User: add interfaces and errors for groups
As proposed in the following design,
[1] https://github.com/openbmc/docs/blob/master/designs/redfish-authorization.md
The UserManager interface needs to expose new interfaces to add/delete
secondary groups, which are then used to model Redfish roles and
privileges.
An implementation is in the follow code review,
[1] https://gerrit.openbmc.org/c/openbmc/phosphor-user-manager/+/58143.
Signed-off-by: Nan Zhou <nanzhoumails@gmail.com>
Change-Id: I252e56dc03e694e3aedf3ae6fdda64edc947fc06
diff --git a/yaml/xyz/openbmc_project/User/Manager.interface.yaml b/yaml/xyz/openbmc_project/User/Manager.interface.yaml
index 532f7af..14774c0 100644
--- a/yaml/xyz/openbmc_project/User/Manager.interface.yaml
+++ b/yaml/xyz/openbmc_project/User/Manager.interface.yaml
@@ -100,6 +100,34 @@
- xyz.openbmc_project.Common.Error.InvalidArgument
- xyz.openbmc_project.User.Common.Error.UserNameDoesNotExist
+ - name: CreateGroup
+ description: >
+ Creates a new groups. If the group already exists, or the
+ group name is not allowed to be created, it throws an error.
+ parameters:
+ - name: GroupName
+ type: string
+ description: >
+ The group to be added to the system.
+ errors:
+ - xyz.openbmc_project.Common.Error.InternalFailure
+ - xyz.openbmc_project.Common.Error.InvalidArgument
+ - xyz.openbmc_project.User.Common.Error.GroupNameExists
+
+ - name: DeleteGroup
+ description: >
+ Deletes an existing groups. If the group doesn't exists, or the
+ group name is not allowed to be deleted, it throws an error.
+ parameters:
+ - name: GroupName
+ type: string
+ description: >
+ The group to be deleted from the system.
+ errors:
+ - xyz.openbmc_project.Common.Error.InternalFailure
+ - xyz.openbmc_project.Common.Error.InvalidArgument
+ - xyz.openbmc_project.User.Common.Error.GroupNameDoesNotExist
+
properties:
- name: AllPrivileges
type: array[string]