Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc-test-automation / fcbfdf603784caed9f59df1ca4ae4c0595128e22 / . / redfish / account_service / test_ipmi_redfish_user.robot
blob: a7b06d50e0cb7a46bf6ab1530f077f2816c16b82 [file] [log] [blame]
Rahul Maheshwari51dee262019-03-06 23:36:21 -0600[diff] [blame]1*** Settings ***
2Documentation Test IPMI and Redfish combinations for user management.
3
4Resource ../../lib/resource.robot
5Resource ../../lib/bmc_redfish_resource.robot
6Resource ../../lib/openbmc_ffdc.robot
7Resource ../../lib/ipmi_client.robot
Rahul Maheshwari75e91fe2019-03-29 05:32:28 -0500[diff] [blame]8Library ../lib/ipmi_utils.py
Rahul Maheshwari51dee262019-03-06 23:36:21 -0600[diff] [blame]9
10Test Setup Test Setup Execution
11Test Teardown Test Teardown Execution
12
13
14*** Variables ***
15
16${valid_password} 0penBmc1
Rahul Maheshwaricf2336e2019-03-15 00:49:13 -0500[diff] [blame]17${valid_password2} 0penBmc2
Rahul Maheshwari75e91fe2019-03-29 05:32:28 -0500[diff] [blame]18${admin_level_priv} 4
19${operator_level_priv} 3
Rahul Maheshwari7b7ba222022-08-21 23:29:43 -0500[diff] [blame]20${readonly_level_priv} 2
George Keishing48d998e2022-07-07 10:10:47 -0500[diff] [blame]21# Refer: #openbmc/phosphor-user-manager/blob/master/user_mgr.cpp
George Keishing6c882522022-07-07 11:18:50 -0500[diff] [blame]22# ipmiMaxUsers = 15; <-- IPMI
23# maxSystemUsers = 30; <-- Max system redfish account users allowed
George Keishingdc7d6892022-07-07 14:28:32 -0500[diff] [blame]24${ipmi_max_num_users} ${15}
George Keishing48d998e2022-07-07 10:10:47 -0500[diff] [blame]25${max_num_users} ${30}
Gene Ratzlaffd4cdc112022-05-06 13:17:35 -0400[diff] [blame]26${empty_name_pattern} ^User Name\\s.*\\s:\\s$
Rahul Maheshwari51dee262019-03-06 23:36:21 -0600[diff] [blame]27
28** Test Cases **
29
30Create Admin Redfish User And Verify Login Via IPMI
31 [Documentation] Create user using redfish and verify via IPMI.
32 [Tags] Create_Admin_Redfish_User_And_Verify_Login_Via_IPMI
33
34 ${random_username}= Generate Random String 8 [LETTERS]
35 Set Test Variable ${random_username}
36
37 ${payload}= Create Dictionary
38 ... UserName=${random_username} Password=${valid_password}
39 ... RoleId=Administrator Enabled=${True}
40 Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload}
41 ... valid_status_codes=[${HTTP_CREATED}]
42
Sushma M M97fccae2020-07-27 14:55:19 -0500[diff] [blame]43 # Delay added for created new user password to get set.
44 Sleep 5s
45
Rahul Maheshwari51dee262019-03-06 23:36:21 -0600[diff] [blame]46 Verify IPMI Username And Password ${random_username} ${valid_password}
47
48
Rahul Maheshwaricf2336e2019-03-15 00:49:13 -0500[diff] [blame]49Update User Password Via Redfish And Verify Using IPMI
50 [Documentation] Update user password via Redfish and verify using IPMI.
51 [Tags] Update_User_Password_Via_Redfish_And_Verify_Using_IPMI
52
53 # Create user using Redfish.
54 ${random_username}= Generate Random String 8 [LETTERS]
55 Set Test Variable ${random_username}
56
57 ${payload}= Create Dictionary
58 ... UserName=${random_username} Password=${valid_password}
59 ... RoleId=Administrator Enabled=${True}
60 Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload}
61 ... valid_status_codes=[${HTTP_CREATED}]
62
63 # Update user password using Redfish.
64 ${payload}= Create Dictionary Password=${valid_password2}
65 Redfish.Patch /redfish/v1/AccountService/Accounts/${random_username} body=&{payload}
66
67 # Verify that IPMI command works with new password and fails with older password.
68 Verify IPMI Username And Password ${random_username} ${valid_password2}
69
Anusha Dathatri652fc742020-02-05 05:14:21 -0600[diff] [blame]70 Run Keyword And Expect Error *Error: Unable to establish IPMI*
Rahul Maheshwaricf2336e2019-03-15 00:49:13 -0500[diff] [blame]71 ... Verify IPMI Username And Password ${random_username} ${valid_password}
72
73
Rahul Maheshwariff63ac02019-03-29 10:25:21 -0500[diff] [blame]74Update User Privilege Via Redfish And Verify Using IPMI
75 [Documentation] Update user privilege via Redfish and verify using IPMI.
76 [Tags] Update_User_Privilege_Via_Redfish_And_Verify_Using_IPMI
77
78 # Create user using Redfish with admin privilege.
79 ${random_username}= Generate Random String 8 [LETTERS]
80 Set Test Variable ${random_username}
81
82 ${payload}= Create Dictionary
83 ... UserName=${random_username} Password=${valid_password}
84 ... RoleId=Administrator Enabled=${True}
85 Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload}
86 ... valid_status_codes=[${HTTP_CREATED}]
87
88 # Update user privilege to operator using Redfish.
89 ${payload}= Create Dictionary RoleId=Operator
90 Redfish.Patch /redfish/v1/AccountService/Accounts/${random_username} body=&{payload}
91
92 # Verify new user privilege level via IPMI.
Tony Leec317c982020-05-20 15:46:35 +0800[diff] [blame]93 ${resp}= Run IPMI Standard Command user list ${CHANNEL_NUMBER}
Rahul Maheshwariff63ac02019-03-29 10:25:21 -0500[diff] [blame]94
95 # Example of response data:
96 # ID Name Callin Link Auth IPMI Msg Channel Priv Limit
97 # 1 root false true true ADMINISTRATOR
98 # 2 OAvCxjMv false true true OPERATOR
99 # 3 true false false NO ACCESS
100 # ..
101 # ..
102 # 15 true false false NO ACCESS
103
104 ${user_info}=
105 ... Get Lines Containing String ${resp} ${random_username}
106 Should Contain ${user_info} OPERATOR
107
108
Rahul Maheshwaricf2336e2019-03-15 00:49:13 -0500[diff] [blame]109Delete User Via Redfish And Verify Using IPMI
110 [Documentation] Delete user via redfish and verify using IPMI.
111 [Tags] Delete_User_Via_Redfish_And_Verify_Using_IPMI
112
113 # Create user using Redfish.
114 ${random_username}= Generate Random String 8 [LETTERS]
115 Set Test Variable ${random_username}
116
117 ${payload}= Create Dictionary
118 ... UserName=${random_username} Password=${valid_password}
119 ... RoleId=Administrator Enabled=${True}
120 Redfish.Post /redfish/v1/AccountService/Accounts body=&{payload}
121 ... valid_status_codes=[${HTTP_CREATED}]
122
123 # Delete user using Redfish.
124 Redfish.Delete /redfish/v1/AccountService/Accounts/${random_username}
125
126 # Verify that IPMI command fails with deleted user.
Anusha Dathatri652fc742020-02-05 05:14:21 -0600[diff] [blame]127 Run Keyword And Expect Error *Error: Unable to establish IPMI*
Rahul Maheshwaricf2336e2019-03-15 00:49:13 -0500[diff] [blame]128 ... Verify IPMI Username And Password ${random_username} ${valid_password}
129
130
Rahul Maheshwari75e91fe2019-03-29 05:32:28 -0500[diff] [blame]131Create IPMI User And Verify Login Via Redfish
132 [Documentation] Create user using IPMI and verify user login via Redfish.
133 [Tags] Create_IPMI_User_And_Verify_Login_Via_Redfish
134
135 ${username} ${userid}= IPMI Create Random User Plus Password And Privilege
136 ... ${valid_password} ${admin_level_priv}
137
Anusha Dathatri4d894652020-02-12 04:08:10 -0600[diff] [blame]138 Redfish.Logout
139
Rahul Maheshwari75e91fe2019-03-29 05:32:28 -0500[diff] [blame]140 # Verify user login using Redfish.
141 Redfish.Login ${username} ${valid_password}
Anusha Dathatri4d894652020-02-12 04:08:10 -0600[diff] [blame]142 Redfish.Logout
143
144 Redfish.Login
Rahul Maheshwari75e91fe2019-03-29 05:32:28 -0500[diff] [blame]145
146
147Update User Password Via IPMI And Verify Using Redfish
148 [Documentation] Update user password using IPMI and verify user
149 ... login via Redfish.
150 [Tags] Update_User_Password_Via_IPMI_And_Verify_Using_Redfish
151
152 ${username} ${userid}= IPMI Create Random User Plus Password And Privilege
153 ... ${valid_password} ${admin_level_priv}
154
155 # Update user password using IPMI.
156 Run IPMI Standard Command
157 ... user set password ${userid} ${valid_password2}
158
Anusha Dathatri4d894652020-02-12 04:08:10 -0600[diff] [blame]159 Redfish.Logout
160
Rahul Maheshwari75e91fe2019-03-29 05:32:28 -0500[diff] [blame]161 # Verify that user login works with new password using Redfish.
162 Redfish.Login ${username} ${valid_password2}
Anusha Dathatri4d894652020-02-12 04:08:10 -0600[diff] [blame]163 Redfish.Logout
164
165 Redfish.Login
Rahul Maheshwari75e91fe2019-03-29 05:32:28 -0500[diff] [blame]166
167
Rahul Maheshwari7b7ba222022-08-21 23:29:43 -0500[diff] [blame]168Update User Privilege To Operator Via IPMI And Verify Using Redfish
169 [Documentation] Update user privilege to operator via IPMI and verify using Redfish.
170 [Tags] Update_User_Privilege_To_Operator_Via_IPMI_And_Verify_Using_Redfish
Rahul Maheshwari75e91fe2019-03-29 05:32:28 -0500[diff] [blame]171 # Create user using IPMI with admin privilege.
172 ${username} ${userid}= IPMI Create Random User Plus Password And Privilege
173 ... ${valid_password} ${admin_level_priv}
174
175 # Change user privilege to opetrator using IPMI.
176 Run IPMI Standard Command
Tony Lee69ed33e2020-05-20 17:15:02 +0800[diff] [blame]177 ... user priv ${userid} ${operator_level_priv} ${CHANNEL_NUMBER}
Rahul Maheshwari75e91fe2019-03-29 05:32:28 -0500[diff] [blame]178
179 # Verify new user privilege level via Redfish.
180 ${privilege}= Redfish_Utils.Get Attribute
181 ... /redfish/v1/AccountService/Accounts/${username} RoleId
182 Should Be Equal ${privilege} Operator
183
184
Rahul Maheshwari7b7ba222022-08-21 23:29:43 -0500[diff] [blame]185Update User Privilege To Readonly Via IPMI And Verify Using Redfish
186 [Documentation] Update user privilege to readonly via IPMI and verify using Redfish.
187 [Tags] Update_User_Privilege_To_Readonly_Via_IPMI_And_Verify_Using_Redfish
188
189 # Create user using IPMI with admin privilege.
190 ${username} ${userid}= IPMI Create Random User Plus Password And Privilege
191 ... ${valid_password} ${admin_level_priv}
192
193 # Change user privilege to readonly using IPMI.
194 Run IPMI Standard Command
195 ... user priv ${userid} ${readonly_level_priv} ${CHANNEL_NUMBER}
196
197 # Verify new user privilege level via Redfish.
198 ${privilege}= Redfish_Utils.Get Attribute
199 ... /redfish/v1/AccountService/Accounts/${username} RoleId
200 Should Be Equal ${privilege} ReadOnly
201
202
Rahul Maheshwari75e91fe2019-03-29 05:32:28 -0500[diff] [blame]203Delete User Via IPMI And Verify Using Redfish
204 [Documentation] Delete user using IPMI and verify error while doing
205 ... user login with deleted user via Redfish.
206 [Tags] Delete_User_Via_IPMI_And_Verify_Using_Redfish
207
208 ${username} ${userid}= IPMI Create Random User Plus Password And Privilege
209 ... ${valid_password} ${admin_level_priv}
210
211 # Delete IPMI User.
212 Run IPMI Standard Command user set name ${userid} ""
213
214 # Verify that Redfish login fails with deleted user.
215 Run Keyword And Expect Error *InvalidCredentialsError*
216 ... Redfish.Login ${username} ${valid_password}
217
218
Rahul Maheshwari3e61ce62019-06-18 02:09:01 -0500[diff] [blame]219Verify Failure To Exceed Max Number Of Users
220 [Documentation] Verify failure attempting to exceed the max number of user accounts.
221 [Tags] Verify_Failure_To_Exceed_Max_Number_Of_Users
nagarjunb132d29a2022-07-29 09:02:47 +0000[diff] [blame]222 [Teardown] Run Keywords Test Teardown Execution
223 ... AND Delete Users Via Redfish ${username_list}
Rahul Maheshwari3e61ce62019-06-18 02:09:01 -0500[diff] [blame]224
225 # Get existing user count.
226 ${resp}= Redfish.Get /redfish/v1/AccountService/Accounts/
227 ${current_user_count}= Get From Dictionary ${resp.dict} Members@odata.count
228
229 ${payload}= Create Dictionary Password=${valid_password}
230 ... RoleId=Administrator Enabled=${True}
231
Ashwini Chandrappadfd48012022-04-06 06:33:37 -0500[diff] [blame]232 @{username_list}= Create List
233
George Keishingdc7d6892022-07-07 14:28:32 -0500[diff] [blame]234 # Create users to reach maximum users count (i.e. 30 users).
Rahul Maheshwari3e61ce62019-06-18 02:09:01 -0500[diff] [blame]235 FOR ${INDEX} IN RANGE ${current_user_count} ${max_num_users}
236 ${random_username}= Generate Random String 8 [LETTERS]
237 Set To Dictionary ${payload} UserName ${random_username}
238 Redfish.Post ${REDFISH_ACCOUNTS_URI} body=&{payload}
239 ... valid_status_codes=[${HTTP_CREATED}]
Ashwini Chandrappadfd48012022-04-06 06:33:37 -0500[diff] [blame]240 Append To List ${username_list} /redfish/v1/AccountService/Accounts/${random_username}
Rahul Maheshwari3e61ce62019-06-18 02:09:01 -0500[diff] [blame]241 END
242
Ashwini Chandrappadfd48012022-04-06 06:33:37 -0500[diff] [blame]243 # Verify error while creating 16th user.
Rahul Maheshwari3e61ce62019-06-18 02:09:01 -0500[diff] [blame]244 ${random_username}= Generate Random String 8 [LETTERS]
245 Set To Dictionary ${payload} UserName ${random_username}
246 Redfish.Post ${REDFISH_ACCOUNTS_URI} body=&{payload}
247 ... valid_status_codes=[${HTTP_BAD_REQUEST}]
248
249
Anusha Dathatri9ecaaf42020-01-20 04:50:13 -0600[diff] [blame]250Create IPMI User Without Any Privilege And Verify Via Redfish
251 [Documentation] Create user using IPMI without privilege and verify via redfish.
252 [Tags] Create_IPMI_User_Without_Any_Privilege_And_Verify_Via_Redfish
253
254 ${username} ${userid}= IPMI Create Random User Plus Password And Privilege
255 ... ${valid_password}
256
257 # Verify new user privilege level via Redfish.
258 ${privilege}= Redfish_Utils.Get Attribute
259 ... /redfish/v1/AccountService/Accounts/${username} RoleId
260 Valid Value privilege ['NoAccess']
261
Rahul Maheshwari51dee262019-03-06 23:36:21 -0600[diff] [blame]262*** Keywords ***
263
Rahul Maheshwari75e91fe2019-03-29 05:32:28 -0500[diff] [blame]264IPMI Create Random User Plus Password And Privilege
265 [Documentation] Create random IPMI user with given password and privilege
266 ... level.
Anusha Dathatri9ecaaf42020-01-20 04:50:13 -0600[diff] [blame]267 [Arguments] ${password} ${privilege}=0
Rahul Maheshwari75e91fe2019-03-29 05:32:28 -0500[diff] [blame]268
269 # Description of argument(s):
270 # password Password to be assigned for the user.
271 # privilege Privilege level for the user (e.g. "1", "2", "3", etc.).
272
273 # Create IPMI user.
274 ${random_username}= Generate Random String 8 [LETTERS]
275 Set Suite Variable ${random_username}
276
Gene Ratzlaffd4cdc112022-05-06 13:17:35 -0400[diff] [blame]277 ${random_userid}= Find Free User Id
Rahul Maheshwari75e91fe2019-03-29 05:32:28 -0500[diff] [blame]278 IPMI Create User ${random_userid} ${random_username}
279
280 # Set given password for newly created user.
281 Run IPMI Standard Command
282 ... user set password ${random_userid} ${password}
283
284 # Enable IPMI user.
285 Run IPMI Standard Command user enable ${random_userid}
286
287 # Set given privilege and enable IPMI messaging for newly created user.
Anusha Dathatri9ecaaf42020-01-20 04:50:13 -0600[diff] [blame]288 Run Keyword If '${privilege}' != '0'
289 ... Set Channel Access ${random_userid} ipmi=on privilege=${privilege}
Rahul Maheshwari75e91fe2019-03-29 05:32:28 -0500[diff] [blame]290
291 [Return] ${random_username} ${random_userid}
292
293
nagarjunb132d29a2022-07-29 09:02:47 +0000[diff] [blame]294Delete Users Via Redfish
295 [Documentation] Delete all the users via redfish from given list.
296 [Arguments] ${user_list}
297
298 # Description of argument(s):
299 # user_list List of user which are to be deleted.
300
301 Redfish.Login
302
303 FOR ${user} IN @{user_list}
304 Redfish.Delete ${user}
305 END
306
307 Redfish.Logout
308
309
Rahul Maheshwari51dee262019-03-06 23:36:21 -0600[diff] [blame]310Test Setup Execution
311 [Documentation] Do test case setup tasks.
312
313 Redfish.Login
314
315
316Test Teardown Execution
317 [Documentation] Do the post test teardown.
318
319 FFDC On Test Case Fail
320 # Delete the test user.
321 Run Keyword And Ignore Error
322 ... Redfish.Delete /redfish/v1/AccountService/Accounts/${random_username}
323
324 Redfish.Logout
Gene Ratzlaffd4cdc112022-05-06 13:17:35 -0400[diff] [blame]325
326
327Find Free User Id
328 [Documentation] Find a userid that is not being used.
329 FOR ${jj} IN RANGE 300
George Keishingdc7d6892022-07-07 14:28:32 -0500[diff] [blame]330 # IPMI maximum users count (i.e. 15 users).
331 ${random_userid}= Evaluate random.randint(1, ${ipmi_max_num_users}) modules=random
Gene Ratzlaffd4cdc112022-05-06 13:17:35 -0400[diff] [blame]332 ${access}= Run IPMI Standard Command channel getaccess 1 ${random_userid}
333
334 ${name_line}= Get Lines Containing String ${access} User Name
335 Log To Console For ID ${random_userid}: ${name_line}
336 ${is_empty}= Run Keyword And Return Status
337 ... Should Match Regexp ${name_line} ${empty_name_pattern}
338
339 Exit For Loop If ${is_empty} == ${True}
340 END
341 Run Keyword If '${jj}' == '299' Fail msg=A free user ID could not be found.
342 [Return] ${random_userid}