blob: aa9dc301d0961483ed5d64263e0b2758c7ff6480 [file] [log] [blame]
Rahul Maheshwariddfc0cb2019-02-07 23:43:19 -06001*** Settings ***
2Documentation Test suite for OpenBMC IPMI user management.
3
4Resource ../lib/ipmi_client.robot
5Resource ../lib/openbmc_ffdc.robot
6Library ../lib/ipmi_utils.py
7
Rahul Maheshwarif646baa2019-02-20 12:29:35 -06008Test Teardown Test Teardown Execution
Rahul Maheshwariddfc0cb2019-02-07 23:43:19 -06009
10
11*** Variables ***
12
13${invalid_username} user%
14${invalid_password} abc123
15${root_userid} 1
16${operator_level_priv} 0x3
Rahul Maheshwaric05bf562019-03-01 04:02:53 -060017${user_priv} 2
18${operator_priv} 3
Rahul Maheshwarief0a7352019-02-20 11:07:48 -060019${admin_level_priv} 4
Rahul Maheshwaric05bf562019-03-01 04:02:53 -060020${no_access_priv} 15
Rahul Maheshwaric19f8382019-02-20 08:19:22 -060021${valid_password} 0penBmc1
22${max_password_length} 20
Rahul Maheshwarief0a7352019-02-20 11:07:48 -060023${ipmi_setaccess_cmd} channel setaccess
Rahul Maheshwariddfc0cb2019-02-07 23:43:19 -060024
Rahul Maheshwaridd63c742019-02-27 23:03:54 -060025
Rahul Maheshwariddfc0cb2019-02-07 23:43:19 -060026*** Test Cases ***
27
Rahul Maheshwariffc77352019-02-25 09:05:27 -060028Verify IPMI User Summary
29 [Documentation] Verify IPMI maximum supported IPMI user ID and
30 ... enabled user form user summary
31 [Tags] Verify_IPMI_User_Summary
32
33 # Delete all non-root IPMI (i.e. except userid 1)
34 Delete All Non Root IPMI User
35
36 # Create a valid user and enable it.
37 ${random_username}= Generate Random String 8 [LETTERS]
38 ${random_userid}= Evaluate random.randint(2, 15) modules=random
39 IPMI Create User ${random_userid} ${random_username}
40 Run IPMI Standard Command user enable ${random_userid}
41
42 # Verify maximum user count IPMI local user can have. Also verify
43 # currently enabled users.
44 ${resp}= Run IPMI Standard Command user summary
45 ${enabled_user_count}=
46 ... Get Lines Containing String ${resp} Enabled User Count
47 ${maximum_ids}= Get Lines Containing String ${resp} Maximum IDs
48 Should Contain ${enabled_user_count} 2
49 Should Contain ${maximum_ids} 15
50
51
Rahul Maheshwariddfc0cb2019-02-07 23:43:19 -060052Verify IPMI User Creation With Valid Name And ID
53 [Documentation] Create user via IPMI and verify.
54 [Tags] Test_IPMI_User_Creation_With_Valid_Name_And_ID
55
56 ${random_username}= Generate Random String 8 [LETTERS]
Rahul Maheshwari976a1702019-02-21 01:47:58 -060057 ${random_userid}= Evaluate random.randint(2, 15) modules=random
Rahul Maheshwariddfc0cb2019-02-07 23:43:19 -060058 IPMI Create User ${random_userid} ${random_username}
59
60
61Verify IPMI User Creation With Invalid Name
62 [Documentation] Verify error while creating IPMI user with invalid
George Keishingc2a6f092019-02-20 12:26:54 -060063 ... name(e.g. user name with special characters).
Rahul Maheshwariddfc0cb2019-02-07 23:43:19 -060064 [Tags] Verify_IPMI_User_Creation_With_Invalid_Name
65
Rahul Maheshwari976a1702019-02-21 01:47:58 -060066 ${random_userid}= Evaluate random.randint(2, 15) modules=random
Rahul Maheshwariddfc0cb2019-02-07 23:43:19 -060067 ${msg}= Run Keyword And Expect Error * Run IPMI Standard Command
68 ... user set name ${random_userid} ${invalid_username}
69 Should Contain ${msg} Invalid data
70
71
72Verify IPMI User Creation With Invalid ID
73 [Documentation] Verify error while creating IPMI user with invalid
74 ... ID(i.e. any number greater than 15 or 0).
75 [Tags] Verify_IPMI_User_Creation_With_Invalid_ID
76
77 @{id_list}= Create List
78 ${random_invalid_id}= Evaluate random.randint(16, 1000) modules=random
79 Append To List ${id_list} ${random_invalid_id}
80 Append To List ${id_list} 0
81
82 :FOR ${id} IN @{id_list}
83 \ ${msg}= Run Keyword And Expect Error * Run IPMI Standard Command
84 \ ... user set name ${id} newuser
85 \ Should Contain ${msg} User ID is limited to range
86
87
88Verify Setting IPMI User With Invalid Password
89 [Documentation] Verify error while setting IPMI user with invalid
90 ... password.
91 [Tags] Verify_Setting_IPMI_User_With_Invalid_Password
92
93 # Create IPMI user.
94 ${random_username}= Generate Random String 8 [LETTERS]
Rahul Maheshwari976a1702019-02-21 01:47:58 -060095 ${random_userid}= Evaluate random.randint(2, 15) modules=random
Rahul Maheshwariddfc0cb2019-02-07 23:43:19 -060096 IPMI Create User ${random_userid} ${random_username}
97
98 # Set invalid password for newly created user.
99 ${msg}= Run Keyword And Expect Error * Run IPMI Standard Command
100 ... user set password ${random_userid} ${invalid_password}
101
102 Should Contain ${msg} Invalid data field in request
103
104
105Verify Setting IPMI Root User With New Name
106 [Documentation] Verify error while setting IPMI root user with new
107 ... name.
108 [Tags] Verify_Setting_IPMI_Root_User_With_New_Name
109
110 # Set invalid password for newly created user.
111 ${msg}= Run Keyword And Expect Error * Run IPMI Standard Command
112 ... user set name ${root_userid} abcd
113
114 Should Contain ${msg} Set User Name command failed
115
116
Rahul Maheshwaric19f8382019-02-20 08:19:22 -0600117Verify IPMI User Password Via Test Command
118 [Documentation] Verify IPMI user password using test command.
119 [Tags] Verify_IPMI_User_Password_Via_Test_Command
120
121 # Create IPMI user.
122 ${random_username}= Generate Random String 8 [LETTERS]
123 ${random_userid}= Evaluate random.randint(2, 15) modules=random
124 IPMI Create User ${random_userid} ${random_username}
125
126 # Set valid password for newly created user.
127 Run IPMI Standard Command
128 ... user set password ${random_userid} ${valid_password}
129
130 # Verify newly set password using test command.
131 ${msg}= Run IPMI Standard Command
132 ... user test ${random_userid} ${max_password_length} ${valid_password}
133
134 Should Contain ${msg} Success
135
136
Rahul Maheshwarief0a7352019-02-20 11:07:48 -0600137Verify Setting Valid Password For IPMI User
138 [Documentation] Set valid password for IPMI user and verify.
139 [Tags] Verify_Setting_Valid_Password_For_IPMI_User
140
141 # Create IPMI user.
142 ${random_username}= Generate Random String 8 [LETTERS]
143 ${random_userid}= Evaluate random.randint(2, 15) modules=random
144 IPMI Create User ${random_userid} ${random_username}
145
146 # Set valid password for newly created user.
147 Run IPMI Standard Command
148 ... user set password ${random_userid} ${valid_password}
149
150 # Enable IPMI user
151 Run IPMI Standard Command user enable ${random_userid}
152
153 # Set admin privilege and enable IPMI messaging for newly created user
154 Set Channel Access ${random_userid} ipmi=on privilege=${admin_level_priv}
155
156 Verify IPMI Username And Password ${random_username} ${valid_password}
157
158
Rahul Maheshwari404da0d2019-02-18 23:24:17 -0600159Verify IPMI User Creation With Same Name
160 [Documentation] Verify error while creating two IPMI user with same name.
161 [Tags] Verify_IPMI_User_Creation_With_Same_Name
162
163 ${random_username}= Generate Random String 8 [LETTERS]
164 IPMI Create User 2 ${random_username}
165
166 # Set same username for another IPMI user.
167 ${msg}= Run Keyword And Expect Error * Run IPMI Standard Command
168 ... user set name 3 ${random_username}
169 Should Contain ${msg} Invalid data field in request
170
171
172Verify Setting IPMI User With Null Password
173 [Documentation] Verify error while setting IPMI user with null
174 ... password.
175 [Tags] Verify_Setting_IPMI_User_With_Null_Password
176
177 # Create IPMI user.
178 ${random_username}= Generate Random String 8 [LETTERS]
Rahul Maheshwari976a1702019-02-21 01:47:58 -0600179 ${random_userid}= Evaluate random.randint(2, 15) modules=random
Rahul Maheshwari404da0d2019-02-18 23:24:17 -0600180 IPMI Create User ${random_userid} ${random_username}
181
182 # Set null password for newly created user.
183 ${msg}= Run Keyword And Expect Error * Run IPMI Standard Command
184 ... user set password ${random_userid} ""
185
186 Should Contain ${msg} Invalid data field in request
187
188
Rahul Maheshwari645a1132019-02-18 03:29:27 -0600189Verify IPMI User Deletion
190 [Documentation] Delete user via IPMI and verify.
191 [Tags] Verify_IPMI_User_Deletion
192
193 ${random_username}= Generate Random String 8 [LETTERS]
194 ${random_userid}= Evaluate random.randint(2, 15) modules=random
195 IPMI Create User ${random_userid} ${random_username}
196
197 # Delete IPMI User and verify
198 Run IPMI Standard Command user set name ${random_userid} ""
Rahul Maheshwari4f4688f2019-02-28 00:49:10 -0600199 ${user_info}= Get User Info ${random_userid}
Rahul Maheshwari645a1132019-02-18 03:29:27 -0600200 Should Be Equal ${user_info['user_name']} ${EMPTY}
201
202
Rahul Maheshwaric05bf562019-03-01 04:02:53 -0600203Test IPMI User Privilege Level
204 [Documentation] Verify IPMI user with user privilege can only run user level commands.
205 [Tags] Test_IPMI_User_Privilege_Level
206 [Template] Test IPMI User Privilege
207
208 #Privilege level User Cmd Status Operator Cmd Status Admin Cmd Status
209 ${user_priv} Passed Failed Failed
210
211
212Test IPMI Operator Privilege Level
213 [Documentation] Verify IPMI user with operator privilege can only run user and operator levels commands.
214 ... level is set to operator.
215 [Tags] Test_IPMI_Operator_Privilege_Level
216 [Template] Test IPMI User Privilege
217
218 #Privilege level User Cmd Status Operator Cmd Status Admin Cmd Status
219 ${operator_priv} Passed Passed Failed
220
221
222Test IPMI Administrator Privilege Level
223 [Documentation] Verify IPMI user with admin privilege can run all levels command.
224 [Tags] Test_IPMI_Administrator_Privilege_Level
225 [Template] Test IPMI User Privilege
226
227 #Privilege level User Cmd Status Operator Cmd Status Admin Cmd Status
228 ${admin_level_priv} Passed Passed Passed
229
230
231Test IPMI No Access Privilege Level
232 [Documentation] Verify IPMI user with no access privilege can not run only any level command.
233 [Tags] Test_IPMI_No_Access_Privilege_Level
234 [Template] Test IPMI User Privilege
235
236 #Privilege level User Cmd Status Operator Cmd Status Admin Cmd Status
237 ${no_access_priv} Failed Failed Failed
238
239
Rahul Maheshwari0c71f5e2019-02-20 03:52:55 -0600240Enable IPMI User And Verify
241 [Documentation] Enable IPMI user and verify that the user is able
242 ... to run IPMI command.
243 [Tags] Enable_IPMI_User_And_Verify
244
245 # Create IPMI user and set valid password.
246 ${random_username}= Generate Random String 8 [LETTERS]
247 ${random_userid}= Evaluate random.randint(2, 15) modules=random
248 IPMI Create User ${random_userid} ${random_username}
249 Run IPMI Standard Command
250 ... user set password ${random_userid} ${valid_password}
251
252 # Set admin privilege and enable IPMI messaging for newly created user.
253 Set Channel Access ${random_userid} ipmi=on privilege=${admin_level_priv}
254
255 # Enable IPMI user and verify.
256 Run IPMI Standard Command user enable ${random_userid}
257 ${user_info}= Get User Info ${random_userid}
258 Should Be Equal ${user_info['enable_status']} enabled
259
260 # Verify that enabled IPMI user is able to run IPMI command.
261 Verify IPMI Username And Password ${random_username} ${valid_password}
262
263
264Disable IPMI User And Verify
265 [Documentation] Disable IPMI user and verify that that the user
266 ... is unable to run IPMI command.
267 [Tags] Disable_IPMI_User_And_Verify
268
269 # Create IPMI user and set valid password.
270 ${random_username}= Generate Random String 8 [LETTERS]
271 ${random_userid}= Evaluate random.randint(2, 15) modules=random
272 IPMI Create User ${random_userid} ${random_username}
273 Run IPMI Standard Command
274 ... user set password ${random_userid} ${valid_password}
275
276 # Set admin privilege and enable IPMI messaging for newly created user.
277 Set Channel Access ${random_userid} ipmi=on privilege=${admin_level_priv}
278
279 # Disable IPMI user and verify.
280 Run IPMI Standard Command user disable ${random_userid}
281 ${user_info}= Get User Info ${random_userid}
282 Should Be Equal ${user_info['enable_status']} disabled
283
284 # Verify that disabled IPMI user is unable to run IPMI command.
285 ${msg}= Run Keyword And Expect Error * Verify IPMI Username And Password
286 ... ${random_username} ${valid_password}
Rahul Maheshwaric3d1e962019-03-06 23:53:21 -0600287 Should Contain ${msg} Unable to establish IPMI
Rahul Maheshwari0c71f5e2019-02-20 03:52:55 -0600288
Rahul Maheshwaric19f8382019-02-20 08:19:22 -0600289
Rahul Maheshwaridd63c742019-02-27 23:03:54 -0600290Verify IPMI Root User Password Change
291 [Documentation] Change IPMI root user password and verify that
292 ... root user is able to run IPMI command.
293 [Tags] Verify_IPMI_Root_User_Password_Change
294 [Teardown] Wait Until Keyword Succeeds 15 sec 5 sec
295 ... Set Default Password For IPMI Root User
296
297 # Set new password for root user.
298 Run IPMI Standard Command
299 ... user set password ${root_userid} ${valid_password}
300
301 # Verify that root user is able to run IPMI command using new password.
302 Verify IPMI Username And Password root ${valid_password}
303
304
Rahul Maheshwariddfc0cb2019-02-07 23:43:19 -0600305*** Keywords ***
306
Rahul Maheshwaridd63c742019-02-27 23:03:54 -0600307Set Default Password For IPMI Root User
308 [Documentation] Set default password for IPMI root user (i.e. 0penBmc).
Rahul Maheshwaridd63c742019-02-27 23:03:54 -0600309 # Set default password for root user.
310 ${result}= Run External IPMI Standard Command
311 ... user set password ${root_userid} ${OPENBMC_PASSWORD}
312 ... P=${valid_password}
313 Should Contain ${result} Set User Password command successful
314
315 # Verify that root user is able to run IPMI command using default password.
316 Verify IPMI Username And Password root ${OPENBMC_PASSWORD}
317
Rahul Maheshwarief0a7352019-02-20 11:07:48 -0600318
Rahul Maheshwaric05bf562019-03-01 04:02:53 -0600319Test IPMI User Privilege
320 [Documentation] Test IPMI user privilege by executing IPMI command with different privileges.
321 [Arguments] ${privilege_level} ${user_cmd_status} ${operator_cmd_status} ${admin_cmd_status}
322
323 # Description of argument(s):
324 # privilege_level Privilege level of IPMI user (e.g. 4, 3).
325 # user_cmd_status Expected status of IPMI command run with the "User"
326 # privilege (i.e. "Passed" or "Failed").
327 # operator_cmd_status Expected status of IPMI command run with the "Operator"
328 # privilege (i.e. "Passed" or "Failed").
329 # admin_cmd_status Expected status of IPMI command run with the "Administrator"
330 # privilege (i.e. "Passed" or "Failed").
331
332 # Create IPMI user and set valid password.
333 ${random_username}= Generate Random String 8 [LETTERS]
334 ${random_userid}= Evaluate random.randint(2, 15) modules=random
335 IPMI Create User ${random_userid} ${random_username}
336 Run IPMI Standard Command
337 ... user set password ${random_userid} ${valid_password}
338
339 # Set privilege and enable IPMI messaging for newly created user.
340 Set Channel Access ${random_userid} ipmi=on privilege=${privilege_level}
341
342 # Enable IPMI user and verify.
343 Run IPMI Standard Command user enable ${random_userid}
344 ${user_info}= Get User Info ${random_userid}
345 Should Be Equal ${user_info['enable_status']} enabled
346
347 Verify IPMI Command ${random_username} ${valid_password} User ${user_cmd_status}
348 Verify IPMI Command ${random_username} ${valid_password} Operator ${operator_cmd_status}
349 Verify IPMI Command ${random_username} ${valid_password} Administrator ${admin_cmd_status}
350
351
352Verify IPMI Command
353 [Documentation] Verify IPMI command execution with given username,
354 ... password, privilege and expected status.
355 [Arguments] ${username} ${password} ${privilege} ${expected_status}
356 # Description of argument(s):
357 # username The user name (e.g. "root", "robert", etc.).
358 # password The user password (e.g. "0penBmc", "0penBmc1", etc.).
359 # privilege The session privilge for IPMI command (e.g. "User", "Operator", etc.).
360 # expected_status Expected status of IPMI command run with the user
361 # of above password and privilege (i.e. "Passed" or "Failed").
362
363 ${expected_rc}= Set Variable If '${expected_status}' == 'Passed' ${0} ${1}
364 Run IPMI Standard Command sel info expected_rc=${expected_rc} U=${username} P=${password}
365 ... L=${privilege}
366
367
Rahul Maheshwarif646baa2019-02-20 12:29:35 -0600368Delete All Non Root IPMI User
369 [Documentation] Delete all non-root IPMI user.
370
371 :FOR ${userid} IN RANGE 2 16
372 \ ${user_info}= Get User Info ${userid}
373 \ Run Keyword If "${user_info['user_name']}" != ""
374 ... Run IPMI Standard Command user set name ${userid} ""
375
376
377Test Teardown Execution
378 [Documentation] Do the test teardown execution.
379
380 FFDC On Test Case Fail
381 Delete All Non Root IPMI User
382