Home
last modified time | relevance | path

Searched refs:privilege (Results 1 – 25 of 81) sorted by relevance

1234

/openbmc/phosphor-user-manager/test/
H A Dldap_mapper_entry_test.cpp100 std::string privilege = "priv-admin"; in TEST_F() local
107 bus, dbusPath.c_str(), persistPath.c_str(), groupName, privilege, in TEST_F()
111 EXPECT_EQ(entry->privilege(), privilege); in TEST_F()
127 std::string privilege = "priv-admin"; in TEST_F() local
134 bus, dbusPath.c_str(), persistPath.c_str(), groupName, privilege, in TEST_F()
158 std::string privilege = "priv-admin"; in TEST_F() local
165 bus, dbusPath.c_str(), persistPath.c_str(), groupName, privilege, in TEST_F()
168 entry->privilege("priv-operator"); in TEST_F()
169 EXPECT_EQ(entry->privilege(), "priv-operator"); in TEST_F()
171 entry->privilege("priv-user"); in TEST_F()
[all …]
H A Dldap_mapper_serialize_test.cpp93 std::string privilege = "priv-admin"; in TEST_F() local
100 bus, dbusPath.c_str(), persistPath.c_str(), groupName, privilege, in TEST_F()
120 std::string privilege = "priv-admin"; in TEST_F() local
130 bus, dbusPath.c_str(), persistPath.c_str(), groupName, privilege, in TEST_F()
144 EXPECT_EQ(entry2->privilege(), privilege); in TEST_F()
186 std::string privilege = "priv-admin"; in TEST_F() local
194 bus, dbusPath.c_str(), persistPath.c_str(), groupName, privilege, in TEST_F()
/openbmc/phosphor-user-manager/phosphor-ldap-config/
H A Dldap_mapper_entry.cpp18 const std::string& privilege, Config& parent) : in LDAPMapperEntry() argument
23 Interfaces::privilege(privilege, true); in LDAPMapperEntry()
53 std::string LDAPMapperEntry::privilege(std::string value) in privilege() function in phosphor::ldap::LDAPMapperEntry
55 if (value == Interfaces::privilege()) in privilege()
61 auto val = Interfaces::privilege(value); in privilege()
H A Dldap_mapper_serialize.cpp33 archive(entry.groupName(), entry.privilege()); in save()
49 std::string privilege{}; in load() local
53 archive(groupName, privilege); in load()
64 privilege(privilege, true); in load()
H A Dldap_mapper_entry.hpp49 const std::string& privilege, Config& parent);
81 std::string privilege(std::string value) override;
84 privilege;
/openbmc/phosphor-net-ipmid/
H A Dcommand_table.hpp56 session::Privilege privilege; member
117 Entry(CommandID command, session::Privilege privilege) : in Entry() argument
118 command(command), privilege(privilege) in Entry()
142 return privilege; in getPrivilege()
155 session::Privilege privilege; member in command::Entry
173 session::Privilege privilege, bool sessionless) : in NetIpmidEntry() argument
174 Entry(command, privilege), functor(functor), sessionless(sessionless) in NetIpmidEntry()
/openbmc/bmcweb/redfish-core/include/
H A Dprivileges.hpp85 for (const char* privilege : privilegeList) in Privileges() local
87 if (!setSinglePrivilege(privilege)) in Privileges()
90 privilege); in Privileges()
103 bool setSinglePrivilege(std::string_view privilege) in setSinglePrivilege() argument
108 if (privilege == privilegeNames[searchIndex]) in setSinglePrivilege()
126 bool resetSinglePrivilege(const char* privilege) in resetSinglePrivilege() argument
131 if (privilege == privilegeNames[searchIndex]) in resetSinglePrivilege()
/openbmc/openbmc-test-automation/redfish/account_service/
H A Dtest_ipmi_redfish_user.robot74 [Documentation] Update user privilege via Redfish and verify using IPMI.
77 # Create user using Redfish with admin privilege.
87 # Update user privilege to operator using Redfish.
91 # Verify new user privilege level via IPMI.
168 [Documentation] Update user privilege to operator via IPMI and verify using Redfish.
170 # Create user using IPMI with admin privilege.
174 # Change user privilege to opetrator using IPMI.
178 # Verify new user privilege level via Redfish.
179 ${privilege}= Redfish_Utils.Get Attribute
181 Should Be Equal ${privilege} Operator
[all …]
H A Dtest_ldap_configuration.robot150 [Documentation] Verify that LDAP user with administrator privilege able to do BMC reboot.
157 # With LDAP user and with right privilege trying to do BMC reboot.
164 [Documentation] Verify that LDAP user with operator privilege can do host
173 # Verify that the LDAP user with operator privilege is able to power the system off.
212 [Documentation] Verify that LDAP user with read privilege able to
222 [Documentation] Verify that LDAP user with read privilege should not be
303 ... privilege.
312 [Documentation] Verify that LDAP user authorization with wrong privilege
403 [Documentation] Verify that LDAP group name and group privilege able to
446 # Verify LDAP user with ReadOnly privilege no
[all...]
/openbmc/webui-vue/src/views/SecurityAndAccess/UserManagement/
H A DModalUser.vue107 :label="i18n.t('pageUserManagement.modal.privilege')"
108 label-for="privilege"
111 id="privilege"
112 v-model="form.privilege"
114 data-test-id="userManagement-select-privilege"
115 :state="getValidationState(v$.form.privilege)"
117 @change="v$.form.privilege.$touch()"
126 <template v-if="v$.form.privilege.required.$invalid">
285 privilege: null,
326 this.form.privilege = value.privilege;
[all …]
/openbmc/openbmc-test-automation/openpower/localuser/
H A Dtest_ipmi_redfish_user.robot24 [Documentation] Create user using IPMI without privilege and verify user privilege
34 # Verify new user privilege level via Redfish.
35 ${privilege}= Redfish.Get Attribute
37 Valid Value privilege ['ReadOnly']
121 [Documentation] Update user privilege via Redfish and verify using IPMI.
124 # Create user using Redfish with admin privilege.
140 # Update user privilege to readonly using Redfish.
144 # Verify new user privilege level via IPMI.
164 [Documentation] Create random IPMI user with given password and privilege
166 [Arguments] ${password} ${privilege}=0
[all …]
/openbmc/bmcweb/http/routing/
H A Druleparametertraits.hpp89 for (const std::initializer_list<const char*>& privilege : p) in privileges() local
91 self->privilegesSet.emplace_back(privilege); in privileges()
100 for (const redfish::Privileges& privilege : p) in privileges() local
102 self->privilegesSet.emplace_back(privilege); in privileges()
/openbmc/openbmc-tools/openbmctool/
H A DREADME.md202 ### Add privilege mapping
205 openbmctool.py <connection options> ldap privilege-mapper create --groupName=<groupName> --privileg…
208 ### Delete privilege mapping
211 openbmctool.py <connection options> ldap privilege-mapper delete --groupName=<groupName>
214 ### List privilege mapping
217 openbmctool.py <connection options> ldap privilege-mapper list
225 - Configure user privilege.
230 privilege mapping for the LDAP credentials then the user will get the following
233 403, 'LDAP group privilege mapping does not exist'.
235 Action: Add the privilege (refer to the section "Add privilege mapping")
[all …]
/openbmc/openbmc-test-automation/ipmi/
H A Dtest_ipmi_user.robot80 # Set admin privilege and enable IPMI messaging for newly created user.
81 Set Channel Access ${random_userid} ipmi=on privilege=${admin_level_priv}
202 # Set admin privilege and enable IPMI messaging for newly created user
203 Set Channel Access ${random_userid} ipmi=on privilege=${admin_level_priv}
255 [Documentation] Verify IPMI user with user privilege can only run user level commands.
266 [Documentation] Verify IPMI user with operator privilege can only run user and
278 [Documentation] Verify IPMI user with admin privilege can run all levels command.
300 # Set admin privilege and enable IPMI messaging for newly created user.
301 Set Channel Access ${random_userid} ipmi=on privilege=${admin_level_priv}
303 # Delay added for user privilege to get set.
[all …]
H A Dtest_ipmi_general.robot135 FOR ${privilege} IN 4 3 2
137 ${channel} ${privilege}
164 [Documentation] Set session privilege with given privilege level and verify the response with
177 [Documentation] Verify set invalid session privilege level via IPMI raw command.
322 [Documentation] Set session privilege with given privilege level and
329 # ‘return present privilege level’ was selected).
337 [Documentation] Set invalid session privilege level and verify the response.
351 # According to IPMI spec privilege level except 0x00-0x05, others are
352 # reserved. So if we try to set those privilege we will get rsp as
381 [Documentation] Verify authentication capabilities for given channel and privilege.
/openbmc/openbmc-test-automation/gui/gui_test/security_and_access_menu/
H A Dtest_user_management_sub_menu.robot25 ${xpath_privilege_list_button} //*[@data-test-id='userManagement-select-privilege']
56 Page should contain View privilege role descriptions
108 [Documentation] Create a new user with a privilege and verify that user is created.
120 [Documentation] Create users with different access privilege
161 # Get random username and user privilege level.
173 …[Documentation] Modify user privilege of existing user via GUI and verify the changes using Redfi…
177 # Get random username and user privilege level.
184 # Get user privilege role details distinct from the current ones.
185 FOR ${privilege} IN @{list_user_privilege}
186 IF '${privilege}' != '${privilege_level}'
[all …]
/openbmc/phosphor-host-ipmid/user_channel/
H A Duser_layer.cpp158 privAccess.privilege = userInfo->userPrivAccess[chNum].privilege; in ipmiUserGetPrivilegeAccess()
171 userPrivAccess.privilege = privAccess.privilege; in ipmiUserSetPrivilegeAccess()
H A Duser_mgmt.cpp149 .privilege != userPriv) in userUpdateHelper()
156 .privilege = userPriv; in userUpdateHelper()
387 // Callback privilege is deprecated in OpenBMC in isValidPrivilege()
393 // Identify the IPMI channel used to assign system user privilege levels in getUsrMgmtSyncIndex()
413 lg2::error("Error in converting to IPMI privilege: {PRIV}", "PRIV", in convertToIPMIPrivilege()
436 lg2::error("Error in converting to system privilege: {PRIV}", "PRIV", in convertToSystemPrivilege()
783 "Set user privilege access - Invalid channel request: {CHANNEL}", in setUserPrivilegeAccess()
802 static_cast<CommandPrivilege>(privAccess.privilege)); in setUserPrivilegeAccess()
805 privAccess.privilege != userInfo->userPrivAccess[syncIndex].privilege) in setUserPrivilegeAccess()
1145 std::vector<std::string> privilege = readUserData() local
1246 std::vector<std::string> privilege(ipmiMaxChannels); writeUserData() local
[all...]
H A Duser_layer.hpp53 uint8_t privilege:4; member
64 uint8_t privilege:4; member
/openbmc/webui-vue/src/store/modules/SecurityAndAccess/
H A DUserManagementStore.js115 async createUser({ dispatch }, { username, password, privilege, status }) {
119 RoleId: privilege,
143 { originalUsername, username, password, privilege, status, locked },
148 if (privilege) data.RoleId = privilege;
/openbmc/docs/architecture/
H A Dipmi-architecture.md61 "privilege": enum:privilege - ADMIN, USER, OPERATOR, CALLBACK;
62 must be less than or equal to the privilege of the user and less
63 than or equal to the max privilege of this channel
75 credentials and determining the maximum privilege available for this session.
95 For session-less channels (like BT, KCS, and IPMB), the only privilege check
96 will be to see that the requested privilege is less than or equal to the
97 channel's maximum privilege. If the channel has a session and authenticates
98 users, the privilege must be less than or equal to the channel's maximum
99 privilege and the user's maximum privilege.
102 function. If the requested privilege is less than or equal to the required
[all …]
H A Duser-management.md58 OpenBMC supports privilege roles which are common across all the supported
59 groups (i.e. User will have same privilege for REDFISH / Webserver / IPMI / SSH
60 / HostConsole). User can belong to any one of the following privilege roles at
71 | 4 | no-access | Users having empty or no privilege will be reported as no-access, from…
93 …*********|********************| V ^ || allowed privilege on ||
429 |privilege as the privilege |
451 the OpenBMC privilege roles. The preferred way is to group LDAP user accounts
452 into LDAP groups. D-Bus API is provided for the user to assign privilege role to
457 This section explains how the privilege roles of the user accounts are consumed
458 by the webserver interface. The privilege role is a property of the user D-Bus
[all …]
/openbmc/u-boot/doc/
H A DREADME.fsl-trustzone-components7 privilege mode), but still some configurations of these peripherals
8 might be required while the bootloader is executing in EL3 privilege
/openbmc/docs/designs/
H A Dredfish-authorization.md21 The Redfish authorization model consists of the privilege model and the
22 operation-to-privilege mapping.
24 In the privilege model, there are fixed set of standard Redfish roles and each
30 The operation-to-privilege mapping is defined for every resource type and
35 official registry collection as a base operation-to-privilege mapping. It also
42 resource only requires the `Login` privilege. On the other hand, the same peer
44 POST operation on certificates requires `ConfigureManager` privilege that the
53 1. <https://redfish.dmtf.org/schemas/DSP0266_1.15.1.html#privilege-model>
54 2. <https://redfish.dmtf.org/schemas/DSP0266_1.15.1.html#redfish-service-operation-to-privilege-map…
137 5. the operation-to-privilege mapping
[all …]
/openbmc/openbmc/meta-openembedded/meta-gnome/recipes-extended/gparted/files/
H A D0001-Install-polkit-action-unconditionally-executable-pke.patch22 dnl Find graphical privilege escalation program
43 dnl Check for alternative graphical privilege escalation programs.

1234