LDAP Config: Extend the support to change the BindDNPassword
Before this commit we don't allow the user to change the bind
DN password as our REST API was the mirror of the D-bus API.
Now with the introduction of Redfish, where we have to give the
support for changing the bind dn password.
With this fix, set property on the d-bus object would update the
underlying ldap config file but wouldn't update the D-bus object due
to security issue.
Signed-off-by: Ratan Gupta <ratagupt@linux.vnet.ibm.com>
Change-Id: I6072820185cd540fe44850b90a4f6c256c44471c
diff --git a/phosphor-ldap-config/ldap_configuration.hpp b/phosphor-ldap-config/ldap_configuration.hpp
index 976aac6..d4fe5b7 100644
--- a/phosphor-ldap-config/ldap_configuration.hpp
+++ b/phosphor-ldap-config/ldap_configuration.hpp
@@ -31,6 +31,7 @@
sdbusplus::xyz::openbmc_project::User::Ldap::server::Create>;
class ConfigMgr;
+class MockConfigMgr;
/** @class Config
* @brief Configuration for LDAP.
@@ -81,6 +82,7 @@
using ConfigIface::groupNameAttribute;
using ConfigIface::lDAPBaseDN;
using ConfigIface::lDAPBindDN;
+ using ConfigIface::lDAPBindDNPassword;
using ConfigIface::lDAPSearchScope;
using ConfigIface::lDAPServerURI;
using ConfigIface::lDAPType;
@@ -137,6 +139,12 @@
*/
std::string groupNameAttribute(std::string value) override;
+ /** @brief Update the BindDNPasword property.
+ * @param[in] value - lDAPBindDNPassword value to be updated.
+ * @returns value of changed lDAPBindDNPassword.
+ */
+ std::string lDAPBindDNPassword(std::string value) override;
+
/** @brief Delete this D-bus object.
*/
void delete_() override;
@@ -144,9 +152,9 @@
bool secureLDAP;
private:
+ std::string lDAPBindPassword{};
std::string configFilePath{};
std::string tlsCacertFile{};
- std::string lDAPBindDNPassword{};
/** @brief Persistent sdbusplus D-Bus bus connection. */
sdbusplus::bus::bus& bus;
@@ -157,6 +165,8 @@
/** @brief reference to config manager object */
ConfigMgr& parent;
+
+ friend class MockConfigMgr;
};
/** @class ConfigMgr