Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-host-ipmid / b0d1396156ae1b96f3364d17dd27d80de69b3971 / . / user_channel / user_layer.cpp
blob: ff1f96573ddda58b71696157b21bdcc109368588 [file] [log] [blame]
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]1/*
2// Copyright (c) 2018 Intel Corporation
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8// http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15*/
16
17#include "user_layer.hpp"
18
19#include "passwd_mgr.hpp"
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]20#include "user_mgmt.hpp"
21
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]22namespace
23{
24ipmi::PasswdMgr passwdMgr;
25}
26
27namespace ipmi
28{
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]29
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]30Cc ipmiUserInit()
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]31{
32 getUserAccessObject();
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]33 return ccSuccess;
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]34}
35
Vernon Mauery1e22a0f2021-07-30 13:36:54 -0700[diff] [blame]36SecureString ipmiUserGetPassword(const std::string& userName)
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]37{
38 return passwdMgr.getPasswdByUserName(userName);
39}
40
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]41Cc ipmiClearUserEntryPassword(const std::string& userName)
AppaRao Pulib29b5ab2018-05-17 10:28:48 +0530[diff] [blame]42{
Richard Marian Thomaiyar42bed642018-09-21 12:28:57 +0530[diff] [blame]43 if (passwdMgr.updateUserEntry(userName, "") != 0)
44 {
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]45 return ccUnspecifiedError;
Richard Marian Thomaiyar42bed642018-09-21 12:28:57 +0530[diff] [blame]46 }
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]47 return ccSuccess;
Richard Marian Thomaiyar42bed642018-09-21 12:28:57 +0530[diff] [blame]48}
49
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]50Cc ipmiRenameUserEntryPassword(const std::string& userName,
51 const std::string& newUserName)
Richard Marian Thomaiyar42bed642018-09-21 12:28:57 +0530[diff] [blame]52{
53 if (passwdMgr.updateUserEntry(userName, newUserName) != 0)
54 {
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]55 return ccUnspecifiedError;
Richard Marian Thomaiyar42bed642018-09-21 12:28:57 +0530[diff] [blame]56 }
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]57 return ccSuccess;
AppaRao Pulib29b5ab2018-05-17 10:28:48 +0530[diff] [blame]58}
59
Richard Marian Thomaiyara45cb342018-12-03 15:08:59 +0530[diff] [blame]60bool ipmiUserIsValidUserId(const uint8_t userId)
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]61{
62 return UserAccess::isValidUserId(userId);
63}
64
Richard Marian Thomaiyara45cb342018-12-03 15:08:59 +0530[diff] [blame]65bool ipmiUserIsValidPrivilege(const uint8_t priv)
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]66{
67 return UserAccess::isValidPrivilege(priv);
68}
69
70uint8_t ipmiUserGetUserId(const std::string& userName)
71{
72 return getUserAccessObject().getUserId(userName);
73}
74
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]75Cc ipmiUserSetUserName(const uint8_t userId, const char* userName)
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]76{
Orit Kashanyf7616312025-08-24 04:48:41 -0700[diff] [blame]77 size_t len = strnlen(userName, ipmiMaxUserName);
78 std::string newUser(userName, len);
jayaprakash Mutyala76363302020-02-14 23:50:38 +0000[diff] [blame]79 return getUserAccessObject().setUserName(userId, newUser);
80}
81
82Cc ipmiUserSetUserName(const uint8_t userId, const std::string& userName)
83{
Orit Kashanyf7616312025-08-24 04:48:41 -0700[diff] [blame]84 size_t len =
85 std::min(userName.size(), static_cast<size_t>(ipmiMaxUserName));
86 std::string newUser(userName, 0, len);
jayaprakash Mutyala76363302020-02-14 23:50:38 +0000[diff] [blame]87 return getUserAccessObject().setUserName(userId, newUser);
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]88}
89
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]90Cc ipmiUserGetUserName(const uint8_t userId, std::string& userName)
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]91{
92 return getUserAccessObject().getUserName(userId, userName);
93}
94
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]95Cc ipmiUserSetUserPassword(const uint8_t userId, const char* userPassword)
Suryakanth Sekar90b00c72019-01-16 10:37:57 +0530[diff] [blame]96{
97 return getUserAccessObject().setUserPassword(userId, userPassword);
98}
99
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]100Cc ipmiSetSpecialUserPassword(const std::string& userName,
Vernon Mauery1e22a0f2021-07-30 13:36:54 -0700[diff] [blame]101 const SecureString& userPassword)
Richard Marian Thomaiyar788362c2019-04-14 15:12:47 +0530[diff] [blame]102{
103 return getUserAccessObject().setSpecialUserPassword(userName, userPassword);
104}
105
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]106Cc ipmiUserGetAllCounts(uint8_t& maxChUsers, uint8_t& enabledUsers,
107 uint8_t& fixedUsers)
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]108{
109 maxChUsers = ipmiMaxUsers;
110 UsersTbl* userData = getUserAccessObject().getUsersTblPtr();
111 enabledUsers = 0;
112 fixedUsers = 0;
113 // user index 0 is reserved, starts with 1
114 for (size_t count = 1; count <= ipmiMaxUsers; ++count)
115 {
116 if (userData->user[count].userEnabled)
117 {
118 enabledUsers++;
119 }
120 if (userData->user[count].fixedUserName)
121 {
122 fixedUsers++;
123 }
124 }
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]125 return ccSuccess;
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]126}
127
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]128Cc ipmiUserUpdateEnabledState(const uint8_t userId, const bool& state)
Richard Marian Thomaiyar282e79b2018-11-13 19:00:58 +0530[diff] [blame]129{
130 return getUserAccessObject().setUserEnabledState(userId, state);
131}
132
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]133Cc ipmiUserCheckEnabled(const uint8_t userId, bool& state)
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]134{
135 if (!UserAccess::isValidUserId(userId))
136 {
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]137 return ccParmOutOfRange;
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]138 }
139 UserInfo* userInfo = getUserAccessObject().getUserInfo(userId);
140 state = userInfo->userEnabled;
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]141 return ccSuccess;
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]142}
143
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]144Cc ipmiUserGetPrivilegeAccess(const uint8_t userId, const uint8_t chNum,
145 PrivAccess& privAccess)
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]146{
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]147 if (!UserAccess::isValidChannel(chNum))
148 {
George Liua0e545d2025-01-24 09:50:22 +0800[diff] [blame]149 lg2::error("Get Privilege access - Invalid channel number: {CHANNEL}",
150 "CHANNEL", chNum);
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]151 return ccInvalidFieldRequest;
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]152 }
153 if (!UserAccess::isValidUserId(userId))
154 {
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]155 return ccParmOutOfRange;
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]156 }
157 UserInfo* userInfo = getUserAccessObject().getUserInfo(userId);
158 privAccess.privilege = userInfo->userPrivAccess[chNum].privilege;
159 privAccess.ipmiEnabled = userInfo->userPrivAccess[chNum].ipmiEnabled;
160 privAccess.linkAuthEnabled =
161 userInfo->userPrivAccess[chNum].linkAuthEnabled;
162 privAccess.accessCallback = userInfo->userPrivAccess[chNum].accessCallback;
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]163 return ccSuccess;
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]164}
165
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]166Cc ipmiUserSetPrivilegeAccess(const uint8_t userId, const uint8_t chNum,
167 const PrivAccess& privAccess,
168 const bool& otherPrivUpdates)
Richard Marian Thomaiyar5a6b6362018-03-12 23:42:34 +0530[diff] [blame]169{
170 UserPrivAccess userPrivAccess;
171 userPrivAccess.privilege = privAccess.privilege;
172 if (otherPrivUpdates)
173 {
174 userPrivAccess.ipmiEnabled = privAccess.ipmiEnabled;
175 userPrivAccess.linkAuthEnabled = privAccess.linkAuthEnabled;
176 userPrivAccess.accessCallback = privAccess.accessCallback;
177 }
178 return getUserAccessObject().setUserPrivilegeAccess(
179 userId, chNum, userPrivAccess, otherPrivUpdates);
180}
181
Ayushi Smriti02650d52019-05-15 11:59:09 +0000[diff] [blame]182bool ipmiUserPamAuthenticate(std::string_view userName,
183 std::string_view userPassword)
184{
185 return pamUserCheckAuthenticate(userName, userPassword);
186}
187
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]188Cc ipmiUserSetUserPayloadAccess(const uint8_t chNum, const uint8_t operation,
189 const uint8_t userId,
190 const PayloadAccess& payloadAccess)
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]191{
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]192 if (!UserAccess::isValidChannel(chNum))
193 {
George Liua0e545d2025-01-24 09:50:22 +0800[diff] [blame]194 lg2::error(
195 "Set user payload access - Invalid channel number: {CHANNEL}",
196 "CHANNEL", chNum);
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]197 return ccInvalidFieldRequest;
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]198 }
199 if (!UserAccess::isValidUserId(userId))
200 {
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]201 return ccParmOutOfRange;
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]202 }
203
204 return getUserAccessObject().setUserPayloadAccess(chNum, operation, userId,
205 payloadAccess);
206}
207
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]208Cc ipmiUserGetUserPayloadAccess(const uint8_t chNum, const uint8_t userId,
209 PayloadAccess& payloadAccess)
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]210{
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]211 if (!UserAccess::isValidChannel(chNum))
212 {
George Liua0e545d2025-01-24 09:50:22 +0800[diff] [blame]213 lg2::error(
214 "Get user payload access - Invalid channel number: {CHANNEL}",
215 "CHANNEL", chNum);
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]216 return ccInvalidFieldRequest;
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]217 }
218 if (!UserAccess::isValidUserId(userId))
219 {
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]220 return ccParmOutOfRange;
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]221 }
222
223 UserInfo* userInfo = getUserAccessObject().getUserInfo(userId);
224
225 payloadAccess.stdPayloadEnables1 =
226 userInfo->payloadAccess[chNum].stdPayloadEnables1;
227 payloadAccess.stdPayloadEnables2Reserved =
228 userInfo->payloadAccess[chNum].stdPayloadEnables2Reserved;
229 payloadAccess.oemPayloadEnables1 =
230 userInfo->payloadAccess[chNum].oemPayloadEnables1;
231 payloadAccess.oemPayloadEnables2Reserved =
232 userInfo->payloadAccess[chNum].oemPayloadEnables2Reserved;
233
NITIN SHARMAb541a5a2019-07-18 12:46:59 +0000[diff] [blame]234 return ccSuccess;
Saravanan Palanisamy77381f12019-05-15 22:33:17 +0000[diff] [blame]235}
236
Richard Marian Thomaiyar4654d992018-04-19 05:38:37 +0530[diff] [blame]237} // namespace ipmi