Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-user-manager / 3a1c2741173d4fc28773fa4aeb699a137e739c1e / . / phosphor-ldap-config / ldap_configuration.hpp
blob: d4fe5b74564b3ce15fc806ce47b64c352314840e [file] [log] [blame]
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]1#pragma once
2
Nagaraju Gorugantif1940d92018-09-18 05:05:50 -0500[diff] [blame]3#include "config.h"
Nagaraju Goruganti24194bd2018-09-18 09:55:09 -0500[diff] [blame]4#include <xyz/openbmc_project/Object/Delete/server.hpp>
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]5#include <xyz/openbmc_project/Object/Enable/server.hpp>
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]6#include <xyz/openbmc_project/User/Ldap/Config/server.hpp>
7#include <xyz/openbmc_project/User/Ldap/Create/server.hpp>
Nagaraju Gorugantif1940d92018-09-18 05:05:50 -0500[diff] [blame]8#include <xyz/openbmc_project/Common/error.hpp>
9#include <phosphor-logging/log.hpp>
10#include <phosphor-logging/elog.hpp>
11#include <phosphor-logging/elog-errors.hpp>
12#include <sdbusplus/bus.hpp>
13#include <sdbusplus/server/object.hpp>
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]14#include <string>
15
16namespace phosphor
17{
18namespace ldap
19{
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]20static constexpr auto defaultNslcdFile = "nslcd.conf.default";
21static constexpr auto nsSwitchFile = "nsswitch.conf";
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]22
Nagaraju Gorugantif1940d92018-09-18 05:05:50 -0500[diff] [blame]23using namespace phosphor::logging;
24using namespace sdbusplus::xyz::openbmc_project::Common::Error;
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]25using ConfigIface = sdbusplus::xyz::openbmc_project::User::Ldap::server::Config;
26using EnableIface = sdbusplus::xyz::openbmc_project::Object::server::Enable;
27using DeleteIface = sdbusplus::xyz::openbmc_project::Object::server::Delete;
28using Ifaces =
29 sdbusplus::server::object::object<ConfigIface, EnableIface, DeleteIface>;
30using CreateIface = sdbusplus::server::object::object<
31 sdbusplus::xyz::openbmc_project::User::Ldap::server::Create>;
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]32
33class ConfigMgr;
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame^]34class MockConfigMgr;
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]35
36/** @class Config
37 * @brief Configuration for LDAP.
38 * @details concrete implementation of xyz.openbmc_project.User.Ldap.Config
39 * API, in order to provide LDAP configuration.
40 */
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]41class Config : public Ifaces
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]42{
43 public:
44 Config() = delete;
45 ~Config() = default;
46 Config(const Config&) = delete;
47 Config& operator=(const Config&) = delete;
48 Config(Config&&) = default;
49 Config& operator=(Config&&) = default;
50
51 /** @brief Constructor to put object onto bus at a D-Bus path.
52 * @param[in] bus - Bus to attach to.
53 * @param[in] path - The D-Bus object path to attach at.
54 * @param[in] filePath - LDAP configuration file.
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]55 * @param[in] caCertFile - LDAP's CA certificate file.
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]56 * @param[in] secureLDAP - Specifies whether to use SSL or not.
57 * @param[in] lDAPServerURI - LDAP URI of the server.
58 * @param[in] lDAPBindDN - distinguished name with which to bind.
59 * @param[in] lDAPBaseDN - distinguished name to use as search base.
Nagaraju Gorugantidb60f582018-11-08 03:14:48 -0600[diff] [blame]60 * @param[in] lDAPBindDNPassword - credentials with which to bind.
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]61 * @param[in] lDAPSearchScope - the search scope.
62 * @param[in] lDAPType - Specifies the LDAP server type which can be AD
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]63 * or openLDAP.
64 * @param[in] lDAPServiceEnabled - Specifies whether the service would be
65 * enabled or not.
66 * @param[in] groupNameAttribute - Specifies attribute name that contains
67 * the name of the Group in the LDAP server.
68 * @param[in] userNameAttribute - Specifies attribute name that contains
69 * the username in the LDAP server.
70 *
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]71 * @param[in] parent - parent of config object.
72 */
73
74 Config(sdbusplus::bus::bus& bus, const char* path, const char* filePath,
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]75 const char* caCertFile, bool secureLDAP, std::string lDAPServerURI,
76 std::string lDAPBindDN, std::string lDAPBaseDN,
77 std::string&& lDAPBindDNPassword,
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]78 ConfigIface::SearchScope lDAPSearchScope, ConfigIface::Type lDAPType,
79 bool lDAPServiceEnabled, std::string groupNameAttribute,
80 std::string userNameAttribute, ConfigMgr& parent);
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]81
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]82 using ConfigIface::groupNameAttribute;
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]83 using ConfigIface::lDAPBaseDN;
84 using ConfigIface::lDAPBindDN;
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame^]85 using ConfigIface::lDAPBindDNPassword;
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]86 using ConfigIface::lDAPSearchScope;
87 using ConfigIface::lDAPServerURI;
88 using ConfigIface::lDAPType;
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]89 using ConfigIface::setPropertyByName;
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]90 using ConfigIface::userNameAttribute;
91 using EnableIface::enabled;
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]92
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]93 /** @brief Update the Server URI property.
94 * @param[in] value - lDAPServerURI value to be updated.
95 * @returns value of changed lDAPServerURI.
96 */
97 std::string lDAPServerURI(std::string value) override;
98
99 /** @brief Update the BindDN property.
100 * @param[in] value - lDAPBindDN value to be updated.
101 * @returns value of changed lDAPBindDN.
102 */
103 std::string lDAPBindDN(std::string value) override;
104
105 /** @brief Update the BaseDN property.
106 * @param[in] value - lDAPBaseDN value to be updated.
107 * @returns value of changed lDAPBaseDN.
108 */
109 std::string lDAPBaseDN(std::string value) override;
110
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]111 /** @brief Update the Search scope property.
112 * @param[in] value - lDAPSearchScope value to be updated.
113 * @returns value of changed lDAPSearchScope.
114 */
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]115 ConfigIface::SearchScope
116 lDAPSearchScope(ConfigIface::SearchScope value) override;
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]117
118 /** @brief Update the LDAP Type property.
119 * @param[in] value - lDAPType value to be updated.
120 * @returns value of changed lDAPType.
121 */
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]122 ConfigIface::Type lDAPType(ConfigIface::Type value) override;
123
124 /** @brief Update the ldapServiceEnabled property.
125 * @param[in] value - ldapServiceEnabled value to be updated.
126 * @returns value of changed ldapServiceEnabled.
127 */
128 bool enabled(bool value) override;
129
130 /** @brief Update the userNameAttribute property.
131 * @param[in] value - userNameAttribute value to be updated.
132 * @returns value of changed userNameAttribute.
133 */
134 std::string userNameAttribute(std::string value) override;
135
136 /** @brief Update the groupNameAttribute property.
137 * @param[in] value - groupNameAttribute value to be updated.
138 * @returns value of changed groupNameAttribute.
139 */
140 std::string groupNameAttribute(std::string value) override;
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]141
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame^]142 /** @brief Update the BindDNPasword property.
143 * @param[in] value - lDAPBindDNPassword value to be updated.
144 * @returns value of changed lDAPBindDNPassword.
145 */
146 std::string lDAPBindDNPassword(std::string value) override;
147
Nagaraju Goruganti24194bd2018-09-18 09:55:09 -0500[diff] [blame]148 /** @brief Delete this D-bus object.
149 */
150 void delete_() override;
151
Nagaraju Gorugantidb60f582018-11-08 03:14:48 -0600[diff] [blame]152 bool secureLDAP;
153
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]154 private:
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame^]155 std::string lDAPBindPassword{};
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]156 std::string configFilePath{};
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]157 std::string tlsCacertFile{};
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]158
159 /** @brief Persistent sdbusplus D-Bus bus connection. */
160 sdbusplus::bus::bus& bus;
161
162 /** @brief Create a new LDAP config file.
163 */
164 virtual void writeConfig();
165
166 /** @brief reference to config manager object */
167 ConfigMgr& parent;
Ratan Gupta3a1c2742019-03-20 06:49:42 +0530[diff] [blame^]168
169 friend class MockConfigMgr;
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]170};
171
172/** @class ConfigMgr
173 * @brief Creates LDAP server configuration.
174 * @details concrete implementation of xyz.openbmc_project.User.Ldap.Create
175 * APIs, in order to create LDAP configuration.
176 */
177class ConfigMgr : public CreateIface
178{
179 public:
180 ConfigMgr() = delete;
181 ~ConfigMgr() = default;
182 ConfigMgr(const ConfigMgr&) = delete;
183 ConfigMgr& operator=(const ConfigMgr&) = delete;
184 ConfigMgr(ConfigMgr&&) = delete;
185 ConfigMgr& operator=(ConfigMgr&&) = delete;
186
187 /** @brief ConfigMgr to put object onto bus at a dbus path.
188 * @param[in] bus - Bus to attach to.
189 * @param[in] path - Path to attach at.
190 * @param[in] filePath - LDAP configuration file.
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]191 * @param[in] dbusPersistentPath - Persistent path for LDAP D-Bus property.
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]192 * @param[in] caCertFile - LDAP's CA certificate file.
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]193 */
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]194 ConfigMgr(sdbusplus::bus::bus& bus, const char* path, const char* filePath,
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]195 const char* dbusPersistentPath, const char* caCertFile) :
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]196 CreateIface(bus, path, true),
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]197 dbusPersistentPath(dbusPersistentPath), configFilePath(filePath),
198 bus(bus)
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]199 {
Nagaraju Gorugantif1940d92018-09-18 05:05:50 -0500[diff] [blame]200 try
201 {
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]202 restore(configFilePath.c_str());
Nagaraju Gorugantif1940d92018-09-18 05:05:50 -0500[diff] [blame]203 emit_object_added();
204 }
205 catch (const std::exception& e)
206 {
207 configPtr.reset(nullptr);
208 log<level::ERR>(e.what());
209 elog<InternalFailure>();
210 }
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]211 }
212
213 /** @brief concrete implementation of the pure virtual funtion
214 xyz.openbmc_project.User.Ldap.Create.createConfig.
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]215 * @param[in] lDAPServerURI - LDAP URI of the server.
216 * @param[in] lDAPBindDN - distinguished name with which bind to bind
217 to the directory server for lookups.
218 * @param[in] lDAPBaseDN - distinguished name to use as search base.
Nagaraju Gorugantidb60f582018-11-08 03:14:48 -0600[diff] [blame]219 * @param[in] lDAPBindDNPassword - credentials with which to bind.
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]220 * @param[in] lDAPSearchScope - the search scope.
221 * @param[in] lDAPType - Specifies the LDAP server type which can be AD
222 or openLDAP.
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]223 * @param[in] groupNameAttribute - Specifies attribute name that contains
224 * the name of the Group in the LDAP server.
225 * @param[in] usernameAttribute - Specifies attribute name that contains
226 * the username in the LDAP server.
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]227 * @returns the object path of the D-Bus object created.
228 */
Nagaraju Gorugantidb60f582018-11-08 03:14:48 -0600[diff] [blame]229 std::string createConfig(std::string lDAPServerURI, std::string lDAPBindDN,
230 std::string lDAPBaseDN,
231 std::string lDAPBindDNPassword,
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]232 CreateIface::SearchScope lDAPSearchScope,
233 CreateIface::Type lDAPType,
234 std::string groupNameAttribute,
235 std::string userNameAttribute) override;
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]236
237 /** @brief restarts given service
238 * @param[in] service - Service to be restarted.
239 */
240 virtual void restartService(const std::string& service);
241
Nagaraju Gorugantidccee2b2018-09-25 08:51:06 -0500[diff] [blame]242 /** @brief stops given service
243 * @param[in] service - Service to be stopped.
244 */
245 virtual void stopService(const std::string& service);
246
Ratan Guptaaeaf9412019-02-11 04:41:52 -0600[diff] [blame]247 /** @brief start or stop the service depending on the given value
248 * @param[in] service - Service to be start/stop.
249 * @param[in] value - true to start the service otherwise stop.
250 */
251 virtual void startOrStopService(const std::string& service, bool value);
252
Nagaraju Goruganti24194bd2018-09-18 09:55:09 -0500[diff] [blame]253 /** @brief delete the config D-Bus object.
254 */
255 void deleteObject();
256
Ratan Gupta95a29312019-02-18 20:34:10 +0530[diff] [blame]257 /* ldap service enabled property would be saved under
258 * this path.
259 */
260 std::string dbusPersistentPath;
261
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]262 protected:
Nagaraju Gorugantidb60f582018-11-08 03:14:48 -0600[diff] [blame]263 std::string configFilePath{};
Nagaraju Goruganti3b4d06a2018-11-08 03:13:38 -0600[diff] [blame]264 std::string tlsCacertFile{};
Nagaraju Gorugantid514e5d2018-11-08 03:07:25 -0600[diff] [blame]265
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]266 /** @brief Persistent sdbusplus D-Bus bus connection. */
267 sdbusplus::bus::bus& bus;
268
269 /** @brief Pointer to a Config D-Bus object */
270 std::unique_ptr<Config> configPtr = nullptr;
Nagaraju Gorugantif1940d92018-09-18 05:05:50 -0500[diff] [blame]271
272 /** @brief Populate existing config into D-Bus properties
273 * @param[in] filePath - LDAP config file path
274 */
275 virtual void restore(const char* filePath);
Nagaraju Goruganti997f5e02018-08-30 03:05:11 -0500[diff] [blame]276};
277} // namespace ldap
278} // namespace phosphor