Try to fix the lambda formatting issue
clang-tidy has a setting, LambdaBodyIndentation, which it says:
"For callback-heavy code, it may improve readability to have the
signature indented two levels and to use OuterScope."
bmcweb is very callback heavy code. Try to enable it and see if that
improves things. There are many cases where the length of a lambda call
will change, and reindent the entire lambda function. This is really
bad for code reviews, as it's difficult to see the lines changed. This
commit should resolve it. This does have the downside of reindenting a
lot of functions, which is unfortunate, but probably worth it in the
long run.
All changes except for the .clang-format file were made by the robot.
Tested: Code compiles, whitespace changes only.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ib4aa2f1391fada981febd25b67dcdb9143827f43
diff --git a/http/http_client.hpp b/http/http_client.hpp
index a6e1669..06d4a1c 100644
--- a/http/http_client.hpp
+++ b/http/http_client.hpp
@@ -127,18 +127,18 @@
const boost::beast::error_code ec,
const std::vector<boost::asio::ip::tcp::endpoint>&
endpointList) {
- if (ec || (endpointList.empty()))
- {
- BMCWEB_LOG_ERROR << "Resolve failed: " << ec.message();
- self->state = ConnState::resolveFailed;
- self->waitAndRetry();
- return;
- }
- BMCWEB_LOG_DEBUG << "Resolved " << self->host << ":"
- << std::to_string(self->port)
- << ", id: " << std::to_string(self->connId);
- self->doConnect(endpointList);
- };
+ if (ec || (endpointList.empty()))
+ {
+ BMCWEB_LOG_ERROR << "Resolve failed: " << ec.message();
+ self->state = ConnState::resolveFailed;
+ self->waitAndRetry();
+ return;
+ }
+ BMCWEB_LOG_DEBUG << "Resolved " << self->host << ":"
+ << std::to_string(self->port)
+ << ", id: " << std::to_string(self->connId);
+ self->doConnect(endpointList);
+ };
resolver.asyncResolve(host, port, std::move(respHandler));
}
@@ -153,28 +153,27 @@
<< ", id: " << std::to_string(connId);
conn.expires_after(std::chrono::seconds(30));
- conn.async_connect(
- endpointList, [self(shared_from_this())](
- const boost::beast::error_code ec,
- const boost::asio::ip::tcp::endpoint& endpoint) {
- if (ec)
- {
- BMCWEB_LOG_ERROR << "Connect "
- << endpoint.address().to_string() << ":"
- << std::to_string(endpoint.port())
- << ", id: " << std::to_string(self->connId)
- << " failed: " << ec.message();
- self->state = ConnState::connectFailed;
- self->waitAndRetry();
- return;
- }
- BMCWEB_LOG_DEBUG
- << "Connected to: " << endpoint.address().to_string() << ":"
- << std::to_string(endpoint.port())
- << ", id: " << std::to_string(self->connId);
- self->state = ConnState::connected;
- self->sendMessage();
- });
+ conn.async_connect(endpointList,
+ [self(shared_from_this())](
+ const boost::beast::error_code ec,
+ const boost::asio::ip::tcp::endpoint& endpoint) {
+ if (ec)
+ {
+ BMCWEB_LOG_ERROR << "Connect " << endpoint.address().to_string()
+ << ":" << std::to_string(endpoint.port())
+ << ", id: " << std::to_string(self->connId)
+ << " failed: " << ec.message();
+ self->state = ConnState::connectFailed;
+ self->waitAndRetry();
+ return;
+ }
+ BMCWEB_LOG_DEBUG
+ << "Connected to: " << endpoint.address().to_string() << ":"
+ << std::to_string(endpoint.port())
+ << ", id: " << std::to_string(self->connId);
+ self->state = ConnState::connected;
+ self->sendMessage();
+ });
}
void sendMessage()
@@ -189,19 +188,18 @@
conn, req,
[self(shared_from_this())](const boost::beast::error_code& ec,
const std::size_t& bytesTransferred) {
- if (ec)
- {
- BMCWEB_LOG_ERROR << "sendMessage() failed: "
- << ec.message();
- self->state = ConnState::sendFailed;
- self->waitAndRetry();
- return;
- }
- BMCWEB_LOG_DEBUG << "sendMessage() bytes transferred: "
- << bytesTransferred;
- boost::ignore_unused(bytesTransferred);
+ if (ec)
+ {
+ BMCWEB_LOG_ERROR << "sendMessage() failed: " << ec.message();
+ self->state = ConnState::sendFailed;
+ self->waitAndRetry();
+ return;
+ }
+ BMCWEB_LOG_DEBUG << "sendMessage() bytes transferred: "
+ << bytesTransferred;
+ boost::ignore_unused(bytesTransferred);
- self->recvMessage();
+ self->recvMessage();
});
}
@@ -217,51 +215,48 @@
conn, buffer, *parser,
[self(shared_from_this())](const boost::beast::error_code& ec,
const std::size_t& bytesTransferred) {
- if (ec)
- {
- BMCWEB_LOG_ERROR << "recvMessage() failed: "
- << ec.message();
- self->state = ConnState::recvFailed;
- self->waitAndRetry();
- return;
- }
- BMCWEB_LOG_DEBUG << "recvMessage() bytes transferred: "
- << bytesTransferred;
- BMCWEB_LOG_DEBUG << "recvMessage() data: "
- << self->parser->get().body();
+ if (ec)
+ {
+ BMCWEB_LOG_ERROR << "recvMessage() failed: " << ec.message();
+ self->state = ConnState::recvFailed;
+ self->waitAndRetry();
+ return;
+ }
+ BMCWEB_LOG_DEBUG << "recvMessage() bytes transferred: "
+ << bytesTransferred;
+ BMCWEB_LOG_DEBUG << "recvMessage() data: "
+ << self->parser->get().body();
- unsigned int respCode = self->parser->get().result_int();
- BMCWEB_LOG_DEBUG << "recvMessage() Header Response Code: "
+ unsigned int respCode = self->parser->get().result_int();
+ BMCWEB_LOG_DEBUG << "recvMessage() Header Response Code: "
+ << respCode;
+
+ // 2XX response is considered to be successful
+ if ((respCode < 200) || (respCode >= 300))
+ {
+ // The listener failed to receive the Sent-Event
+ BMCWEB_LOG_ERROR << "recvMessage() Listener Failed to "
+ "receive Sent-Event. Header Response Code: "
<< respCode;
+ self->state = ConnState::recvFailed;
+ self->waitAndRetry();
+ return;
+ }
- // 2XX response is considered to be successful
- if ((respCode < 200) || (respCode >= 300))
- {
- // The listener failed to receive the Sent-Event
- BMCWEB_LOG_ERROR
- << "recvMessage() Listener Failed to "
- "receive Sent-Event. Header Response Code: "
- << respCode;
- self->state = ConnState::recvFailed;
- self->waitAndRetry();
- return;
- }
+ // Send is successful
+ // Reset the counter just in case this was after retrying
+ self->retryCount = 0;
- // Send is successful
- // Reset the counter just in case this was after retrying
- self->retryCount = 0;
+ // Keep the connection alive if server supports it
+ // Else close the connection
+ BMCWEB_LOG_DEBUG << "recvMessage() keepalive : "
+ << self->parser->keep_alive();
- // Keep the connection alive if server supports it
- // Else close the connection
- BMCWEB_LOG_DEBUG << "recvMessage() keepalive : "
- << self->parser->keep_alive();
-
- // Copy the response into a Response object so that it can be
- // processed by the callback function.
- self->res.clear();
- self->res.stringResponse = self->parser->release();
- self->callback(self->parser->keep_alive(), self->connId,
- self->res);
+ // Copy the response into a Response object so that it can be
+ // processed by the callback function.
+ self->res.clear();
+ self->res.stringResponse = self->parser->release();
+ self->callback(self->parser->keep_alive(), self->connId, self->res);
});
}
@@ -311,23 +306,23 @@
timer.expires_after(retryPolicy.retryIntervalSecs);
timer.async_wait(
[self(shared_from_this())](const boost::system::error_code ec) {
- if (ec == boost::asio::error::operation_aborted)
- {
- BMCWEB_LOG_DEBUG
- << "async_wait failed since the operation is aborted"
- << ec.message();
- }
- else if (ec)
- {
- BMCWEB_LOG_ERROR << "async_wait failed: " << ec.message();
- // Ignore the error and continue the retry loop to attempt
- // sending the event as per the retry policy
- }
- self->runningTimer = false;
+ if (ec == boost::asio::error::operation_aborted)
+ {
+ BMCWEB_LOG_DEBUG
+ << "async_wait failed since the operation is aborted"
+ << ec.message();
+ }
+ else if (ec)
+ {
+ BMCWEB_LOG_ERROR << "async_wait failed: " << ec.message();
+ // Ignore the error and continue the retry loop to attempt
+ // sending the event as per the retry policy
+ }
+ self->runningTimer = false;
- // Let's close the connection and restart from resolve.
- self->doCloseAndRetry();
- });
+ // Let's close the connection and restart from resolve.
+ self->doCloseAndRetry();
+ });
}
void doClose()
diff --git a/http/http_connection.hpp b/http/http_connection.hpp
index 2ea3f18..8c86ac9 100644
--- a/http/http_connection.hpp
+++ b/http/http_connection.hpp
@@ -115,9 +115,8 @@
}
}
- adaptor.set_verify_callback([this](
- bool preverified,
- boost::asio::ssl::verify_context& ctx) {
+ adaptor.set_verify_callback(
+ [this](bool preverified, boost::asio::ssl::verify_context& ctx) {
// do nothing if TLS is disabled
if (!persistent_data::SessionStore::getInstance()
.getAuthMethodsConfig()
@@ -305,12 +304,12 @@
adaptor.async_handshake(boost::asio::ssl::stream_base::server,
[this, self(shared_from_this())](
const boost::system::error_code& ec) {
- if (ec)
- {
- return;
- }
- doReadHeaders();
- });
+ if (ec)
+ {
+ return;
+ }
+ doReadHeaders();
+ });
}
else
{
@@ -375,8 +374,8 @@
BMCWEB_LOG_DEBUG << "Setting completion handler";
asyncResp->res.setCompleteRequestHandler(
[self(shared_from_this())](crow::Response& thisRes) {
- self->completeRequest(thisRes);
- });
+ self->completeRequest(thisRes);
+ });
if (thisReq.isUpgrade() &&
boost::iequals(
@@ -534,75 +533,74 @@
[this,
self(shared_from_this())](const boost::system::error_code& ec,
std::size_t bytesTransferred) {
- BMCWEB_LOG_DEBUG << this << " async_read_header "
- << bytesTransferred << " Bytes";
- bool errorWhileReading = false;
- if (ec)
+ BMCWEB_LOG_DEBUG << this << " async_read_header "
+ << bytesTransferred << " Bytes";
+ bool errorWhileReading = false;
+ if (ec)
+ {
+ errorWhileReading = true;
+ if (ec == boost::asio::error::eof)
{
- errorWhileReading = true;
- if (ec == boost::asio::error::eof)
- {
- BMCWEB_LOG_WARNING
- << this << " Error while reading: " << ec.message();
- }
- else
- {
- BMCWEB_LOG_ERROR
- << this << " Error while reading: " << ec.message();
- }
+ BMCWEB_LOG_WARNING
+ << this << " Error while reading: " << ec.message();
}
else
{
- // if the adaptor isn't open anymore, and wasn't handed to a
- // websocket, treat as an error
- if (!isAlive() &&
- !boost::beast::websocket::is_upgrade(parser->get()))
- {
- errorWhileReading = true;
- }
+ BMCWEB_LOG_ERROR
+ << this << " Error while reading: " << ec.message();
}
-
- cancelDeadlineTimer();
-
- if (errorWhileReading)
+ }
+ else
+ {
+ // if the adaptor isn't open anymore, and wasn't handed to a
+ // websocket, treat as an error
+ if (!isAlive() &&
+ !boost::beast::websocket::is_upgrade(parser->get()))
{
+ errorWhileReading = true;
+ }
+ }
+
+ cancelDeadlineTimer();
+
+ if (errorWhileReading)
+ {
+ close();
+ BMCWEB_LOG_DEBUG << this << " from read(1)";
+ return;
+ }
+
+ readClientIp();
+
+ boost::asio::ip::address ip;
+ if (getClientIp(ip))
+ {
+ BMCWEB_LOG_DEBUG << "Unable to get client IP";
+ }
+ sessionIsFromTransport = false;
+#ifndef BMCWEB_INSECURE_DISABLE_AUTHX
+ boost::beast::http::verb method = parser->get().method();
+ userSession = crow::authentication::authenticate(
+ ip, res, method, parser->get().base(), userSession);
+
+ bool loggedIn = userSession != nullptr;
+ if (!loggedIn)
+ {
+ const boost::optional<uint64_t> contentLength =
+ parser->content_length();
+ if (contentLength && *contentLength > loggedOutPostBodyLimit)
+ {
+ BMCWEB_LOG_DEBUG << "Content length greater than limit "
+ << *contentLength;
close();
- BMCWEB_LOG_DEBUG << this << " from read(1)";
return;
}
- readClientIp();
-
- boost::asio::ip::address ip;
- if (getClientIp(ip))
- {
- BMCWEB_LOG_DEBUG << "Unable to get client IP";
- }
- sessionIsFromTransport = false;
-#ifndef BMCWEB_INSECURE_DISABLE_AUTHX
- boost::beast::http::verb method = parser->get().method();
- userSession = crow::authentication::authenticate(
- ip, res, method, parser->get().base(), userSession);
-
- bool loggedIn = userSession != nullptr;
- if (!loggedIn)
- {
- const boost::optional<uint64_t> contentLength =
- parser->content_length();
- if (contentLength &&
- *contentLength > loggedOutPostBodyLimit)
- {
- BMCWEB_LOG_DEBUG << "Content length greater than limit "
- << *contentLength;
- close();
- return;
- }
-
- BMCWEB_LOG_DEBUG << "Starting quick deadline";
- }
+ BMCWEB_LOG_DEBUG << "Starting quick deadline";
+ }
#endif // BMCWEB_INSECURE_DISABLE_AUTHX
- doRead();
+ doRead();
});
}
@@ -610,24 +608,23 @@
{
BMCWEB_LOG_DEBUG << this << " doRead";
startDeadline();
- boost::beast::http::async_read(
- adaptor, buffer, *parser,
- [this,
- self(shared_from_this())](const boost::system::error_code& ec,
- std::size_t bytesTransferred) {
- BMCWEB_LOG_DEBUG << this << " async_read " << bytesTransferred
- << " Bytes";
- cancelDeadlineTimer();
- if (ec)
- {
- BMCWEB_LOG_ERROR
- << this << " Error while reading: " << ec.message();
- close();
- BMCWEB_LOG_DEBUG << this << " from read(1)";
- return;
- }
- handle();
- });
+ boost::beast::http::async_read(adaptor, buffer, *parser,
+ [this, self(shared_from_this())](
+ const boost::system::error_code& ec,
+ std::size_t bytesTransferred) {
+ BMCWEB_LOG_DEBUG << this << " async_read " << bytesTransferred
+ << " Bytes";
+ cancelDeadlineTimer();
+ if (ec)
+ {
+ BMCWEB_LOG_ERROR << this
+ << " Error while reading: " << ec.message();
+ close();
+ BMCWEB_LOG_DEBUG << this << " from read(1)";
+ return;
+ }
+ handle();
+ });
}
void doWrite(crow::Response& thisRes)
@@ -636,47 +633,46 @@
thisRes.preparePayload();
serializer.emplace(*thisRes.stringResponse);
startDeadline();
- boost::beast::http::async_write(
- adaptor, *serializer,
- [this,
- self(shared_from_this())](const boost::system::error_code& ec,
- std::size_t bytesTransferred) {
- BMCWEB_LOG_DEBUG << this << " async_write " << bytesTransferred
- << " bytes";
+ boost::beast::http::async_write(adaptor, *serializer,
+ [this, self(shared_from_this())](
+ const boost::system::error_code& ec,
+ std::size_t bytesTransferred) {
+ BMCWEB_LOG_DEBUG << this << " async_write " << bytesTransferred
+ << " bytes";
- cancelDeadlineTimer();
+ cancelDeadlineTimer();
- if (ec)
- {
- BMCWEB_LOG_DEBUG << this << " from write(2)";
- return;
- }
- if (!res.keepAlive())
- {
- close();
- BMCWEB_LOG_DEBUG << this << " from write(1)";
- return;
- }
+ if (ec)
+ {
+ BMCWEB_LOG_DEBUG << this << " from write(2)";
+ return;
+ }
+ if (!res.keepAlive())
+ {
+ close();
+ BMCWEB_LOG_DEBUG << this << " from write(1)";
+ return;
+ }
- serializer.reset();
- BMCWEB_LOG_DEBUG << this << " Clearing response";
- res.clear();
- parser.emplace(std::piecewise_construct, std::make_tuple());
- parser->body_limit(httpReqBodyLimit); // reset body limit for
- // newly created parser
- buffer.consume(buffer.size());
+ serializer.reset();
+ BMCWEB_LOG_DEBUG << this << " Clearing response";
+ res.clear();
+ parser.emplace(std::piecewise_construct, std::make_tuple());
+ parser->body_limit(httpReqBodyLimit); // reset body limit for
+ // newly created parser
+ buffer.consume(buffer.size());
- // If the session was built from the transport, we don't need to
- // clear it. All other sessions are generated per request.
- if (!sessionIsFromTransport)
- {
- userSession = nullptr;
- }
+ // If the session was built from the transport, we don't need to
+ // clear it. All other sessions are generated per request.
+ if (!sessionIsFromTransport)
+ {
+ userSession = nullptr;
+ }
- // Destroy the Request via the std::optional
- req.reset();
- doReadHeaders();
- });
+ // Destroy the Request via the std::optional
+ req.reset();
+ doReadHeaders();
+ });
}
void cancelDeadlineTimer()
diff --git a/http/http_server.hpp b/http/http_server.hpp
index 0b2cae1..d1a8ed3 100644
--- a/http/http_server.hpp
+++ b/http/http_server.hpp
@@ -127,8 +127,8 @@
void startAsyncWaitForSignal()
{
- signals.async_wait([this](const boost::system::error_code& ec,
- int signalNo) {
+ signals.async_wait(
+ [this](const boost::system::error_code& ec, int signalNo) {
if (ec)
{
BMCWEB_LOG_INFO << "Error in signal handler" << ec.message();
@@ -183,12 +183,12 @@
acceptor->async_accept(
boost::beast::get_lowest_layer(connection->socket()),
[this, connection](boost::system::error_code ec) {
- if (!ec)
- {
- boost::asio::post(*this->ioService,
- [connection] { connection->start(); });
- }
- doAccept();
+ if (!ec)
+ {
+ boost::asio::post(*this->ioService,
+ [connection] { connection->start(); });
+ }
+ doAccept();
});
}
diff --git a/http/routing.hpp b/http/routing.hpp
index 7bac283..db25433 100644
--- a/http/routing.hpp
+++ b/http/routing.hpp
@@ -804,12 +804,12 @@
auto updateFound =
[&found, &matchParams](std::pair<unsigned, RoutingParams>& ret) {
- if (ret.first != 0U && (found == 0U || found > ret.first))
- {
- found = ret.first;
- matchParams = std::move(ret.second);
- }
- };
+ if (ret.first != 0U && (found == 0U || found > ret.first))
+ {
+ found = ret.first;
+ matchParams = std::move(ret.second);
+ }
+ };
if (node->paramChildrens[static_cast<size_t>(ParamType::INT)] != 0U)
{
@@ -1305,106 +1305,102 @@
[&req, asyncResp, &rules, ruleIndex,
found](const boost::system::error_code ec,
const dbus::utility::DBusPropertiesMap& userInfoMap) {
- if (ec)
- {
- BMCWEB_LOG_ERROR << "GetUserInfo failed...";
- asyncResp->res.result(
- boost::beast::http::status::internal_server_error);
- return;
- }
- std::string userRole{};
- const bool* remoteUser = nullptr;
- std::optional<bool> passwordExpired;
+ if (ec)
+ {
+ BMCWEB_LOG_ERROR << "GetUserInfo failed...";
+ asyncResp->res.result(
+ boost::beast::http::status::internal_server_error);
+ return;
+ }
+ std::string userRole{};
+ const bool* remoteUser = nullptr;
+ std::optional<bool> passwordExpired;
- for (const auto& userInfo : userInfoMap)
+ for (const auto& userInfo : userInfoMap)
+ {
+ if (userInfo.first == "UserPrivilege")
{
- if (userInfo.first == "UserPrivilege")
+ const std::string* userRolePtr =
+ std::get_if<std::string>(&userInfo.second);
+ if (userRolePtr == nullptr)
{
- const std::string* userRolePtr =
- std::get_if<std::string>(&userInfo.second);
- if (userRolePtr == nullptr)
- {
- continue;
- }
- userRole = *userRolePtr;
- BMCWEB_LOG_DEBUG
- << "userName = " << req.session->username
- << " userRole = " << *userRolePtr;
+ continue;
}
- else if (userInfo.first == "RemoteUser")
- {
- remoteUser = std::get_if<bool>(&userInfo.second);
- }
- else if (userInfo.first == "UserPasswordExpired")
- {
- const bool* passwordExpiredPtr =
- std::get_if<bool>(&userInfo.second);
- if (passwordExpiredPtr == nullptr)
- {
- continue;
- }
- passwordExpired = *passwordExpiredPtr;
- }
+ userRole = *userRolePtr;
+ BMCWEB_LOG_DEBUG << "userName = " << req.session->username
+ << " userRole = " << *userRolePtr;
}
+ else if (userInfo.first == "RemoteUser")
+ {
+ remoteUser = std::get_if<bool>(&userInfo.second);
+ }
+ else if (userInfo.first == "UserPasswordExpired")
+ {
+ const bool* passwordExpiredPtr =
+ std::get_if<bool>(&userInfo.second);
+ if (passwordExpiredPtr == nullptr)
+ {
+ continue;
+ }
+ passwordExpired = *passwordExpiredPtr;
+ }
+ }
- if (remoteUser == nullptr)
+ if (remoteUser == nullptr)
+ {
+ BMCWEB_LOG_ERROR << "RemoteUser property missing or wrong type";
+ asyncResp->res.result(
+ boost::beast::http::status::internal_server_error);
+ return;
+ }
+
+ if (passwordExpired == std::nullopt)
+ {
+ if (!*remoteUser)
{
BMCWEB_LOG_ERROR
- << "RemoteUser property missing or wrong type";
+ << "UserPasswordExpired property is expected for"
+ " local user but is missing or wrong type";
asyncResp->res.result(
boost::beast::http::status::internal_server_error);
return;
}
+ passwordExpired = false;
+ }
- if (passwordExpired == std::nullopt)
- {
- if (!*remoteUser)
- {
- BMCWEB_LOG_ERROR
- << "UserPasswordExpired property is expected for"
- " local user but is missing or wrong type";
- asyncResp->res.result(
- boost::beast::http::status::internal_server_error);
- return;
- }
- passwordExpired = false;
- }
+ // Get the userprivileges from the role
+ redfish::Privileges userPrivileges =
+ redfish::getUserPrivileges(userRole);
- // Get the userprivileges from the role
- redfish::Privileges userPrivileges =
- redfish::getUserPrivileges(userRole);
+ // Set isConfigureSelfOnly based on D-Bus results. This
+ // ignores the results from both pamAuthenticateUser and the
+ // value from any previous use of this session.
+ req.session->isConfigureSelfOnly = *passwordExpired;
- // Set isConfigureSelfOnly based on D-Bus results. This
- // ignores the results from both pamAuthenticateUser and the
- // value from any previous use of this session.
- req.session->isConfigureSelfOnly = *passwordExpired;
+ // Modifyprivileges if isConfigureSelfOnly.
+ if (req.session->isConfigureSelfOnly)
+ {
+ // Remove allprivileges except ConfigureSelf
+ userPrivileges = userPrivileges.intersection(
+ redfish::Privileges{"ConfigureSelf"});
+ BMCWEB_LOG_DEBUG << "Operation limited to ConfigureSelf";
+ }
- // Modifyprivileges if isConfigureSelfOnly.
+ if (!rules[ruleIndex]->checkPrivileges(userPrivileges))
+ {
+ asyncResp->res.result(boost::beast::http::status::forbidden);
if (req.session->isConfigureSelfOnly)
{
- // Remove allprivileges except ConfigureSelf
- userPrivileges = userPrivileges.intersection(
- redfish::Privileges{"ConfigureSelf"});
- BMCWEB_LOG_DEBUG << "Operation limited to ConfigureSelf";
+ redfish::messages::passwordChangeRequired(
+ asyncResp->res, crow::utility::urlFromPieces(
+ "redfish", "v1", "AccountService",
+ "Accounts", req.session->username));
}
+ return;
+ }
- if (!rules[ruleIndex]->checkPrivileges(userPrivileges))
- {
- asyncResp->res.result(
- boost::beast::http::status::forbidden);
- if (req.session->isConfigureSelfOnly)
- {
- redfish::messages::passwordChangeRequired(
- asyncResp->res,
- crow::utility::urlFromPieces(
- "redfish", "v1", "AccountService", "Accounts",
- req.session->username));
- }
- return;
- }
-
- req.userRole = userRole;
- rules[ruleIndex]->handle(req, asyncResp, found.second);
+ req.userRole = userRole;
+ rules[ruleIndex]->handle(req, asyncResp, found.second);
},
"xyz.openbmc_project.User.Manager", "/xyz/openbmc_project/user",
"xyz.openbmc_project.User.Manager", "GetUserInfo",
diff --git a/http/websocket.hpp b/http/websocket.hpp
index b2c24c4..9a735fd 100644
--- a/http/websocket.hpp
+++ b/http/websocket.hpp
@@ -108,34 +108,34 @@
boost::beast::websocket::response_type& m) {
#ifndef BMCWEB_INSECURE_DISABLE_CSRF_PREVENTION
- if (session != nullptr)
+ if (session != nullptr)
+ {
+ // use protocol for csrf checking
+ if (session->cookieAuth &&
+ !crow::utility::constantTimeStringCompare(
+ protocol, session->csrfToken))
{
- // use protocol for csrf checking
- if (session->cookieAuth &&
- !crow::utility::constantTimeStringCompare(
- protocol, session->csrfToken))
- {
- BMCWEB_LOG_ERROR << "Websocket CSRF error";
- m.result(boost::beast::http::status::unauthorized);
- return;
- }
+ BMCWEB_LOG_ERROR << "Websocket CSRF error";
+ m.result(boost::beast::http::status::unauthorized);
+ return;
}
+ }
#endif
- if (!protocol.empty())
- {
- m.insert(bf::sec_websocket_protocol, protocol);
- }
+ if (!protocol.empty())
+ {
+ m.insert(bf::sec_websocket_protocol, protocol);
+ }
- m.insert(bf::strict_transport_security, "max-age=31536000; "
- "includeSubdomains; "
- "preload");
- m.insert(bf::pragma, "no-cache");
- m.insert(bf::cache_control, "no-Store,no-Cache");
- m.insert("Content-Security-Policy", "default-src 'self'");
- m.insert("X-XSS-Protection", "1; "
- "mode=block");
- m.insert("X-Content-Type-Options", "nosniff");
- }));
+ m.insert(bf::strict_transport_security, "max-age=31536000; "
+ "includeSubdomains; "
+ "preload");
+ m.insert(bf::pragma, "no-cache");
+ m.insert(bf::cache_control, "no-Store,no-Cache");
+ m.insert("Content-Security-Policy", "default-src 'self'");
+ m.insert("X-XSS-Protection", "1; "
+ "mode=block");
+ m.insert("X-Content-Type-Options", "nosniff");
+ }));
// Perform the websocket upgrade
ws.async_accept(req, [this, self(shared_from_this())](
@@ -182,15 +182,15 @@
ws.async_close(
{boost::beast::websocket::close_code::normal, msg},
[self(shared_from_this())](boost::system::error_code ec) {
- if (ec == boost::asio::error::operation_aborted)
- {
- return;
- }
- if (ec)
- {
- BMCWEB_LOG_ERROR << "Error closing websocket " << ec;
- return;
- }
+ if (ec == boost::asio::error::operation_aborted)
+ {
+ return;
+ }
+ if (ec)
+ {
+ BMCWEB_LOG_ERROR << "Error closing websocket " << ec;
+ return;
+ }
});
}
@@ -211,27 +211,27 @@
ws.async_read(inBuffer,
[this, self(shared_from_this())](
boost::beast::error_code ec, std::size_t bytesRead) {
- if (ec)
- {
- if (ec != boost::beast::websocket::error::closed)
- {
- BMCWEB_LOG_ERROR << "doRead error " << ec;
- }
- if (closeHandler)
- {
- std::string_view reason = ws.reason().reason;
- closeHandler(*this, std::string(reason));
- }
- return;
- }
- if (messageHandler)
- {
- messageHandler(*this, inString, ws.got_text());
- }
- inBuffer.consume(bytesRead);
- inString.clear();
- doRead();
- });
+ if (ec)
+ {
+ if (ec != boost::beast::websocket::error::closed)
+ {
+ BMCWEB_LOG_ERROR << "doRead error " << ec;
+ }
+ if (closeHandler)
+ {
+ std::string_view reason = ws.reason().reason;
+ closeHandler(*this, std::string(reason));
+ }
+ return;
+ }
+ if (messageHandler)
+ {
+ messageHandler(*this, inString, ws.got_text());
+ }
+ inBuffer.consume(bytesRead);
+ inString.clear();
+ doRead();
+ });
}
void doWrite()
@@ -252,23 +252,22 @@
ws.async_write(boost::asio::buffer(outBuffer.front()),
[this, self(shared_from_this())](
boost::beast::error_code ec, std::size_t) {
- doingWrite = false;
- outBuffer.erase(outBuffer.begin());
- if (ec == boost::beast::websocket::error::closed)
- {
- // Do nothing here. doRead handler will call the
- // closeHandler.
- close("Write error");
- return;
- }
- if (ec)
- {
- BMCWEB_LOG_ERROR << "Error in ws.async_write "
- << ec;
- return;
- }
- doWrite();
- });
+ doingWrite = false;
+ outBuffer.erase(outBuffer.begin());
+ if (ec == boost::beast::websocket::error::closed)
+ {
+ // Do nothing here. doRead handler will call the
+ // closeHandler.
+ close("Write error");
+ return;
+ }
+ if (ec)
+ {
+ BMCWEB_LOG_ERROR << "Error in ws.async_write " << ec;
+ return;
+ }
+ doWrite();
+ });
}
private: