blob: ff9196ef1430369f77dfa6974ae203373f1aac2e [file] [log] [blame]
Tom Josephbf21cfa2018-08-20 19:13:39 +05301description: >
2 Implement this interface to set the privilege of the user based on the
3 group name. The users in the group will inherit the privilege mapping of
4 the group. The Create method on success creates the object which implements
5 xyz.openbmc_project.User.PrivilegeMapperEntry. For example in the case of
Tom Josepha5848932018-09-30 16:00:54 +05306 LDAP, the object path will be
7 /xyz/openbmc_project/user/ldap/privilege_mapper/<id>. The <id> will be
8 a unique number generated by the application. If the privilege mapping
9 already exists then it throws the exception
Tom Josephbf21cfa2018-08-20 19:13:39 +053010 xyz.openbmc_project.User.Common.Error.PrivilegeMappingExists. To modify the
11 privilege for a mapping which already exists, the Privilege property in the
12 xyz.openbmc_project.User.PrivilegeMapperEntry interface needs to be set.
Tom Josepha5848932018-09-30 16:00:54 +053013 Any application consuming the privilege mapping should not cache the object
14 path and use the GetManagedObjects method on the
15 org.freedesktop.DBus.ObjectManager interface to figure out the D-Bus object
16 path associated with the group name.
Tom Josephbf21cfa2018-08-20 19:13:39 +053017
18methods:
19 - name: Create
20 description: >
21 Creates a mapping for the group to the privilege.
22 parameters:
23 - name: GroupName
24 type: string
25 description: >
26 Group Name to which the privilege is to be assigned. In the case
Tom Josepha5848932018-09-30 16:00:54 +053027 of LDAP, the GroupName will be the LDAP group the user is part of.
Tom Josephbf21cfa2018-08-20 19:13:39 +053028 - name: Privilege
29 type: string
30 description: >
31 The privilege associated with the group. The set of available
32 privileges are xyz.openbmc_project.User.Manager.AllPrivileges.
33 xyz.openbmc_project.Common.Error.InvalidArgument exception will
34 be thrown if the privilege is invalid. Additional documentation
35 on privilege is available here.
Gunnar Mills3f86d122019-10-17 12:16:58 -050036 https://github.com/openbmc/docs/blob/master/architecture/user_management.md
Tom Josephbf21cfa2018-08-20 19:13:39 +053037 returns:
38 - name: Path
Tom Josepha5848932018-09-30 16:00:54 +053039 type: path
Tom Josephbf21cfa2018-08-20 19:13:39 +053040 description: >
41 The path for the created privilege mapping object.
42
43 errors:
44 - xyz.openbmc_project.Common.Error.InternalFailure
45 - xyz.openbmc_project.Common.Error.InvalidArgument
Gunnar Mills3f86d122019-10-17 12:16:58 -050046 - xyz.openbmc_project.User.Common.Error.PrivilegeMappingExists