Redfish: Populate the ActiveDirectory property in AccountService schema
With this commit get request on account service gets the
LDAP/AD configuration.
TestedBy: 1) Run the redfish - validator
=> when there is no configuration
=> After LDAP Configuration.
=> After ActiveDirectory Configuration.
2) GET request through redfish
/redfish/v1/AccountService
Gets both LDAP and ActiveDirectory properties.
Detailed test results are at following location.
https://pastebin.com/ibX5nyAc
Change-Id: I0d6cdc2039eecffe96b6a27f3d65905ceb92d9b9
Signed-off-by: Ratan Gupta <ratagupt@linux.vnet.ibm.com>
diff --git a/redfish-core/lib/account_service.hpp b/redfish-core/lib/account_service.hpp
index 061c1a2..8d03a25 100644
--- a/redfish-core/lib/account_service.hpp
+++ b/redfish-core/lib/account_service.hpp
@@ -27,6 +27,9 @@
constexpr const char* ldapConfigObject =
"/xyz/openbmc_project/user/ldap/openldap";
+constexpr const char* ADConfigObject =
+ "/xyz/openbmc_project/user/ldap/active_directory";
+
constexpr const char* ldapRootObject = "/xyz/openbmc_project/user/ldap";
constexpr const char* ldapDbusService = "xyz.openbmc_project.Ldap.Config";
constexpr const char* ldapConfigInterface =
@@ -102,10 +105,12 @@
}
void parseLDAPConfigData(nlohmann::json& json_response,
- const LDAPConfigData& confData)
+ const LDAPConfigData& confData,
+ const std::string& ldapType)
{
- std::string service = "LDAPService";
- json_response["LDAP"] = {
+ std::string service =
+ (ldapType == "LDAP") ? "LDAPService" : "ActiveDirectoryService";
+ json_response[ldapType] = {
{"AccountProviderType", service},
{"ServiceEnabled", confData.serviceEnabled},
{"ServiceAddresses", nlohmann::json::array({confData.uri})},
@@ -136,86 +141,126 @@
LDAPConfigData confData{};
if (error_code)
{
- callback(false, confData);
+ callback(false, confData, ldapType);
BMCWEB_LOG_ERROR << "D-Bus responses error: " << error_code;
return;
}
- std::string ldapConfigObjectStr = std::string(ldapConfigObject);
- std::string ldapEnableInterfaceStr = std::string(ldapEnableInterface);
- std::string ldapConfigInterfaceStr = std::string(ldapConfigInterface);
+
+ std::string ldapDbusType;
+ if (ldapType == "LDAP")
+ {
+ ldapDbusType = "xyz.openbmc_project.User.Ldap.Config.Type.OpenLdap";
+ }
+ else if (ldapType == "ActiveDirectory")
+ {
+ ldapDbusType = "xyz.openbmc_project.User.Ldap.Config.Type."
+ "ActiveDirectory";
+ }
+ else
+ {
+ BMCWEB_LOG_ERROR << "Can't get the DbusType for the given type="
+ << ldapType;
+ callback(false, confData, ldapType);
+ return;
+ }
+
+ std::string ldapEnableInterfaceStr = ldapEnableInterface;
+ std::string ldapConfigInterfaceStr = ldapConfigInterface;
+
for (const auto& object : ldapObjects)
{
- if (object.first == ldapConfigObjectStr)
+ // let's find the object whose ldap type is equal to the given type
+ auto intfit = object.second.find(ldapConfigInterfaceStr);
+ if (intfit == object.second.end())
{
- for (const auto& interface : object.second)
- {
- if (interface.first == ldapEnableInterfaceStr)
- {
- // rest of the properties are string.
- for (const auto& property : interface.second)
- {
- if (property.first == "Enabled")
- {
- const bool* value =
- std::get_if<bool>(&property.second);
- if (value == nullptr)
- {
- continue;
- }
- confData.serviceEnabled = *value;
- break;
- }
- }
- }
- else if (interface.first == ldapConfigInterfaceStr)
- {
+ continue;
+ }
+ auto propit = intfit->second.find("LDAPType");
+ if (propit == intfit->second.end())
+ {
+ continue;
+ }
- for (const auto& property : interface.second)
+ const std::string* value =
+ std::get_if<std::string>(&(propit->second));
+ if (value == nullptr || (*value) != ldapDbusType)
+ {
+
+ // this is not the interested configuration,
+ // let's move on to the other configuration.
+ continue;
+ }
+ else
+ {
+ confData.serverType = *value;
+ }
+
+ for (const auto& interface : object.second)
+ {
+ if (interface.first == ldapEnableInterfaceStr)
+ {
+ // rest of the properties are string.
+ for (const auto& property : interface.second)
+ {
+ if (property.first == "Enabled")
{
- const std::string* value =
- std::get_if<std::string>(&property.second);
+ const bool* value =
+ std::get_if<bool>(&property.second);
if (value == nullptr)
{
continue;
}
- if (property.first == "LDAPServerURI")
- {
- confData.uri = *value;
- }
- else if (property.first == "LDAPBindDN")
- {
- confData.bindDN = *value;
- }
- else if (property.first == "LDAPBaseDN")
- {
- confData.baseDN = *value;
- }
- else if (property.first == "LDAPSearchScope")
- {
- confData.searchScope = *value;
- }
- else if (property.first == "LDAPType")
- {
- confData.serverType = *value;
- }
- else if (property.first == "GroupNameAttribute")
- {
- confData.groupAttribute = *value;
- }
- else if (property.first == "UserNameAttribute")
- {
- confData.userNameAttribute = *value;
- }
+ confData.serviceEnabled = *value;
+ break;
}
}
}
+ else if (interface.first == ldapConfigInterfaceStr)
+ {
- callback(true, confData);
+ for (const auto& property : interface.second)
+ {
+ const std::string* value =
+ std::get_if<std::string>(&property.second);
+ if (value == nullptr)
+ {
+ continue;
+ }
+ if (property.first == "LDAPServerURI")
+ {
+ confData.uri = *value;
+ }
+ else if (property.first == "LDAPBindDN")
+ {
+ confData.bindDN = *value;
+ }
+ else if (property.first == "LDAPBaseDN")
+ {
+ confData.baseDN = *value;
+ }
+ else if (property.first == "LDAPSearchScope")
+ {
+ confData.searchScope = *value;
+ }
+ else if (property.first == "GroupNameAttribute")
+ {
+ confData.groupAttribute = *value;
+ }
+ else if (property.first == "UserNameAttribute")
+ {
+ confData.userNameAttribute = *value;
+ }
+ }
+ }
+ }
+ if (confData.serverType == ldapDbusType)
+ {
+ callback(true, confData, ldapType);
break;
}
}
};
- auto getServiceName = [callback, getConfig(std::move(getConfig))](
+ auto getServiceName = [callback, ldapType, getConfig(std::move(getConfig))](
const boost::system::error_code ec,
const GetObjectType& resp) {
LDAPConfigData confData{};
@@ -223,7 +268,7 @@
{
BMCWEB_LOG_ERROR
<< "DBUS response error during getting of service name: " << ec;
- callback(false, confData);
+ callback(false, confData, ldapType);
return;
}
std::string service = resp.begin()->first;
@@ -654,77 +699,77 @@
// Get the existing resource first then keep modifying
// whenever any property gets updated.
- getLDAPConfigData(
- serverType,
- [this, asyncResp, userName, password, baseDNList, userNameAttribute,
- groupsAttribute, accountProviderType, serviceAddressList,
- serviceEnabled,
- serverType](bool success, LDAPConfigData confData) {
- if (!success)
- {
- messages::internalError(asyncResp->res);
- return;
- }
- parseLDAPConfigData(asyncResp->res.jsonValue, confData);
- if (confData.serviceEnabled)
- {
- // Disable the service first and update the rest of
- // the properties.
- handleServiceEnablePatch(false, asyncResp, serverType,
- ldapConfigObject);
- }
+ getLDAPConfigData(serverType, [this, asyncResp, userName, password,
+ baseDNList, userNameAttribute,
+ groupsAttribute, accountProviderType,
+ serviceAddressList, serviceEnabled](
+ bool success, LDAPConfigData confData,
+ const std::string& serverType) {
+ if (!success)
+ {
+ messages::internalError(asyncResp->res);
+ return;
+ }
+ parseLDAPConfigData(asyncResp->res.jsonValue, confData, serverType);
+ if (confData.serviceEnabled)
+ {
+ // Disable the service first and update the rest of
+ // the properties.
+ handleServiceEnablePatch(false, asyncResp, serverType,
+ ldapConfigObject);
+ }
- if (serviceAddressList)
- {
- handleServiceAddressPatch(*serviceAddressList, asyncResp,
- serverType, ldapConfigObject);
- }
- if (userName)
- {
- handleUserNamePatch(*userName, asyncResp, serverType,
- ldapConfigObject);
- }
- if (password)
- {
- handlePasswordPatch(*password, asyncResp, serverType,
- ldapConfigObject);
- }
+ if (serviceAddressList)
+ {
+ handleServiceAddressPatch(*serviceAddressList, asyncResp,
+ serverType, ldapConfigObject);
+ }
+ if (userName)
+ {
+ handleUserNamePatch(*userName, asyncResp, serverType,
+ ldapConfigObject);
+ }
+ if (password)
+ {
+ handlePasswordPatch(*password, asyncResp, serverType,
+ ldapConfigObject);
+ }
- if (baseDNList)
+ if (baseDNList)
+ {
+ handleBaseDNPatch(*baseDNList, asyncResp, serverType,
+ ldapConfigObject);
+ }
+ if (userNameAttribute)
+ {
+ handleUserNameAttrPatch(*userNameAttribute, asyncResp,
+ serverType, ldapConfigObject);
+ }
+ if (groupsAttribute)
+ {
+ handleGroupNameAttrPatch(*groupsAttribute, asyncResp,
+ serverType, ldapConfigObject);
+ }
+ if (serviceEnabled)
+ {
+ // if user has given the value as true then enable
+ // the service. if user has given false then no-op
+ // as service is already stopped.
+ if (*serviceEnabled)
{
- handleBaseDNPatch(*baseDNList, asyncResp, serverType,
- ldapConfigObject);
- }
- if (userNameAttribute)
- {
- handleUserNameAttrPatch(*userNameAttribute, asyncResp,
- serverType, ldapConfigObject);
- }
- if (groupsAttribute)
- {
- handleGroupNameAttrPatch(*groupsAttribute, asyncResp,
+ handleServiceEnablePatch(*serviceEnabled, asyncResp,
serverType, ldapConfigObject);
}
- if (serviceEnabled)
- {
- // if user has given the value as true then enable
- // the service. if user has given false then no-op
- // as service is already stopped.
- if (*serviceEnabled)
- {
- handleServiceEnablePatch(*serviceEnabled, asyncResp,
- serverType, ldapConfigObject);
- }
- }
- else
- {
- // if user has not given the service enabled value
- // then revert it to the same state as it was
- // before.
- handleServiceEnablePatch(confData.serviceEnabled, asyncResp,
- serverType, ldapConfigObject);
- }
- });
+ }
+ else
+ {
+ // if user has not given the service enabled value
+ // then revert it to the same state as it was
+ // before.
+ handleServiceEnablePatch(confData.serviceEnabled, asyncResp,
+ serverType, ldapConfigObject);
+ }
+ });
}
void doGet(crow::Response& res, const crow::Request& req,
@@ -799,12 +844,13 @@
"org.freedesktop.DBus.Properties", "GetAll",
"xyz.openbmc_project.User.AccountPolicy");
- std::string ldapType = "LDAP";
- getLDAPConfigData(
- ldapType,
- [asyncResp, ldapType](bool success, LDAPConfigData& confData) {
- parseLDAPConfigData(asyncResp->res.jsonValue, confData);
- });
+ auto callback = [asyncResp](bool success, LDAPConfigData& confData,
+ const std::string& ldapType) {
+ parseLDAPConfigData(asyncResp->res.jsonValue, confData, ldapType);
+ };
+
+ getLDAPConfigData("LDAP", callback);
+ getLDAPConfigData("ActiveDirectory", callback);
}
void doPatch(crow::Response& res, const crow::Request& req,