| commit | 27c10d2ee746b85e9463efb0fc6773c209b2f5ba | [log] [tgz] | 
|---|---|---|
| author | jayaprakash Mutyala <mutyalax.jayaprakash@intel.com> | Mon Jul 29 11:59:08 2019 +0000 | 
| committer | mutyalax.jayaprakash <mutyalax.jayaprakash@intel.com> | Fri Nov 08 17:27:27 2019 +0000 | 
| tree | 44ff6be504b8dd4c02a8f0b5586b0faa2b84a01c | |
| parent | 55e43f69db10c3320430c190853bff8a5a272965 [diff] | 
account_service: Added NoAccess role to Redfish Issue: With IPMI command- If New user created, by defualt created with "NO ACCESS" Channel priv Limit. But same role is not populating from Redfish. This test can be done only with below patch being merged. https://gerrit.openbmc-project.xyz/#/c/openbmc/phosphor-user-manager/ +/24784/ Tested: Added "NoAccess" Role to Redfish(if Channel privilege Limit is empty in userlist). Below is Snapshot from Redfish: Get: https://<BMC IP>/redfish/v1/AccountService/Roles/NoAccess { "@odata.context": "/redfish/v1/$metadata#Role.Role", "@odata.id": "/redfish/v1/AccountService/Roles/NoAccess", "@odata.type": "#Role.v1_2_2.Role", "AssignedPrivileges": null, "Description": "NoAccess User Role", "Id": "NoAccess", "IsPredefined": true, "Name": "User Role", "OemPrivileges": [], "RoleId": "NoAccess" } Get: https://<BMC IP>/redfish/v1/AccountService/Accounts/user6 { "@odata.context": "/redfish/v1/$metadata#ManagerAccount. ManagerAccount", "@odata.id": "/redfish/v1/AccountService/Accounts/user6", "@odata.type": "#ManagerAccount.v1_0_3.ManagerAccount", "Description": "User Account", "Enabled": false, "Id": "user6", "Links": { "Role": { "@odata.id": "/redfish/v1/AccountService/Roles/NoAccess" } }, "Locked": false, "Locked@Redfish.AllowableValues": [ "false" ], "Name": "User Account", "Password": null, "RoleId": "NoAccess", "UserName": "user6" } Redfish validator test results: Counter({'skipOptional': 31791, 'pass': 22397, 'passGet': 2293, 'metadataNamespaces': 1047, 'warningPresent': 70, 'serviceNamespaces': 68, 'invalidPropertyValue': 67, 'err.LogEntry.v1_0_0.EventSeverity': 64, 'failProp': 64, 'repeat': 14, 'reflink': 9, 'passAction': 7, 'optionalAction': 6, 'failErrorPresent': 1, 'unverifiedComplexAdditional': 1, 'warnTrailingSlashLink': 1}) Validation has failed: 65 problems found Signed-off-by: jayaprakash Mutyala <mutyalax.jayaprakash@intel.com> Change-Id: Ibc74e2fe4519ec6160dd516893d5e542feeabb0d
This component attempts to be a "do everything" embedded webserver for openbmc.
At this time, the webserver implements a few interfaces:
BMCWeb is configured by setting -D flags that correspond to options in bmcweb/CMakeLists.txt and then compiling.  For example, cmake -DBMCWEB_ENABLE_KVM=NO ... followed by make.  The option names become C++ preprocessor symbols that control which code is compiled into the program.
When BMCWeb starts running, it reads persistent configuration data (such as UUID and session data) from a local file. If this is not usable, it generates a new configuration.
When BMCWeb SSL support is enabled and a usable certificate is not found, it will generate a self-sign a certificate before launching the server.  The keys are generated by the prime256v1 algorithm.  The certificate
C=US, O=OpenBMC, CN=testhost,SHA-256 algorithm.