From 536ea32ddc61bc3f5ad34eada5788797e1771832 Mon Sep 17 00:00:00 2001 From: Tom Joseph Date: Fri, 14 Sep 2018 10:02:20 +0530 Subject: ldap: Add application to configure privilege for LDAP groups The application implements the xyz.openbmc_project.User.PrivilegeMapper D-Bus interface to configure privilege levels for LDAP groups. The Create method is used to create privilege mapping for the LDAP group. D-Bus object is created for each LDAP group and implements the D-Bus interface xyz.openbmc_project.User.PrivilegeMapperEntry. : Change-Id: I20935229a8a79ce1e52a857672a6a0085cb5ace4 Signed-off-by: Tom Joseph --- phosphor-ldap-mapper/ldap_mapper_mgr.cpp | 88 ++++++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) create mode 100644 phosphor-ldap-mapper/ldap_mapper_mgr.cpp (limited to 'phosphor-ldap-mapper/ldap_mapper_mgr.cpp') diff --git a/phosphor-ldap-mapper/ldap_mapper_mgr.cpp b/phosphor-ldap-mapper/ldap_mapper_mgr.cpp new file mode 100644 index 0000000..9fe40ad --- /dev/null +++ b/phosphor-ldap-mapper/ldap_mapper_mgr.cpp @@ -0,0 +1,88 @@ +#include +#include +#include +#include +#include +#include "config.h" +#include "ldap_mapper_mgr.hpp" + +namespace phosphor +{ +namespace user +{ + +using namespace phosphor::logging; +using InvalidArgument = + sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument; +using Argument = xyz::openbmc_project::Common::InvalidArgument; +using PrivilegeMappingExists = sdbusplus::xyz::openbmc_project::User::Common:: + Error::PrivilegeMappingExists; + +LDAPMapperMgr::LDAPMapperMgr(sdbusplus::bus::bus &bus, const char *path) : + MapperMgrIface(bus, path), bus(bus), path(path) +{ +} + +ObjectPath LDAPMapperMgr::create(std::string groupName, std::string privilege) +{ + checkPrivilegeMapper(groupName); + checkPrivilegeLevel(privilege); + + entryId++; + + // Object path for the LDAP group privilege mapper entry + auto mapperObject = + std::string(mapperMgrRoot) + "/" + std::to_string(entryId); + + // Create mapping for LDAP privilege mapper entry + auto entry = std::make_unique( + bus, mapperObject.c_str(), groupName, privilege, *this); + + PrivilegeMapperList.emplace(entryId, std::move(entry)); + + return mapperObject; +} + +void LDAPMapperMgr::deletePrivilegeMapper(Id id) +{ + PrivilegeMapperList.erase(id); +} + +void LDAPMapperMgr::checkPrivilegeMapper(const std::string &groupName) +{ + if (groupName.empty()) + { + log("Group name is empty"); + elog(Argument::ARGUMENT_NAME("Group name"), + Argument::ARGUMENT_VALUE("Null")); + } + + for (const auto &val : PrivilegeMapperList) + { + if (val.second.get()->groupName() == groupName) + { + log("Group name already exists"); + elog(); + } + } +} + +void LDAPMapperMgr::checkPrivilegeLevel(const std::string &privilege) +{ + if (privilege.empty()) + { + log("Privilege level is empty"); + elog(Argument::ARGUMENT_NAME("Privilege level"), + Argument::ARGUMENT_VALUE("Null")); + } + + if (std::find(privMgr.begin(), privMgr.end(), privilege) == privMgr.end()) + { + log("Invalid privilege"); + elog(Argument::ARGUMENT_NAME("Privilege level"), + Argument::ARGUMENT_VALUE(privilege.c_str())); + } +} + +} // namespace user +} // namespace phosphor -- cgit v1.2.1