1 /* 2 // Copyright (c) 2018 Intel Corporation 3 // 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // 8 // http://www.apache.org/licenses/LICENSE-2.0 9 // 10 // Unless required by applicable law or agreed to in writing, software 11 // distributed under the License is distributed on an "AS IS" BASIS, 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 // See the License for the specific language governing permissions and 14 // limitations under the License. 15 */ 16 #pragma once 17 #include <host-ipmid/ipmid-api.h> 18 19 #include <string> 20 21 namespace ipmi 22 { 23 24 // TODO: Has to be replaced with proper channel number assignment logic 25 enum class EChannelID : uint8_t 26 { 27 chanLan1 = 0x01 28 }; 29 30 static constexpr uint8_t invalidUserId = 0xFF; 31 static constexpr uint8_t reservedUserId = 0x0; 32 static constexpr uint8_t ipmiMaxUserName = 16; 33 static constexpr uint8_t ipmiMaxUsers = 15; 34 static constexpr uint8_t ipmiMaxChannels = 16; 35 36 struct PrivAccess 37 { 38 #if BYTE_ORDER == LITTLE_ENDIAN 39 uint8_t privilege : 4; 40 uint8_t ipmiEnabled : 1; 41 uint8_t linkAuthEnabled : 1; 42 uint8_t accessCallback : 1; 43 uint8_t reserved : 1; 44 #endif 45 #if BYTE_ORDER == BIG_ENDIAN 46 uint8_t reserved : 1; 47 uint8_t accessCallback : 1; 48 uint8_t linkAuthEnabled : 1; 49 uint8_t ipmiEnabled : 1; 50 uint8_t privilege : 4; 51 #endif 52 } __attribute__((packed)); 53 54 /** @brief initializes user management 55 * 56 * @return IPMI_CC_OK for success, others for failure. 57 */ 58 ipmi_ret_t ipmiUserInit(); 59 60 /** @brief The ipmi get user password layer call 61 * 62 * @param[in] userName - user name 63 * 64 * @return password or empty string 65 */ 66 std::string ipmiUserGetPassword(const std::string& userName); 67 68 /** @brief The IPMI call to clear password entry associated with specified 69 * username 70 * 71 * @param[in] userName - user name to be removed 72 * 73 * @return 0 on success, non-zero otherwise. 74 */ 75 ipmi_ret_t ipmiClearUserEntryPassword(const std::string& userName); 76 77 /** @brief The IPMI call to reuse password entry for the renamed user 78 * to another one 79 * 80 * @param[in] userName - user name which has to be renamed 81 * @param[in] newUserName - new user name 82 * 83 * @return 0 on success, non-zero otherwise. 84 */ 85 ipmi_ret_t ipmiRenameUserEntryPassword(const std::string& userName, 86 const std::string& newUserName); 87 88 /** @brief determines valid userId 89 * 90 * @param[in] userId - user id 91 * 92 * @return true if valid, false otherwise 93 */ 94 bool ipmiUserIsValidUserId(const uint8_t userId); 95 96 /** @brief determines valid channel 97 * 98 * @param[in] chNum- channel number 99 * 100 * @return true if valid, false otherwise 101 */ 102 bool ipmiUserIsValidChannel(const uint8_t chNum); 103 104 /** @brief determines valid privilege level 105 * 106 * @param[in] priv - privilege level 107 * 108 * @return true if valid, false otherwise 109 */ 110 bool ipmiUserIsValidPrivilege(const uint8_t priv); 111 112 /** @brief get user id corresponding to the user name 113 * 114 * @param[in] userName - user name 115 * 116 * @return userid. Will return 0xff if no user id found 117 */ 118 uint8_t ipmiUserGetUserId(const std::string& userName); 119 120 /** @brief set's user name 121 * 122 * @param[in] userId - user id 123 * @param[in] userName - user name 124 * 125 * @return IPMI_CC_OK for success, others for failure. 126 */ 127 ipmi_ret_t ipmiUserSetUserName(const uint8_t userId, const char* userName); 128 129 /** @brief get user name 130 * 131 * @param[in] userId - user id 132 * @param[out] userName - user name 133 * 134 * @return IPMI_CC_OK for success, others for failure. 135 */ 136 ipmi_ret_t ipmiUserGetUserName(const uint8_t userId, std::string& userName); 137 138 /** @brief provides available fixed, max, and enabled user counts 139 * 140 * @param[out] maxChUsers - max channel users 141 * @param[out] enabledUsers - enabled user count 142 * @param[out] fixedUsers - fixed user count 143 * 144 * @return IPMI_CC_OK for success, others for failure. 145 */ 146 ipmi_ret_t ipmiUserGetAllCounts(uint8_t& maxChUsers, uint8_t& enabledUsers, 147 uint8_t& fixedUsers); 148 149 /** @brief function to update user enabled state 150 * 151 * @param[in] userId - user id 152 *..@param[in] state - state of the user to be updated, true - user enabled. 153 * 154 * @return IPMI_CC_OK for success, others for failure. 155 */ 156 ipmi_ret_t ipmiUserUpdateEnabledState(const uint8_t userId, const bool& state); 157 158 /** @brief determines whether user is enabled 159 * 160 * @param[in] userId - user id 161 *..@param[out] state - state of the user 162 * 163 * @return IPMI_CC_OK for success, others for failure. 164 */ 165 ipmi_ret_t ipmiUserCheckEnabled(const uint8_t userId, bool& state); 166 167 /** @brief provides user privilege access data 168 * 169 * @param[in] userId - user id 170 * @param[in] chNum - channel number 171 * @param[out] privAccess - privilege access data 172 * 173 * @return IPMI_CC_OK for success, others for failure. 174 */ 175 ipmi_ret_t ipmiUserGetPrivilegeAccess(const uint8_t userId, const uint8_t chNum, 176 PrivAccess& privAccess); 177 178 /** @brief sets user privilege access data 179 * 180 * @param[in] userId - user id 181 * @param[in] chNum - channel number 182 * @param[in] privAccess - privilege access data 183 * @param[in] otherPrivUpdate - flags to indicate other fields update 184 * 185 * @return IPMI_CC_OK for success, others for failure. 186 */ 187 ipmi_ret_t ipmiUserSetPrivilegeAccess(const uint8_t userId, const uint8_t chNum, 188 const PrivAccess& privAccess, 189 const bool& otherPrivUpdate); 190 191 } // namespace ipmi 192