commit | 067852448328543628c1b6b8c355252b59c99ce6 | [log] [tgz] |
---|---|---|
author | Ratan Gupta <ratagupt@linux.vnet.ibm.com> | Fri Jul 26 22:30:16 2019 +0530 |
committer | Ed Tanous <ed.tanous@intel.com> | Tue Sep 24 17:24:37 2019 +0000 |
tree | 4db01a438bc531620fd7b8c454f647f40bb42908 | |
parent | 95a3ecada41219555c5efe4080d6589dc2aaa411 [diff] |
Redfish: Add PATCH operation support for RemoteRoleMapping Added PATCH operation support for RemoteRoleMapping property under LDAP/ActiveDirectory property in AccountService schema. 1. How to add the Role Mapping? PATCH {"ActiveDirectory":{"RemoteRoleMapping": [{"RemoteGroup": "Admingroup15","LocalRole": "User"},{"RemoteGroup": "Admingroup13", "LocalRole": "Administrator"},{"RemoteGroup": "Admingroup14", "LocalRole": "Operator"}]}} With the above PATCH request, all the above role mapping gets added. 2. How to delete a specific role mapping? After adding the above roles mapping, if user want to delete the second mapping which is ({"RemoteGroup": "Admingroup13", "LocalRole": "Administrator"}) Following PATCH request would be used. PATCH {"ActiveDirectory":{"RemoteRoleMapping": [{},null,{}]}} 3. How to update specific role mapping ? Let's take a case where user want to update the second role mapping PATCH {"ActiveDirectory":{"RemoteRoleMapping": [{},{"RemoteGroup":"Admingroup25","LocalRole": "User"},{}]}} or PATCH {"ActiveDirectory":{"RemoteRoleMapping": [{},{"RemoteGroup":"Admingroup25"},{}]}} and \ PATCH {"ActiveDirectory":{"RemoteRoleMapping": [{},{"LocalRole": "User"},{}]}} Tested: 1. Did a PATCH operation with below given Data: ' {"ActiveDirectory":{"RemoteRoleMapping": [{"RemoteGroup": "Admingroup215","LocalRole": "User"}, \ {"RemoteGroup": "Admingroup213","LocalRole":"Administrator"},{"RemoteGroup":"Admingroup214","LocalRole":"Operator"}]}}' 2. With GET got below given data: "RemoteRoleMapping": [ { "LocalRole": "Operator", "RemoteGroup": "Admingroup214" }, { "LocalRole": "Administrator", "RemoteGroup": "Admingroup213" }, { "LocalRole": "User", "RemoteGroup": "Admingroup215" } ], 3. Did a PATCH operation with below given Data: '{"ActiveDirectory":{"RemoteRoleMapping": [{},null,{}]}}' 4. With GET got below given data: "RemoteRoleMapping": [ { "LocalRole": "Operator", "RemoteGroup": "Admingroup214" }, { "LocalRole": "User", "RemoteGroup": "Admingroup215" } ], 5. Did a PATCH operation with below given Data: '{"ActiveDirectory":{"RemoteRoleMapping": [null,null]}}' 6. With GET got below given data: "RemoteRoleMapping": [] 7. Did a PATCH operation with below given Data: '{"ActiveDirectory":{"RemoteRoleMapping": [{"RemoteGroup": "Admingroup215","LocalRole": "User"}, \ {"RemoteGroup": "Admingroup213","LocalRole":"Administrator"},{"RemoteGroup":"Admingroup214","LocalRole":"Operator"}]}}' 8. With GET got below given data: "RemoteRoleMapping": [ { "LocalRole": "Administrator", "RemoteGroup": "Admingroup213" }, { "LocalRole": "Operator", "RemoteGroup": "Admingroup214" }, { "LocalRole": "User", "RemoteGroup": "Admingroup215" } ], 9. Did a PATCH operation with below given Data: '{"ActiveDirectory":{"RemoteRoleMapping": [{"RemoteGroup": "Admingroup25"},{},{}]}}' 10.With GET got below given data: "RemoteRoleMapping": [ { "LocalRole": "Administrator", "RemoteGroup": "Admingroup25" }, { "LocalRole": "Operator", "RemoteGroup": "Admingroup214" }, { "LocalRole": "User", "RemoteGroup": "Admingroup215" } ], 11. Did a PATCH operation with below given Data: '{"ActiveDirectory":{"RemoteRoleMapping": [{"LocalRole": "User"},{},{}]}}' 12.With GET got below given data: "RemoteRoleMapping": [ { "LocalRole": "User", "RemoteGroup": "Admingroup25" }, { "LocalRole": "Operator", "RemoteGroup": "Admingroup214" }, { "LocalRole": "User", "RemoteGroup": "Admingroup215" } ], 13. Did a PATCH operation with below given Data: '{"ActiveDirectory":{"RemoteRoleMapping": [{},{"RemoteGroup": "Admingroup26","LocalRole": "User"},{}]}}' 14.With GET got below given data: "RemoteRoleMapping": [ { "LocalRole": "User", "RemoteGroup": "Admingroup25" }, { "LocalRole": "User", "RemoteGroup": "Admingroup26" }, { "LocalRole": "User", "RemoteGroup": "Admingroup215" } ], 15. Try to delete the role map when there was no role map entry and get the following error. "RemoteRoleMapping/1@Message.ExtendedInfo": [ { "@odata.type": "/redfish/v1/$metadata#Message.v1_0_0.Message", "Message": "The value null for the property RemoteRoleMapping/0 is of a different type than the property can accept.", "MessageArgs": [ "null", "RemoteRoleMapping/0" ], "MessageId": "Base.1.4.0.PropertyValueTypeError", "Resolution": "Correct the value for the property in the request body and resubmit the request if the operation failed.", "Severity": "Warning" } Signed-off-by: Ratan Gupta <ratagupt@linux.vnet.ibm.com> Change-Id: Iaa37221bd6fdc87dbf51755d9425ecd5b07eee6c
This component attempts to be a "do everything" embedded webserver for openbmc.
At this time, the webserver implements a few interfaces:
BMCWeb is configured by setting -D
flags that correspond to options in bmcweb/CMakeLists.txt
and then compiling. For example, cmake -DBMCWEB_ENABLE_KVM=NO ...
followed by make
. The option names become C++ preprocessor symbols that control which code is compiled into the program.
When BMCWeb starts running, it reads persistent configuration data (such as UUID and session data) from a local file. If this is not usable, it generates a new configuration.
When BMCWeb SSL support is enabled and a usable certificate is not found, it will generate a self-sign a certificate before launching the server. The keys are generated by the prime256v1
algorithm. The certificate
C=US, O=OpenBMC, CN=testhost
,SHA-256
algorithm.The crow project has had a number of additions to make it more useful for use in the OpenBmc Project. A non-exhaustive list is below. At the time of this writing, the crow project is not accepting patches, so for the time being crow will simply be checked in as is.