/* // Copyright (c) 2018 Intel Corporation // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. */ #include "user_layer.hpp" #include "passwd_mgr.hpp" #include "user_mgmt.hpp" namespace { ipmi::PasswdMgr passwdMgr; } namespace ipmi { Cc ipmiUserInit() { getUserAccessObject(); return ccSuccess; } SecureString ipmiUserGetPassword(const std::string& userName) { return passwdMgr.getPasswdByUserName(userName); } Cc ipmiClearUserEntryPassword(const std::string& userName) { if (passwdMgr.updateUserEntry(userName, "") != 0) { return ccUnspecifiedError; } return ccSuccess; } Cc ipmiRenameUserEntryPassword(const std::string& userName, const std::string& newUserName) { if (passwdMgr.updateUserEntry(userName, newUserName) != 0) { return ccUnspecifiedError; } return ccSuccess; } bool ipmiUserIsValidUserId(const uint8_t userId) { return UserAccess::isValidUserId(userId); } bool ipmiUserIsValidPrivilege(const uint8_t priv) { return UserAccess::isValidPrivilege(priv); } uint8_t ipmiUserGetUserId(const std::string& userName) { return getUserAccessObject().getUserId(userName); } Cc ipmiUserSetUserName(const uint8_t userId, const char* userName) { std::string newUser(userName, 0, ipmiMaxUserName); return getUserAccessObject().setUserName(userId, newUser); } Cc ipmiUserSetUserName(const uint8_t userId, const std::string& userName) { std::string newUser(userName, 0, ipmiMaxUserName); return getUserAccessObject().setUserName(userId, newUser); } Cc ipmiUserGetUserName(const uint8_t userId, std::string& userName) { return getUserAccessObject().getUserName(userId, userName); } Cc ipmiUserSetUserPassword(const uint8_t userId, const char* userPassword) { return getUserAccessObject().setUserPassword(userId, userPassword); } Cc ipmiSetSpecialUserPassword(const std::string& userName, const SecureString& userPassword) { return getUserAccessObject().setSpecialUserPassword(userName, userPassword); } Cc ipmiUserGetAllCounts(uint8_t& maxChUsers, uint8_t& enabledUsers, uint8_t& fixedUsers) { maxChUsers = ipmiMaxUsers; UsersTbl* userData = getUserAccessObject().getUsersTblPtr(); enabledUsers = 0; fixedUsers = 0; // user index 0 is reserved, starts with 1 for (size_t count = 1; count <= ipmiMaxUsers; ++count) { if (userData->user[count].userEnabled) { enabledUsers++; } if (userData->user[count].fixedUserName) { fixedUsers++; } } return ccSuccess; } Cc ipmiUserUpdateEnabledState(const uint8_t userId, const bool& state) { return getUserAccessObject().setUserEnabledState(userId, state); } Cc ipmiUserCheckEnabled(const uint8_t userId, bool& state) { if (!UserAccess::isValidUserId(userId)) { return ccParmOutOfRange; } UserInfo* userInfo = getUserAccessObject().getUserInfo(userId); state = userInfo->userEnabled; return ccSuccess; } Cc ipmiUserGetPrivilegeAccess(const uint8_t userId, const uint8_t chNum, PrivAccess& privAccess) { if (!UserAccess::isValidChannel(chNum)) { return ccInvalidFieldRequest; } if (!UserAccess::isValidUserId(userId)) { return ccParmOutOfRange; } UserInfo* userInfo = getUserAccessObject().getUserInfo(userId); privAccess.privilege = userInfo->userPrivAccess[chNum].privilege; privAccess.ipmiEnabled = userInfo->userPrivAccess[chNum].ipmiEnabled; privAccess.linkAuthEnabled = userInfo->userPrivAccess[chNum].linkAuthEnabled; privAccess.accessCallback = userInfo->userPrivAccess[chNum].accessCallback; return ccSuccess; } Cc ipmiUserSetPrivilegeAccess(const uint8_t userId, const uint8_t chNum, const PrivAccess& privAccess, const bool& otherPrivUpdates) { UserPrivAccess userPrivAccess; userPrivAccess.privilege = privAccess.privilege; if (otherPrivUpdates) { userPrivAccess.ipmiEnabled = privAccess.ipmiEnabled; userPrivAccess.linkAuthEnabled = privAccess.linkAuthEnabled; userPrivAccess.accessCallback = privAccess.accessCallback; } return getUserAccessObject().setUserPrivilegeAccess( userId, chNum, userPrivAccess, otherPrivUpdates); } bool ipmiUserPamAuthenticate(std::string_view userName, std::string_view userPassword) { return pamUserCheckAuthenticate(userName, userPassword); } Cc ipmiUserSetUserPayloadAccess(const uint8_t chNum, const uint8_t operation, const uint8_t userId, const PayloadAccess& payloadAccess) { if (!UserAccess::isValidChannel(chNum)) { return ccInvalidFieldRequest; } if (!UserAccess::isValidUserId(userId)) { return ccParmOutOfRange; } return getUserAccessObject().setUserPayloadAccess(chNum, operation, userId, payloadAccess); } Cc ipmiUserGetUserPayloadAccess(const uint8_t chNum, const uint8_t userId, PayloadAccess& payloadAccess) { if (!UserAccess::isValidChannel(chNum)) { return ccInvalidFieldRequest; } if (!UserAccess::isValidUserId(userId)) { return ccParmOutOfRange; } UserInfo* userInfo = getUserAccessObject().getUserInfo(userId); payloadAccess.stdPayloadEnables1 = userInfo->payloadAccess[chNum].stdPayloadEnables1; payloadAccess.stdPayloadEnables2Reserved = userInfo->payloadAccess[chNum].stdPayloadEnables2Reserved; payloadAccess.oemPayloadEnables1 = userInfo->payloadAccess[chNum].oemPayloadEnables1; payloadAccess.oemPayloadEnables2Reserved = userInfo->payloadAccess[chNum].oemPayloadEnables2Reserved; return ccSuccess; } } // namespace ipmi