description: > Implement this interface to set the privilege of the user based on the group name. The users in the group will inherit the privilege mapping of the group. The Create method on success creates the object which implements xyz.openbmc_project.User.PrivilegeMapperEntry. For example in the case of LDAP, the object path will be /xyz/openbmc_project/user/ldap/privilege_mapper/. The will be a unique number generated by the application. If the privilege mapping already exists then it throws the exception xyz.openbmc_project.User.Common.Error.PrivilegeMappingExists. To modify the privilege for a mapping which already exists, the Privilege property in the xyz.openbmc_project.User.PrivilegeMapperEntry interface needs to be set. Any application consuming the privilege mapping should not cache the object path and use the GetManagedObjects method on the org.freedesktop.DBus.ObjectManager interface to figure out the D-Bus object path associated with the group name. methods: - name: Create description: > Creates a mapping for the group to the privilege. parameters: - name: GroupName type: string description: > Group Name to which the privilege is to be assigned. In the case of LDAP, the GroupName will be the LDAP group the user is part of. - name: Privilege type: string description: > The privilege associated with the group. The set of available privileges are xyz.openbmc_project.User.Manager.AllPrivileges. xyz.openbmc_project.Common.Error.InvalidArgument exception will be thrown if the privilege is invalid. Additional documentation on privilege is available here. https://github.com/openbmc/docs/blob/master/architecture/user-management.md returns: - name: Path type: path description: > The path for the created privilege mapping object. errors: - xyz.openbmc_project.Common.Error.InternalFailure - xyz.openbmc_project.Common.Error.InvalidArgument - xyz.openbmc_project.User.Common.Error.PrivilegeMappingExists