1description: > 2 Provides user management functionality. As communication to this service is 3 done through authenticated & authorized session, there won't be any 4 validation for both. 5 6methods: 7 - name: CreateUser 8 description: > 9 Creates a new user. If the user already exists, then it will throw an 10 error. 11 parameters: 12 - name: UserName 13 type: string 14 description: > 15 User name which has to be created. 16 - name: GroupNames 17 type: array[string] 18 description: > 19 List of groups to which the user has to be added. 20 - name: Privilege 21 type: string 22 description: > 23 Privilege of the user to be added. 24 - name: Enabled 25 type: boolean 26 description: > 27 User enabled / disabled. 28 errors: 29 - xyz.openbmc_project.Common.Error.InternalFailure 30 - xyz.openbmc_project.Common.Error.InsufficientPermission 31 - xyz.openbmc_project.Common.Error.InvalidArgument 32 - xyz.openbmc_project.User.Common.Error.UserNameExists 33 - xyz.openbmc_project.User.Common.Error.UserNameGroupFail 34 - xyz.openbmc_project.User.Common.Error.UserNamePrivFail 35 - xyz.openbmc_project.User.Common.Error.NoResource 36 37 - name: RenameUser 38 description: > 39 Rename's existing user to new one. All other properties of the user 40 will remain same. 41 parameters: 42 - name: UserName 43 type: string 44 description: > 45 User name which has to be updated. 46 - name: NewUserName 47 type: string 48 description: > 49 New User name to which user has to be updated. 50 errors: 51 - xyz.openbmc_project.Common.Error.InternalFailure 52 - xyz.openbmc_project.Common.Error.InsufficientPermission 53 - xyz.openbmc_project.Common.Error.InvalidArgument 54 - xyz.openbmc_project.User.Common.Error.UserNameDoesNotExist 55 - xyz.openbmc_project.User.Common.Error.UserNameExists 56 - xyz.openbmc_project.User.Common.Error.UserNameGroupFail 57 - xyz.openbmc_project.User.Common.Error.UserNamePrivFail 58 - xyz.openbmc_project.User.Common.Error.NoResource 59 60 - name: GetUserInfo 61 description: > 62 Get user properties. If its local user, method returns 63 -user privilege 64 -user groups 65 -user enabled state 66 -user locked state 67 -user password expired state 68 -remote user flag 69 If its ldap user, method returns 70 -user privilege 71 -remote user flag 72 parameters: 73 - name: UserName 74 type: string 75 description: > 76 User name whose properties have to be returned. 77 returns: 78 - name: UserInfo 79 type: dict[string,variant[string,array[string],boolean]] 80 description: > 81 Dictionary of user properties. List of key name and data type of 82 properties below. UserPrivilege -> privilege of the user(string) 83 UserGroups -> list of groups user belongs to(array[string]) 84 UserEnabled -> user enabled state(boolean) 85 UserLockedForFailedAttempt -> user locked state(boolean) 86 UserPasswordExpired -> user password expired(boolean) 87 RemoteUser -> remote or local user(boolean) 88 TOTPSecretKeyRequired -> TOTP secret key required(boolean) 89 90 For detailed documentation of user properties refer 91 Attributes.interface.yaml examples: 92 1.UserInfo["RemoteUser"] returns true for ldap user 93 and false for local user. 94 2.UserInfo["UserGroups"] gets list of groups of user. 95 errors: 96 - xyz.openbmc_project.Common.Error.InternalFailure 97 - xyz.openbmc_project.Common.Error.InsufficientPermission 98 - xyz.openbmc_project.Common.Error.InvalidArgument 99 - xyz.openbmc_project.User.Common.Error.UserNameDoesNotExist 100 101 - name: CreateGroup 102 description: > 103 Creates a new groups. If the group already exists, or the group name 104 is not allowed to be created, it throws an error. 105 parameters: 106 - name: GroupName 107 type: string 108 description: > 109 The group to be added to the system. 110 errors: 111 - xyz.openbmc_project.Common.Error.InternalFailure 112 - xyz.openbmc_project.Common.Error.InvalidArgument 113 - xyz.openbmc_project.User.Common.Error.GroupNameExists 114 115 - name: DeleteGroup 116 description: > 117 Deletes an existing groups. If the group doesn't exists, or the group 118 name is not allowed to be deleted, it throws an error. 119 parameters: 120 - name: GroupName 121 type: string 122 description: > 123 The group to be deleted from the system. 124 errors: 125 - xyz.openbmc_project.Common.Error.InternalFailure 126 - xyz.openbmc_project.Common.Error.InvalidArgument 127 - xyz.openbmc_project.User.Common.Error.GroupNameDoesNotExist 128 129properties: 130 - name: AllPrivileges 131 type: array[string] 132 flags: 133 - const 134 description: > 135 Lists all available user privileges in the system. 136 137 - name: AllGroups 138 type: array[string] 139 flags: 140 - const 141 description: > 142 Lists all available groups in the system. 143 144signals: 145 - name: UserRenamed 146 description: > 147 Signal indicating user's name is updated. 148 properties: 149 - name: UserName 150 type: string 151 description: Name of the user which got renamed. 152 - name: NewUserName 153 type: string 154 description: New name of the user. 155