1*37fb3feeSRatan Gupta #pragma once 2*37fb3feeSRatan Gupta 3*37fb3feeSRatan Gupta #include "config.h" 4*37fb3feeSRatan Gupta #include <xyz/openbmc_project/Object/Delete/server.hpp> 5*37fb3feeSRatan Gupta #include <xyz/openbmc_project/Object/Enable/server.hpp> 6*37fb3feeSRatan Gupta #include <xyz/openbmc_project/User/Ldap/Create/server.hpp> 7*37fb3feeSRatan Gupta #include <xyz/openbmc_project/User/Ldap/Config/server.hpp> 8*37fb3feeSRatan Gupta #include <xyz/openbmc_project/Common/error.hpp> 9*37fb3feeSRatan Gupta #include <phosphor-logging/log.hpp> 10*37fb3feeSRatan Gupta #include <phosphor-logging/elog.hpp> 11*37fb3feeSRatan Gupta #include <phosphor-logging/elog-errors.hpp> 12*37fb3feeSRatan Gupta #include <sdbusplus/bus.hpp> 13*37fb3feeSRatan Gupta #include <sdbusplus/server/object.hpp> 14*37fb3feeSRatan Gupta #include <string> 15*37fb3feeSRatan Gupta 16*37fb3feeSRatan Gupta namespace phosphor 17*37fb3feeSRatan Gupta { 18*37fb3feeSRatan Gupta namespace ldap 19*37fb3feeSRatan Gupta { 20*37fb3feeSRatan Gupta 21*37fb3feeSRatan Gupta using namespace phosphor::logging; 22*37fb3feeSRatan Gupta using namespace sdbusplus::xyz::openbmc_project::Common::Error; 23*37fb3feeSRatan Gupta using ConfigIface = sdbusplus::xyz::openbmc_project::User::Ldap::server::Config; 24*37fb3feeSRatan Gupta using EnableIface = sdbusplus::xyz::openbmc_project::Object::server::Enable; 25*37fb3feeSRatan Gupta using DeleteIface = sdbusplus::xyz::openbmc_project::Object::server::Delete; 26*37fb3feeSRatan Gupta using Ifaces = 27*37fb3feeSRatan Gupta sdbusplus::server::object::object<ConfigIface, EnableIface, DeleteIface>; 28*37fb3feeSRatan Gupta using CreateIface = sdbusplus::server::object::object< 29*37fb3feeSRatan Gupta sdbusplus::xyz::openbmc_project::User::Ldap::server::Create>; 30*37fb3feeSRatan Gupta 31*37fb3feeSRatan Gupta class ConfigMgr; 32*37fb3feeSRatan Gupta class MockConfigMgr; 33*37fb3feeSRatan Gupta 34*37fb3feeSRatan Gupta /** @class Config 35*37fb3feeSRatan Gupta * @brief Configuration for LDAP. 36*37fb3feeSRatan Gupta * @details concrete implementation of xyz.openbmc_project.User.Ldap.Config 37*37fb3feeSRatan Gupta * API, in order to provide LDAP configuration. 38*37fb3feeSRatan Gupta */ 39*37fb3feeSRatan Gupta class Config : public Ifaces 40*37fb3feeSRatan Gupta { 41*37fb3feeSRatan Gupta public: 42*37fb3feeSRatan Gupta Config() = delete; 43*37fb3feeSRatan Gupta ~Config() = default; 44*37fb3feeSRatan Gupta Config(const Config&) = delete; 45*37fb3feeSRatan Gupta Config& operator=(const Config&) = delete; 46*37fb3feeSRatan Gupta Config(Config&&) = default; 47*37fb3feeSRatan Gupta Config& operator=(Config&&) = default; 48*37fb3feeSRatan Gupta 49*37fb3feeSRatan Gupta /** @brief Constructor to put object onto bus at a D-Bus path. 50*37fb3feeSRatan Gupta * @param[in] bus - Bus to attach to. 51*37fb3feeSRatan Gupta * @param[in] path - The D-Bus object path to attach at. 52*37fb3feeSRatan Gupta * @param[in] filePath - LDAP configuration file. 53*37fb3feeSRatan Gupta * @param[in] caCertFile - LDAP's CA certificate file. 54*37fb3feeSRatan Gupta * @param[in] secureLDAP - Specifies whether to use SSL or not. 55*37fb3feeSRatan Gupta * @param[in] lDAPServerURI - LDAP URI of the server. 56*37fb3feeSRatan Gupta * @param[in] lDAPBindDN - distinguished name with which to bind. 57*37fb3feeSRatan Gupta * @param[in] lDAPBaseDN - distinguished name to use as search base. 58*37fb3feeSRatan Gupta * @param[in] lDAPBindDNPassword - credentials with which to bind. 59*37fb3feeSRatan Gupta * @param[in] lDAPSearchScope - the search scope. 60*37fb3feeSRatan Gupta * @param[in] lDAPType - Specifies the LDAP server type which can be AD 61*37fb3feeSRatan Gupta * or openLDAP. 62*37fb3feeSRatan Gupta * @param[in] lDAPServiceEnabled - Specifies whether the service would be 63*37fb3feeSRatan Gupta * enabled or not. 64*37fb3feeSRatan Gupta * @param[in] groupNameAttribute - Specifies attribute name that contains 65*37fb3feeSRatan Gupta * the name of the Group in the LDAP server. 66*37fb3feeSRatan Gupta * @param[in] userNameAttribute - Specifies attribute name that contains 67*37fb3feeSRatan Gupta * the username in the LDAP server. 68*37fb3feeSRatan Gupta * 69*37fb3feeSRatan Gupta * @param[in] parent - parent of config object. 70*37fb3feeSRatan Gupta */ 71*37fb3feeSRatan Gupta 72*37fb3feeSRatan Gupta Config(sdbusplus::bus::bus& bus, const char* path, const char* filePath, 73*37fb3feeSRatan Gupta const char* caCertFile, bool secureLDAP, std::string lDAPServerURI, 74*37fb3feeSRatan Gupta std::string lDAPBindDN, std::string lDAPBaseDN, 75*37fb3feeSRatan Gupta std::string&& lDAPBindDNPassword, 76*37fb3feeSRatan Gupta ConfigIface::SearchScope lDAPSearchScope, ConfigIface::Type lDAPType, 77*37fb3feeSRatan Gupta bool lDAPServiceEnabled, std::string groupNameAttribute, 78*37fb3feeSRatan Gupta std::string userNameAttribute, ConfigMgr& parent); 79*37fb3feeSRatan Gupta 80*37fb3feeSRatan Gupta using ConfigIface::groupNameAttribute; 81*37fb3feeSRatan Gupta using ConfigIface::lDAPBaseDN; 82*37fb3feeSRatan Gupta using ConfigIface::lDAPBindDN; 83*37fb3feeSRatan Gupta using ConfigIface::lDAPBindDNPassword; 84*37fb3feeSRatan Gupta using ConfigIface::lDAPSearchScope; 85*37fb3feeSRatan Gupta using ConfigIface::lDAPServerURI; 86*37fb3feeSRatan Gupta using ConfigIface::lDAPType; 87*37fb3feeSRatan Gupta using ConfigIface::setPropertyByName; 88*37fb3feeSRatan Gupta using ConfigIface::userNameAttribute; 89*37fb3feeSRatan Gupta using EnableIface::enabled; 90*37fb3feeSRatan Gupta 91*37fb3feeSRatan Gupta /** @brief Update the Server URI property. 92*37fb3feeSRatan Gupta * @param[in] value - lDAPServerURI value to be updated. 93*37fb3feeSRatan Gupta * @returns value of changed lDAPServerURI. 94*37fb3feeSRatan Gupta */ 95*37fb3feeSRatan Gupta std::string lDAPServerURI(std::string value) override; 96*37fb3feeSRatan Gupta 97*37fb3feeSRatan Gupta /** @brief Update the BindDN property. 98*37fb3feeSRatan Gupta * @param[in] value - lDAPBindDN value to be updated. 99*37fb3feeSRatan Gupta * @returns value of changed lDAPBindDN. 100*37fb3feeSRatan Gupta */ 101*37fb3feeSRatan Gupta std::string lDAPBindDN(std::string value) override; 102*37fb3feeSRatan Gupta 103*37fb3feeSRatan Gupta /** @brief Update the BaseDN property. 104*37fb3feeSRatan Gupta * @param[in] value - lDAPBaseDN value to be updated. 105*37fb3feeSRatan Gupta * @returns value of changed lDAPBaseDN. 106*37fb3feeSRatan Gupta */ 107*37fb3feeSRatan Gupta std::string lDAPBaseDN(std::string value) override; 108*37fb3feeSRatan Gupta 109*37fb3feeSRatan Gupta /** @brief Update the Search scope property. 110*37fb3feeSRatan Gupta * @param[in] value - lDAPSearchScope value to be updated. 111*37fb3feeSRatan Gupta * @returns value of changed lDAPSearchScope. 112*37fb3feeSRatan Gupta */ 113*37fb3feeSRatan Gupta ConfigIface::SearchScope 114*37fb3feeSRatan Gupta lDAPSearchScope(ConfigIface::SearchScope value) override; 115*37fb3feeSRatan Gupta 116*37fb3feeSRatan Gupta /** @brief Update the LDAP Type property. 117*37fb3feeSRatan Gupta * @param[in] value - lDAPType value to be updated. 118*37fb3feeSRatan Gupta * @returns value of changed lDAPType. 119*37fb3feeSRatan Gupta */ 120*37fb3feeSRatan Gupta ConfigIface::Type lDAPType(ConfigIface::Type value) override; 121*37fb3feeSRatan Gupta 122*37fb3feeSRatan Gupta /** @brief Update the ldapServiceEnabled property. 123*37fb3feeSRatan Gupta * @param[in] value - ldapServiceEnabled value to be updated. 124*37fb3feeSRatan Gupta * @returns value of changed ldapServiceEnabled. 125*37fb3feeSRatan Gupta */ 126*37fb3feeSRatan Gupta bool enabled(bool value) override; 127*37fb3feeSRatan Gupta 128*37fb3feeSRatan Gupta /** @brief Update the userNameAttribute property. 129*37fb3feeSRatan Gupta * @param[in] value - userNameAttribute value to be updated. 130*37fb3feeSRatan Gupta * @returns value of changed userNameAttribute. 131*37fb3feeSRatan Gupta */ 132*37fb3feeSRatan Gupta std::string userNameAttribute(std::string value) override; 133*37fb3feeSRatan Gupta 134*37fb3feeSRatan Gupta /** @brief Update the groupNameAttribute property. 135*37fb3feeSRatan Gupta * @param[in] value - groupNameAttribute value to be updated. 136*37fb3feeSRatan Gupta * @returns value of changed groupNameAttribute. 137*37fb3feeSRatan Gupta */ 138*37fb3feeSRatan Gupta std::string groupNameAttribute(std::string value) override; 139*37fb3feeSRatan Gupta 140*37fb3feeSRatan Gupta /** @brief Update the BindDNPasword property. 141*37fb3feeSRatan Gupta * @param[in] value - lDAPBindDNPassword value to be updated. 142*37fb3feeSRatan Gupta * @returns value of changed lDAPBindDNPassword. 143*37fb3feeSRatan Gupta */ 144*37fb3feeSRatan Gupta std::string lDAPBindDNPassword(std::string value) override; 145*37fb3feeSRatan Gupta 146*37fb3feeSRatan Gupta /** @brief Delete this D-bus object. 147*37fb3feeSRatan Gupta */ 148*37fb3feeSRatan Gupta void delete_() override; 149*37fb3feeSRatan Gupta 150*37fb3feeSRatan Gupta bool secureLDAP; 151*37fb3feeSRatan Gupta 152*37fb3feeSRatan Gupta private: 153*37fb3feeSRatan Gupta std::string lDAPBindPassword{}; 154*37fb3feeSRatan Gupta std::string configFilePath{}; 155*37fb3feeSRatan Gupta std::string tlsCacertFile{}; 156*37fb3feeSRatan Gupta 157*37fb3feeSRatan Gupta /** @brief Persistent sdbusplus D-Bus bus connection. */ 158*37fb3feeSRatan Gupta sdbusplus::bus::bus& bus; 159*37fb3feeSRatan Gupta 160*37fb3feeSRatan Gupta /** @brief Create a new LDAP config file. 161*37fb3feeSRatan Gupta */ 162*37fb3feeSRatan Gupta virtual void writeConfig(); 163*37fb3feeSRatan Gupta 164*37fb3feeSRatan Gupta /** @brief reference to config manager object */ 165*37fb3feeSRatan Gupta ConfigMgr& parent; 166*37fb3feeSRatan Gupta 167*37fb3feeSRatan Gupta friend class MockConfigMgr; 168*37fb3feeSRatan Gupta }; 169*37fb3feeSRatan Gupta 170*37fb3feeSRatan Gupta } // namespace ldap 171*37fb3feeSRatan Gupta } // namespace phosphor 172