1description: >
2    Provides user management functionality. As communication to this service is
3    done through authenticated & authorized session, there won't be any
4    validation for both.
5
6methods:
7    - name: CreateUser
8      description: >
9          Creates a new user. If the user already exists, then it will throw an
10          error.
11      parameters:
12          - name: UserName
13            type: string
14            description: >
15                User name which has to be created.
16          - name: GroupNames
17            type: array[string]
18            description: >
19                List of groups to which the user has to be added.
20          - name: Privilege
21            type: string
22            description: >
23                Privilege of the user to be added.
24          - name: Enabled
25            type: boolean
26            description: >
27                User enabled / disabled.
28      errors:
29          - xyz.openbmc_project.Common.Error.InternalFailure
30          - xyz.openbmc_project.Common.Error.InsufficientPermission
31          - xyz.openbmc_project.Common.Error.InvalidArgument
32          - xyz.openbmc_project.User.Common.Error.UserNameExists
33          - xyz.openbmc_project.User.Common.Error.UserNameGroupFail
34          - xyz.openbmc_project.User.Common.Error.UserNamePrivFail
35          - xyz.openbmc_project.User.Common.Error.NoResource
36
37    - name: RenameUser
38      description: >
39          Rename's existing user to new one. All other properties of the user
40          will remain same.
41      parameters:
42          - name: UserName
43            type: string
44            description: >
45                User name which has to be updated.
46          - name: NewUserName
47            type: string
48            description: >
49                New User name to which user has to be updated.
50      errors:
51          - xyz.openbmc_project.Common.Error.InternalFailure
52          - xyz.openbmc_project.Common.Error.InsufficientPermission
53          - xyz.openbmc_project.Common.Error.InvalidArgument
54          - xyz.openbmc_project.User.Common.Error.UserNameDoesNotExist
55          - xyz.openbmc_project.User.Common.Error.UserNameExists
56          - xyz.openbmc_project.User.Common.Error.UserNameGroupFail
57          - xyz.openbmc_project.User.Common.Error.UserNamePrivFail
58          - xyz.openbmc_project.User.Common.Error.NoResource
59
60    - name: GetUserInfo
61      description: >
62          Get user properties. If its local user, method returns
63             -user privilege
64             -user groups
65             -user enabled state
66             -user locked state
67             -user password expired state
68             -remote user flag
69          If its ldap user, method returns
70             -user privilege
71             -remote user flag
72      parameters:
73          - name: UserName
74            type: string
75            description: >
76                User name whose properties have to be returned.
77      returns:
78          - name: UserInfo
79            type: dict[string,variant[string,array[string],boolean]]
80            description: >
81                Dictionary of user properties. List of key name and data type of
82                properties below. UserPrivilege -> privilege of the user(string)
83                UserGroups    -> list of groups user belongs to(array[string])
84                UserEnabled   -> user enabled state(boolean)
85                UserLockedForFailedAttempt -> user locked state(boolean)
86                UserPasswordExpired -> user password expired(boolean)
87                RemoteUser    ->  remote or local user(boolean)
88
89                For detailed documentation of user properties refer
90                Attributes.interface.yaml examples:
91                    1.UserInfo["RemoteUser"] returns true for ldap user
92                    and false for local user.
93                    2.UserInfo["UserGroups"] gets list of groups of user.
94      errors:
95          - xyz.openbmc_project.Common.Error.InternalFailure
96          - xyz.openbmc_project.Common.Error.InsufficientPermission
97          - xyz.openbmc_project.Common.Error.InvalidArgument
98          - xyz.openbmc_project.User.Common.Error.UserNameDoesNotExist
99
100    - name: CreateGroup
101      description: >
102          Creates a new groups. If the group already exists, or the group name
103          is not allowed to be created, it throws an error.
104      parameters:
105          - name: GroupName
106            type: string
107            description: >
108                The group to be added to the system.
109      errors:
110          - xyz.openbmc_project.Common.Error.InternalFailure
111          - xyz.openbmc_project.Common.Error.InvalidArgument
112          - xyz.openbmc_project.User.Common.Error.GroupNameExists
113
114    - name: DeleteGroup
115      description: >
116          Deletes an existing groups. If the group doesn't exists, or the group
117          name is not allowed to be deleted, it throws an error.
118      parameters:
119          - name: GroupName
120            type: string
121            description: >
122                The group to be deleted from the system.
123      errors:
124          - xyz.openbmc_project.Common.Error.InternalFailure
125          - xyz.openbmc_project.Common.Error.InvalidArgument
126          - xyz.openbmc_project.User.Common.Error.GroupNameDoesNotExist
127
128properties:
129    - name: AllPrivileges
130      type: array[string]
131      flags:
132          - const
133      description: >
134          Lists all available user privileges in the system.
135
136    - name: AllGroups
137      type: array[string]
138      flags:
139          - const
140      description: >
141          Lists all available groups in the system.
142
143signals:
144    - name: UserRenamed
145      description: >
146          Signal indicating user's name is updated.
147      properties:
148          - name: UserName
149            type: string
150            description: Name of the user which got renamed.
151          - name: NewUserName
152            type: string
153            description: New name of the user.
154