1 /*
2 // Copyright (c) 2018 Intel Corporation
3 //
4 // Licensed under the Apache License, Version 2.0 (the "License");
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
7 //
8 //      http://www.apache.org/licenses/LICENSE-2.0
9 //
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
15 */
16 
17 #include <unistd.h>
18 #include <sys/types.h>
19 #include <sys/wait.h>
20 #include <xyz/openbmc_project/Common/error.hpp>
21 #include <xyz/openbmc_project/User/Common/error.hpp>
22 #include <phosphor-logging/log.hpp>
23 #include <phosphor-logging/elog.hpp>
24 #include <phosphor-logging/elog-errors.hpp>
25 #include "user_mgr.hpp"
26 #include "users.hpp"
27 #include "config.h"
28 
29 namespace phosphor
30 {
31 namespace user
32 {
33 
34 using namespace phosphor::logging;
35 using InsufficientPermission =
36     sdbusplus::xyz::openbmc_project::Common::Error::InsufficientPermission;
37 using InternalFailure =
38     sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure;
39 using InvalidArgument =
40     sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument;
41 using NoResource =
42     sdbusplus::xyz::openbmc_project::User::Common::Error::NoResource;
43 
44 using Argument = xyz::openbmc_project::Common::InvalidArgument;
45 
46 /** @brief Constructs UserMgr object.
47  *
48  *  @param[in] bus  - sdbusplus handler
49  *  @param[in] path - D-Bus path
50  *  @param[in] groups - users group list
51  *  @param[in] priv - user privilege
52  *  @param[in] enabled - user enabled state
53  *  @param[in] parent - user manager - parent object
54  */
55 Users::Users(sdbusplus::bus::bus &bus, const char *path,
56              std::vector<std::string> groups, std::string priv, bool enabled,
57              UserMgr &parent) :
58     Interfaces(bus, path, true),
59     userName(std::experimental::filesystem::path(path).filename()),
60     manager(parent)
61 {
62     UsersIface::userPrivilege(priv, true);
63     UsersIface::userGroups(groups, true);
64     UsersIface::userEnabled(enabled, true);
65 
66     this->emit_object_added();
67 }
68 
69 /** @brief delete user method.
70  *  This method deletes the user as requested
71  *
72  */
73 void Users::delete_(void)
74 {
75     manager.deleteUser(userName);
76 }
77 
78 /** @brief update user privilege
79  *
80  *  @param[in] value - User privilege
81  */
82 std::string Users::userPrivilege(std::string value)
83 {
84     if (value == UsersIface::userPrivilege())
85     {
86         return value;
87     }
88     manager.updateGroupsAndPriv(userName, UsersIface::userGroups(), value);
89     return UsersIface::userPrivilege(value);
90 }
91 
92 /** @brief list user privilege
93  *
94  */
95 std::string Users::userPrivilege(void) const
96 {
97     return UsersIface::userPrivilege();
98 }
99 
100 /** @brief update user groups
101  *
102  *  @param[in] value - User groups
103  */
104 std::vector<std::string> Users::userGroups(std::vector<std::string> value)
105 {
106     if (value == UsersIface::userGroups())
107     {
108         return value;
109     }
110     std::sort(value.begin(), value.end());
111     manager.updateGroupsAndPriv(userName, value, UsersIface::userPrivilege());
112     return UsersIface::userGroups(value);
113 }
114 
115 /** @brief list user groups
116  *
117  */
118 std::vector<std::string> Users::userGroups(void) const
119 {
120     return UsersIface::userGroups();
121 }
122 
123 /** @brief lists user enabled state
124  *
125  */
126 bool Users::userEnabled(void) const
127 {
128     return UsersIface::userEnabled();
129 }
130 
131 /** @brief update user enabled state
132  *
133  *  @param[in] value - bool value
134  */
135 bool Users::userEnabled(bool value)
136 {
137     if (value == UsersIface::userEnabled())
138     {
139         return value;
140     }
141     manager.userEnable(userName, value);
142     return UsersIface::userEnabled(value);
143 }
144 
145 /** @brief lists user locked state for failed attempt
146  *
147  **/
148 bool Users::userLockedForFailedAttempt(void) const
149 {
150     return manager.userLockedForFailedAttempt(userName);
151 }
152 
153 /** @brief unlock user locked state for failed attempt
154  *
155  * @param[in]: value - false - unlock user account, true - no action taken
156  **/
157 bool Users::userLockedForFailedAttempt(bool value)
158 {
159     if (value != false)
160     {
161         return userLockedForFailedAttempt();
162     }
163     else
164     {
165         return manager.userLockedForFailedAttempt(userName, value);
166     }
167 }
168 
169 /** @brief indicates if the user's password is expired
170  *
171  **/
172 bool Users::userPasswordExpired(void) const
173 {
174     return manager.userPasswordExpired(userName);
175 }
176 
177 } // namespace user
178 } // namespace phosphor
179