1 #pragma once
2 
3 #include "config.h"
4 #include <xyz/openbmc_project/Object/Delete/server.hpp>
5 #include <xyz/openbmc_project/Object/Enable/server.hpp>
6 #include <xyz/openbmc_project/User/Ldap/Create/server.hpp>
7 #include <xyz/openbmc_project/User/Ldap/Config/server.hpp>
8 #include <xyz/openbmc_project/Common/error.hpp>
9 #include <phosphor-logging/log.hpp>
10 #include <phosphor-logging/elog.hpp>
11 #include <phosphor-logging/elog-errors.hpp>
12 #include <sdbusplus/bus.hpp>
13 #include <sdbusplus/server/object.hpp>
14 #include <string>
15 
16 namespace phosphor
17 {
18 namespace ldap
19 {
20 
21 using namespace phosphor::logging;
22 using namespace sdbusplus::xyz::openbmc_project::Common::Error;
23 using ConfigIface = sdbusplus::xyz::openbmc_project::User::Ldap::server::Config;
24 using EnableIface = sdbusplus::xyz::openbmc_project::Object::server::Enable;
25 using DeleteIface = sdbusplus::xyz::openbmc_project::Object::server::Delete;
26 using Ifaces =
27     sdbusplus::server::object::object<ConfigIface, EnableIface, DeleteIface>;
28 using CreateIface = sdbusplus::server::object::object<
29     sdbusplus::xyz::openbmc_project::User::Ldap::server::Create>;
30 
31 class ConfigMgr;
32 class MockConfigMgr;
33 
34 /** @class Config
35  *  @brief Configuration for LDAP.
36  *  @details concrete implementation of xyz.openbmc_project.User.Ldap.Config
37  *  API, in order to provide LDAP configuration.
38  */
39 class Config : public Ifaces
40 {
41   public:
42     Config() = delete;
43     ~Config() = default;
44     Config(const Config&) = delete;
45     Config& operator=(const Config&) = delete;
46     Config(Config&&) = default;
47     Config& operator=(Config&&) = default;
48 
49     /** @brief Constructor to put object onto bus at a D-Bus path.
50      *  @param[in] bus - Bus to attach to.
51      *  @param[in] path - The D-Bus object path to attach at.
52      *  @param[in] filePath - LDAP configuration file.
53      *  @param[in] caCertFile - LDAP's CA certificate file.
54      *  @param[in] secureLDAP - Specifies whether to use SSL or not.
55      *  @param[in] lDAPServerURI - LDAP URI of the server.
56      *  @param[in] lDAPBindDN - distinguished name with which to bind.
57      *  @param[in] lDAPBaseDN -  distinguished name to use as search base.
58      *  @param[in] lDAPBindDNPassword - credentials with which to bind.
59      *  @param[in] lDAPSearchScope - the search scope.
60      *  @param[in] lDAPType - Specifies the LDAP server type which can be AD
61      *              or openLDAP.
62      *  @param[in] lDAPServiceEnabled - Specifies whether the service would be
63      *  enabled or not.
64      *  @param[in] groupNameAttribute - Specifies attribute name that contains
65      *             the name of the Group in the LDAP server.
66      *  @param[in] userNameAttribute - Specifies attribute name that contains
67      *             the username in the LDAP server.
68      *
69      *  @param[in] parent - parent of config object.
70      */
71 
72     Config(sdbusplus::bus::bus& bus, const char* path, const char* filePath,
73            const char* caCertFile, bool secureLDAP, std::string lDAPServerURI,
74            std::string lDAPBindDN, std::string lDAPBaseDN,
75            std::string&& lDAPBindDNPassword,
76            ConfigIface::SearchScope lDAPSearchScope, ConfigIface::Type lDAPType,
77            bool lDAPServiceEnabled, std::string groupNameAttribute,
78            std::string userNameAttribute, ConfigMgr& parent);
79 
80     using ConfigIface::groupNameAttribute;
81     using ConfigIface::lDAPBaseDN;
82     using ConfigIface::lDAPBindDN;
83     using ConfigIface::lDAPBindDNPassword;
84     using ConfigIface::lDAPSearchScope;
85     using ConfigIface::lDAPServerURI;
86     using ConfigIface::lDAPType;
87     using ConfigIface::setPropertyByName;
88     using ConfigIface::userNameAttribute;
89     using EnableIface::enabled;
90 
91     /** @brief Update the Server URI property.
92      *  @param[in] value - lDAPServerURI value to be updated.
93      *  @returns value of changed lDAPServerURI.
94      */
95     std::string lDAPServerURI(std::string value) override;
96 
97     /** @brief Update the BindDN property.
98      *  @param[in] value - lDAPBindDN value to be updated.
99      *  @returns value of changed lDAPBindDN.
100      */
101     std::string lDAPBindDN(std::string value) override;
102 
103     /** @brief Update the BaseDN property.
104      *  @param[in] value - lDAPBaseDN value to be updated.
105      *  @returns value of changed lDAPBaseDN.
106      */
107     std::string lDAPBaseDN(std::string value) override;
108 
109     /** @brief Update the Search scope property.
110      *  @param[in] value - lDAPSearchScope value to be updated.
111      *  @returns value of changed lDAPSearchScope.
112      */
113     ConfigIface::SearchScope
114         lDAPSearchScope(ConfigIface::SearchScope value) override;
115 
116     /** @brief Update the LDAP Type property.
117      *  @param[in] value - lDAPType value to be updated.
118      *  @returns value of changed lDAPType.
119      */
120     ConfigIface::Type lDAPType(ConfigIface::Type value) override;
121 
122     /** @brief Update the ldapServiceEnabled property.
123      *  @param[in] value - ldapServiceEnabled value to be updated.
124      *  @returns value of changed ldapServiceEnabled.
125      */
126     bool enabled(bool value) override;
127 
128     /** @brief Update the userNameAttribute property.
129      *  @param[in] value - userNameAttribute value to be updated.
130      *  @returns value of changed userNameAttribute.
131      */
132     std::string userNameAttribute(std::string value) override;
133 
134     /** @brief Update the groupNameAttribute property.
135      *  @param[in] value - groupNameAttribute value to be updated.
136      *  @returns value of changed groupNameAttribute.
137      */
138     std::string groupNameAttribute(std::string value) override;
139 
140     /** @brief Update the BindDNPasword property.
141      *  @param[in] value - lDAPBindDNPassword value to be updated.
142      *  @returns value of changed lDAPBindDNPassword.
143      */
144     std::string lDAPBindDNPassword(std::string value) override;
145 
146     /** @brief Delete this D-bus object.
147      */
148     void delete_() override;
149 
150     bool secureLDAP;
151 
152   private:
153     std::string lDAPBindPassword{};
154     std::string configFilePath{};
155     std::string tlsCacertFile{};
156 
157     /** @brief Persistent sdbusplus D-Bus bus connection. */
158     sdbusplus::bus::bus& bus;
159 
160     /** @brief Create a new LDAP config file.
161      */
162     virtual void writeConfig();
163 
164     /** @brief reference to config manager object */
165     ConfigMgr& parent;
166 
167     friend class MockConfigMgr;
168 };
169 
170 } // namespace ldap
171 } // namespace phosphor
172