2 files changed, 30 insertions, 0 deletions

diff --git a/user_channel/user_mgmt.cpp b/user_channel/user_mgmt.cpp
index a8d2219..add7ee2 100644
--- a/user_channel/user_mgmt.cpp
+++ b/user_channel/user_mgmt.cpp
@@ -945,6 +945,26 @@ ipmi_ret_t UserAccess::getUserName(const uint8_t userId, std::string& userName)
     return IPMI_CC_OK;
 }
 
+bool UserAccess::isIpmiInAvailableGroupList()
+{
+    if (std::find(availableGroups.begin(), availableGroups.end(),
+                  ipmiGrpName) != availableGroups.end())
+    {
+        return true;
+    }
+    if (availableGroups.empty())
+    {
+        // available groups shouldn't be empty, re-query
+        getSystemPrivAndGroups();
+        if (std::find(availableGroups.begin(), availableGroups.end(),
+                      ipmiGrpName) != availableGroups.end())
+        {
+            return true;
+        }
+    }
+    return false;
+}
+
 ipmi_ret_t UserAccess::setUserName(const uint8_t userId,
                                    const char* userNameInChar)
 {
@@ -990,6 +1010,10 @@ ipmi_ret_t UserAccess::setUserName(const uint8_t userId,
     {
         try
         {
+            if (!isIpmiInAvailableGroupList())
+            {
+                return IPMI_CC_UNSPECIFIED_ERROR;
+            }
             // Create new user
             auto method = bus.new_method_call(
                 getUserServiceName().c_str(), userMgrObjBasePath,
diff --git a/user_channel/user_mgmt.hpp b/user_channel/user_mgmt.hpp
index 054c0e2..159b15c 100644
--- a/user_channel/user_mgmt.hpp
+++ b/user_channel/user_mgmt.hpp
@@ -166,6 +166,12 @@ class UserAccess
      */
     bool isValidUserName(const char* userNameInChar);
 
+    /** @brief determines whether ipmi is in available groups list
+     *
+     * @return true if ipmi group is present, false otherwise
+     */
+    bool isIpmiInAvailableGroupList();
+
     /** @brief provides user id of the user
      *
      *  @param[in] userName - user name