diff --git a/README.md b/README.md index 43b80f3..e862225 100644 --- a/README.md +++ b/README.md @@ -46,6 +46,7 @@ $ python3 one_time_boot_check.py -r 127.0.0.1:8000 -u -p -S Always This checker logs into a specified service and traverses the `Chassis` collection. For each chassis found, it will ensure that it can collect at least one sensor reading from the `Power` and `Thermal` resources. +For each sensor reading found, it will ensure that the readings are consistent with the state of the sensor, as in there are no bogus readings for a device that isn't present. Example: ``` diff --git a/account_management/account_management.py b/account_management/account_management.py index cdfaa77..276231b 100644 --- a/account_management/account_management.py +++ b/account_management/account_management.py @@ -20,7 +20,7 @@ import toolspath from usecase.results import Results -def verify_user( context, user_name, role = None ): +def verify_user( context, user_name, role = None, enabled = None ): """ Checks that a given user is in the user list with a certain role @@ -28,6 +28,7 @@ def verify_user( context, user_name, role = None ): context: The Redfish client object with an open session user_name: The name of the user to check role: The role for the user + enabled: The enabled state for the user Returns: True if a match is found, false otherwise @@ -35,9 +36,11 @@ def verify_user( context, user_name, role = None ): user_list = redfish_utilities.get_users( context ) for user in user_list: if user["UserName"] == user_name: - if role is None or user["RoleId"] == role: - return True - break + if role is not None and user["RoleId"] != role: + return False + if enabled is not None and user["Enabled"] != enabled: + return False + return True return False @@ -52,9 +55,6 @@ def verify_user( context, user_name, role = None ): argget.add_argument( "--directory", "-d", type = str, default = None, help = "Output directory for results.json" ) args = argget.parse_args() - test_username = "alice73t" - test_password = "hUPgd9Z4" - # Set up the Redfish object base_url = "https://" + args.rhost if args.Secure == "Never": @@ -73,26 +73,55 @@ def verify_user( context, user_name, role = None ): results.update_test_results( "User Count", 1, "No users were found" ) else: results.update_test_results( "User Count", 0, None ) + usernames = [] + for user in user_list: + usernames.append( user["UserName"] ) + + # Determine a user name for testing + for x in range( 1000 ): + test_username = "testuser" + str( x ) + if test_username not in usernames: + break # Create a new user user_added = False - try: - print( "Creating new user '{}'".format( test_username ) ) - redfish_utilities.add_user( redfish_obj, test_username, test_password, "Administrator" ) - redfish_utilities.modify_user( redfish_obj, test_username, new_enabled = True ) + test_passwords = [ "hUPgd9Z4", "7jIl3dn!kd0Fql", "m5Ljed3!n0olvdS*m0kmWER15!" ] + print( "Creating new user '{}'".format( test_username ) ) + for x in range( 3 ): + # Try different passwords in case there are password requirements that we cannot detect + try: + test_password = test_passwords[x] + redfish_utilities.add_user( redfish_obj, test_username, test_password, "Administrator" ) + user_added = True + break + except: + pass + if user_added: results.update_test_results( "Add User", 0, None ) - user_added = True - except: + else: results.update_test_results( "Add User", 1, "Failed to add user '{}'".format( test_username ) ) # Only run the remaining tests if the user was added successfully if user_added: # Get the list of current users to verify the new user was added - if verify_user( redfish_obj, test_username, "Administrator" ): + if verify_user( redfish_obj, test_username, role = "Administrator" ): results.update_test_results( "Add User", 0, None ) else: results.update_test_results( "Add User", 1, "Failed to find user '{}' with the role 'Administrator'".format( test_username ) ) + # Check if the user needs to be enabled + try: + if verify_user( redfish_obj, test_username, enabled = False ): + redfish_utilities.modify_user( redfish_obj, test_username, new_enabled = True ) + if verify_user( redfish_obj, test_username, enabled = True ): + results.update_test_results( "Enable User", 0, None ) + else: + results.update_test_results( "Enable User", 1, "User '{}' not enabled after successful PATCH".format( test_username ) ) + else: + results.update_test_results( "Enable User", 0, "User '{}' already enabled by the service".format( test_username ), skipped = True ) + except: + results.update_test_results( "Enable User", 1, "Failed to enable user '{}'".format( test_username ) ) + # Log in with the new user print( "Logging in as '{}'".format( test_username ) ) test_obj = redfish.redfish_client( base_url = base_url, username = test_username, password = test_password ) @@ -124,7 +153,7 @@ def verify_user( context, user_name, role = None ): print( "Setting user '{}' to role '{}'".format( test_username, role ) ) redfish_utilities.modify_user( redfish_obj, test_username, new_role = role ) results.update_test_results( "Change Role", 0, None ) - if verify_user( redfish_obj, test_username, role ): + if verify_user( redfish_obj, test_username, role = role ): results.update_test_results( "Change Role", 0, None ) else: results.update_test_results( "Change Role", 1, "Failed to find user '{}' with the role '{}'".format( test_username, role ) ) diff --git a/power_thermal_info/power_thermal_test.py b/power_thermal_info/power_thermal_test.py index f3bda42..c8fda30 100644 --- a/power_thermal_info/power_thermal_test.py +++ b/power_thermal_info/power_thermal_test.py @@ -66,6 +66,22 @@ else: results.update_test_results( "Sensor Count", 0, None ) + # Test 3: Check that all sensors not "Enabled" don't have a bogus reading + print( "Testing sensor readings..." ) + for chassis in sensors: + for reading in chassis["Readings"]: + if reading["State"] is not None and reading["Reading"] is not None: + # Both State and Reading are populated; perform the test + if reading["State"] != "Enabled" and reading["Reading"] != reading["State"]: + # When State is not Enabled, Reading is supposed to be a copy of State + # The only time this is not true is if there is a bogus reading, such as reporting "0V" when a device is absent + error_string = "Sensor '{}' in chassis '{}' contains reading '{}', but is in state '{}'.".format( + chassis["ChassisName"], reading["Name"], reading["Reading"], reading["State"] ) + print( error_string ) + results.update_test_results( "Sensor State", 1, error_string ) + else: + results.update_test_results( "Sensor State", 0, None ) + # Save the results results.write_results() diff --git a/requirements.txt b/requirements.txt index 295a9b1..b3f446a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,3 @@ jsonschema redfish>=2.1.0 -redfish_utilities>=1.0.2 +redfish_utilities>=1.0.6