1description: > 2 Provides user management functionality. 3 As communication to this service is done through authenticated 4 & authorized session, there won't be any validation for both. 5 6methods: 7 - name: CreateUser 8 description: > 9 Creates a new user. If the user already exists, then it will throw 10 an error. 11 parameters: 12 - name: UserName 13 type: string 14 description: > 15 User name which has to be created. 16 - name: GroupNames 17 type: array[string] 18 description: > 19 List of groups to which the user has to be added. 20 - name: Privilege 21 type: string 22 description: > 23 Privilege of the user to be added. 24 - name: Enabled 25 type: boolean 26 description: > 27 User enabled / disabled. 28 errors: 29 - xyz.openbmc_project.Common.Error.InternalFailure 30 - xyz.openbmc_project.Common.Error.InsufficientPermission 31 - xyz.openbmc_project.Common.Error.InvalidArgument 32 - xyz.openbmc_project.User.Common.Error.UserNameExists 33 - xyz.openbmc_project.User.Common.Error.UserNameGroupFail 34 - xyz.openbmc_project.User.Common.Error.UserNamePrivFail 35 - xyz.openbmc_project.User.Common.Error.NoResource 36 37 - name: RenameUser 38 description: > 39 Rename's existing user to new one. All other properties of the 40 user will remain same. 41 parameters: 42 - name: UserName 43 type: string 44 description: > 45 User name which has to be updated. 46 - name: NewUserName 47 type: string 48 description: > 49 New User name to which user has to be updated. 50 errors: 51 - xyz.openbmc_project.Common.Error.InternalFailure 52 - xyz.openbmc_project.Common.Error.InsufficientPermission 53 - xyz.openbmc_project.Common.Error.InvalidArgument 54 - xyz.openbmc_project.User.Common.Error.UserNameDoesNotExist 55 - xyz.openbmc_project.User.Common.Error.UserNameExists 56 - xyz.openbmc_project.User.Common.Error.UserNameGroupFail 57 - xyz.openbmc_project.User.Common.Error.UserNamePrivFail 58 - xyz.openbmc_project.User.Common.Error.NoResource 59 60 - name: GetUserInfo 61 description: > 62 Get user properites. 63 If its local user, method returns 64 -user privilege 65 -user groups 66 -user enabled state 67 -user locked state 68 -user password expired state 69 -remote user flag 70 If its ldap user, method returns 71 -user privilege 72 -remote user flag 73 parameters: 74 - name: UserName 75 type: string 76 description: > 77 User name whose properties have to be returned. 78 returns: 79 - name: UserInfo 80 type: dict[string,variant[string,array[string],boolean]] 81 description: > 82 Dictionary of user properties. 83 List of key name and data type of properties below. 84 UserPrivilege -> privilege of the user(string) 85 UserGroups -> list of groups user belongs to(array[string]) 86 UserEnabled -> user enabled state(boolean) 87 UserLockedForFailedAttempt -> user locked state(boolean) 88 UserPasswordExpired -> user password expired(boolean) 89 RemoteUser -> remote or local user(boolean) 90 91 For detailed documentation of user properties refer 92 Attributes.interface.yaml 93 examples: 94 1.UserInfo["RemoteUser"] returns true for ldap user 95 and false for local user. 96 2.UserInfo["UserGroups"] gets list of groups of user. 97 errors: 98 - xyz.openbmc_project.Common.Error.InternalFailure 99 - xyz.openbmc_project.Common.Error.InsufficientPermission 100 - xyz.openbmc_project.Common.Error.InvalidArgument 101 - xyz.openbmc_project.User.Common.Error.UserNameDoesNotExist 102 103properties: 104 - name: AllPrivileges 105 type: array[string] 106 flags: 107 - const 108 description: > 109 Lists all available user privileges in the system. 110 111 - name: AllGroups 112 type: array[string] 113 flags: 114 - const 115 description: > 116 Lists all available groups in the system. 117 118signals: 119 - name: UserRenamed 120 description: > 121 Signal indicating user's name is updated. 122 properties: 123 - name: UserName 124 type: string 125 description: Name of the user which got renamed. 126 - name: NewUserName 127 type: string 128 description: New name of the user. 129