| description: > |
| Implement this interface to set the privilege of the user based on the |
| group name. The users in the group will inherit the privilege mapping of |
| the group. The Create method on success creates the object which implements |
| xyz.openbmc_project.User.PrivilegeMapperEntry. For example in the case of |
| LDAP, the object path will be |
| /xyz/openbmc_project/user/ldap/privilege_mapper/<id>. The <id> will be |
| a unique number generated by the application. If the privilege mapping |
| already exists then it throws the exception |
| xyz.openbmc_project.User.Common.Error.PrivilegeMappingExists. To modify the |
| privilege for a mapping which already exists, the Privilege property in the |
| xyz.openbmc_project.User.PrivilegeMapperEntry interface needs to be set. |
| Any application consuming the privilege mapping should not cache the object |
| path and use the GetManagedObjects method on the |
| org.freedesktop.DBus.ObjectManager interface to figure out the D-Bus object |
| path associated with the group name. |
| |
| methods: |
| - name: Create |
| description: > |
| Creates a mapping for the group to the privilege. |
| parameters: |
| - name: GroupName |
| type: string |
| description: > |
| Group Name to which the privilege is to be assigned. In the case |
| of LDAP, the GroupName will be the LDAP group the user is part of. |
| - name: Privilege |
| type: string |
| description: > |
| The privilege associated with the group. The set of available |
| privileges are xyz.openbmc_project.User.Manager.AllPrivileges. |
| xyz.openbmc_project.Common.Error.InvalidArgument exception will |
| be thrown if the privilege is invalid. Additional documentation |
| on privilege is available here. |
| https://github.com/openbmc/docs/blob/master/architecture/user-management.md |
| returns: |
| - name: Path |
| type: path |
| description: > |
| The path for the created privilege mapping object. |
| |
| errors: |
| - xyz.openbmc_project.Common.Error.InternalFailure |
| - xyz.openbmc_project.Common.Error.InvalidArgument |
| - xyz.openbmc_project.User.Common.Error.PrivilegeMappingExists |