1description: >
2    Implement this interface to set the privilege of the user based on the group
3    name. The users in the group will inherit the privilege mapping of the
4    group. The Create method on success creates the object which implements
5    xyz.openbmc_project.User.PrivilegeMapperEntry. For example in the case of
6    LDAP, the object path will be
7    /xyz/openbmc_project/user/ldap/privilege_mapper/<id>. The <id> will be a
8    unique number generated by the application. If the privilege mapping already
9    exists then it throws the exception
10    xyz.openbmc_project.User.Common.Error.PrivilegeMappingExists. To modify the
11    privilege for a mapping which already exists, the Privilege property in the
12    xyz.openbmc_project.User.PrivilegeMapperEntry interface needs to be set. Any
13    application consuming the privilege mapping should not cache the object path
14    and use the GetManagedObjects method on the
15    org.freedesktop.DBus.ObjectManager interface to figure out the D-Bus object
16    path associated with the group name.
17
18methods:
19    - name: Create
20      description: >
21          Creates a mapping for the group to the privilege.
22      parameters:
23          - name: GroupName
24            type: string
25            description: >
26                Group Name to which the privilege is to be assigned. In the case
27                of LDAP, the GroupName will be the LDAP group the user is part
28                of.
29          - name: Privilege
30            type: string
31            description: >
32                The privilege associated with the group. The set of available
33                privileges are xyz.openbmc_project.User.Manager.AllPrivileges.
34                xyz.openbmc_project.Common.Error.InvalidArgument exception will
35                be thrown if the privilege is invalid. Additional documentation
36                on privilege is available here.
37                https://github.com/openbmc/docs/blob/master/architecture/user-management.md
38      returns:
39          - name: Path
40            type: object_path
41            description: >
42                The path for the created privilege mapping object.
43
44      errors:
45          - xyz.openbmc_project.Common.Error.InternalFailure
46          - xyz.openbmc_project.Common.Error.InvalidArgument
47          - xyz.openbmc_project.User.Common.Error.PrivilegeMappingExists
48