1 files changed, 82 insertions, 4 deletions

diff --git a/user_channel/user_mgmt.hpp b/user_channel/user_mgmt.hpp
index 9ea9f6b..159b15c 100644
--- a/user_channel/user_mgmt.hpp
+++ b/user_channel/user_mgmt.hpp
@@ -16,19 +16,19 @@
 #pragma once
 #include "user_layer.hpp"
 
-#include <ipmid/api.h>
-
 #include <boost/interprocess/sync/file_lock.hpp>
 #include <boost/interprocess/sync/named_recursive_mutex.hpp>
 #include <cstdint>
 #include <ctime>
+#include <ipmid/api.hpp>
 #include <sdbusplus/bus.hpp>
+#include <variant>
 
 namespace ipmi
 {
 
 using DbusUserPropVariant =
-    sdbusplus::message::variant<std::vector<std::string>, std::string, bool>;
+    std::variant<std::vector<std::string>, std::string, bool>;
 
 using DbusUserObjPath = sdbusplus::message::object_path;
 
@@ -74,6 +74,7 @@ struct UserInfo
     bool userEnabled;
     bool userInSystem;
     bool fixedUserName;
+    PayloadAccess payloadAccess[ipmiMaxChannels];
 };
 
 /** @struct UsersTbl
@@ -86,6 +87,16 @@ struct UsersTbl
     UserInfo user[ipmiMaxUsers + 1];
 };
 
+/** @brief PAM User Authentication check
+ *
+ *  @param[in] username - username in string
+ *  @param[in] password	- password in string
+ *
+ *  @return status
+ */
+bool pamUserCheckAuthenticate(std::string_view username,
+                              std::string_view password);
+
 class UserAccess;
 
 UserAccess& getUserAccessObject();
@@ -155,6 +166,12 @@ class UserAccess
      */
     bool isValidUserName(const char* userNameInChar);
 
+    /** @brief determines whether ipmi is in available groups list
+     *
+     * @return true if ipmi group is present, false otherwise
+     */
+    bool isIpmiInAvailableGroupList();
+
     /** @brief provides user id of the user
      *
      *  @param[in] userName - user name
@@ -217,6 +234,16 @@ class UserAccess
      */
     ipmi_ret_t setUserPassword(const uint8_t userId, const char* userPassword);
 
+    /** @brief to set special user password
+     *
+     *  @param[in] userName - user name
+     *  @param[in] userPassword  - new password of the user
+     *
+     *  @return IPMI_CC_OK for success, others for failure.
+     */
+    ipmi_ret_t setSpecialUserPassword(const std::string& userName,
+                                      const std::string& userPassword);
+
     /** @brief to set user privilege and access details
      *
      *  @param[in] userId - user id
@@ -231,6 +258,56 @@ class UserAccess
                                       const UserPrivAccess& privAccess,
                                       const bool& otherPrivUpdates);
 
+    /** @brief to get user payload access details from userInfo entry.
+     *
+     *  @param[in] userInfo    - userInfo entry in usersTbl.
+     *  @param[out] stdPayload - stdPayloadEnables1 in a 2D-array.
+     *  @param[out] oemPayload - oemPayloadEnables1 in a 2D-array.
+     *
+     *  @details Update the given 2D-arrays using the payload access details
+     *  available in the given userInfo entry (from usersTbl).
+     *  This 2D-array will be mapped to a JSON object (which will be written to
+     *  a JSON file subsequently).
+     */
+    void readPayloadAccessFromUserInfo(
+        const UserInfo& userInfo,
+        std::array<std::array<bool, ipmiMaxChannels>, payloadsPerByte>&
+            stdPayload,
+        std::array<std::array<bool, ipmiMaxChannels>, payloadsPerByte>&
+            oemPayload);
+
+    /** @brief to update user payload access details in userInfo entry.
+     *
+     *  @param[in] stdPayload - stdPayloadEnables1 in a 2D-array.
+     *  @param[in] oemPayload - oemPayloadEnables1 in a 2D-array.
+     *  @param[out] userInfo  - userInfo entry in usersTbl.
+     *
+     *  @details Update user payload access details of a given userInfo
+     *  entry (in usersTbl) with the information provided in given 2D-arrays.
+     *  This 2D-array was created out of a JSON object (which was created by
+     *  parsing a JSON file).
+     */
+    void updatePayloadAccessInUserInfo(
+        const std::array<std::array<bool, ipmiMaxChannels>, payloadsPerByte>&
+            stdPayload,
+        const std::array<std::array<bool, ipmiMaxChannels>, payloadsPerByte>&
+            oemPayload,
+        UserInfo& userInfo);
+
+    /** @brief to set user payload access details
+     *
+     *  @param[in] chNum - channel number
+     *  @param[in] operation - Enable / Disable
+     *  @param[in] userId - user id
+     *  @param[in] payloadAccess - payload access
+     *
+     *  @return IPMI_CC_OK for success, others for failure.
+     */
+    ipmi_ret_t setUserPayloadAccess(const uint8_t chNum,
+                                    const uint8_t operation,
+                                    const uint8_t userId,
+                                    const PayloadAccess& payloadAccess);
+
     /** @brief reads user management related data from configuration file
      *
      */
@@ -321,8 +398,9 @@ class UserAccess
     void getSystemPrivAndGroups();
 
     /** @brief function to init user data from configuration & D-Bus objects
+     * and to register for signals
      *
      */
-    void initUserDataFile();
+    void cacheUserDataFile();
 };
 } // namespace ipmi