Correct privilege levels for LogService

Correct the privilege levels for LogService as per
privilege registry under redfish specification.
https://redfish.dmtf.org/registries/Redfish_1.0.4_PrivilegeRegistry.json

1) ClearLog actions(EventLog, CrashDump, PostCode,
   JournalLog etc..) are subordinates of LogService
   should be executed with "ConfigureComponents"
   privilege level.

2) For security reasons, Restricted CrashDump
   (LogService and LogEntry) to "ConfigureComponents".

Tested:
 - Created Operator, User and Administrator users
   and validated all methods under LogService, LogEntry
   LogServiceCollections and LogEntryCollections, its
   subordinates.

Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com>
Change-Id: I4ce1ee90b3b999a80daa9aa20e5e7d79b64a9b85
diff --git a/redfish-core/lib/log_services.hpp b/redfish-core/lib/log_services.hpp
index d53c829..73a7bb6 100644
--- a/redfish-core/lib/log_services.hpp
+++ b/redfish-core/lib/log_services.hpp
@@ -1530,9 +1530,11 @@
     CrashdumpService(CrowApp &app) :
         Node(app, "/redfish/v1/Systems/system/LogServices/Crashdump/")
     {
+        // Note: Deviated from redfish privilege registry for GET & HEAD
+        // method for security reasons.
         entityPrivileges = {
-            {boost::beast::http::verb::get, {{"Login"}}},
-            {boost::beast::http::verb::head, {{"Login"}}},
+            {boost::beast::http::verb::get, {{"ConfigureComponents"}}},
+            {boost::beast::http::verb::head, {{"ConfigureComponents"}}},
             {boost::beast::http::verb::patch, {{"ConfigureManager"}}},
             {boost::beast::http::verb::put, {{"ConfigureManager"}}},
             {boost::beast::http::verb::delete_, {{"ConfigureManager"}}},
@@ -1585,9 +1587,11 @@
         Node(app, "/redfish/v1/Systems/system/LogServices/Crashdump/Actions/"
                   "LogService.ClearLog/")
     {
+        // Note: Deviated from redfish privilege registry for GET & HEAD
+        // method for security reasons.
         entityPrivileges = {
-            {boost::beast::http::verb::get, {{"Login"}}},
-            {boost::beast::http::verb::head, {{"Login"}}},
+            {boost::beast::http::verb::get, {{"ConfigureComponents"}}},
+            {boost::beast::http::verb::head, {{"ConfigureComponents"}}},
             {boost::beast::http::verb::patch, {{"ConfigureComponents"}}},
             {boost::beast::http::verb::put, {{"ConfigureComponents"}}},
             {boost::beast::http::verb::delete_, {{"ConfigureComponents"}}},
@@ -1676,9 +1680,11 @@
     CrashdumpEntryCollection(CrowApp &app) :
         Node(app, "/redfish/v1/Systems/system/LogServices/Crashdump/Entries/")
     {
+        // Note: Deviated from redfish privilege registry for GET & HEAD
+        // method for security reasons.
         entityPrivileges = {
-            {boost::beast::http::verb::get, {{"Login"}}},
-            {boost::beast::http::verb::head, {{"Login"}}},
+            {boost::beast::http::verb::get, {{"ConfigureComponents"}}},
+            {boost::beast::http::verb::head, {{"ConfigureComponents"}}},
             {boost::beast::http::verb::patch, {{"ConfigureManager"}}},
             {boost::beast::http::verb::put, {{"ConfigureManager"}}},
             {boost::beast::http::verb::delete_, {{"ConfigureManager"}}},
@@ -1761,9 +1767,11 @@
              "/redfish/v1/Systems/system/LogServices/Crashdump/Entries/<str>/",
              std::string())
     {
+        // Note: Deviated from redfish privilege registry for GET & HEAD
+        // method for security reasons.
         entityPrivileges = {
-            {boost::beast::http::verb::get, {{"Login"}}},
-            {boost::beast::http::verb::head, {{"Login"}}},
+            {boost::beast::http::verb::get, {{"ConfigureComponents"}}},
+            {boost::beast::http::verb::head, {{"ConfigureComponents"}}},
             {boost::beast::http::verb::patch, {{"ConfigureManager"}}},
             {boost::beast::http::verb::put, {{"ConfigureManager"}}},
             {boost::beast::http::verb::delete_, {{"ConfigureManager"}}},
@@ -1794,9 +1802,11 @@
              "<str>/",
              std::string(), std::string())
     {
+        // Note: Deviated from redfish privilege registry for GET & HEAD
+        // method for security reasons.
         entityPrivileges = {
-            {boost::beast::http::verb::get, {{"Login"}}},
-            {boost::beast::http::verb::head, {{"Login"}}},
+            {boost::beast::http::verb::get, {{"ConfigureComponents"}}},
+            {boost::beast::http::verb::head, {{"ConfigureComponents"}}},
             {boost::beast::http::verb::patch, {{"ConfigureManager"}}},
             {boost::beast::http::verb::put, {{"ConfigureManager"}}},
             {boost::beast::http::verb::delete_, {{"ConfigureManager"}}},
@@ -1894,13 +1904,15 @@
              "/redfish/v1/Systems/system/LogServices/Crashdump/Actions/Oem/"
              "Crashdump.OnDemand/")
     {
+        // Note: Deviated from redfish privilege registry for GET & HEAD
+        // method for security reasons.
         entityPrivileges = {
-            {boost::beast::http::verb::get, {{"Login"}}},
-            {boost::beast::http::verb::head, {{"Login"}}},
-            {boost::beast::http::verb::patch, {{"ConfigureManager"}}},
-            {boost::beast::http::verb::put, {{"ConfigureManager"}}},
-            {boost::beast::http::verb::delete_, {{"ConfigureManager"}}},
-            {boost::beast::http::verb::post, {{"ConfigureManager"}}}};
+            {boost::beast::http::verb::get, {{"ConfigureComponents"}}},
+            {boost::beast::http::verb::head, {{"ConfigureComponents"}}},
+            {boost::beast::http::verb::patch, {{"ConfigureComponents"}}},
+            {boost::beast::http::verb::put, {{"ConfigureComponents"}}},
+            {boost::beast::http::verb::delete_, {{"ConfigureComponents"}}},
+            {boost::beast::http::verb::post, {{"ConfigureComponents"}}}};
     }
 
   private:
@@ -1962,6 +1974,8 @@
              "/redfish/v1/Systems/system/LogServices/Crashdump/Actions/Oem/"
              "Crashdump.SendRawPeci/")
     {
+        // Note: Deviated from redfish privilege registry for GET & HEAD
+        // method for security reasons.
         entityPrivileges = {
             {boost::beast::http::verb::get, {{"ConfigureComponents"}}},
             {boost::beast::http::verb::head, {{"ConfigureComponents"}}},
@@ -2152,10 +2166,10 @@
         entityPrivileges = {
             {boost::beast::http::verb::get, {{"Login"}}},
             {boost::beast::http::verb::head, {{"Login"}}},
-            {boost::beast::http::verb::patch, {{"ConfigureManager"}}},
-            {boost::beast::http::verb::put, {{"ConfigureManager"}}},
-            {boost::beast::http::verb::delete_, {{"ConfigureManager"}}},
-            {boost::beast::http::verb::post, {{"ConfigureManager"}}}};
+            {boost::beast::http::verb::patch, {{"ConfigureComponents"}}},
+            {boost::beast::http::verb::put, {{"ConfigureComponents"}}},
+            {boost::beast::http::verb::delete_, {{"ConfigureComponents"}}},
+            {boost::beast::http::verb::post, {{"ConfigureComponents"}}}};
     }
 
   private: