Rahul Maheshwari | ddfc0cb | 2019-02-07 23:43:19 -0600 | [diff] [blame] | 1 | *** Settings *** |
| 2 | Documentation Test suite for OpenBMC IPMI user management. |
| 3 | |
| 4 | Resource ../lib/ipmi_client.robot |
| 5 | Resource ../lib/openbmc_ffdc.robot |
| 6 | Library ../lib/ipmi_utils.py |
| 7 | |
Rahul Maheshwari | f646baa | 2019-02-20 12:29:35 -0600 | [diff] [blame] | 8 | Test Teardown Test Teardown Execution |
Rahul Maheshwari | ddfc0cb | 2019-02-07 23:43:19 -0600 | [diff] [blame] | 9 | |
| 10 | |
| 11 | *** Variables *** |
| 12 | |
| 13 | ${invalid_username} user% |
| 14 | ${invalid_password} abc123 |
| 15 | ${root_userid} 1 |
| 16 | ${operator_level_priv} 0x3 |
Rahul Maheshwari | c05bf56 | 2019-03-01 04:02:53 -0600 | [diff] [blame] | 17 | ${user_priv} 2 |
| 18 | ${operator_priv} 3 |
Rahul Maheshwari | ef0a735 | 2019-02-20 11:07:48 -0600 | [diff] [blame] | 19 | ${admin_level_priv} 4 |
Rahul Maheshwari | c05bf56 | 2019-03-01 04:02:53 -0600 | [diff] [blame] | 20 | ${no_access_priv} 15 |
Rahul Maheshwari | c19f838 | 2019-02-20 08:19:22 -0600 | [diff] [blame] | 21 | ${valid_password} 0penBmc1 |
| 22 | ${max_password_length} 20 |
Rahul Maheshwari | ef0a735 | 2019-02-20 11:07:48 -0600 | [diff] [blame] | 23 | ${ipmi_setaccess_cmd} channel setaccess |
Rahul Maheshwari | ddfc0cb | 2019-02-07 23:43:19 -0600 | [diff] [blame] | 24 | |
Rahul Maheshwari | dd63c74 | 2019-02-27 23:03:54 -0600 | [diff] [blame] | 25 | |
Rahul Maheshwari | ddfc0cb | 2019-02-07 23:43:19 -0600 | [diff] [blame] | 26 | *** Test Cases *** |
| 27 | |
Rahul Maheshwari | ffc7735 | 2019-02-25 09:05:27 -0600 | [diff] [blame] | 28 | Verify IPMI User Summary |
| 29 | [Documentation] Verify IPMI maximum supported IPMI user ID and |
| 30 | ... enabled user form user summary |
| 31 | [Tags] Verify_IPMI_User_Summary |
| 32 | |
| 33 | # Delete all non-root IPMI (i.e. except userid 1) |
| 34 | Delete All Non Root IPMI User |
| 35 | |
| 36 | # Create a valid user and enable it. |
| 37 | ${random_username}= Generate Random String 8 [LETTERS] |
| 38 | ${random_userid}= Evaluate random.randint(2, 15) modules=random |
| 39 | IPMI Create User ${random_userid} ${random_username} |
| 40 | Run IPMI Standard Command user enable ${random_userid} |
| 41 | |
| 42 | # Verify maximum user count IPMI local user can have. Also verify |
| 43 | # currently enabled users. |
| 44 | ${resp}= Run IPMI Standard Command user summary |
| 45 | ${enabled_user_count}= |
| 46 | ... Get Lines Containing String ${resp} Enabled User Count |
| 47 | ${maximum_ids}= Get Lines Containing String ${resp} Maximum IDs |
| 48 | Should Contain ${enabled_user_count} 2 |
| 49 | Should Contain ${maximum_ids} 15 |
| 50 | |
| 51 | |
Rahul Maheshwari | ddfc0cb | 2019-02-07 23:43:19 -0600 | [diff] [blame] | 52 | Verify IPMI User Creation With Valid Name And ID |
| 53 | [Documentation] Create user via IPMI and verify. |
| 54 | [Tags] Test_IPMI_User_Creation_With_Valid_Name_And_ID |
| 55 | |
| 56 | ${random_username}= Generate Random String 8 [LETTERS] |
Rahul Maheshwari | 976a170 | 2019-02-21 01:47:58 -0600 | [diff] [blame] | 57 | ${random_userid}= Evaluate random.randint(2, 15) modules=random |
Rahul Maheshwari | ddfc0cb | 2019-02-07 23:43:19 -0600 | [diff] [blame] | 58 | IPMI Create User ${random_userid} ${random_username} |
| 59 | |
| 60 | |
| 61 | Verify IPMI User Creation With Invalid Name |
| 62 | [Documentation] Verify error while creating IPMI user with invalid |
George Keishing | c2a6f09 | 2019-02-20 12:26:54 -0600 | [diff] [blame] | 63 | ... name(e.g. user name with special characters). |
Rahul Maheshwari | ddfc0cb | 2019-02-07 23:43:19 -0600 | [diff] [blame] | 64 | [Tags] Verify_IPMI_User_Creation_With_Invalid_Name |
| 65 | |
Rahul Maheshwari | 976a170 | 2019-02-21 01:47:58 -0600 | [diff] [blame] | 66 | ${random_userid}= Evaluate random.randint(2, 15) modules=random |
Rahul Maheshwari | ddfc0cb | 2019-02-07 23:43:19 -0600 | [diff] [blame] | 67 | ${msg}= Run Keyword And Expect Error * Run IPMI Standard Command |
| 68 | ... user set name ${random_userid} ${invalid_username} |
| 69 | Should Contain ${msg} Invalid data |
| 70 | |
| 71 | |
| 72 | Verify IPMI User Creation With Invalid ID |
| 73 | [Documentation] Verify error while creating IPMI user with invalid |
| 74 | ... ID(i.e. any number greater than 15 or 0). |
| 75 | [Tags] Verify_IPMI_User_Creation_With_Invalid_ID |
| 76 | |
| 77 | @{id_list}= Create List |
| 78 | ${random_invalid_id}= Evaluate random.randint(16, 1000) modules=random |
| 79 | Append To List ${id_list} ${random_invalid_id} |
| 80 | Append To List ${id_list} 0 |
| 81 | |
| 82 | :FOR ${id} IN @{id_list} |
| 83 | \ ${msg}= Run Keyword And Expect Error * Run IPMI Standard Command |
| 84 | \ ... user set name ${id} newuser |
| 85 | \ Should Contain ${msg} User ID is limited to range |
| 86 | |
| 87 | |
| 88 | Verify Setting IPMI User With Invalid Password |
| 89 | [Documentation] Verify error while setting IPMI user with invalid |
| 90 | ... password. |
| 91 | [Tags] Verify_Setting_IPMI_User_With_Invalid_Password |
| 92 | |
| 93 | # Create IPMI user. |
| 94 | ${random_username}= Generate Random String 8 [LETTERS] |
Rahul Maheshwari | 976a170 | 2019-02-21 01:47:58 -0600 | [diff] [blame] | 95 | ${random_userid}= Evaluate random.randint(2, 15) modules=random |
Rahul Maheshwari | ddfc0cb | 2019-02-07 23:43:19 -0600 | [diff] [blame] | 96 | IPMI Create User ${random_userid} ${random_username} |
| 97 | |
| 98 | # Set invalid password for newly created user. |
| 99 | ${msg}= Run Keyword And Expect Error * Run IPMI Standard Command |
| 100 | ... user set password ${random_userid} ${invalid_password} |
| 101 | |
| 102 | Should Contain ${msg} Invalid data field in request |
| 103 | |
| 104 | |
| 105 | Verify Setting IPMI Root User With New Name |
| 106 | [Documentation] Verify error while setting IPMI root user with new |
| 107 | ... name. |
| 108 | [Tags] Verify_Setting_IPMI_Root_User_With_New_Name |
| 109 | |
| 110 | # Set invalid password for newly created user. |
| 111 | ${msg}= Run Keyword And Expect Error * Run IPMI Standard Command |
| 112 | ... user set name ${root_userid} abcd |
| 113 | |
| 114 | Should Contain ${msg} Set User Name command failed |
| 115 | |
| 116 | |
Rahul Maheshwari | c19f838 | 2019-02-20 08:19:22 -0600 | [diff] [blame] | 117 | Verify IPMI User Password Via Test Command |
| 118 | [Documentation] Verify IPMI user password using test command. |
| 119 | [Tags] Verify_IPMI_User_Password_Via_Test_Command |
| 120 | |
| 121 | # Create IPMI user. |
| 122 | ${random_username}= Generate Random String 8 [LETTERS] |
| 123 | ${random_userid}= Evaluate random.randint(2, 15) modules=random |
| 124 | IPMI Create User ${random_userid} ${random_username} |
| 125 | |
| 126 | # Set valid password for newly created user. |
| 127 | Run IPMI Standard Command |
| 128 | ... user set password ${random_userid} ${valid_password} |
| 129 | |
| 130 | # Verify newly set password using test command. |
| 131 | ${msg}= Run IPMI Standard Command |
| 132 | ... user test ${random_userid} ${max_password_length} ${valid_password} |
| 133 | |
| 134 | Should Contain ${msg} Success |
| 135 | |
| 136 | |
Rahul Maheshwari | ef0a735 | 2019-02-20 11:07:48 -0600 | [diff] [blame] | 137 | Verify Setting Valid Password For IPMI User |
| 138 | [Documentation] Set valid password for IPMI user and verify. |
| 139 | [Tags] Verify_Setting_Valid_Password_For_IPMI_User |
| 140 | |
| 141 | # Create IPMI user. |
| 142 | ${random_username}= Generate Random String 8 [LETTERS] |
| 143 | ${random_userid}= Evaluate random.randint(2, 15) modules=random |
| 144 | IPMI Create User ${random_userid} ${random_username} |
| 145 | |
| 146 | # Set valid password for newly created user. |
| 147 | Run IPMI Standard Command |
| 148 | ... user set password ${random_userid} ${valid_password} |
| 149 | |
| 150 | # Enable IPMI user |
| 151 | Run IPMI Standard Command user enable ${random_userid} |
| 152 | |
| 153 | # Set admin privilege and enable IPMI messaging for newly created user |
| 154 | Set Channel Access ${random_userid} ipmi=on privilege=${admin_level_priv} |
| 155 | |
| 156 | Verify IPMI Username And Password ${random_username} ${valid_password} |
| 157 | |
| 158 | |
Rahul Maheshwari | 404da0d | 2019-02-18 23:24:17 -0600 | [diff] [blame] | 159 | Verify IPMI User Creation With Same Name |
| 160 | [Documentation] Verify error while creating two IPMI user with same name. |
| 161 | [Tags] Verify_IPMI_User_Creation_With_Same_Name |
| 162 | |
| 163 | ${random_username}= Generate Random String 8 [LETTERS] |
| 164 | IPMI Create User 2 ${random_username} |
| 165 | |
| 166 | # Set same username for another IPMI user. |
| 167 | ${msg}= Run Keyword And Expect Error * Run IPMI Standard Command |
| 168 | ... user set name 3 ${random_username} |
| 169 | Should Contain ${msg} Invalid data field in request |
| 170 | |
| 171 | |
| 172 | Verify Setting IPMI User With Null Password |
| 173 | [Documentation] Verify error while setting IPMI user with null |
| 174 | ... password. |
| 175 | [Tags] Verify_Setting_IPMI_User_With_Null_Password |
| 176 | |
| 177 | # Create IPMI user. |
| 178 | ${random_username}= Generate Random String 8 [LETTERS] |
Rahul Maheshwari | 976a170 | 2019-02-21 01:47:58 -0600 | [diff] [blame] | 179 | ${random_userid}= Evaluate random.randint(2, 15) modules=random |
Rahul Maheshwari | 404da0d | 2019-02-18 23:24:17 -0600 | [diff] [blame] | 180 | IPMI Create User ${random_userid} ${random_username} |
| 181 | |
| 182 | # Set null password for newly created user. |
| 183 | ${msg}= Run Keyword And Expect Error * Run IPMI Standard Command |
| 184 | ... user set password ${random_userid} "" |
| 185 | |
| 186 | Should Contain ${msg} Invalid data field in request |
| 187 | |
| 188 | |
Rahul Maheshwari | 645a113 | 2019-02-18 03:29:27 -0600 | [diff] [blame] | 189 | Verify IPMI User Deletion |
| 190 | [Documentation] Delete user via IPMI and verify. |
| 191 | [Tags] Verify_IPMI_User_Deletion |
| 192 | |
| 193 | ${random_username}= Generate Random String 8 [LETTERS] |
| 194 | ${random_userid}= Evaluate random.randint(2, 15) modules=random |
| 195 | IPMI Create User ${random_userid} ${random_username} |
| 196 | |
| 197 | # Delete IPMI User and verify |
| 198 | Run IPMI Standard Command user set name ${random_userid} "" |
Rahul Maheshwari | 4f4688f | 2019-02-28 00:49:10 -0600 | [diff] [blame] | 199 | ${user_info}= Get User Info ${random_userid} |
Rahul Maheshwari | 645a113 | 2019-02-18 03:29:27 -0600 | [diff] [blame] | 200 | Should Be Equal ${user_info['user_name']} ${EMPTY} |
| 201 | |
| 202 | |
Rahul Maheshwari | c05bf56 | 2019-03-01 04:02:53 -0600 | [diff] [blame] | 203 | Test IPMI User Privilege Level |
| 204 | [Documentation] Verify IPMI user with user privilege can only run user level commands. |
| 205 | [Tags] Test_IPMI_User_Privilege_Level |
| 206 | [Template] Test IPMI User Privilege |
| 207 | |
| 208 | #Privilege level User Cmd Status Operator Cmd Status Admin Cmd Status |
| 209 | ${user_priv} Passed Failed Failed |
| 210 | |
| 211 | |
| 212 | Test IPMI Operator Privilege Level |
| 213 | [Documentation] Verify IPMI user with operator privilege can only run user and operator levels commands. |
| 214 | ... level is set to operator. |
| 215 | [Tags] Test_IPMI_Operator_Privilege_Level |
| 216 | [Template] Test IPMI User Privilege |
| 217 | |
| 218 | #Privilege level User Cmd Status Operator Cmd Status Admin Cmd Status |
| 219 | ${operator_priv} Passed Passed Failed |
| 220 | |
| 221 | |
| 222 | Test IPMI Administrator Privilege Level |
| 223 | [Documentation] Verify IPMI user with admin privilege can run all levels command. |
| 224 | [Tags] Test_IPMI_Administrator_Privilege_Level |
| 225 | [Template] Test IPMI User Privilege |
| 226 | |
| 227 | #Privilege level User Cmd Status Operator Cmd Status Admin Cmd Status |
| 228 | ${admin_level_priv} Passed Passed Passed |
| 229 | |
| 230 | |
| 231 | Test IPMI No Access Privilege Level |
| 232 | [Documentation] Verify IPMI user with no access privilege can not run only any level command. |
| 233 | [Tags] Test_IPMI_No_Access_Privilege_Level |
| 234 | [Template] Test IPMI User Privilege |
| 235 | |
| 236 | #Privilege level User Cmd Status Operator Cmd Status Admin Cmd Status |
| 237 | ${no_access_priv} Failed Failed Failed |
| 238 | |
| 239 | |
Rahul Maheshwari | 0c71f5e | 2019-02-20 03:52:55 -0600 | [diff] [blame] | 240 | Enable IPMI User And Verify |
| 241 | [Documentation] Enable IPMI user and verify that the user is able |
| 242 | ... to run IPMI command. |
| 243 | [Tags] Enable_IPMI_User_And_Verify |
| 244 | |
| 245 | # Create IPMI user and set valid password. |
| 246 | ${random_username}= Generate Random String 8 [LETTERS] |
| 247 | ${random_userid}= Evaluate random.randint(2, 15) modules=random |
| 248 | IPMI Create User ${random_userid} ${random_username} |
| 249 | Run IPMI Standard Command |
| 250 | ... user set password ${random_userid} ${valid_password} |
| 251 | |
| 252 | # Set admin privilege and enable IPMI messaging for newly created user. |
| 253 | Set Channel Access ${random_userid} ipmi=on privilege=${admin_level_priv} |
| 254 | |
| 255 | # Enable IPMI user and verify. |
| 256 | Run IPMI Standard Command user enable ${random_userid} |
| 257 | ${user_info}= Get User Info ${random_userid} |
| 258 | Should Be Equal ${user_info['enable_status']} enabled |
| 259 | |
| 260 | # Verify that enabled IPMI user is able to run IPMI command. |
| 261 | Verify IPMI Username And Password ${random_username} ${valid_password} |
| 262 | |
| 263 | |
| 264 | Disable IPMI User And Verify |
| 265 | [Documentation] Disable IPMI user and verify that that the user |
| 266 | ... is unable to run IPMI command. |
| 267 | [Tags] Disable_IPMI_User_And_Verify |
| 268 | |
| 269 | # Create IPMI user and set valid password. |
| 270 | ${random_username}= Generate Random String 8 [LETTERS] |
| 271 | ${random_userid}= Evaluate random.randint(2, 15) modules=random |
| 272 | IPMI Create User ${random_userid} ${random_username} |
| 273 | Run IPMI Standard Command |
| 274 | ... user set password ${random_userid} ${valid_password} |
| 275 | |
| 276 | # Set admin privilege and enable IPMI messaging for newly created user. |
| 277 | Set Channel Access ${random_userid} ipmi=on privilege=${admin_level_priv} |
| 278 | |
| 279 | # Disable IPMI user and verify. |
| 280 | Run IPMI Standard Command user disable ${random_userid} |
| 281 | ${user_info}= Get User Info ${random_userid} |
| 282 | Should Be Equal ${user_info['enable_status']} disabled |
| 283 | |
| 284 | # Verify that disabled IPMI user is unable to run IPMI command. |
| 285 | ${msg}= Run Keyword And Expect Error * Verify IPMI Username And Password |
| 286 | ... ${random_username} ${valid_password} |
Rahul Maheshwari | c3d1e96 | 2019-03-06 23:53:21 -0600 | [diff] [blame] | 287 | Should Contain ${msg} Unable to establish IPMI |
Rahul Maheshwari | 0c71f5e | 2019-02-20 03:52:55 -0600 | [diff] [blame] | 288 | |
Rahul Maheshwari | c19f838 | 2019-02-20 08:19:22 -0600 | [diff] [blame] | 289 | |
Rahul Maheshwari | dd63c74 | 2019-02-27 23:03:54 -0600 | [diff] [blame] | 290 | Verify IPMI Root User Password Change |
| 291 | [Documentation] Change IPMI root user password and verify that |
| 292 | ... root user is able to run IPMI command. |
| 293 | [Tags] Verify_IPMI_Root_User_Password_Change |
| 294 | [Teardown] Wait Until Keyword Succeeds 15 sec 5 sec |
| 295 | ... Set Default Password For IPMI Root User |
| 296 | |
| 297 | # Set new password for root user. |
| 298 | Run IPMI Standard Command |
| 299 | ... user set password ${root_userid} ${valid_password} |
| 300 | |
| 301 | # Verify that root user is able to run IPMI command using new password. |
| 302 | Verify IPMI Username And Password root ${valid_password} |
| 303 | |
| 304 | |
Rahul Maheshwari | ddfc0cb | 2019-02-07 23:43:19 -0600 | [diff] [blame] | 305 | *** Keywords *** |
| 306 | |
Rahul Maheshwari | dd63c74 | 2019-02-27 23:03:54 -0600 | [diff] [blame] | 307 | Set Default Password For IPMI Root User |
| 308 | [Documentation] Set default password for IPMI root user (i.e. 0penBmc). |
Rahul Maheshwari | dd63c74 | 2019-02-27 23:03:54 -0600 | [diff] [blame] | 309 | # Set default password for root user. |
| 310 | ${result}= Run External IPMI Standard Command |
| 311 | ... user set password ${root_userid} ${OPENBMC_PASSWORD} |
| 312 | ... P=${valid_password} |
| 313 | Should Contain ${result} Set User Password command successful |
| 314 | |
| 315 | # Verify that root user is able to run IPMI command using default password. |
| 316 | Verify IPMI Username And Password root ${OPENBMC_PASSWORD} |
| 317 | |
Rahul Maheshwari | ef0a735 | 2019-02-20 11:07:48 -0600 | [diff] [blame] | 318 | |
Rahul Maheshwari | c05bf56 | 2019-03-01 04:02:53 -0600 | [diff] [blame] | 319 | Test IPMI User Privilege |
| 320 | [Documentation] Test IPMI user privilege by executing IPMI command with different privileges. |
| 321 | [Arguments] ${privilege_level} ${user_cmd_status} ${operator_cmd_status} ${admin_cmd_status} |
| 322 | |
| 323 | # Description of argument(s): |
| 324 | # privilege_level Privilege level of IPMI user (e.g. 4, 3). |
| 325 | # user_cmd_status Expected status of IPMI command run with the "User" |
| 326 | # privilege (i.e. "Passed" or "Failed"). |
| 327 | # operator_cmd_status Expected status of IPMI command run with the "Operator" |
| 328 | # privilege (i.e. "Passed" or "Failed"). |
| 329 | # admin_cmd_status Expected status of IPMI command run with the "Administrator" |
| 330 | # privilege (i.e. "Passed" or "Failed"). |
| 331 | |
| 332 | # Create IPMI user and set valid password. |
| 333 | ${random_username}= Generate Random String 8 [LETTERS] |
| 334 | ${random_userid}= Evaluate random.randint(2, 15) modules=random |
| 335 | IPMI Create User ${random_userid} ${random_username} |
| 336 | Run IPMI Standard Command |
| 337 | ... user set password ${random_userid} ${valid_password} |
| 338 | |
| 339 | # Set privilege and enable IPMI messaging for newly created user. |
| 340 | Set Channel Access ${random_userid} ipmi=on privilege=${privilege_level} |
| 341 | |
| 342 | # Enable IPMI user and verify. |
| 343 | Run IPMI Standard Command user enable ${random_userid} |
| 344 | ${user_info}= Get User Info ${random_userid} |
| 345 | Should Be Equal ${user_info['enable_status']} enabled |
| 346 | |
| 347 | Verify IPMI Command ${random_username} ${valid_password} User ${user_cmd_status} |
| 348 | Verify IPMI Command ${random_username} ${valid_password} Operator ${operator_cmd_status} |
| 349 | Verify IPMI Command ${random_username} ${valid_password} Administrator ${admin_cmd_status} |
| 350 | |
| 351 | |
| 352 | Verify IPMI Command |
| 353 | [Documentation] Verify IPMI command execution with given username, |
| 354 | ... password, privilege and expected status. |
| 355 | [Arguments] ${username} ${password} ${privilege} ${expected_status} |
| 356 | # Description of argument(s): |
| 357 | # username The user name (e.g. "root", "robert", etc.). |
| 358 | # password The user password (e.g. "0penBmc", "0penBmc1", etc.). |
| 359 | # privilege The session privilge for IPMI command (e.g. "User", "Operator", etc.). |
| 360 | # expected_status Expected status of IPMI command run with the user |
| 361 | # of above password and privilege (i.e. "Passed" or "Failed"). |
| 362 | |
| 363 | ${expected_rc}= Set Variable If '${expected_status}' == 'Passed' ${0} ${1} |
| 364 | Run IPMI Standard Command sel info expected_rc=${expected_rc} U=${username} P=${password} |
| 365 | ... L=${privilege} |
| 366 | |
| 367 | |
Rahul Maheshwari | f646baa | 2019-02-20 12:29:35 -0600 | [diff] [blame] | 368 | Delete All Non Root IPMI User |
| 369 | [Documentation] Delete all non-root IPMI user. |
| 370 | |
| 371 | :FOR ${userid} IN RANGE 2 16 |
| 372 | \ ${user_info}= Get User Info ${userid} |
| 373 | \ Run Keyword If "${user_info['user_name']}" != "" |
| 374 | ... Run IPMI Standard Command user set name ${userid} "" |
| 375 | |
| 376 | |
| 377 | Test Teardown Execution |
| 378 | [Documentation] Do the test teardown execution. |
| 379 | |
| 380 | FFDC On Test Case Fail |
| 381 | Delete All Non Root IPMI User |
| 382 | |