Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-user-manager / 9164fd9b15e7af88e8b80c7ed7dad45266327a57 / . / user_mgr.hpp
blob: b5997242fe7b1fae2613e414a1b376c8fa1404cf [file] [log] [blame]
Richard Marian Thomaiyar9f630d92018-05-24 10:49:10 +0530[diff] [blame]1/*
2// Copyright (c) 2018 Intel Corporation
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8// http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15*/
16#pragma once
17#include <sdbusplus/bus.hpp>
18#include <sdbusplus/server/object.hpp>
19#include <xyz/openbmc_project/User/Manager/server.hpp>
Richard Marian Thomaiyar9164fd92018-06-13 16:51:00 +0530[diff] [blame^]20#include <xyz/openbmc_project/User/AccountPolicy/server.hpp>
Richard Marian Thomaiyar9f630d92018-05-24 10:49:10 +0530[diff] [blame]21#include <unordered_map>
22#include "users.hpp"
23
24namespace phosphor
25{
26namespace user
27{
28
29using UserMgrIface = sdbusplus::xyz::openbmc_project::User::server::Manager;
30using UserSSHLists =
31 std::pair<std::vector<std::string>, std::vector<std::string>>;
Richard Marian Thomaiyar9164fd92018-06-13 16:51:00 +0530[diff] [blame^]32using AccountPolicyIface =
33 sdbusplus::xyz::openbmc_project::User::server::AccountPolicy;
34
Richard Marian Thomaiyar9f630d92018-05-24 10:49:10 +0530[diff] [blame]35/** @class UserMgr
36 * @brief Responsible for managing user accounts over the D-Bus interface.
37 */
Richard Marian Thomaiyar9164fd92018-06-13 16:51:00 +0530[diff] [blame^]38class UserMgr : public UserMgrIface, AccountPolicyIface
Richard Marian Thomaiyar9f630d92018-05-24 10:49:10 +0530[diff] [blame]39{
40 public:
41 UserMgr() = delete;
42 ~UserMgr() = default;
43 UserMgr(const UserMgr &) = delete;
44 UserMgr &operator=(const UserMgr &) = delete;
45 UserMgr(UserMgr &&) = delete;
46 UserMgr &operator=(UserMgr &&) = delete;
47
48 /** @brief Constructs UserMgr object.
49 *
50 * @param[in] bus - sdbusplus handler
51 * @param[in] path - D-Bus path
52 */
53 UserMgr(sdbusplus::bus::bus &bus, const char *path);
54
55 /** @brief create user method.
56 * This method creates a new user as requested
57 *
58 * @param[in] userName - Name of the user which has to be created
59 * @param[in] groupNames - Group names list, to which user has to be added.
60 * @param[in] priv - Privilege of the user.
61 * @param[in] enabled - State of the user enabled / disabled.
62 */
63 void createUser(std::string userName, std::vector<std::string> groupNames,
64 std::string priv, bool enabled) override;
65
66 /** @brief rename user method.
67 * This method renames the user as requested
68 *
69 * @param[in] userName - current name of the user
70 * @param[in] newUserName - new user name to which it has to be renamed.
71 */
72 void renameUser(std::string userName, std::string newUserName) override;
73
74 /** @brief delete user method.
75 * This method deletes the user as requested
76 *
77 * @param[in] userName - Name of the user which has to be deleted
78 */
79 void deleteUser(std::string userName);
80
81 /** @brief Update user groups & privilege.
82 * This method updates user groups & privilege
83 *
84 * @param[in] userName - user name, for which update is requested
85 * @param[in] groupName - Group to be updated..
86 * @param[in] priv - Privilege to be updated.
87 */
88 void updateGroupsAndPriv(const std::string &userName,
89 const std::vector<std::string> &groups,
90 const std::string &priv);
91
92 /** @brief Update user enabled state.
93 * This method enables / disables user
94 *
95 * @param[in] userName - user name, for which update is requested
96 * @param[in] enabled - enable / disable the user
97 */
98 void userEnable(const std::string &userName, bool enabled);
99
Richard Marian Thomaiyar9164fd92018-06-13 16:51:00 +0530[diff] [blame^]100 /** @brief update minimum password length requirement
101 *
102 * @param[in] val - minimum password length
103 * @return - minimum password length
104 */
105 uint8_t minPasswordLength(uint8_t val) override;
106
107 /** @brief update old password history count
108 *
109 * @param[in] val - number of times old passwords has to be avoided
110 * @return - number of times old password has to be avoided
111 */
112 uint8_t rememberOldPasswordTimes(uint8_t val) override;
113
114 /** @brief update maximum number of failed login attempt before locked
115 * out.
116 *
117 * @param[in] val - number of allowed attempt
118 * @return - number of allowed attempt
119 */
120 uint16_t maxLoginAttemptBeforeLockout(uint16_t val) override;
121
122 /** @brief update timeout to unlock the account
123 *
124 * @param[in] val - value in seconds
125 * @return - value in seconds
126 */
127 uint32_t accountUnlockTimeout(uint32_t val) override;
128
Richard Marian Thomaiyar9f630d92018-05-24 10:49:10 +0530[diff] [blame]129 private:
130 /** @brief sdbusplus handler */
131 sdbusplus::bus::bus &bus;
132
133 /** @brief object path */
134 const std::string path;
135
136 /** @brief privilege manager container */
137 std::vector<std::string> privMgr = {"priv-admin", "priv-operator",
138 "priv-user", "priv-callback"};
139
140 /** @brief groups manager container */
141 std::vector<std::string> groupsMgr = {"web", "redfish", "ipmi", "ssh"};
142
143 /** @brief map container to hold users object */
144 using UserName = std::string;
145 std::unordered_map<UserName, std::unique_ptr<phosphor::user::Users>>
146 usersList;
147
148 /** @brief get users in group
149 * method to get group user list
150 *
151 * @param[in] groupName - group name
152 *
153 * @return userList - list of users in the group.
154 */
155 std::vector<std::string> getUsersInGroup(const std::string &groupName);
156
157 /** @brief get user & SSH users list
158 * method to get the users and ssh users list.
159 *
160 *@return - vector of User & SSH user lists
161 */
162 UserSSHLists getUserAndSshGrpList(void);
163
164 /** @brief check for user presence
165 * method to check for user existence
166 *
167 * @param[in] userName - name of the user
168 * @return -true if user exists and false if not.
169 */
170 bool isUserExist(const std::string &userName);
171
172 /** @brief check user exists
173 * method to check whether user exist, and throw if not.
174 *
175 * @param[in] userName - name of the user
176 */
177 void throwForUserDoesNotExist(const std::string &userName);
178
179 /** @brief check user does not exist
180 * method to check whether does not exist, and throw if exists.
181 *
182 * @param[in] userName - name of the user
183 */
184 void throwForUserExists(const std::string &userName);
185
186 /** @brief check user name constraints
187 * method to check user name constraints and throw if failed.
188 *
189 * @param[in] userName - name of the user
190 * @param[in] groupNames - user groups
191 */
192 void
193 throwForUserNameConstraints(const std::string &userName,
194 const std::vector<std::string> &groupNames);
195
196 /** @brief check group user count
197 * method to check max group user count, and throw if limit reached
198 *
199 * @param[in] groupNames - group name
200 */
201 void throwForMaxGrpUserCount(const std::vector<std::string> &groupNames);
202
203 /** @brief check for valid privielge
204 * method to check valid privilege, and throw if invalid
205 *
206 * @param[in] priv - privilege of the user
207 */
208 void throwForInvalidPrivilege(const std::string &priv);
209
210 /** @brief check for valid groups
211 * method to check valid groups, and throw if invalid
212 *
213 * @param[in] groupNames - user groups
214 */
215 void throwForInvalidGroups(const std::vector<std::string> &groupName);
216
217 /** @brief get user enabled state
218 * method to get user enabled state.
219 *
220 * @param[in] userName - name of the user
221 * @return - user enabled status (true/false)
222 */
223 bool isUserEnabled(const std::string &userName);
224
225 /** @brief initialize the user manager objects
226 * method to initialize the user manager objects accordingly
227 *
228 */
229 void initUserObjects(void);
230
231 /** @brief get IPMI user count
232 * method to get IPMI user count
233 *
234 * @return - returns user count
235 */
236 size_t getIpmiUsersCount(void);
Richard Marian Thomaiyar9164fd92018-06-13 16:51:00 +0530[diff] [blame^]237
238 /** @brief get pam argument value
239 * method to get argument value from pam configuration
240 *
241 * @param[in] moduleName - name of the module from where arg has to be read
242 * @param[in] argName - argument name
243 * @param[out] argValue - argument value
244 *
245 * @return 0 - success state of the function
246 */
247 int getPamModuleArgValue(const std::string &moduleName,
248 const std::string &argName, std::string &argValue);
249
250 /** @brief set pam argument value
251 * method to set argument value in pam configuration
252 *
253 * @param[in] moduleName - name of the module in which argument value has
254 * to be set
255 * @param[in] argName - argument name
256 * @param[out] argValue - argument value
257 *
258 * @return 0 - success state of the function
259 */
260 int setPamModuleArgValue(const std::string &moduleName,
261 const std::string &argName,
262 const std::string &argValue);
Richard Marian Thomaiyar9f630d92018-05-24 10:49:10 +0530[diff] [blame]263};
264
265} // namespace user
266} // namespace phosphor