diff options
| author | raviteja-b <raviteja28031990@gmail.com> | 2019-03-01 01:33:42 -0600 |
|---|---|---|
| committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-03-08 21:42:05 +0000 |
| commit | ac5b6562dc8a05277dc0a21ce88cba3963712ba1 (patch) | |
| tree | ec5d6f6066b480808ca6a409315b2c1b11dc750d /xyz | |
| parent | c3b1900e9754b410456e3b8d94a1026cd467f01c (diff) | |
| download | phosphor-dbus-interfaces-ac5b6562dc8a05277dc0a21ce88cba3963712ba1.tar.gz phosphor-dbus-interfaces-ac5b6562dc8a05277dc0a21ce88cba3963712ba1.zip | |
Adding dbus method for GetUserInfo under User Manager
As local and remote users are managed by separate daemon,it is difficult
for application to query and get the user authorization.
In order to simplify it in application level, a one stop D-Bus API
method was proposed which will be used by all applications
(irrespective of local / remote user) except IPMI.
This simplifies the application side. Same is documented in
https://github.com/openbmc/docs/blob/master/user_management.md#authorization-flow-except-ipmi
this method returns a dictionary of user properties.
UserPrivilege -> privilege of the user
UserGroups -> list of groups this user belongs to
UserEnabled -> user enabled state
UserLockedForFailedAttempt -> user locked state
RemoteUser -> remote or local user
this commit has GetUserInfo dbus api implementation
https://gerrit.openbmc-project.xyz/#/c/openbmc/phosphor-user-manager/+/18132/
Change-Id: Idbf933447dcf98623cf1f29606d24ea69ec44971
Signed-off-by: raviteja-b <raviteja28031990@gmail.com>
Diffstat (limited to 'xyz')
| -rw-r--r-- | xyz/openbmc_project/User/Manager.interface.yaml | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/xyz/openbmc_project/User/Manager.interface.yaml b/xyz/openbmc_project/User/Manager.interface.yaml index a4c2d7b..3874071 100644 --- a/xyz/openbmc_project/User/Manager.interface.yaml +++ b/xyz/openbmc_project/User/Manager.interface.yaml @@ -57,6 +57,47 @@ methods: - xyz.openbmc_project.User.Common.Error.UserNamePrivFail - xyz.openbmc_project.User.Common.Error.NoResource + - name: GetUserInfo + description: > + Get user properites. + If its local user, method returns + -user privilege + -user groups + -user enabled state + -user locked state + -remote user flag + If its ldap user, method returns + -user privilege + -remote user flag + parameters: + - name: UserName + type: string + description: > + User name whose properties have to be returned. + returns: + - name: UserInfo + type: dict[string,variant[string,array[string],boolean]] + description: > + Dictionary of user properties. + List of key name and data type of properties below. + UserPrivilege -> privilege of the user(string) + UserGroups -> list of groups user belongs to(array[string]) + UserEnabled -> user enabled state(boolean) + UserLockedForFailedAttempt -> user locked state(boolean) + RemoteUser -> remote or local user(boolean) + + For detailed documentation of user properties refer + Attributes.interface.yaml + examples: + 1.UserInfo["RemoteUser"] returns true for ldap user + and false for local user. + 2.UserInfo["UserGroups"] gets list of groups of user. + errors: + - xyz.openbmc_project.Common.Error.InternalFailure + - xyz.openbmc_project.Common.Error.InsufficientPermission + - xyz.openbmc_project.Common.Error.InvalidArgument + - xyz.openbmc_project.User.Common.Error.UserNameDoesNotExist + properties: - name: AllPrivileges type: array[string] |
