New Redfish roles for ServiceRep and OemRep

[Thomaiyar, Richard Marian]

We need to make sure user account are not getting created in this role 
by end-user. i.e. when creating a new user, these options must not be 
provided. We need to have a separate way of selecting this role or 
instead of not defining as role, we can add this as some mode in redfish.

Note: Currently we are using SpecialMode 
(https://github.com/openbmc/phosphor-dbus-interfaces/blob/master/xyz/openbmc_project/Control/Security/SpecialMode.interface.yaml) 
called Manufacturing mode, and certain activity can be done, when we are 
in this mode (i.e. Administrator role user in this mode will be able to 
do certain operations).

Regards,

Richard

On 2/15/2020 1:51 AM, Joseph Reynolds wrote:
> This is to propose two new Redfish roles:
>
> The BMC Administrator should not have access to operations involving 
> the manufacturing process or servicing the host because these 
> operations can damage the system or cause unintended operation.
>
> Examples of access needed:
> 1. ServiceRep - Needs to access BMC operations to service the system, 
> such as re-enabling locked out field replaceable units (FRUs) after 
> replacing a defective unit.
> 2. OemRep - Needs to access BMC operations to test the host system, 
> such as how the system responds to overheating.
>
> I believe these roles are clearly distinct from role=Administrator or 
> any other role.
>
> The roles should NOT have access to the BMC's configuration or user 
> management.  For example, the BMC admin will be able to lock out any 
> service agent or OemRep using the regular user management functions.
>
> Does anyone else need for these roles?  If so, I will try to get them 
> into Redfish.
>
>
> - Joseph
>
> This topic was discussed briefly in the OpenBMC security working 
> group, 2019-11-27: 
> https://docs.google.com/document/d/1b7x9BaxsfcukQDqbvZsU2ehMq4xoJRQvLxxsDUWmAOI
>
> See also: https://github.com/ibm-openbmc/dev/issues/1529
>