tree f7611a86d1e0b86706be51c42ae0d0f7690577c0
parent 12c7f4388b58a974265827ab62d3981ba98ed8f2
author jayaprakash Mutyala <mutyalax.jayaprakash@intel.com> 1585436166 +0000
committer jayaprakash Mutyala <mutyalax.jayaprakash@intel.com> 1585484248 +0000

Sensor override allow only by Admin priv user

Issue: As per https://redfish.dmtf.org/registries/
       Redfish_1.0.4_PrivilegeRegistry.json patch method for
       Thermal & Power must be allowed for ConfigureManager only

Fix: So restrict only Admin privilege user can override sensor values
     from Redfish.

Tested:
1. Redfish validator - passed for this new change
2. Patch sensor values from Redfish for Thermal using Admin privilege
user
Redfish URI:
PATCH https://<BMC-IP>/redfish/v1/Chassis/WC_Baseboard/Thermal
Body:
{
    "Temperatures": [
    {
        "MemberId": "SSB_Temp",
        "ReadingCelsius":112
    }
]
}

Response:
{
  "@odata.id": "/redfish/v1/Chassis/WC_Baseboard/Thermal",
  "@odata.type": "#Thermal.v1_4_0.Thermal",
  "Fans": [],
  "Id": "Thermal",
  "Name": "Thermal",
  "Temperatures": []
}

3. Sensor value Overridden successfully when Authorized by admin privilege user
4. Verified by operator privilege user. Not successful.
Response : Forbidden.
5. Verified for Power sensor values and allowed only by admin privilege user.
6. Verified for manufacturing mode, Validation unsecure mode and
non-manufacturing mode.

Signed-off-by: jayaprakash Mutyala <mutyalax.jayaprakash@intel.com>
Change-Id: I9a089a9341d12beac9625f1877e1ab047f5d6f46