1 files changed, 62 insertions, 0 deletions

diff --git a/user_channel/user_layer.hpp b/user_channel/user_layer.hpp
index 5f3567a..450d878 100644
--- a/user_channel/user_layer.hpp
+++ b/user_channel/user_layer.hpp
@@ -16,6 +16,7 @@
 #pragma once
 #include <ipmid/api.h>
 
+#include <bitset>
 #include <string>
 
 namespace ipmi
@@ -37,6 +38,7 @@ static constexpr uint8_t ipmiMaxUsers = 15;
 static constexpr uint8_t ipmiMaxChannels = 16;
 static constexpr uint8_t maxIpmi20PasswordSize = 20;
 static constexpr uint8_t maxIpmi15PasswordSize = 16;
+static constexpr uint8_t payloadsPerByte = 8;
 
 /** @struct PrivAccess
  *
@@ -61,6 +63,19 @@ struct PrivAccess
 #endif
 } __attribute__((packed));
 
+/** @struct UserPayloadAccess
+ *
+ *  Structure to denote payload access restrictions applicable for a
+ *  given user and channel. (refer spec sec 24.6)
+ */
+struct PayloadAccess
+{
+    std::bitset<payloadsPerByte> stdPayloadEnables1;
+    std::bitset<payloadsPerByte> stdPayloadEnables2Reserved;
+    std::bitset<payloadsPerByte> oemPayloadEnables1;
+    std::bitset<payloadsPerByte> oemPayloadEnables2Reserved;
+};
+
 /** @brief initializes user management
  *
  *  @return IPMI_CC_OK for success, others for failure.
@@ -138,6 +153,16 @@ ipmi_ret_t ipmiUserSetUserName(const uint8_t userId, const char* userName);
 ipmi_ret_t ipmiUserSetUserPassword(const uint8_t userId,
                                    const char* userPassword);
 
+/** @brief set special user password (non-ipmi accounts)
+ *
+ *  @param[in] userName - user name
+ *  @param[in] userPassword - New Password
+ *
+ *  @return IPMI_CC_OK for success, others for failure.
+ */
+ipmi_ret_t ipmiSetSpecialUserPassword(const std::string& userName,
+                                      const std::string& userPassword);
+
 /** @brief get user name
  *
  *  @param[in] userId - user id
@@ -200,4 +225,41 @@ ipmi_ret_t ipmiUserSetPrivilegeAccess(const uint8_t userId, const uint8_t chNum,
                                       const PrivAccess& privAccess,
                                       const bool& otherPrivUpdate);
 
+/** @brief check for user pam authentication. This is to determine, whether user
+ * is already locked out for failed login attempt
+ *
+ *  @param[in] username - username
+ *  @param[in] password - password
+ *
+ *  @return status
+ */
+bool ipmiUserPamAuthenticate(std::string_view userName,
+                             std::string_view userPassword);
+
+/** @brief sets user payload access data
+ *
+ *  @param[in] chNum - channel number
+ *  @param[in] operation - ENABLE / DISABLE operation
+ *  @param[in] userId - user id
+ *  @param[in] payloadAccess - payload access data
+ *
+ *  @return IPMI_CC_OK for success, others for failure.
+ */
+ipmi_ret_t ipmiUserSetUserPayloadAccess(const uint8_t chNum,
+                                        const uint8_t operation,
+                                        const uint8_t userId,
+                                        const PayloadAccess& payloadAccess);
+
+/** @brief provides user payload access data
+ *
+ *  @param[in] chNum - channel number
+ *  @param[in] userId - user id
+ *  @param[out] payloadAccess - payload access data
+ *
+ *  @return IPMI_CC_OK for success, others for failure.
+ */
+ipmi_ret_t ipmiUserGetUserPayloadAccess(const uint8_t chNum,
+                                        const uint8_t userId,
+                                        PayloadAccess& payloadAccess);
+
 } // namespace ipmi