137fb3feeSRatan Gupta #pragma once 237fb3feeSRatan Gupta 337fb3feeSRatan Gupta #include "config.h" 437fb3feeSRatan Gupta #include <xyz/openbmc_project/Object/Enable/server.hpp> 537fb3feeSRatan Gupta #include <xyz/openbmc_project/User/Ldap/Create/server.hpp> 637fb3feeSRatan Gupta #include <xyz/openbmc_project/User/Ldap/Config/server.hpp> 737fb3feeSRatan Gupta #include <xyz/openbmc_project/Common/error.hpp> 837fb3feeSRatan Gupta #include <phosphor-logging/log.hpp> 937fb3feeSRatan Gupta #include <phosphor-logging/elog.hpp> 1037fb3feeSRatan Gupta #include <phosphor-logging/elog-errors.hpp> 1137fb3feeSRatan Gupta #include <sdbusplus/bus.hpp> 1237fb3feeSRatan Gupta #include <sdbusplus/server/object.hpp> 1337fb3feeSRatan Gupta #include <string> 14*21e88cb5SRatan Gupta #include <filesystem> 1537fb3feeSRatan Gupta 1637fb3feeSRatan Gupta namespace phosphor 1737fb3feeSRatan Gupta { 1837fb3feeSRatan Gupta namespace ldap 1937fb3feeSRatan Gupta { 2037fb3feeSRatan Gupta 2137fb3feeSRatan Gupta using namespace phosphor::logging; 2237fb3feeSRatan Gupta using namespace sdbusplus::xyz::openbmc_project::Common::Error; 2337fb3feeSRatan Gupta using ConfigIface = sdbusplus::xyz::openbmc_project::User::Ldap::server::Config; 2437fb3feeSRatan Gupta using EnableIface = sdbusplus::xyz::openbmc_project::Object::server::Enable; 2525b9c904SRatan Gupta using Ifaces = sdbusplus::server::object::object<ConfigIface, EnableIface>; 2637fb3feeSRatan Gupta using CreateIface = sdbusplus::server::object::object< 2737fb3feeSRatan Gupta sdbusplus::xyz::openbmc_project::User::Ldap::server::Create>; 28*21e88cb5SRatan Gupta namespace fs = std::filesystem; 2937fb3feeSRatan Gupta class ConfigMgr; 3037fb3feeSRatan Gupta class MockConfigMgr; 3137fb3feeSRatan Gupta 3237fb3feeSRatan Gupta /** @class Config 3337fb3feeSRatan Gupta * @brief Configuration for LDAP. 3437fb3feeSRatan Gupta * @details concrete implementation of xyz.openbmc_project.User.Ldap.Config 3537fb3feeSRatan Gupta * API, in order to provide LDAP configuration. 3637fb3feeSRatan Gupta */ 3737fb3feeSRatan Gupta class Config : public Ifaces 3837fb3feeSRatan Gupta { 3937fb3feeSRatan Gupta public: 4037fb3feeSRatan Gupta Config() = delete; 4137fb3feeSRatan Gupta ~Config() = default; 4237fb3feeSRatan Gupta Config(const Config&) = delete; 4337fb3feeSRatan Gupta Config& operator=(const Config&) = delete; 4437fb3feeSRatan Gupta Config(Config&&) = default; 4537fb3feeSRatan Gupta Config& operator=(Config&&) = default; 4637fb3feeSRatan Gupta 4737fb3feeSRatan Gupta /** @brief Constructor to put object onto bus at a D-Bus path. 4837fb3feeSRatan Gupta * @param[in] bus - Bus to attach to. 4937fb3feeSRatan Gupta * @param[in] path - The D-Bus object path to attach at. 5037fb3feeSRatan Gupta * @param[in] filePath - LDAP configuration file. 5137fb3feeSRatan Gupta * @param[in] caCertFile - LDAP's CA certificate file. 5237fb3feeSRatan Gupta * @param[in] secureLDAP - Specifies whether to use SSL or not. 5337fb3feeSRatan Gupta * @param[in] lDAPServerURI - LDAP URI of the server. 5437fb3feeSRatan Gupta * @param[in] lDAPBindDN - distinguished name with which to bind. 5537fb3feeSRatan Gupta * @param[in] lDAPBaseDN - distinguished name to use as search base. 5637fb3feeSRatan Gupta * @param[in] lDAPBindDNPassword - credentials with which to bind. 5737fb3feeSRatan Gupta * @param[in] lDAPSearchScope - the search scope. 5837fb3feeSRatan Gupta * @param[in] lDAPType - Specifies the LDAP server type which can be AD 5937fb3feeSRatan Gupta * or openLDAP. 6037fb3feeSRatan Gupta * @param[in] lDAPServiceEnabled - Specifies whether the service would be 6137fb3feeSRatan Gupta * enabled or not. 6237fb3feeSRatan Gupta * @param[in] groupNameAttribute - Specifies attribute name that contains 6337fb3feeSRatan Gupta * the name of the Group in the LDAP server. 6437fb3feeSRatan Gupta * @param[in] userNameAttribute - Specifies attribute name that contains 6537fb3feeSRatan Gupta * the username in the LDAP server. 6637fb3feeSRatan Gupta * 6737fb3feeSRatan Gupta * @param[in] parent - parent of config object. 6837fb3feeSRatan Gupta */ 6937fb3feeSRatan Gupta 7037fb3feeSRatan Gupta Config(sdbusplus::bus::bus& bus, const char* path, const char* filePath, 7137fb3feeSRatan Gupta const char* caCertFile, bool secureLDAP, std::string lDAPServerURI, 7237fb3feeSRatan Gupta std::string lDAPBindDN, std::string lDAPBaseDN, 7337fb3feeSRatan Gupta std::string&& lDAPBindDNPassword, 7437fb3feeSRatan Gupta ConfigIface::SearchScope lDAPSearchScope, ConfigIface::Type lDAPType, 7537fb3feeSRatan Gupta bool lDAPServiceEnabled, std::string groupNameAttribute, 7637fb3feeSRatan Gupta std::string userNameAttribute, ConfigMgr& parent); 7737fb3feeSRatan Gupta 78*21e88cb5SRatan Gupta /** @brief Constructor to put object onto bus at a D-Bus path. 79*21e88cb5SRatan Gupta * @param[in] bus - Bus to attach to. 80*21e88cb5SRatan Gupta * @param[in] path - The D-Bus object path to attach at. 81*21e88cb5SRatan Gupta * @param[in] filePath - LDAP configuration file. 82*21e88cb5SRatan Gupta * @param[in] lDAPType - Specifies the LDAP server type which can be AD 83*21e88cb5SRatan Gupta * or openLDAP. 84*21e88cb5SRatan Gupta * @param[in] parent - parent of config object. 85*21e88cb5SRatan Gupta */ 86*21e88cb5SRatan Gupta Config(sdbusplus::bus::bus& bus, const char* path, const char* filePath, 87*21e88cb5SRatan Gupta const char* caCertFile, ConfigIface::Type lDAPType, 88*21e88cb5SRatan Gupta ConfigMgr& parent); 89*21e88cb5SRatan Gupta 9037fb3feeSRatan Gupta using ConfigIface::groupNameAttribute; 9137fb3feeSRatan Gupta using ConfigIface::lDAPBaseDN; 9237fb3feeSRatan Gupta using ConfigIface::lDAPBindDN; 9337fb3feeSRatan Gupta using ConfigIface::lDAPBindDNPassword; 9437fb3feeSRatan Gupta using ConfigIface::lDAPSearchScope; 9537fb3feeSRatan Gupta using ConfigIface::lDAPServerURI; 9637fb3feeSRatan Gupta using ConfigIface::lDAPType; 9737fb3feeSRatan Gupta using ConfigIface::setPropertyByName; 9837fb3feeSRatan Gupta using ConfigIface::userNameAttribute; 9937fb3feeSRatan Gupta using EnableIface::enabled; 10037fb3feeSRatan Gupta 10137fb3feeSRatan Gupta /** @brief Update the Server URI property. 10237fb3feeSRatan Gupta * @param[in] value - lDAPServerURI value to be updated. 10337fb3feeSRatan Gupta * @returns value of changed lDAPServerURI. 10437fb3feeSRatan Gupta */ 10537fb3feeSRatan Gupta std::string lDAPServerURI(std::string value) override; 10637fb3feeSRatan Gupta 10737fb3feeSRatan Gupta /** @brief Update the BindDN property. 10837fb3feeSRatan Gupta * @param[in] value - lDAPBindDN value to be updated. 10937fb3feeSRatan Gupta * @returns value of changed lDAPBindDN. 11037fb3feeSRatan Gupta */ 11137fb3feeSRatan Gupta std::string lDAPBindDN(std::string value) override; 11237fb3feeSRatan Gupta 11337fb3feeSRatan Gupta /** @brief Update the BaseDN property. 11437fb3feeSRatan Gupta * @param[in] value - lDAPBaseDN value to be updated. 11537fb3feeSRatan Gupta * @returns value of changed lDAPBaseDN. 11637fb3feeSRatan Gupta */ 11737fb3feeSRatan Gupta std::string lDAPBaseDN(std::string value) override; 11837fb3feeSRatan Gupta 11937fb3feeSRatan Gupta /** @brief Update the Search scope property. 12037fb3feeSRatan Gupta * @param[in] value - lDAPSearchScope value to be updated. 12137fb3feeSRatan Gupta * @returns value of changed lDAPSearchScope. 12237fb3feeSRatan Gupta */ 12337fb3feeSRatan Gupta ConfigIface::SearchScope 12437fb3feeSRatan Gupta lDAPSearchScope(ConfigIface::SearchScope value) override; 12537fb3feeSRatan Gupta 12637fb3feeSRatan Gupta /** @brief Update the LDAP Type property. 12737fb3feeSRatan Gupta * @param[in] value - lDAPType value to be updated. 12837fb3feeSRatan Gupta * @returns value of changed lDAPType. 12937fb3feeSRatan Gupta */ 13037fb3feeSRatan Gupta ConfigIface::Type lDAPType(ConfigIface::Type value) override; 13137fb3feeSRatan Gupta 13237fb3feeSRatan Gupta /** @brief Update the ldapServiceEnabled property. 13337fb3feeSRatan Gupta * @param[in] value - ldapServiceEnabled value to be updated. 13437fb3feeSRatan Gupta * @returns value of changed ldapServiceEnabled. 13537fb3feeSRatan Gupta */ 13637fb3feeSRatan Gupta bool enabled(bool value) override; 13737fb3feeSRatan Gupta 13837fb3feeSRatan Gupta /** @brief Update the userNameAttribute property. 13937fb3feeSRatan Gupta * @param[in] value - userNameAttribute value to be updated. 14037fb3feeSRatan Gupta * @returns value of changed userNameAttribute. 14137fb3feeSRatan Gupta */ 14237fb3feeSRatan Gupta std::string userNameAttribute(std::string value) override; 14337fb3feeSRatan Gupta 14437fb3feeSRatan Gupta /** @brief Update the groupNameAttribute property. 14537fb3feeSRatan Gupta * @param[in] value - groupNameAttribute value to be updated. 14637fb3feeSRatan Gupta * @returns value of changed groupNameAttribute. 14737fb3feeSRatan Gupta */ 14837fb3feeSRatan Gupta std::string groupNameAttribute(std::string value) override; 14937fb3feeSRatan Gupta 15037fb3feeSRatan Gupta /** @brief Update the BindDNPasword property. 15137fb3feeSRatan Gupta * @param[in] value - lDAPBindDNPassword value to be updated. 15237fb3feeSRatan Gupta * @returns value of changed lDAPBindDNPassword. 15337fb3feeSRatan Gupta */ 15437fb3feeSRatan Gupta std::string lDAPBindDNPassword(std::string value) override; 15537fb3feeSRatan Gupta 156*21e88cb5SRatan Gupta /** @brief Function required by Cereal to perform deserialization. 157*21e88cb5SRatan Gupta * @tparam Archive - Cereal archive type (binary in our case). 158*21e88cb5SRatan Gupta * @param[in] archive - reference to Cereal archive. 159*21e88cb5SRatan Gupta * @param[in] version - Class version that enables handling 160*21e88cb5SRatan Gupta * a serialized data across code levels 161*21e88cb5SRatan Gupta */ 162*21e88cb5SRatan Gupta template <class Archive> 163*21e88cb5SRatan Gupta void load(Archive& archive, const std::uint32_t version); 164*21e88cb5SRatan Gupta 165*21e88cb5SRatan Gupta /** @brief Function required by Cereal to perform serialization. 166*21e88cb5SRatan Gupta * @tparam Archive - Cereal archive type (binary in our case). 167*21e88cb5SRatan Gupta * @param[in] archive - reference to Cereal archive. 168*21e88cb5SRatan Gupta * @param[in] version - Class version that enables handling 169*21e88cb5SRatan Gupta * a serialized data across code levels 170*21e88cb5SRatan Gupta */ 171*21e88cb5SRatan Gupta template <class Archive> 172*21e88cb5SRatan Gupta void save(Archive& archive, const std::uint32_t version) const; 173*21e88cb5SRatan Gupta 174*21e88cb5SRatan Gupta /** @brief Serialize and persist this object at the persist 175*21e88cb5SRatan Gupta * location. 176*21e88cb5SRatan Gupta */ 177*21e88cb5SRatan Gupta void serialize(); 178*21e88cb5SRatan Gupta 179*21e88cb5SRatan Gupta /** @brief Deserialize LDAP config data from the persistent location 180*21e88cb5SRatan Gupta * into this object 181*21e88cb5SRatan Gupta * @return bool - true if the deserialization was successful, false 182*21e88cb5SRatan Gupta * otherwise. 183*21e88cb5SRatan Gupta */ 184*21e88cb5SRatan Gupta bool deserialize(); 18537fb3feeSRatan Gupta 18637fb3feeSRatan Gupta private: 187*21e88cb5SRatan Gupta bool secureLDAP; 18837fb3feeSRatan Gupta std::string lDAPBindPassword{}; 18937fb3feeSRatan Gupta std::string tlsCacertFile{}; 190*21e88cb5SRatan Gupta std::string configFilePath{}; 191*21e88cb5SRatan Gupta std::string objectPath{}; 192*21e88cb5SRatan Gupta std::filesystem::path configPersistPath{}; 19337fb3feeSRatan Gupta 19437fb3feeSRatan Gupta /** @brief Persistent sdbusplus D-Bus bus connection. */ 19537fb3feeSRatan Gupta sdbusplus::bus::bus& bus; 19637fb3feeSRatan Gupta 19737fb3feeSRatan Gupta /** @brief Create a new LDAP config file. 19837fb3feeSRatan Gupta */ 19937fb3feeSRatan Gupta virtual void writeConfig(); 20037fb3feeSRatan Gupta 20137fb3feeSRatan Gupta /** @brief reference to config manager object */ 20237fb3feeSRatan Gupta ConfigMgr& parent; 20337fb3feeSRatan Gupta 20437fb3feeSRatan Gupta friend class MockConfigMgr; 20537fb3feeSRatan Gupta }; 20637fb3feeSRatan Gupta 20737fb3feeSRatan Gupta } // namespace ldap 20837fb3feeSRatan Gupta } // namespace phosphor 209