1 /*
2 // Copyright (c) 2018 Intel Corporation
3 //
4 // Licensed under the Apache License, Version 2.0 (the "License");
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
7 //
8 // http://www.apache.org/licenses/LICENSE-2.0
9 //
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
15 */
16
17 #include "config.h"
18
19 #include "users.hpp"
20
21 #include "user_mgr.hpp"
22
23 #include <sys/types.h>
24 #include <sys/wait.h>
25 #include <unistd.h>
26
27 #include <phosphor-logging/elog-errors.hpp>
28 #include <phosphor-logging/elog.hpp>
29 #include <phosphor-logging/lg2.hpp>
30 #include <xyz/openbmc_project/Common/error.hpp>
31 #include <xyz/openbmc_project/User/Common/error.hpp>
32
33 #include <filesystem>
34
35 namespace phosphor
36 {
37 namespace user
38 {
39
40 using namespace phosphor::logging;
41 using InsufficientPermission =
42 sdbusplus::xyz::openbmc_project::Common::Error::InsufficientPermission;
43 using InternalFailure =
44 sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure;
45 using InvalidArgument =
46 sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument;
47 using NoResource =
48 sdbusplus::xyz::openbmc_project::User::Common::Error::NoResource;
49
50 using Argument = xyz::openbmc_project::Common::InvalidArgument;
51
52 /** @brief Constructs UserMgr object.
53 *
54 * @param[in] bus - sdbusplus handler
55 * @param[in] path - D-Bus path
56 * @param[in] groups - users group list
57 * @param[in] priv - user privilege
58 * @param[in] enabled - user enabled state
59 * @param[in] parent - user manager - parent object
60 */
Users(sdbusplus::bus_t & bus,const char * path,std::vector<std::string> groups,std::string priv,bool enabled,UserMgr & parent)61 Users::Users(sdbusplus::bus_t& bus, const char* path,
62 std::vector<std::string> groups, std::string priv, bool enabled,
63 UserMgr& parent) :
64 Interfaces(bus, path, Interfaces::action::defer_emit),
65 userName(sdbusplus::message::object_path(path).filename()), manager(parent)
66 {
67 UsersIface::userPrivilege(priv, true);
68 UsersIface::userGroups(groups, true);
69 UsersIface::userEnabled(enabled, true);
70
71 this->emit_object_added();
72 }
73
74 /** @brief delete user method.
75 * This method deletes the user as requested
76 *
77 */
delete_(void)78 void Users::delete_(void)
79 {
80 manager.deleteUser(userName);
81 }
82
83 /** @brief update user privilege
84 *
85 * @param[in] value - User privilege
86 */
userPrivilege(std::string value)87 std::string Users::userPrivilege(std::string value)
88 {
89 if (value == UsersIface::userPrivilege())
90 {
91 return value;
92 }
93 manager.updateGroupsAndPriv(userName, UsersIface::userGroups(), value);
94 return UsersIface::userPrivilege(value);
95 }
96
setUserPrivilege(const std::string & value)97 void Users::setUserPrivilege(const std::string& value)
98 {
99 UsersIface::userPrivilege(value);
100 }
101
setUserGroups(const std::vector<std::string> & groups)102 void Users::setUserGroups(const std::vector<std::string>& groups)
103 {
104 UsersIface::userGroups(groups);
105 }
106
107 /** @brief list user privilege
108 *
109 */
userPrivilege(void) const110 std::string Users::userPrivilege(void) const
111 {
112 return UsersIface::userPrivilege();
113 }
114
115 /** @brief update user groups
116 *
117 * @param[in] value - User groups
118 */
userGroups(std::vector<std::string> value)119 std::vector<std::string> Users::userGroups(std::vector<std::string> value)
120 {
121 if (value == UsersIface::userGroups())
122 {
123 return value;
124 }
125 std::sort(value.begin(), value.end());
126 manager.updateGroupsAndPriv(userName, value, UsersIface::userPrivilege());
127 return UsersIface::userGroups(value);
128 }
129
130 /** @brief list user groups
131 *
132 */
userGroups(void) const133 std::vector<std::string> Users::userGroups(void) const
134 {
135 return UsersIface::userGroups();
136 }
137
138 /** @brief lists user enabled state
139 *
140 */
userEnabled(void) const141 bool Users::userEnabled(void) const
142 {
143 return manager.isUserEnabled(userName);
144 }
145
setUserEnabled(bool value)146 void Users::setUserEnabled(bool value)
147 {
148 UsersIface::userEnabled(value);
149 }
150
151 /** @brief update user enabled state
152 *
153 * @param[in] value - bool value
154 */
userEnabled(bool value)155 bool Users::userEnabled(bool value)
156 {
157 if (value == UsersIface::userEnabled())
158 {
159 return value;
160 }
161 manager.userEnable(userName, value);
162 return UsersIface::userEnabled(value);
163 }
164
165 /** @brief lists user locked state for failed attempt
166 *
167 **/
userLockedForFailedAttempt(void) const168 bool Users::userLockedForFailedAttempt(void) const
169 {
170 return manager.userLockedForFailedAttempt(userName);
171 }
172
173 /** @brief unlock user locked state for failed attempt
174 *
175 * @param[in]: value - false - unlock user account, true - no action taken
176 **/
userLockedForFailedAttempt(bool value)177 bool Users::userLockedForFailedAttempt(bool value)
178 {
179 if (value != false)
180 {
181 return userLockedForFailedAttempt();
182 }
183 else
184 {
185 return manager.userLockedForFailedAttempt(userName, value);
186 }
187 }
188
189 /** @brief indicates if the user's password is expired
190 *
191 **/
userPasswordExpired(void) const192 bool Users::userPasswordExpired(void) const
193 {
194 return manager.userPasswordExpired(userName);
195 }
196
197 } // namespace user
198 } // namespace phosphor
199