commit 5c892d183ecc2f561cba7d0cf10b15ad79fa2a67
author Asmitha Karunanithi <asmitk01@in.ibm.com> Fri Mar 25 01:32:43 2022 -0500
committer Asmitha Karunanithi <asmitk01@in.ibm.com> Thu Nov 17 07:28:55 2022 +0000
tree 5a4eb345fbd3b49affdc409bdb27a7226735913a
parent a295303b14b284ebaa4f87cf96582d55d4fedeaf

Remove support for priv-noaccess role

This change is made w.r.t the discussions in:
https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/49295

An authenticated user with the NoAccess role can login but they cannot
logout.

This commit is to block the login for a user with priv-noaccess
Details are at https://github.com/openbmc/bmcweb/issues/227

Tested By:
 1. Create an LDAP user with priv-noaccess. Verify the login attempt
    fails with accessDenied error
 2. Verified the other role users can login

Signed-off-by: Asmitha Karunanithi <asmitk01@in.ibm.com>
Change-Id: I86f554460e224d6d6e70652c08b32f994194494d

phosphor-ldap-config/ldap_config.hpp

diff --git a/phosphor-ldap-config/ldap_config.hpp b/phosphor-ldap-config/ldap_config.hpp
index 53a777f..c1ba5ec 100644
--- a/phosphor-ldap-config/ldap_config.hpp
+++ b/phosphor-ldap-config/ldap_config.hpp
@@ -277,7 +277,6 @@
         "priv-admin",
         "priv-operator",
         "priv-user",
-        "priv-noaccess",
     };
 
     /** @brief React to InterfaceAdded signal

user_mgr.hpp

diff --git a/user_mgr.hpp b/user_mgr.hpp
index 6f7c7ce..e673527 100644
--- a/user_mgr.hpp
+++ b/user_mgr.hpp
@@ -350,7 +350,7 @@
 
     /** @brief privilege manager container */
     std::vector<std::string> privMgr = {"priv-admin", "priv-operator",
-                                        "priv-user", "priv-noaccess"};
+                                        "priv-user"};
 
     /** @brief groups manager container */
     std::vector<std::string> groupsMgr = {"web", "redfish", "ipmi", "ssh"};