 Administrator ${True}
279 Redfish Create User operator_user TestPwd123 Operator ${True}
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]280 Redfish Create User readonly_user TestPwd123 ReadOnly ${True}
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]281
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]282 Redfish.Logout
283
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]284 # Change role ID of operator user with admin user.
285 # Login with admin user.
286 Redfish.Login admin_user TestPwd123
287
288 # Modify Role ID of Operator user.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]289 Redfish.Patch /redfish/v1/AccountService/Accounts/operator_user body={'RoleId': 'Administrator'}
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]290
291 # Verify modified user.
292 Redfish Verify User operator_user TestPwd123 Administrator ${True}
293
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]294 Redfish.Logout
295 Redfish.Login admin_user TestPwd123
296
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]297 # Change password of 'user' user with admin user.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]298 Redfish.Patch /redfish/v1/AccountService/Accounts/readonly_user body={'Password': 'NewTestPwd123'}
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]299
300 # Verify modified user.
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]301 Redfish Verify User readonly_user NewTestPwd123 ReadOnly ${True}
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]302
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]303 Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user
304 Redfish.Delete /redfish/v1/AccountService/Accounts/operator_user
305 Redfish.Delete /redfish/v1/AccountService/Accounts/readonly_user
Sandhya Somashekar7a237472019-07-15 02:06:39 -0500[diff] [blame]306
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]307Verify Operator User Privilege
308 [Documentation] Verify operator user privilege.
George Keishing5236ec52022-01-31 12:07:58 -0600[diff] [blame]309 [Tags] Verify_Operator_User_Privilege
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]310
311 Redfish Create User admin_user TestPwd123 Administrator ${True}
312 Redfish Create User operator_user TestPwd123 Operator ${True}
313
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]314 Redfish.Logout
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]315 # Login with operator user.
316 Redfish.Login operator_user TestPwd123
317
George Keishing093c1bd2020-02-10 09:47:34 -0600[diff] [blame]318 # Verify BMC reset.
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]319 Run Keyword And Expect Error ValueError* Redfish BMC Reset Operation
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]320
321 # Attempt to change password of admin user with operator user.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]322 Redfish.Patch /redfish/v1/AccountService/Accounts/admin_user body={'Password': 'NewTestPwd123'}
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]323 ... valid_status_codes=[${HTTP_FORBIDDEN}]
324
325 Redfish.Logout
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]326
Sandhya Somashekar7a237472019-07-15 02:06:39 -0500[diff] [blame]327 Redfish.Login
328
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]329 Redfish.Delete /redfish/v1/AccountService/Accounts/admin_user
330 Redfish.Delete /redfish/v1/AccountService/Accounts/operator_user
Sandhya Somashekar7a237472019-07-15 02:06:39 -0500[diff] [blame]331
332
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]333Verify ReadOnly User Privilege
334 [Documentation] Verify ReadOnly user privilege.
335 [Tags] Verify_ReadOnly_User_Privilege
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]336
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]337 Redfish Create User readonly_user TestPwd123 ReadOnly ${True}
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]338 Redfish.Logout
339
340 # Login with read_only user.
341 Redfish.Login readonly_user TestPwd123
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]342
343 # Read system level data.
344 ${system_model}= Redfish_Utils.Get Attribute
345 ... ${SYSTEM_BASE_URI} Model
346
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]347 Redfish.Logout
Sandhya Somashekar7a237472019-07-15 02:06:39 -0500[diff] [blame]348 Redfish.Login
Anusha Dathatri4062b442020-02-03 04:39:15 -0600[diff] [blame]349 Redfish.Delete ${REDFISH_ACCOUNTS_URI}readonly_user
Sandhya Somashekar7a237472019-07-15 02:06:39 -0500[diff] [blame]350
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]351
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]352Verify Minimum Password Length For Redfish User
353 [Documentation] Verify minimum password length for new and existing user.
354 [Tags] Verify_Minimum_Password_Length_For_Redfish_User
355
356 ${user_name}= Set Variable testUser
357
358 # Make sure the user account in question does not already exist.
359 Redfish.Delete /redfish/v1/AccountService/Accounts/${user_name}
360 ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
361
362 # Try to create a user with invalid length password.
363 ${payload}= Create Dictionary
364 ... UserName=${user_name} Password=UserPwd RoleId=Administrator Enabled=${True}
365 Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload}
366 ... valid_status_codes=[${HTTP_BAD_REQUEST}]
367
368 # Create specified user with valid length password.
369 Set To Dictionary ${payload} Password UserPwd1
370 Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload}
371 ... valid_status_codes=[${HTTP_CREATED}]
372
373 # Try to change to an invalid password.
374 Redfish.Patch /redfish/v1/AccountService/Accounts/${user_name} body={'Password': 'UserPwd'}
375 ... valid_status_codes=[${HTTP_BAD_REQUEST}]
376
377 # Change to a valid password.
378 Redfish.Patch /redfish/v1/AccountService/Accounts/${user_name} body={'Password': 'UserPwd1'}
379
380 # Verify login.
381 Redfish.Logout
382 Redfish.Login ${user_name} UserPwd1
383 Redfish.Logout
384 Redfish.Login
385 Redfish.Delete /redfish/v1/AccountService/Accounts/${user_name}
386
387
Tony Lee94335f42021-02-04 15:16:39 +0800[diff] [blame]388Verify Standard User Roles Defined By Redfish
389 [Documentation] Verify standard user roles defined by Redfish.
390 [Tags] Verify_Standard_User_Roles_Defined_By_Redfish
391
392 ${member_list}= Redfish_Utils.Get Member List
393 ... /redfish/v1/AccountService/Roles
394
395 @{roles}= Create List
396 ... /redfish/v1/AccountService/Roles/Administrator
397 ... /redfish/v1/AccountService/Roles/Operator
398 ... /redfish/v1/AccountService/Roles/ReadOnly
399
400 List Should Contain Sub List ${member_list} ${roles}
401
402 # The standard roles are:
403
404 # | Role name | Assigned privileges |
405 # | Administrator | Login, ConfigureManager, ConfigureUsers, ConfigureComponents, ConfigureSelf |
406 # | Operator | Login, ConfigureComponents, ConfigureSelf |
407 # | ReadOnly | Login, ConfigureSelf |
408
409 @{admin}= Create List Login ConfigureManager ConfigureUsers ConfigureComponents ConfigureSelf
410 @{operator}= Create List Login ConfigureComponents ConfigureSelf
411 @{readOnly}= Create List Login ConfigureSelf
412
413 ${roles_dict}= create dictionary admin_privileges=${admin} operator_privileges=${operator}
414 ... readOnly_privileges=${readOnly}
415
416 ${resp}= redfish.Get /redfish/v1/AccountService/Roles/Administrator
417 List Should Contain Sub List ${resp.dict['AssignedPrivileges']} ${roles_dict['admin_privileges']}
418
419 ${resp}= redfish.Get /redfish/v1/AccountService/Roles/Operator
420 List Should Contain Sub List ${resp.dict['AssignedPrivileges']} ${roles_dict['operator_privileges']}
421
422 ${resp}= redfish.Get /redfish/v1/AccountService/Roles/ReadOnly
423 List Should Contain Sub List ${resp.dict['AssignedPrivileges']} ${roles_dict['readOnly_privileges']}
424
425
manashsarma4910aa22021-07-26 09:12:36 -0500[diff] [blame]426Verify Error While Deleting Root User
427 [Documentation] Verify error while deleting root user.
428 [Tags] Verify_Error_While_Deleting_Root_User
429
430 Redfish.Delete /redfish/v1/AccountService/Accounts/root valid_status_codes=[${HTTP_FORBIDDEN}]
431
432
manashsarma654cbc12021-09-23 02:28:12 -0500[diff] [blame]433Verify SSH Login Access With Admin User
434 [Documentation] Verify that admin user does not have SSH login access.
435 [Tags] Verify_SSH_Login_Access_With_Admin_User
436
437 # Create an admin User.
438 Redfish Create User new_admin TestPwd1 Administrator ${True}
439
440 # Attempt SSH login with admin user.
441 SSHLibrary.Open Connection ${OPENBMC_HOST}
442 ${status}= Run Keyword And Return Status SSHLibrary.Login new_admin TestPwd1
443 Should Be Equal ${status} ${False}
444
445
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]446*** Keywords ***
447
Sivas SRR6aa101f2019-02-19 22:31:55 -0600[diff] [blame]448Test Teardown Execution
449 [Documentation] Do the post test teardown.
450
Anusha Dathatridb769702020-02-12 01:02:30 -0600[diff] [blame]451 Run Keyword And Ignore Error Redfish.Logout
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]452 FFDC On Test Case Fail
453
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]454
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]455Redfish Create User
456 [Documentation] Redfish create user.
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]457 [Arguments] ${username} ${password} ${role_id} ${enabled} ${login_check}=${True}
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]458
459 # Description of argument(s):
460 # username The username to be created.
461 # password The password to be assigned.
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]462 # role_id The role ID of the user to be created
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]463 # (e.g. "Administrator", "Operator", etc.).
464 # enabled Indicates whether the username being created
465 # should be enabled (${True}, ${False}).
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]466 # login_check Checks user login for created user.
467 # (e.g. ${True}, ${False}).
Sandhya Somashekar8c5b2492019-05-16 05:19:03 -0500[diff] [blame]468
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]469 # Make sure the user account in question does not already exist.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]470 Redfish.Delete /redfish/v1/AccountService/Accounts/${userName}
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]471 ... valid_status_codes=[${HTTP_OK}, ${HTTP_NOT_FOUND}]
472
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]473 # Create specified user.
474 ${payload}= Create Dictionary
475 ... UserName=${username} Password=${password} RoleId=${role_id} Enabled=${enabled}
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]476 Redfish.Post /redfish/v1/AccountService/Accounts/ body=&{payload}
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]477 ... valid_status_codes=[${HTTP_CREATED}]
478
Rahul Maheshwari9928b1d2021-07-19 04:59:55 -0500[diff] [blame]479 # Resetting faillock count as a workaround for issue
Anusha Dathatrif7268b52020-02-19 01:03:49 -0600[diff] [blame]480 # openbmc/phosphor-user-manager#4
nagarjunb2261267e92022-03-30 21:04:16 +0530[diff] [blame]481 ${cmd}= Catenate test -f /usr/sbin/faillock && /usr/sbin/faillock --user USER --reset
482 ... || /usr/sbin/pam_tally2 -u ${username} --reset
Anusha Dathatrif7268b52020-02-19 01:03:49 -0600[diff] [blame]483 Bmc Execute Command ${cmd}
484
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]485 # Verify login with created user.
486 ${status}= Run Keyword If '${login_check}' == '${True}'
487 ... Verify Redfish User Login ${username} ${password}
488 Run Keyword If '${login_check}' == '${True}' Should Be Equal ${status} ${enabled}
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]489
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]490 # Validate Role ID of created user.
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]491 ${role_config}= Redfish_Utils.Get Attribute
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]492 ... /redfish/v1/AccountService/Accounts/${username} RoleId
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]493 Should Be Equal ${role_id} ${role_config}
494
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]495
496Redfish Verify User
497 [Documentation] Redfish user verification.
498 [Arguments] ${username} ${password} ${role_id} ${enabled}
499
500 # Description of argument(s):
501 # username The username to be created.
502 # password The password to be assigned.
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]503 # role_id The role ID of the user to be created
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]504 # (e.g. "Administrator", "Operator", etc.).
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]505 # enabled Indicates whether the username being created
506 # should be enabled (${True}, ${False}).
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]507
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]508 ${status}= Verify Redfish User Login ${username} ${password}
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]509 # Doing a check of the returned status.
510 Should Be Equal ${status} ${enabled}
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]511
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]512 # Validate Role Id of user.
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]513 ${role_config}= Redfish_Utils.Get Attribute
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]514 ... /redfish/v1/AccountService/Accounts/${username} RoleId
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]515 Should Be Equal ${role_id} ${role_config}
516
517
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]518Verify Redfish User Login
519 [Documentation] Verify Redfish login with given user id.
520 [Teardown] Run Keywords Run Keyword And Ignore Error Redfish.Logout AND Redfish.Login
521 [Arguments] ${username} ${password}
522
523 # Description of argument(s):
524 # username Login username.
525 # password Login password.
526
527 # Logout from current Redfish session.
George Keishing1cf2a422021-02-02 22:59:29 -0600[diff] [blame]528 # We don't really care if the current session is flushed out since we are going to login
529 # with new credential in next.
530 Run Keyword And Ignore Error Redfish.Logout
531
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]532 ${status}= Run Keyword And Return Status Redfish.Login ${username} ${password}
533 [Return] ${status}
534
535
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]536Redfish Create And Verify User
537 [Documentation] Redfish create and verify user.
538 [Arguments] ${username} ${password} ${role_id} ${enabled}
539
540 # Description of argument(s):
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]541 # username The username to be created.
542 # password The password to be assigned.
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]543 # role_id The role ID of the user to be created
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]544 # (e.g. "Administrator", "Operator", etc.).
545 # enabled Indicates whether the username being created
546 # should be enabled (${True}, ${False}).
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]547
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]548 # Example:
549 #{
550 #"@odata.context": "/redfish/v1/$metadata#ManagerAccount.ManagerAccount",
551 #"@odata.id": "/redfish/v1/AccountService/Accounts/test1",
552 #"@odata.type": "#ManagerAccount.v1_0_3.ManagerAccount",
553 #"Description": "User Account",
554 #"Enabled": true,
555 #"Id": "test1",
556 #"Links": {
557 # "Role": {
558 # "@odata.id": "/redfish/v1/AccountService/Roles/Administrator"
559 # }
560 #},
561
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]562 Redfish Create User ${username} ${password} ${role_id} ${enabled}
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]563
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]564 Redfish Verify User ${username} ${password} ${role_id} ${enabled}
Sandhya Somashekar00f59cc2019-03-05 03:39:47 -0600[diff] [blame]565
566 # Delete Specified User
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]567 Redfish.Delete /redfish/v1/AccountService/Accounts/${username}
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]568
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]569Verify Redfish User with Wrong Password
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]570 [Documentation] Verify Redfish User with Wrong Password.
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]571 [Arguments] ${username} ${password} ${role_id} ${enabled} ${wrong_password}
572
573 # Description of argument(s):
574 # username The username to be created.
575 # password The password to be assigned.
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]576 # role_id The role ID of the user to be created
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]577 # (e.g. "Administrator", "Operator", etc.).
578 # enabled Indicates whether the username being created
579 # should be enabled (${True}, ${False}).
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]580 # wrong_password Any invalid password.
581
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]582 Redfish Create User ${username} ${password} ${role_id} ${enabled}
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]583
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]584 Redfish.Logout
585
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]586 # Attempt to login with created user with invalid password.
587 Run Keyword And Expect Error InvalidCredentialsError*
588 ... Redfish.Login ${username} ${wrong_password}
589
590 Redfish.Login
591
592 # Delete newly created user.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]593 Redfish.Delete /redfish/v1/AccountService/Accounts/${username}
Sandhya Somashekar33aa48c2019-03-13 05:54:49 -0500[diff] [blame]594
595
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]596Verify Login with Deleted Redfish User
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]597 [Documentation] Verify Login with Deleted Redfish User.
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]598 [Arguments] ${username} ${password} ${role_id} ${enabled}
599
600 # Description of argument(s):
601 # username The username to be created.
602 # password The password to be assigned.
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]603 # role_id The role ID of the user to be created
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]604 # (e.g. "Administrator", "Operator", etc.).
605 # enabled Indicates whether the username being created
606 # should be enabled (${True}, ${False}).
607
Sandhya Somashekaraa280aa2019-04-01 04:15:06 -0500[diff] [blame]608 Redfish Create User ${username} ${password} ${role_id} ${enabled}
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]609
610 # Delete newly created user.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]611 Redfish.Delete /redfish/v1/AccountService/Accounts/${userName}
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]612
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]613 Redfish.Logout
614
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]615 # Attempt to login with deleted user account.
616 Run Keyword And Expect Error InvalidCredentialsError*
617 ... Redfish.Login ${username} ${password}
618
619 Redfish.Login
620
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]621
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]622Verify Create User Without Enabling
623 [Documentation] Verify Create User Without Enabling.
624 [Arguments] ${username} ${password} ${role_id} ${enabled}
625
626 # Description of argument(s):
627 # username The username to be created.
628 # password The password to be assigned.
Sandhya Somashekard7d46c02019-06-26 05:10:25 -0500[diff] [blame]629 # role_id The role ID of the user to be created
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]630 # (e.g. "Administrator", "Operator", etc.).
631 # enabled Indicates whether the username being created
632 # should be enabled (${True}, ${False}).
633
Anusha Dathatrie0dddcf2020-06-18 05:23:16 -0500[diff] [blame]634 Redfish Create User ${username} ${password} ${role_id} ${enabled} ${False}
Sandhya Somashekare92b1e62019-04-25 05:27:45 -0500[diff] [blame]635
636 Redfish.Logout
637
638 # Login with created user.
639 Run Keyword And Expect Error InvalidCredentialsError*
640 ... Redfish.Login ${username} ${password}
641
642 Redfish.Login
Sandhya Somashekaraf402ca2019-03-18 05:59:19 -0500[diff] [blame]643
644 # Delete newly created user.
Anusha Dathatri466816f2020-01-30 05:12:36 -0600[diff] [blame]645 Redfish.Delete /redfish/v1/AccountService/Accounts/${username}
George Keishing07fb41f2020-06-16 08:09:19 -0500[diff] [blame]646