1 /* 2 // Copyright (c) 2018 Intel Corporation 3 // 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // 8 // http://www.apache.org/licenses/LICENSE-2.0 9 // 10 // Unless required by applicable law or agreed to in writing, software 11 // distributed under the License is distributed on an "AS IS" BASIS, 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 // See the License for the specific language governing permissions and 14 // limitations under the License. 15 */ 16 #pragma once 17 #include <ipmid/api.h> 18 19 #include <string> 20 21 namespace ipmi 22 { 23 24 // TODO: Has to be replaced with proper channel number assignment logic 25 /** 26 * @enum Channel Id 27 */ 28 enum class EChannelID : uint8_t 29 { 30 chanLan1 = 0x01 31 }; 32 33 static constexpr uint8_t invalidUserId = 0xFF; 34 static constexpr uint8_t reservedUserId = 0x0; 35 static constexpr uint8_t ipmiMaxUserName = 16; 36 static constexpr uint8_t ipmiMaxUsers = 15; 37 static constexpr uint8_t ipmiMaxChannels = 16; 38 static constexpr uint8_t maxIpmi20PasswordSize = 20; 39 static constexpr uint8_t maxIpmi15PasswordSize = 16; 40 41 /** @struct PrivAccess 42 * 43 * User privilege related access data as per IPMI specification.(refer spec 44 * sec 22.26) 45 */ 46 struct PrivAccess 47 { 48 #if BYTE_ORDER == LITTLE_ENDIAN 49 uint8_t privilege : 4; 50 uint8_t ipmiEnabled : 1; 51 uint8_t linkAuthEnabled : 1; 52 uint8_t accessCallback : 1; 53 uint8_t reserved : 1; 54 #endif 55 #if BYTE_ORDER == BIG_ENDIAN 56 uint8_t reserved : 1; 57 uint8_t accessCallback : 1; 58 uint8_t linkAuthEnabled : 1; 59 uint8_t ipmiEnabled : 1; 60 uint8_t privilege : 4; 61 #endif 62 } __attribute__((packed)); 63 64 /** @brief initializes user management 65 * 66 * @return IPMI_CC_OK for success, others for failure. 67 */ 68 ipmi_ret_t ipmiUserInit(); 69 70 /** @brief The ipmi get user password layer call 71 * 72 * @param[in] userName - user name 73 * 74 * @return password or empty string 75 */ 76 std::string ipmiUserGetPassword(const std::string& userName); 77 78 /** @brief The IPMI call to clear password entry associated with specified 79 * username 80 * 81 * @param[in] userName - user name to be removed 82 * 83 * @return 0 on success, non-zero otherwise. 84 */ 85 ipmi_ret_t ipmiClearUserEntryPassword(const std::string& userName); 86 87 /** @brief The IPMI call to reuse password entry for the renamed user 88 * to another one 89 * 90 * @param[in] userName - user name which has to be renamed 91 * @param[in] newUserName - new user name 92 * 93 * @return 0 on success, non-zero otherwise. 94 */ 95 ipmi_ret_t ipmiRenameUserEntryPassword(const std::string& userName, 96 const std::string& newUserName); 97 98 /** @brief determines valid userId 99 * 100 * @param[in] userId - user id 101 * 102 * @return true if valid, false otherwise 103 */ 104 bool ipmiUserIsValidUserId(const uint8_t userId); 105 106 /** @brief determines valid privilege level 107 * 108 * @param[in] priv - privilege level 109 * 110 * @return true if valid, false otherwise 111 */ 112 bool ipmiUserIsValidPrivilege(const uint8_t priv); 113 114 /** @brief get user id corresponding to the user name 115 * 116 * @param[in] userName - user name 117 * 118 * @return userid. Will return 0xff if no user id found 119 */ 120 uint8_t ipmiUserGetUserId(const std::string& userName); 121 122 /** @brief set's user name 123 * 124 * @param[in] userId - user id 125 * @param[in] userName - user name 126 * 127 * @return IPMI_CC_OK for success, others for failure. 128 */ 129 ipmi_ret_t ipmiUserSetUserName(const uint8_t userId, const char* userName); 130 131 /** @brief set user password 132 * 133 * @param[in] userId - user id 134 * @param[in] userPassword - New Password 135 * 136 * @return IPMI_CC_OK for success, others for failure. 137 */ 138 ipmi_ret_t ipmiUserSetUserPassword(const uint8_t userId, 139 const char* userPassword); 140 141 /** @brief set special user password (non-ipmi accounts) 142 * 143 * @param[in] userName - user name 144 * @param[in] userPassword - New Password 145 * 146 * @return IPMI_CC_OK for success, others for failure. 147 */ 148 ipmi_ret_t ipmiSetSpecialUserPassword(const std::string& userName, 149 const std::string& userPassword); 150 151 /** @brief get user name 152 * 153 * @param[in] userId - user id 154 * @param[out] userName - user name 155 * 156 * @return IPMI_CC_OK for success, others for failure. 157 */ 158 ipmi_ret_t ipmiUserGetUserName(const uint8_t userId, std::string& userName); 159 160 /** @brief provides available fixed, max, and enabled user counts 161 * 162 * @param[out] maxChUsers - max channel users 163 * @param[out] enabledUsers - enabled user count 164 * @param[out] fixedUsers - fixed user count 165 * 166 * @return IPMI_CC_OK for success, others for failure. 167 */ 168 ipmi_ret_t ipmiUserGetAllCounts(uint8_t& maxChUsers, uint8_t& enabledUsers, 169 uint8_t& fixedUsers); 170 171 /** @brief function to update user enabled state 172 * 173 * @param[in] userId - user id 174 *..@param[in] state - state of the user to be updated, true - user enabled. 175 * 176 * @return IPMI_CC_OK for success, others for failure. 177 */ 178 ipmi_ret_t ipmiUserUpdateEnabledState(const uint8_t userId, const bool& state); 179 180 /** @brief determines whether user is enabled 181 * 182 * @param[in] userId - user id 183 *..@param[out] state - state of the user 184 * 185 * @return IPMI_CC_OK for success, others for failure. 186 */ 187 ipmi_ret_t ipmiUserCheckEnabled(const uint8_t userId, bool& state); 188 189 /** @brief provides user privilege access data 190 * 191 * @param[in] userId - user id 192 * @param[in] chNum - channel number 193 * @param[out] privAccess - privilege access data 194 * 195 * @return IPMI_CC_OK for success, others for failure. 196 */ 197 ipmi_ret_t ipmiUserGetPrivilegeAccess(const uint8_t userId, const uint8_t chNum, 198 PrivAccess& privAccess); 199 200 /** @brief sets user privilege access data 201 * 202 * @param[in] userId - user id 203 * @param[in] chNum - channel number 204 * @param[in] privAccess - privilege access data 205 * @param[in] otherPrivUpdate - flags to indicate other fields update 206 * 207 * @return IPMI_CC_OK for success, others for failure. 208 */ 209 ipmi_ret_t ipmiUserSetPrivilegeAccess(const uint8_t userId, const uint8_t chNum, 210 const PrivAccess& privAccess, 211 const bool& otherPrivUpdate); 212 213 } // namespace ipmi 214