1 /*
2 // Copyright (c) 2018 Intel Corporation
3 //
4 // Licensed under the Apache License, Version 2.0 (the "License");
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
7 //
8 //      http://www.apache.org/licenses/LICENSE-2.0
9 //
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
15 */
16 
17 #include "config.h"
18 
19 #include "users.hpp"
20 
21 #include "user_mgr.hpp"
22 
23 #include <sys/types.h>
24 #include <sys/wait.h>
25 #include <unistd.h>
26 
27 #include <phosphor-logging/elog-errors.hpp>
28 #include <phosphor-logging/elog.hpp>
29 #include <phosphor-logging/log.hpp>
30 #include <xyz/openbmc_project/Common/error.hpp>
31 #include <xyz/openbmc_project/User/Common/error.hpp>
32 
33 #include <filesystem>
34 
35 namespace phosphor
36 {
37 namespace user
38 {
39 
40 using namespace phosphor::logging;
41 using InsufficientPermission =
42     sdbusplus::xyz::openbmc_project::Common::Error::InsufficientPermission;
43 using InternalFailure =
44     sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure;
45 using InvalidArgument =
46     sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument;
47 using NoResource =
48     sdbusplus::xyz::openbmc_project::User::Common::Error::NoResource;
49 
50 using Argument = xyz::openbmc_project::Common::InvalidArgument;
51 
52 /** @brief Constructs UserMgr object.
53  *
54  *  @param[in] bus  - sdbusplus handler
55  *  @param[in] path - D-Bus path
56  *  @param[in] groups - users group list
57  *  @param[in] priv - user privilege
58  *  @param[in] enabled - user enabled state
59  *  @param[in] parent - user manager - parent object
60  */
61 Users::Users(sdbusplus::bus::bus& bus, const char* path,
62              std::vector<std::string> groups, std::string priv, bool enabled,
63              UserMgr& parent) :
64     Interfaces(bus, path, Interfaces::action::defer_emit),
65     userName(sdbusplus::message::object_path(path).filename()), manager(parent)
66 {
67     UsersIface::userPrivilege(priv, true);
68     UsersIface::userGroups(groups, true);
69     UsersIface::userEnabled(enabled, true);
70 
71     this->emit_object_added();
72 }
73 
74 /** @brief delete user method.
75  *  This method deletes the user as requested
76  *
77  */
78 void Users::delete_(void)
79 {
80     manager.deleteUser(userName);
81 }
82 
83 /** @brief update user privilege
84  *
85  *  @param[in] value - User privilege
86  */
87 std::string Users::userPrivilege(std::string value)
88 {
89     if (value == UsersIface::userPrivilege())
90     {
91         return value;
92     }
93     manager.updateGroupsAndPriv(userName, UsersIface::userGroups(), value);
94     return UsersIface::userPrivilege(value);
95 }
96 
97 /** @brief list user privilege
98  *
99  */
100 std::string Users::userPrivilege(void) const
101 {
102     return UsersIface::userPrivilege();
103 }
104 
105 /** @brief update user groups
106  *
107  *  @param[in] value - User groups
108  */
109 std::vector<std::string> Users::userGroups(std::vector<std::string> value)
110 {
111     if (value == UsersIface::userGroups())
112     {
113         return value;
114     }
115     std::sort(value.begin(), value.end());
116     manager.updateGroupsAndPriv(userName, value, UsersIface::userPrivilege());
117     return UsersIface::userGroups(value);
118 }
119 
120 /** @brief list user groups
121  *
122  */
123 std::vector<std::string> Users::userGroups(void) const
124 {
125     return UsersIface::userGroups();
126 }
127 
128 /** @brief lists user enabled state
129  *
130  */
131 bool Users::userEnabled(void) const
132 {
133     return UsersIface::userEnabled();
134 }
135 
136 /** @brief update user enabled state
137  *
138  *  @param[in] value - bool value
139  */
140 bool Users::userEnabled(bool value)
141 {
142     if (value == UsersIface::userEnabled())
143     {
144         return value;
145     }
146     manager.userEnable(userName, value);
147     return UsersIface::userEnabled(value);
148 }
149 
150 /** @brief lists user locked state for failed attempt
151  *
152  **/
153 bool Users::userLockedForFailedAttempt(void) const
154 {
155     return manager.userLockedForFailedAttempt(userName);
156 }
157 
158 /** @brief unlock user locked state for failed attempt
159  *
160  * @param[in]: value - false - unlock user account, true - no action taken
161  **/
162 bool Users::userLockedForFailedAttempt(bool value)
163 {
164     if (value != false)
165     {
166         return userLockedForFailedAttempt();
167     }
168     else
169     {
170         return manager.userLockedForFailedAttempt(userName, value);
171     }
172 }
173 
174 /** @brief indicates if the user's password is expired
175  *
176  **/
177 bool Users::userPasswordExpired(void) const
178 {
179     return manager.userPasswordExpired(userName);
180 }
181 
182 } // namespace user
183 } // namespace phosphor
184