1 #pragma once 2 3 #include "config.h" 4 #include <xyz/openbmc_project/Object/Enable/server.hpp> 5 #include <xyz/openbmc_project/User/Ldap/Create/server.hpp> 6 #include <xyz/openbmc_project/User/Ldap/Config/server.hpp> 7 #include <xyz/openbmc_project/Common/error.hpp> 8 #include <phosphor-logging/log.hpp> 9 #include <phosphor-logging/elog.hpp> 10 #include <phosphor-logging/elog-errors.hpp> 11 #include <sdbusplus/bus.hpp> 12 #include <sdbusplus/server/object.hpp> 13 #include <string> 14 #include <filesystem> 15 16 namespace phosphor 17 { 18 namespace ldap 19 { 20 21 using namespace phosphor::logging; 22 using namespace sdbusplus::xyz::openbmc_project::Common::Error; 23 using ConfigIface = sdbusplus::xyz::openbmc_project::User::Ldap::server::Config; 24 using EnableIface = sdbusplus::xyz::openbmc_project::Object::server::Enable; 25 using Ifaces = sdbusplus::server::object::object<ConfigIface, EnableIface>; 26 using CreateIface = sdbusplus::server::object::object< 27 sdbusplus::xyz::openbmc_project::User::Ldap::server::Create>; 28 namespace fs = std::filesystem; 29 class ConfigMgr; 30 class MockConfigMgr; 31 32 /** @class Config 33 * @brief Configuration for LDAP. 34 * @details concrete implementation of xyz.openbmc_project.User.Ldap.Config 35 * API, in order to provide LDAP configuration. 36 */ 37 class Config : public Ifaces 38 { 39 public: 40 Config() = delete; 41 ~Config() = default; 42 Config(const Config&) = delete; 43 Config& operator=(const Config&) = delete; 44 Config(Config&&) = default; 45 Config& operator=(Config&&) = default; 46 47 /** @brief Constructor to put object onto bus at a D-Bus path. 48 * @param[in] bus - Bus to attach to. 49 * @param[in] path - The D-Bus object path to attach at. 50 * @param[in] filePath - LDAP configuration file. 51 * @param[in] caCertFile - LDAP's CA certificate file. 52 * @param[in] secureLDAP - Specifies whether to use SSL or not. 53 * @param[in] lDAPServerURI - LDAP URI of the server. 54 * @param[in] lDAPBindDN - distinguished name with which to bind. 55 * @param[in] lDAPBaseDN - distinguished name to use as search base. 56 * @param[in] lDAPBindDNPassword - credentials with which to bind. 57 * @param[in] lDAPSearchScope - the search scope. 58 * @param[in] lDAPType - Specifies the LDAP server type which can be AD 59 * or openLDAP. 60 * @param[in] lDAPServiceEnabled - Specifies whether the service would be 61 * enabled or not. 62 * @param[in] groupNameAttribute - Specifies attribute name that contains 63 * the name of the Group in the LDAP server. 64 * @param[in] userNameAttribute - Specifies attribute name that contains 65 * the username in the LDAP server. 66 * 67 * @param[in] parent - parent of config object. 68 */ 69 70 Config(sdbusplus::bus::bus& bus, const char* path, const char* filePath, 71 const char* caCertFile, bool secureLDAP, std::string lDAPServerURI, 72 std::string lDAPBindDN, std::string lDAPBaseDN, 73 std::string&& lDAPBindDNPassword, 74 ConfigIface::SearchScope lDAPSearchScope, ConfigIface::Type lDAPType, 75 bool lDAPServiceEnabled, std::string groupNameAttribute, 76 std::string userNameAttribute, ConfigMgr& parent); 77 78 /** @brief Constructor to put object onto bus at a D-Bus path. 79 * @param[in] bus - Bus to attach to. 80 * @param[in] path - The D-Bus object path to attach at. 81 * @param[in] filePath - LDAP configuration file. 82 * @param[in] lDAPType - Specifies the LDAP server type which can be AD 83 * or openLDAP. 84 * @param[in] parent - parent of config object. 85 */ 86 Config(sdbusplus::bus::bus& bus, const char* path, const char* filePath, 87 const char* caCertFile, ConfigIface::Type lDAPType, 88 ConfigMgr& parent); 89 90 using ConfigIface::groupNameAttribute; 91 using ConfigIface::lDAPBaseDN; 92 using ConfigIface::lDAPBindDN; 93 using ConfigIface::lDAPBindDNPassword; 94 using ConfigIface::lDAPSearchScope; 95 using ConfigIface::lDAPServerURI; 96 using ConfigIface::lDAPType; 97 using ConfigIface::setPropertyByName; 98 using ConfigIface::userNameAttribute; 99 using EnableIface::enabled; 100 101 /** @brief Update the Server URI property. 102 * @param[in] value - lDAPServerURI value to be updated. 103 * @returns value of changed lDAPServerURI. 104 */ 105 std::string lDAPServerURI(std::string value) override; 106 107 /** @brief Update the BindDN property. 108 * @param[in] value - lDAPBindDN value to be updated. 109 * @returns value of changed lDAPBindDN. 110 */ 111 std::string lDAPBindDN(std::string value) override; 112 113 /** @brief Update the BaseDN property. 114 * @param[in] value - lDAPBaseDN value to be updated. 115 * @returns value of changed lDAPBaseDN. 116 */ 117 std::string lDAPBaseDN(std::string value) override; 118 119 /** @brief Update the Search scope property. 120 * @param[in] value - lDAPSearchScope value to be updated. 121 * @returns value of changed lDAPSearchScope. 122 */ 123 ConfigIface::SearchScope 124 lDAPSearchScope(ConfigIface::SearchScope value) override; 125 126 /** @brief Update the LDAP Type property. 127 * @param[in] value - lDAPType value to be updated. 128 * @returns value of changed lDAPType. 129 */ 130 ConfigIface::Type lDAPType(ConfigIface::Type value) override; 131 132 /** @brief Update the ldapServiceEnabled property. 133 * @param[in] value - ldapServiceEnabled value to be updated. 134 * @returns value of changed ldapServiceEnabled. 135 */ 136 bool enabled(bool value) override; 137 138 /** @brief Update the userNameAttribute property. 139 * @param[in] value - userNameAttribute value to be updated. 140 * @returns value of changed userNameAttribute. 141 */ 142 std::string userNameAttribute(std::string value) override; 143 144 /** @brief Update the groupNameAttribute property. 145 * @param[in] value - groupNameAttribute value to be updated. 146 * @returns value of changed groupNameAttribute. 147 */ 148 std::string groupNameAttribute(std::string value) override; 149 150 /** @brief Update the BindDNPasword property. 151 * @param[in] value - lDAPBindDNPassword value to be updated. 152 * @returns value of changed lDAPBindDNPassword. 153 */ 154 std::string lDAPBindDNPassword(std::string value) override; 155 156 /** @brief Function required by Cereal to perform deserialization. 157 * @tparam Archive - Cereal archive type (binary in our case). 158 * @param[in] archive - reference to Cereal archive. 159 * @param[in] version - Class version that enables handling 160 * a serialized data across code levels 161 */ 162 template <class Archive> 163 void load(Archive& archive, const std::uint32_t version); 164 165 /** @brief Function required by Cereal to perform serialization. 166 * @tparam Archive - Cereal archive type (binary in our case). 167 * @param[in] archive - reference to Cereal archive. 168 * @param[in] version - Class version that enables handling 169 * a serialized data across code levels 170 */ 171 template <class Archive> 172 void save(Archive& archive, const std::uint32_t version) const; 173 174 /** @brief Serialize and persist this object at the persist 175 * location. 176 */ 177 void serialize(); 178 179 /** @brief Deserialize LDAP config data from the persistent location 180 * into this object 181 * @return bool - true if the deserialization was successful, false 182 * otherwise. 183 */ 184 bool deserialize(); 185 186 /** @brief enable or disable the service with the given value 187 * @param[in] value - enable/disble 188 * @returns value of changed status 189 */ 190 bool enableService(bool value); 191 192 private: 193 bool secureLDAP; 194 std::string lDAPBindPassword{}; 195 std::string tlsCacertFile{}; 196 std::string configFilePath{}; 197 std::string objectPath{}; 198 std::filesystem::path configPersistPath{}; 199 200 /** @brief Persistent sdbusplus D-Bus bus connection. */ 201 sdbusplus::bus::bus& bus; 202 203 /** @brief Create a new LDAP config file. 204 */ 205 virtual void writeConfig(); 206 207 /** @brief reference to config manager object */ 208 ConfigMgr& parent; 209 210 friend class MockConfigMgr; 211 }; 212 213 } // namespace ldap 214 } // namespace phosphor 215