-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathusers.hpp
155 lines (133 loc) · 4.68 KB
/
users.hpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
/*
// Copyright (c) 2018 Intel Corporation
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
*/
#pragma once
#include "json_serializer.hpp"
#include <sdbusplus/bus.hpp>
#include <sdbusplus/server/object.hpp>
#include <xyz/openbmc_project/Object/Delete/server.hpp>
#include <xyz/openbmc_project/User/Attributes/server.hpp>
#include <xyz/openbmc_project/User/MultiFactorAuthConfiguration/server.hpp>
#include <xyz/openbmc_project/User/TOTPAuthenticator/server.hpp>
namespace phosphor
{
namespace user
{
namespace Base = sdbusplus::xyz::openbmc_project;
using UsersIface = Base::User::server::Attributes;
using TOTPAuthenticatorIface = Base::User::server::TOTPAuthenticator;
using DeleteIface = Base::Object::server::Delete;
using Interfaces = sdbusplus::server::object_t<UsersIface, DeleteIface,
TOTPAuthenticatorIface>;
using MultiFactorAuthType = sdbusplus::common::xyz::openbmc_project::user::
MultiFactorAuthConfiguration::Type;
using MultiFactorAuthConfiguration =
sdbusplus::common::xyz::openbmc_project::user::MultiFactorAuthConfiguration;
// Place where all user objects has to be created
constexpr auto usersObjPath = "/xyz/openbmc_project/user";
class UserMgr; // Forward declaration for UserMgr.
/** @class Users
* @brief Lists User objects and it's properties
*/
class Users : public Interfaces
{
public:
Users() = delete;
~Users();
Users(const Users&) = delete;
Users& operator=(const Users&) = delete;
Users(Users&&) = delete;
Users& operator=(Users&&) = delete;
/** @brief Constructs UserMgr object.
*
* @param[in] bus - sdbusplus handler
* @param[in] path - D-Bus path
* @param[in] groups - users group list
* @param[in] priv - users privilege
* @param[in] enabled - user enabled state
* @param[in] parent - user manager - parent object
*/
Users(sdbusplus::bus_t& bus, const char* path,
std::vector<std::string> groups, std::string priv, bool enabled,
UserMgr& parent);
/** @brief delete user method.
* This method deletes the user as requested
*
*/
void delete_(void) override;
/** @brief update user privilege
*
* @param[in] value - User privilege
*/
std::string userPrivilege(std::string value) override;
void setUserPrivilege(const std::string& value);
void setUserGroups(const std::vector<std::string>& groups);
/** @brief lists user privilege
*
*/
std::string userPrivilege(void) const override;
/** @brief update user groups
*
* @param[in] value - User groups
*/
std::vector<std::string> userGroups(
std::vector<std::string> value) override;
/** @brief list user groups
*
*/
std::vector<std::string> userGroups(void) const override;
/** @brief lists user enabled state
*
*/
bool userEnabled(void) const override;
void setUserEnabled(bool value);
/** @brief update user enabled state
*
* @param[in] value - bool value
*/
bool userEnabled(bool value) override;
/** @brief lists user locked state for failed attempt
*
**/
bool userLockedForFailedAttempt(void) const override;
/** @brief unlock user locked state for failed attempt
*
* @param[in]: value - false - unlock user account, true - no action taken
**/
bool userLockedForFailedAttempt(bool value) override;
/** @brief indicates if the user's password is expired
*
**/
bool userPasswordExpired(void) const override;
std::string getUserName() const
{
return userName;
}
bool secretKeyIsValid() const override;
std::string createSecretKey() override;
bool verifyOTP(std::string otp) override;
bool secretKeyGenerationRequired() const override;
void clearSecretKey() override;
MultiFactorAuthType bypassedProtocol(MultiFactorAuthType value,
bool skipSignal) override;
void enableMultiFactorAuth(MultiFactorAuthType type, bool value);
void load(JsonSerializer& serializer);
private:
bool checkMfaStatus() const;
std::string userName;
UserMgr& manager;
};
} // namespace user
} // namespace phosphor