blob: b309e8658eb362027ba325a78169ac9164a15358 [file] [log] [blame]
/*
// Copyright (c) 2018 Intel Corporation
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
*/
#include "user_layer.hpp"
#include "passwd_mgr.hpp"
#include "user_mgmt.hpp"
namespace
{
ipmi::PasswdMgr passwdMgr;
}
namespace ipmi
{
ipmi_ret_t ipmiUserInit()
{
getUserAccessObject();
return IPMI_CC_OK;
}
std::string ipmiUserGetPassword(const std::string& userName)
{
return passwdMgr.getPasswdByUserName(userName);
}
ipmi_ret_t ipmiClearUserEntryPassword(const std::string& userName)
{
if (passwdMgr.updateUserEntry(userName, "") != 0)
{
return IPMI_CC_UNSPECIFIED_ERROR;
}
return IPMI_CC_OK;
}
ipmi_ret_t ipmiRenameUserEntryPassword(const std::string& userName,
const std::string& newUserName)
{
if (passwdMgr.updateUserEntry(userName, newUserName) != 0)
{
return IPMI_CC_UNSPECIFIED_ERROR;
}
return IPMI_CC_OK;
}
bool ipmiUserIsValidUserId(const uint8_t userId)
{
return UserAccess::isValidUserId(userId);
}
bool ipmiUserIsValidPrivilege(const uint8_t priv)
{
return UserAccess::isValidPrivilege(priv);
}
uint8_t ipmiUserGetUserId(const std::string& userName)
{
return getUserAccessObject().getUserId(userName);
}
ipmi_ret_t ipmiUserSetUserName(const uint8_t userId, const char* userName)
{
return getUserAccessObject().setUserName(userId, userName);
}
ipmi_ret_t ipmiUserGetUserName(const uint8_t userId, std::string& userName)
{
return getUserAccessObject().getUserName(userId, userName);
}
ipmi_ret_t ipmiUserSetUserPassword(const uint8_t userId,
const char* userPassword)
{
return getUserAccessObject().setUserPassword(userId, userPassword);
}
ipmi_ret_t ipmiSetSpecialUserPassword(const std::string& userName,
const std::string& userPassword)
{
return getUserAccessObject().setSpecialUserPassword(userName, userPassword);
}
ipmi_ret_t ipmiUserGetAllCounts(uint8_t& maxChUsers, uint8_t& enabledUsers,
uint8_t& fixedUsers)
{
maxChUsers = ipmiMaxUsers;
UsersTbl* userData = getUserAccessObject().getUsersTblPtr();
enabledUsers = 0;
fixedUsers = 0;
// user index 0 is reserved, starts with 1
for (size_t count = 1; count <= ipmiMaxUsers; ++count)
{
if (userData->user[count].userEnabled)
{
enabledUsers++;
}
if (userData->user[count].fixedUserName)
{
fixedUsers++;
}
}
return IPMI_CC_OK;
}
ipmi_ret_t ipmiUserUpdateEnabledState(const uint8_t userId, const bool& state)
{
return getUserAccessObject().setUserEnabledState(userId, state);
}
ipmi_ret_t ipmiUserCheckEnabled(const uint8_t userId, bool& state)
{
if (!UserAccess::isValidUserId(userId))
{
return IPMI_CC_PARM_OUT_OF_RANGE;
}
UserInfo* userInfo = getUserAccessObject().getUserInfo(userId);
state = userInfo->userEnabled;
return IPMI_CC_OK;
}
ipmi_ret_t ipmiUserGetPrivilegeAccess(const uint8_t userId, const uint8_t chNum,
PrivAccess& privAccess)
{
if (!UserAccess::isValidChannel(chNum))
{
return IPMI_CC_INVALID_FIELD_REQUEST;
}
if (!UserAccess::isValidUserId(userId))
{
return IPMI_CC_PARM_OUT_OF_RANGE;
}
UserInfo* userInfo = getUserAccessObject().getUserInfo(userId);
privAccess.privilege = userInfo->userPrivAccess[chNum].privilege;
privAccess.ipmiEnabled = userInfo->userPrivAccess[chNum].ipmiEnabled;
privAccess.linkAuthEnabled =
userInfo->userPrivAccess[chNum].linkAuthEnabled;
privAccess.accessCallback = userInfo->userPrivAccess[chNum].accessCallback;
return IPMI_CC_OK;
}
ipmi_ret_t ipmiUserSetPrivilegeAccess(const uint8_t userId, const uint8_t chNum,
const PrivAccess& privAccess,
const bool& otherPrivUpdates)
{
UserPrivAccess userPrivAccess;
userPrivAccess.privilege = privAccess.privilege;
if (otherPrivUpdates)
{
userPrivAccess.ipmiEnabled = privAccess.ipmiEnabled;
userPrivAccess.linkAuthEnabled = privAccess.linkAuthEnabled;
userPrivAccess.accessCallback = privAccess.accessCallback;
}
return getUserAccessObject().setUserPrivilegeAccess(
userId, chNum, userPrivAccess, otherPrivUpdates);
}
bool ipmiUserPamAuthenticate(std::string_view userName,
std::string_view userPassword)
{
return pamUserCheckAuthenticate(userName, userPassword);
}
ipmi_ret_t ipmiUserSetUserPayloadAccess(const uint8_t chNum,
const uint8_t operation,
const uint8_t userId,
const PayloadAccess& payloadAccess)
{
if (!UserAccess::isValidChannel(chNum))
{
return IPMI_CC_INVALID_FIELD_REQUEST;
}
if (!UserAccess::isValidUserId(userId))
{
return IPMI_CC_PARM_OUT_OF_RANGE;
}
return getUserAccessObject().setUserPayloadAccess(chNum, operation, userId,
payloadAccess);
}
ipmi_ret_t ipmiUserGetUserPayloadAccess(const uint8_t chNum,
const uint8_t userId,
PayloadAccess& payloadAccess)
{
if (!UserAccess::isValidChannel(chNum))
{
return IPMI_CC_INVALID_FIELD_REQUEST;
}
if (!UserAccess::isValidUserId(userId))
{
return IPMI_CC_PARM_OUT_OF_RANGE;
}
UserInfo* userInfo = getUserAccessObject().getUserInfo(userId);
payloadAccess.stdPayloadEnables1 =
userInfo->payloadAccess[chNum].stdPayloadEnables1;
payloadAccess.stdPayloadEnables2Reserved =
userInfo->payloadAccess[chNum].stdPayloadEnables2Reserved;
payloadAccess.oemPayloadEnables1 =
userInfo->payloadAccess[chNum].oemPayloadEnables1;
payloadAccess.oemPayloadEnables2Reserved =
userInfo->payloadAccess[chNum].oemPayloadEnables2Reserved;
return IPMI_CC_OK;
}
} // namespace ipmi