blob: 34fda33cbf51f701fe03ac5594471bb811f7c347 [file] [log] [blame]
description: >
Provides user management functionality. As communication to this service is
done through authenticated & authorized session, there won't be any
validation for both.
methods:
- name: CreateUser
description: >
Creates a new user. If the user already exists, then it will throw an
error.
parameters:
- name: UserName
type: string
description: >
User name which has to be created.
- name: GroupNames
type: array[string]
description: >
List of groups to which the user has to be added.
- name: Privilege
type: string
description: >
Privilege of the user to be added.
- name: Enabled
type: boolean
description: >
User enabled / disabled.
errors:
- xyz.openbmc_project.Common.Error.InternalFailure
- xyz.openbmc_project.Common.Error.InsufficientPermission
- xyz.openbmc_project.Common.Error.InvalidArgument
- xyz.openbmc_project.User.Common.Error.UserNameExists
- xyz.openbmc_project.User.Common.Error.UserNameGroupFail
- xyz.openbmc_project.User.Common.Error.UserNamePrivFail
- xyz.openbmc_project.User.Common.Error.NoResource
- name: RenameUser
description: >
Rename's existing user to new one. All other properties of the user
will remain same.
parameters:
- name: UserName
type: string
description: >
User name which has to be updated.
- name: NewUserName
type: string
description: >
New User name to which user has to be updated.
errors:
- xyz.openbmc_project.Common.Error.InternalFailure
- xyz.openbmc_project.Common.Error.InsufficientPermission
- xyz.openbmc_project.Common.Error.InvalidArgument
- xyz.openbmc_project.User.Common.Error.UserNameDoesNotExist
- xyz.openbmc_project.User.Common.Error.UserNameExists
- xyz.openbmc_project.User.Common.Error.UserNameGroupFail
- xyz.openbmc_project.User.Common.Error.UserNamePrivFail
- xyz.openbmc_project.User.Common.Error.NoResource
- name: GetUserInfo
description: >
Get user properties. If its local user, method returns
-user privilege
-user groups
-user enabled state
-user locked state
-user password expired state
-remote user flag
If its ldap user, method returns
-user privilege
-remote user flag
parameters:
- name: UserName
type: string
description: >
User name whose properties have to be returned.
returns:
- name: UserInfo
type: dict[string,variant[string,array[string],boolean]]
description: >
Dictionary of user properties. List of key name and data type of
properties below. UserPrivilege -> privilege of the user(string)
UserGroups -> list of groups user belongs to(array[string])
UserEnabled -> user enabled state(boolean)
UserLockedForFailedAttempt -> user locked state(boolean)
UserPasswordExpired -> user password expired(boolean)
RemoteUser -> remote or local user(boolean)
For detailed documentation of user properties refer
Attributes.interface.yaml examples:
1.UserInfo["RemoteUser"] returns true for ldap user
and false for local user.
2.UserInfo["UserGroups"] gets list of groups of user.
errors:
- xyz.openbmc_project.Common.Error.InternalFailure
- xyz.openbmc_project.Common.Error.InsufficientPermission
- xyz.openbmc_project.Common.Error.InvalidArgument
- xyz.openbmc_project.User.Common.Error.UserNameDoesNotExist
- name: CreateGroup
description: >
Creates a new groups. If the group already exists, or the group name
is not allowed to be created, it throws an error.
parameters:
- name: GroupName
type: string
description: >
The group to be added to the system.
errors:
- xyz.openbmc_project.Common.Error.InternalFailure
- xyz.openbmc_project.Common.Error.InvalidArgument
- xyz.openbmc_project.User.Common.Error.GroupNameExists
- name: DeleteGroup
description: >
Deletes an existing groups. If the group doesn't exists, or the group
name is not allowed to be deleted, it throws an error.
parameters:
- name: GroupName
type: string
description: >
The group to be deleted from the system.
errors:
- xyz.openbmc_project.Common.Error.InternalFailure
- xyz.openbmc_project.Common.Error.InvalidArgument
- xyz.openbmc_project.User.Common.Error.GroupNameDoesNotExist
properties:
- name: AllPrivileges
type: array[string]
flags:
- const
description: >
Lists all available user privileges in the system.
- name: AllGroups
type: array[string]
flags:
- const
description: >
Lists all available groups in the system.
signals:
- name: UserRenamed
description: >
Signal indicating user's name is updated.
properties:
- name: UserName
type: string
description: Name of the user which got renamed.
- name: NewUserName
type: string
description: New name of the user.