Privilege implementation change
- privilege_registry.json has been removed
- PrivilegeProvider class has been removed
- default privileges for nodes are now hard-coded
- privilege overriding feature is not yet implemented
Change-Id: Ic9fdfa1c692c1abd26e339e2a8c702fc4aebd19f
Signed-off-by: Borawski.Lukasz <lukasz.borawski@intel.com>
diff --git a/CMakeLists.txt b/CMakeLists.txt
index c68c53f..cccc3c0 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -125,7 +125,6 @@
include_directories(${CMAKE_CURRENT_SOURCE_DIR}/redfish-core/include)
set(SRC_FILES
- redfish-core/src/privileges.cpp
${GENERATED_SRC_FILES}
)
@@ -177,8 +176,6 @@
endif(${BMCWEB_BUILD_UT})
install(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/static/ DESTINATION share/www)
-install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/redfish-core/privilege_registry.json
- DESTINATION /etc/redfish.conf.d/)
# bmcweb
add_executable(bmcweb ${WEBSERVER_MAIN} ${HDR_FILES} ${SRC_FILES})
diff --git a/redfish-core/include/node.hpp b/redfish-core/include/node.hpp
index 6a58cb2..a76e5b3 100644
--- a/redfish-core/include/node.hpp
+++ b/redfish-core/include/node.hpp
@@ -28,11 +28,9 @@
class Node {
public:
template <typename CrowApp, typename... Params>
- Node(CrowApp& app, const PrivilegeProvider& privilegeProvider,
- const std::string& entityType, const std::string& entityUrl,
- Params... params)
- : entityPrivileges(privilegeProvider.getPrivilegesRequiredByEntity(
- entityUrl, entityType)) {
+ Node(CrowApp& app, EntityPrivileges&& entityPrivileges,
+ std::string&& entityUrl, Params... params)
+ : entityPrivileges(std::move(entityPrivileges)) {
app.route_dynamic(entityUrl.c_str())
.methods("GET"_method, "PATCH"_method, "POST"_method,
"DELETE"_method)([&](const crow::request& req,
@@ -106,7 +104,7 @@
return;
}
- const EntityPrivileges entityPrivileges;
+ EntityPrivileges entityPrivileges;
};
template <typename CrowApp>
diff --git a/redfish-core/include/privileges.hpp b/redfish-core/include/privileges.hpp
index 2441104..2cc52b5 100644
--- a/redfish-core/include/privileges.hpp
+++ b/redfish-core/include/privileges.hpp
@@ -19,6 +19,7 @@
#include <cstdint>
#include "crow.h"
#include <boost/container/flat_map.hpp>
+#include <boost/container/flat_set.hpp>
#include <boost/optional.hpp>
namespace redfish {
@@ -29,8 +30,21 @@
/** @brief Max number of privileges per type */
constexpr const size_t MAX_PRIVILEGE_COUNT = 32;
+
using privilegeBitset = std::bitset<MAX_PRIVILEGE_COUNT>;
+/** @brief Number of mappings must be <= MAX_PRIVILEGE_COUNT */
+static const boost::container::flat_map<std::string, size_t>
+ basePrivNameToIndexMap = {{"Login", 0},
+ {"ConfigureManager", 1},
+ {"ConfigureComponents", 2},
+ {"ConfigureSelf", 3},
+ {"ConfigureUsers", 4}};
+
+/** @brief Number of mappings must be <= MAX_PRIVILEGE_COUNT */
+static const boost::container::flat_map<std::string, size_t>
+ oemPrivNameToIndexMap = {};
+
/**
* @brief Redfish privileges
*
@@ -43,22 +57,35 @@
* are represented as bitsets. Each bit in the bitset corresponds to a
* unique privilege name.
*
- * Privilege names are read from the privilege_registry.json file and
- * stored in flat maps.
- *
* A bit is set if the privilege is required (entity domain) or granted
* (user domain) and false otherwise.
*
- * Bitset index to privilege name mapping depends on the order in which
- * privileges are defined in PrivilegesUsed and OEMPrivilegesUsed arrays
- * in the privilege_registry.json.
*/
class Privileges {
public:
/**
+ * @brief Constructs object without any privileges active
+ *
+ */
+ Privileges() = default;
+
+ /**
+ * @brief Constructs object with given privileges active
+ *
+ * @param[in] privilegeList List of privileges to be activated
+ *
+ */
+ Privileges(std::initializer_list<std::string> privilegeList) {
+ for (const auto& privilege : privilegeList) {
+ setSinglePrivilege(privilege);
+ }
+ }
+
+ /**
* @brief Retrieves the base privileges bitset
*
* @return Bitset representation of base Redfish privileges
+ *
*/
privilegeBitset getBasePrivilegeBitset() const { return basePrivilegeBitset; }
@@ -66,6 +93,7 @@
* @brief Retrieves the OEM privileges bitset
*
* @return Bitset representation of OEM Redfish privileges
+ *
*/
privilegeBitset getOEMPrivilegeBitset() const { return oemPrivilegeBitset; }
@@ -75,6 +103,7 @@
* @param[in] privilege Privilege to be set
*
* @return None
+ *
*/
void setSinglePrivilege(const std::string& privilege) {
auto index = getBitsetIndexForPrivilege(privilege, PrivilegeType::BASE);
@@ -95,6 +124,7 @@
* @param[in] type Base or OEM
*
* @return Vector of active privileges
+ *
*/
std::vector<std::string> getActivePrivilegeNames(
const PrivilegeType type) const {
@@ -138,27 +168,108 @@
privilegeBitset basePrivilegeBitset;
privilegeBitset oemPrivilegeBitset;
- static boost::container::flat_map<std::string, size_t> basePrivNameToIndexMap;
- static boost::container::flat_map<std::string, size_t> oemPrivNameToIndexMap;
-
friend class PrivilegeProvider;
};
+using OperationMap =
+ boost::container::flat_map<crow::HTTPMethod, std::vector<Privileges>>;
+
+/**
+ * @brief Class used to store overrides privileges for Redfish
+ * entities
+ *
+ */
+class EntityPrivilegesOverride {
+ protected:
+ /**
+ * @brief Constructs overrides object for given targets
+ *
+ * @param[in] operationMap Operation map to be applied for targets
+ * @param[in] targets List of targets whOperation map to be applied for
+ * targets
+ *
+ */
+ EntityPrivilegesOverride(OperationMap&& operationMap,
+ std::initializer_list<std::string>&& targets)
+ : operationMap(std::move(operationMap)), targets(std::move(targets)) {}
+
+ const OperationMap operationMap;
+ const boost::container::flat_set<std::string> targets;
+};
+
+class PropertyOverride : public EntityPrivilegesOverride {
+ public:
+ PropertyOverride(OperationMap&& operationMap,
+ std::initializer_list<std::string>&& targets)
+ : EntityPrivilegesOverride(std::move(operationMap), std::move(targets)) {}
+};
+
+class SubordinateOverride : public EntityPrivilegesOverride {
+ public:
+ SubordinateOverride(OperationMap&& operationMap,
+ std::initializer_list<std::string>&& targets)
+ : EntityPrivilegesOverride(std::move(operationMap), std::move(targets)) {}
+};
+
+class ResourceURIOverride : public EntityPrivilegesOverride {
+ public:
+ ResourceURIOverride(OperationMap&& operationMap,
+ std::initializer_list<std::string>&& targets)
+ : EntityPrivilegesOverride(std::move(operationMap), std::move(targets)) {}
+};
+
/**
* @brief Class used to store privileges for Redfish entities
+ *
*/
class EntityPrivileges {
public:
/**
+ * @brief Constructor for default case with no overrides
+ *
+ * @param[in] operationMap Operation map for the entity
+ *
+ */
+ EntityPrivileges(OperationMap&& operationMap)
+ : operationMap(std::move(operationMap)) {}
+
+ /**
+ * @brief Constructors for overrides
+ *
+ * @param[in] operationMap Default operation map for the entity
+ * @param[in] propertyOverrides Vector of property overrides
+ * @param[in] subordinateOverrides Vector of subordinate overrides
+ * @param[in] resourceURIOverrides Vector of resource URI overrides
+ *
+ */
+ EntityPrivileges(OperationMap&& operationMap,
+ std::vector<PropertyOverride>&& propertyOverrides,
+ std::vector<SubordinateOverride>&& subordinateOverrides,
+ std::vector<ResourceURIOverride>&& resourceURIOverrides)
+ : operationMap(std::move(operationMap)),
+ propertyOverrides(std::move(propertyOverrides)),
+ subordinateOverrides(std::move(subordinateOverrides)),
+ resourceURIOverrides(std::move(resourceURIOverrides)) {}
+
+ /**
* @brief Checks if a user is allowed to call an HTTP method
*
* @param[in] method HTTP method
* @param[in] user Username
*
* @return True if method allowed, false otherwise
+ *
*/
bool isMethodAllowedForUser(const crow::HTTPMethod method,
- const std::string& user) const;
+ const std::string& user) const {
+ // TODO: load user privileges from configuration as soon as its available
+ // now we are granting all privileges to everyone.
+ auto userPrivileges =
+ Privileges{"Login", "ConfigureManager", "ConfigureSelf",
+ "ConfigureUsers", "ConfigureComponents"};
+
+ return isMethodAllowedWithPrivileges(method, userPrivileges);
+ }
/**
* @brief Checks if given privileges allow to call an HTTP method
@@ -167,76 +278,45 @@
* @param[in] user Privileges
*
* @return True if method allowed, false otherwise
+ *
*/
bool isMethodAllowedWithPrivileges(const crow::HTTPMethod method,
- const Privileges& userPrivileges) const;
+ const Privileges& userPrivileges) const {
+ if (operationMap.find(method) == operationMap.end()) {
+ return false;
+ }
- /**
- * @brief Sets required privileges for a method on a given entity
- *
- * @param[in] method HTTP method
- * @param[in] privileges Required privileges
- *
- * @return None
- */
- void addPrivilegesRequiredByMethod(const crow::HTTPMethod method,
- const Privileges& privileges) {
- methodToPrivilegeMap[method].push_back(privileges);
+ for (auto& requiredPrivileges : operationMap.at(method)) {
+ // Check if user has required base privileges
+ if (!verifyPrivileges(userPrivileges.getBasePrivilegeBitset(),
+ requiredPrivileges.getBasePrivilegeBitset())) {
+ continue;
+ }
+
+ // Check if user has required OEM privileges
+ if (!verifyPrivileges(userPrivileges.getOEMPrivilegeBitset(),
+ requiredPrivileges.getOEMPrivilegeBitset())) {
+ continue;
+ }
+
+ return true;
+ }
+ return false;
}
private:
bool verifyPrivileges(const privilegeBitset userPrivilegeBitset,
- const privilegeBitset requiredPrivilegeBitset) const;
-
- boost::container::flat_map<crow::HTTPMethod, std::vector<Privileges>>
- methodToPrivilegeMap;
-};
-
-/**
- * @brief Class used to:
- * - read the privilege_registry.json file
- * - provide EntityPrivileges objects to callers
- *
- * To save runtime memory, object of this class should
- * exist only for the time required to install all Nodes
- */
-class PrivilegeProvider {
- public:
- PrivilegeProvider(const std::string& privilegeRegistryPath) {
- // TODO: read this path from the configuration once its available
- std::ifstream privilegeRegistryFile{privilegeRegistryPath};
-
- if (privilegeRegistryFile.is_open()) {
- if (!loadPrivilegesFromFile(privilegeRegistryFile)) {
- privilegeRegistryJson.clear();
- CROW_LOG_ERROR << "Couldn't parse privilege_registry.json";
- }
- } else {
- CROW_LOG_ERROR << "Couldn't open privilege_registry.json";
- }
+ const privilegeBitset requiredPrivilegeBitset) const {
+ return (userPrivilegeBitset & requiredPrivilegeBitset) ==
+ requiredPrivilegeBitset;
}
- /**
- * @brief Gets required privileges for a certain entity type
- *
- * @param[in] entityUrl Entity url
- * @param[in] entityType Entity type
- *
- * @return EntityPrivilege object
- */
- EntityPrivileges getPrivilegesRequiredByEntity(
- const std::string& entityUrl, const std::string& entityType) const;
+ OperationMap operationMap;
- private:
- bool loadPrivilegesFromFile(std::ifstream& privilegeRegistryFile);
- bool privilegeRegistryHasRequiredFields() const;
- bool parseOperationMap(const nlohmann::json& operationMap,
- EntityPrivileges& entityPrivileges) const;
- bool fillPrivilegeMap(const nlohmann::json& privilegesUsed,
- boost::container::flat_map<std::string, size_t>&
- privilegeToIndexMap) const;
-
- nlohmann::json privilegeRegistryJson;
+ // Overrides are not implemented at the moment.
+ std::vector<PropertyOverride> propertyOverrides;
+ std::vector<SubordinateOverride> subordinateOverrides;
+ std::vector<ResourceURIOverride> resourceURIOverrides;
};
} // namespace redfish
diff --git a/redfish-core/include/redfish.hpp b/redfish-core/include/redfish.hpp
index ad055f3..0e059b8 100644
--- a/redfish-core/include/redfish.hpp
+++ b/redfish-core/include/redfish.hpp
@@ -35,17 +35,11 @@
*/
template <typename CrowApp>
RedfishService(CrowApp& app) {
- auto privilegeProvider =
- PrivilegeProvider("/etc/redfish.conf.d/privilege_registry.json");
-
- nodes.emplace_back(
- std::make_unique<AccountService>(app, privilegeProvider));
- nodes.emplace_back(
- std::make_unique<SessionCollection>(app, privilegeProvider));
- nodes.emplace_back(std::make_unique<Roles>(app, privilegeProvider));
- nodes.emplace_back(
- std::make_unique<RoleCollection>(app, privilegeProvider));
- nodes.emplace_back(std::make_unique<ServiceRoot>(app, privilegeProvider));
+ nodes.emplace_back(std::make_unique<AccountService>(app));
+ nodes.emplace_back(std::make_unique<SessionCollection>(app));
+ nodes.emplace_back(std::make_unique<Roles>(app));
+ nodes.emplace_back(std::make_unique<RoleCollection>(app));
+ nodes.emplace_back(std::make_unique<ServiceRoot>(app));
}
private:
diff --git a/redfish-core/lib/account_service.hpp b/redfish-core/lib/account_service.hpp
index ceb5135..5cbc034 100644
--- a/redfish-core/lib/account_service.hpp
+++ b/redfish-core/lib/account_service.hpp
@@ -19,11 +19,19 @@
namespace redfish {
+static OperationMap accountServiceOpMap = {
+ {crow::HTTPMethod::GET, {{"ConfigureUsers"}, {"ConfigureManager"}}},
+ {crow::HTTPMethod::HEAD, {{"Login"}}},
+ {crow::HTTPMethod::PATCH, {{"ConfigureUsers"}}},
+ {crow::HTTPMethod::PUT, {{"ConfigureUsers"}}},
+ {crow::HTTPMethod::DELETE, {{"ConfigureUsers"}}},
+ {crow::HTTPMethod::POST, {{"ConfigureUsers"}}}};
+
class AccountService : public Node {
public:
- template <typename CrowApp, typename PrivilegeProvider>
- AccountService(CrowApp& app, PrivilegeProvider& provider)
- : Node(app, provider, "#AccountService.v1_1_0.AccountService",
+ template <typename CrowApp>
+ AccountService(CrowApp& app)
+ : Node(app, EntityPrivileges(std::move(accountServiceOpMap)),
"/redfish/v1/AccountService/") {
nodeJson["@odata.id"] = "/redfish/v1/AccountService";
nodeJson["@odata.type"] = "#AccountService.v1_1_0.AccountService";
diff --git a/redfish-core/lib/redfish_sessions.hpp b/redfish-core/lib/redfish_sessions.hpp
index 11cde72..58d5b94 100644
--- a/redfish-core/lib/redfish_sessions.hpp
+++ b/redfish-core/lib/redfish_sessions.hpp
@@ -14,19 +14,35 @@
// limitations under the License.
*/
#pragma once
-#include <tuple>
+
#include "node.hpp"
#include "session_storage_singleton.hpp"
namespace redfish {
+static OperationMap sessionOpMap = {
+ {crow::HTTPMethod::GET, {{"Login"}}},
+ {crow::HTTPMethod::HEAD, {{"Login"}}},
+ {crow::HTTPMethod::PATCH, {{"ConfigureManager"}}},
+ {crow::HTTPMethod::PUT, {{"ConfigureManager"}}},
+ {crow::HTTPMethod::DELETE, {{"ConfigureManager"}}},
+ {crow::HTTPMethod::POST, {{"ConfigureManager"}}}};
+
+static OperationMap sessionCollectionOpMap = {
+ {crow::HTTPMethod::GET, {{"Login"}}},
+ {crow::HTTPMethod::HEAD, {{"Login"}}},
+ {crow::HTTPMethod::PATCH, {{"ConfigureManager"}}},
+ {crow::HTTPMethod::PUT, {{"ConfigureManager"}}},
+ {crow::HTTPMethod::DELETE, {{"ConfigureManager"}}},
+ {crow::HTTPMethod::POST, {{}}}};
+
class SessionCollection;
class Sessions : public Node {
public:
- template <typename CrowApp, typename PrivilegeProvider>
- Sessions(CrowApp& app, PrivilegeProvider& provider)
- : Node(app, provider, "#Session.v1_0_2.Session",
+ template <typename CrowApp>
+ Sessions(CrowApp& app)
+ : Node(app, EntityPrivileges(std::move(sessionOpMap)),
"/redfish/v1/SessionService/Sessions/<str>", std::string()) {
nodeJson["@odata.type"] = "#Session.v1_0_2.Session";
nodeJson["@odata.context"] = "/redfish/v1/$metadata#Session.Session";
@@ -90,11 +106,11 @@
class SessionCollection : public Node {
public:
- template <typename CrowApp, typename PrivilegeProvider>
- SessionCollection(CrowApp& app, PrivilegeProvider& provider)
- : Node(app, provider, "#SessionCollection.SessionCollection",
+ template <typename CrowApp>
+ SessionCollection(CrowApp& app)
+ : Node(app, EntityPrivileges(std::move(sessionCollectionOpMap)),
"/redfish/v1/SessionService/Sessions/"),
- memberSession(app, provider) {
+ memberSession(app) {
nodeJson["@odata.type"] = "#SessionCollection.SessionCollection";
nodeJson["@odata.id"] = "/redfish/v1/SessionService/Sessions/";
nodeJson["@odata.context"] =
@@ -127,7 +143,6 @@
const std::vector<std::string>& params) override {
std::string username;
bool userAuthSuccessful = authenticateUser(req, &res.code, &username);
-
if (!userAuthSuccessful) {
res.end();
return;
diff --git a/redfish-core/lib/roles.hpp b/redfish-core/lib/roles.hpp
index d912e88..6a3c0d7 100644
--- a/redfish-core/lib/roles.hpp
+++ b/redfish-core/lib/roles.hpp
@@ -15,16 +15,31 @@
*/
#pragma once
-#include <vector>
#include "node.hpp"
namespace redfish {
+static OperationMap roleOpMap = {
+ {crow::HTTPMethod::GET, {{"Login"}}},
+ {crow::HTTPMethod::HEAD, {{"Login"}}},
+ {crow::HTTPMethod::PATCH, {{"ConfigureManager"}}},
+ {crow::HTTPMethod::PUT, {{"ConfigureManager"}}},
+ {crow::HTTPMethod::DELETE, {{"ConfigureManager"}}},
+ {crow::HTTPMethod::POST, {{"ConfigureManager"}}}};
+
+static OperationMap roleCollectionOpMap = {
+ {crow::HTTPMethod::GET, {{"Login"}}},
+ {crow::HTTPMethod::HEAD, {{"Login"}}},
+ {crow::HTTPMethod::PATCH, {{"ConfigureManager"}}},
+ {crow::HTTPMethod::PUT, {{"ConfigureManager"}}},
+ {crow::HTTPMethod::DELETE, {{"ConfigureManager"}}},
+ {crow::HTTPMethod::POST, {{"ConfigureManager"}}}};
+
class Roles : public Node {
public:
- template <typename CrowApp, typename PrivilegeProvider>
- Roles(CrowApp& app, PrivilegeProvider& provider)
- : Node(app, provider, "#Role.v1_0_2.Role",
+ template <typename CrowApp>
+ Roles(CrowApp& app)
+ : Node(app, EntityPrivileges(std::move(roleOpMap)),
"/redfish/v1/AccountService/Roles/Administrator/") {
nodeJson["@odata.id"] = "/redfish/v1/AccountService/Roles/Administrator";
nodeJson["@odata.type"] = "#Role.v1_0_2.Role";
@@ -51,9 +66,9 @@
class RoleCollection : public Node {
public:
- template <typename CrowApp, typename PrivilegeProvider>
- RoleCollection(CrowApp& app, PrivilegeProvider& provider)
- : Node(app, provider, "#RoleCollection.RoleCollection",
+ template <typename CrowApp>
+ RoleCollection(CrowApp& app)
+ : Node(app, EntityPrivileges(std::move(roleCollectionOpMap)),
"/redfish/v1/AccountService/Roles/") {
nodeJson["@odata.id"] = "/redfish/v1/AccountService/Roles";
nodeJson["@odata.type"] = "#RoleCollection.RoleCollection";
diff --git a/redfish-core/lib/service_root.hpp b/redfish-core/lib/service_root.hpp
index cdb0000..24ad79d 100644
--- a/redfish-core/lib/service_root.hpp
+++ b/redfish-core/lib/service_root.hpp
@@ -19,11 +19,20 @@
namespace redfish {
+static OperationMap serviceRootOpMap = {
+ {crow::HTTPMethod::GET, {{}}},
+ {crow::HTTPMethod::HEAD, {{}}},
+ {crow::HTTPMethod::PATCH, {{"ConfigureComponents"}}},
+ {crow::HTTPMethod::PUT, {{"ConfigureComponents"}}},
+ {crow::HTTPMethod::DELETE, {{"ConfigureComponents"}}},
+ {crow::HTTPMethod::POST, {{"ConfigureComponents"}}}};
+
class ServiceRoot : public Node {
public:
- template <typename CrowApp, typename PrivilegeProvider>
- ServiceRoot(CrowApp& app, PrivilegeProvider& provider)
- : Node(app, provider, "#ServiceRoot.v1_1_1.ServiceRoot", "/redfish/v1/") {
+ template <typename CrowApp>
+ ServiceRoot(CrowApp& app)
+ : Node(app, EntityPrivileges(std::move(serviceRootOpMap)),
+ "/redfish/v1/") {
nodeJson["@odata.type"] = "#ServiceRoot.v1_1_1.ServiceRoot";
nodeJson["@odata.id"] = "/redfish/v1";
nodeJson["@odata.context"] =
diff --git a/redfish-core/privilege_registry.json b/redfish-core/privilege_registry.json
deleted file mode 100644
index cfd5cdd..0000000
--- a/redfish-core/privilege_registry.json
+++ /dev/null
@@ -1,4117 +0,0 @@
-{
- "@Redfish.Copyright": "Copyright 2015-2017 Distributed Management Task Force, Inc. (DMTF). All rights reserved.",
- "@odata.type": "#PrivilegeRegistry.v1_0_0.PrivilegeRegistry",
- "Id": "Redfish_1.0.2_PrivilegeRegistry",
- "Name": "Privilege Mapping array collection",
- "PrivilegesUsed": [
- "Login",
- "ConfigureManager",
- "ConfigureUsers",
- "ConfigureComponents",
- "ConfigureSelf"
- ],
- "OEMPrivilegesUsed": [
- "OEMRoot"
- ],
- "Mappings": [
- {
- "Entity": "Manager",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "ManagerCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "ComputerSystem",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "ComputerSystemCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "EthernetInterface",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "SubordinateOverrides": [
- {
- "Targets": [
- "Manager",
- "EthernetInterfaceCollection"
- ],
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- }
- ]
- }
- },
- {
- "Entity": "EthernetInterfaceCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "ManagerAccount",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- },
- {
- "Privilege": [
- "ConfigureUsers"
- ]
- },
- {
- "Privilege": [
- "ConfigureSelf"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureUsers"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureUsers"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureUsers"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureUsers"
- ]
- }
- ]
- },
- "PropertyOverrides": [
- {
- "Targets": [
- "Password"
- ],
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- },
- {
- "Privilege": [
- "ConfigureSelf"
- ]
- }
- ]
- }
- }
- ]
- },
- {
- "Entity": "ManagerAccountCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "ConfigureUsers"
- ]
- },
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureUsers"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureUsers"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureUsers"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureUsers"
- ]
- }
- ]
- }
- },
- {
- "Entity": "AccountService",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "ConfigureUsers"
- ]
- },
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureUsers"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureUsers"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureUsers"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureUsers"
- ]
- }
- ]
- }
- },
- {
- "Entity": "Chassis",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "ChassisCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "LogService",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "SubordinateOverrides": [
- {
- "Targets": [
- "ComputerSystem",
- "LogServiceCollection"
- ],
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Targets": [
- "Chassis",
- "LogServiceCollection"
- ],
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- }
- ]
- }
- },
- {
- "Entity": "LogServiceCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "SubordinateOverrides": [
- {
- "Targets": [
- "ComputerSystem"
- ],
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Targets": [
- "Chassis"
- ],
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- }
- ]
- }
- },
- {
- "Entity": "LogEntry",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "SubordinateOverrides": [
- {
- "Targets": [
- "ComputerSystem",
- "LogServiceCollection",
- "LogService",
- "LogEntryCollection"
- ],
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Targets": [
- "Chassis",
- "LogServiceCollection",
- "LogService",
- "LogEntryCollection"
- ],
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- }
- ]
- }
- },
- {
- "Entity": "LogEntryCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "SubordinateOverrides": [
- {
- "Targets": [
- "ComputerSystem",
- "LogServiceCollection",
- "LogService"
- ],
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Targets": [
- "Chassis",
- "LogServiceCollection",
- "LogService"
- ],
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- }
- ]
- }
- },
- {
- "Entity": "Power",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "Processor",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "ProcessorCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "Role",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "RoleCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "SerialInterface",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "SerialInterfaceCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "SessionService",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "Session",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "SessionCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": []
- }
- ]
- }
- },
- {
- "Entity": "Task",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "TaskCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "TaskService",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "Thermal",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "VirtualMedia",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "VirtualMediaCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "VLanNetworkInterface",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "VLanNetworkInterfaceCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "BIOS",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "Drive",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "EventService",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "EventDestination",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "EventDestinationCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "Fabric",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "FabricCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "ManagerNetworkProtocol",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "Memory",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "MemoryCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "MemoryChunks",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "MemoryChunksCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "MemoryDomain",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "MemoryDomainCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "MemoryMetrics",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "PCIeDevice",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "PCIeFunction",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "Port",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "PortCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "SecureBoot",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "SoftwareInventory",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "SoftwareInventoryCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "Storage",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "StorageCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "Switch",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "SwitchCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "UpdateService",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "Volume",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "VolumeCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "Zone",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "ZoneCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "Endpoint",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "EndpointCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "JSONSchemaFile",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "JSONSchemaFileCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "MessageRegistry",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "MessageRegistryCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "MessageRegistryFile",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "MessageRegistryFileCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "PhysicalContext",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "Redundancy",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "ServiceRoot",
- "OperationMap": {
- "GET": [
- {
- "Privilege": []
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureManager"
- ]
- }
- ]
- }
- },
- {
- "Entity": "SimpleStorage",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- },
- {
- "Entity": "SimpleStorageCollection",
- "OperationMap": {
- "GET": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "HEAD": [
- {
- "Privilege": [
- "Login"
- ]
- }
- ],
- "PATCH": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "POST": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "PUT": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ],
- "DELETE": [
- {
- "Privilege": [
- "ConfigureComponents"
- ]
- }
- ]
- }
- }
- ]
-}
diff --git a/redfish-core/src/privileges.cpp b/redfish-core/src/privileges.cpp
deleted file mode 100644
index 5fbce23..0000000
--- a/redfish-core/src/privileges.cpp
+++ /dev/null
@@ -1,202 +0,0 @@
-/*
-// Copyright (c) 2018 Intel Corporation
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-*/
-#include "privileges.hpp"
-
-namespace redfish {
-
-boost::container::flat_map<std::string, size_t>
- Privileges::basePrivNameToIndexMap;
-boost::container::flat_map<std::string, size_t>
- Privileges::oemPrivNameToIndexMap;
-
-bool EntityPrivileges::isMethodAllowedForUser(const crow::HTTPMethod method,
- const std::string& user) const {
- // TODO: load user privileges from configuration as soon as its available
- // now we are granting only Login.
- auto userPrivileges = Privileges();
- userPrivileges.setSinglePrivilege("Login");
-
- return isMethodAllowedWithPrivileges(method, userPrivileges);
-}
-
-bool EntityPrivileges::isMethodAllowedWithPrivileges(
- const crow::HTTPMethod method, const Privileges& userPrivileges) const {
- if (methodToPrivilegeMap.find(method) == methodToPrivilegeMap.end()) {
- return false;
- }
-
- for (auto& requiredPrivileges : methodToPrivilegeMap.at(method)) {
- // Check if user has required base privileges
- if (!verifyPrivileges(userPrivileges.getBasePrivilegeBitset(),
- requiredPrivileges.getBasePrivilegeBitset())) {
- continue;
- }
-
- // Check if user has required OEM privileges
- if (!verifyPrivileges(userPrivileges.getOEMPrivilegeBitset(),
- requiredPrivileges.getOEMPrivilegeBitset())) {
- continue;
- }
-
- return true;
- }
- return false;
-}
-
-bool EntityPrivileges::verifyPrivileges(
- const privilegeBitset userPrivilegeBitset,
- const privilegeBitset requiredPrivilegeBitset) const {
- return (userPrivilegeBitset & requiredPrivilegeBitset) ==
- requiredPrivilegeBitset;
-}
-
-EntityPrivileges PrivilegeProvider::getPrivilegesRequiredByEntity(
- const std::string& entityUrl, const std::string& entityType) const {
- if (privilegeRegistryJson.empty()) {
- return EntityPrivileges();
- }
-
- // type from @odata.type e.g: ServiceRoot from #ServiceRoot.v1_1_1.ServiceRoot
- auto entity = entityType.substr(entityType.find_last_of(".") + strlen("."));
-
- for (auto mapping : privilegeRegistryJson.at("Mappings")) {
- const auto& entityJson = mapping.find("Entity");
- const auto& operationMapJson = mapping.find("OperationMap");
- const auto& propertyOverridesJson = mapping.find("PropertyOverrides");
- const auto& subordinateOverridesJson = mapping.find("SubordinateOverrides");
- const auto& resourceURIOverridesJson = mapping.find("ResourceURIOverrides");
-
- if (entityJson == mapping.end() || operationMapJson == mapping.end()) {
- return EntityPrivileges();
- }
-
- if (entityJson->is_string() && entity == entityJson.value()) {
- auto entityPrivileges = EntityPrivileges();
-
- if (!parseOperationMap(operationMapJson.value(), entityPrivileges)) {
- return EntityPrivileges();
- }
-
- if (propertyOverridesJson != mapping.end()) {
- // TODO: implementation comes in next patch-sets
- }
- if (subordinateOverridesJson != mapping.end()) {
- // TODO: implementation comes in next patch-sets
- }
- if (resourceURIOverridesJson != mapping.end()) {
- // TODO: implementation comes in next patch-sets
- }
-
- return entityPrivileges;
- }
- }
- return EntityPrivileges();
-}
-
-bool PrivilegeProvider::parseOperationMap(
- const nlohmann::json& operationMap,
- EntityPrivileges& entityPrivileges) const {
- for (auto it = operationMap.begin(); it != operationMap.end(); ++it) {
- const std::string& method = it.key();
- const nlohmann::json& privilegesForMethod = it.value();
-
- for (const auto& privilegeOr : privilegesForMethod) {
- const auto& privilegeJson = privilegeOr.find("Privilege");
-
- if (privilegeJson == privilegeOr.end()) {
- return false;
- }
- auto privileges = Privileges();
-
- for (auto& privilegeAnd : privilegeJson.value()) {
- if (!privilegeAnd.is_string()) {
- return false;
- }
- privileges.setSinglePrivilege(privilegeAnd);
- }
- entityPrivileges.addPrivilegesRequiredByMethod(operator"" _method(
- method.c_str(),
- method.size()),
- privileges);
- }
- }
- return true;
-}
-
-bool PrivilegeProvider::loadPrivilegesFromFile(
- std::ifstream& privilegeRegistryFile) {
- privilegeRegistryJson =
- nlohmann::json::parse(privilegeRegistryFile, nullptr, false);
-
- if (!privilegeRegistryHasRequiredFields()) {
- return false;
- }
-
- const nlohmann::json& basePrivilegesUsed =
- privilegeRegistryJson.at("PrivilegesUsed");
- if (basePrivilegesUsed.size() == 0) {
- return false;
- }
- if (!fillPrivilegeMap(basePrivilegesUsed,
- Privileges::basePrivNameToIndexMap)) {
- return false;
- }
-
- const nlohmann::json& oemPrivilegesUsed =
- privilegeRegistryJson.at("OEMPrivilegesUsed");
- if (!fillPrivilegeMap(oemPrivilegesUsed, Privileges::oemPrivNameToIndexMap)) {
- return false;
- }
-
- return true;
-}
-
-bool PrivilegeProvider::privilegeRegistryHasRequiredFields() const {
- if (privilegeRegistryJson.is_discarded() ||
- privilegeRegistryJson.find("@Redfish.Copyright") ==
- privilegeRegistryJson.end() ||
- privilegeRegistryJson.find("@odata.type") ==
- privilegeRegistryJson.end() ||
- privilegeRegistryJson.find("Id") == privilegeRegistryJson.end() ||
- privilegeRegistryJson.find("Name") == privilegeRegistryJson.end() ||
- privilegeRegistryJson.find("Mappings") == privilegeRegistryJson.end() ||
- privilegeRegistryJson.find("PrivilegesUsed") ==
- privilegeRegistryJson.end() ||
- privilegeRegistryJson.find("OEMPrivilegesUsed") ==
- privilegeRegistryJson.end()) {
- return false;
- }
- return true;
-}
-
-bool PrivilegeProvider::fillPrivilegeMap(
- const nlohmann::json& privilegesUsed,
- boost::container::flat_map<std::string, size_t>& privilegeToIndexMap)
- const {
- privilegeToIndexMap.clear();
- for (auto& privilege : privilegesUsed) {
- if (privilegeToIndexMap.size() < MAX_PRIVILEGE_COUNT) {
- if (!privilege.is_string()) {
- return false;
- }
- privilegeToIndexMap.insert(std::pair<std::string, size_t>(
- privilege.get<std::string>(), privilegeToIndexMap.size()));
- }
- }
- return true;
-}
-
-} // namespace redfish
diff --git a/redfish-core/ut/privileges_test.cpp b/redfish-core/ut/privileges_test.cpp
index 9d0d156..193fd7d 100644
--- a/redfish-core/ut/privileges_test.cpp
+++ b/redfish-core/ut/privileges_test.cpp
@@ -6,521 +6,135 @@
using namespace redfish;
-class PrivilegeTest : public testing::Test {
- protected:
- nlohmann::json privilegeRegistryMockJson;
+TEST(PrivilegeTest, PrivilegeConstructor) {
+ Privileges privileges = {"Login", "ConfigureManager"};
- std::vector<std::string> expectedBasePrivileges{
- "Login", "ConfigureManager", "ConfigureUsers", "ConfigureComponents",
- "ConfigureSelf"};
+ auto activePrivileges =
+ privileges.getActivePrivilegeNames(PrivilegeType::BASE);
+ std::vector<std::string> expectedPrivileges{"Login", "ConfigureManager"};
- std::vector<std::string> expectedOEMPrivileges{"OEMRoot", "OEMDummy"};
+ std::sort(expectedPrivileges.begin(), expectedPrivileges.end());
+ std::sort(activePrivileges.begin(), activePrivileges.end());
- PrivilegeTest() {
- crow::logger::setLogLevel(crow::LogLevel::CRITICAL);
-
- std::ofstream privilegeRegistryMockOfstream("privilege_registry_mock.json");
- privilegeRegistryMockJson = nlohmann::json::parse(
- "{\
- \"@Redfish.Copyright\": \"Dummy copyright\",\
- \"@odata.type\": \"#PrivilegeRegistry.v1_0_0.PrivilegeRegistry\",\
- \"Id\": \"Dummy id\",\
- \"Name\": \"Dummy name\",\
- \"PrivilegesUsed\": [\
- \"Login\",\
- \"ConfigureManager\",\
- \"ConfigureUsers\",\
- \"ConfigureComponents\",\
- \"ConfigureSelf\"],\
- \"OEMPrivilegesUsed\": [\
- \"OEMRoot\",\
- \"OEMDummy\"],\
- \"Mappings\": [\
- {\
- \"Entity\": \"TestEntity\",\
- \"OperationMap\": {\
- \"GET\": [\
- {\
- \"Privilege\": [\
- \"Login\"\
- ]\
- }\
- ],\
- \"PATCH\": [\
- {\
- \"Privilege\": [\
- \"ConfigureManager\"\
- ]\
- },\
- {\
- \"Privilege\": [\
- \"ConfigureUser\",\
- \"ConfigureDummy\",\
- \"OEMRoot\"\
- ]\
- }\
- ],\
- \"POST\": [\
- {\
- \"Privilege\": [\
- \"ConfigureManager\",\
- \"OEMDummy\"\
- ]\
- }\
- ],\
- \"DELETE\": [\
- {\
- \"Privilege\": [\
- \"ConfigureManager\"\
- ]\
- }\
- ]\
- }\
- },\
- {\
- \"Entity\": \"EntityWithNonStringPrivilege\",\
- \"OperationMap\": {\
- \"GET\": [\
- {\
- \"Privilege\": [\"Login\"]\
- }\
- ],\
- \"POST\": [\
- {\
- \"Privilege\": [1]\
- }\
- ]\
- }\
- }\
- ]\
- }");
- privilegeRegistryMockOfstream << std::setw(4) << privilegeRegistryMockJson
- << std::endl;
- privilegeRegistryMockOfstream.close();
- }
-
- virtual ~PrivilegeTest() { std::remove("privilege_registry_mock.json"); }
-
- void removeFieldFromRegistry(const std::string& field) {
- std::ifstream in("privilege_registry_mock.json");
- nlohmann::json tempJson = nlohmann::json::parse(in);
- in.close();
-
- tempJson.erase(field);
-
- std::ofstream out("privilege_registry_mock.json");
- out << std::setw(4) << tempJson << std::endl;
- out.close();
- }
-
- void removeFieldFromMappings(const std::string& field) {
- std::ifstream in("privilege_registry_mock.json");
- nlohmann::json tempJson = nlohmann::json::parse(in);
- in.close();
-
- tempJson.at("Mappings")[0].erase(field);
-
- std::ofstream out("privilege_registry_mock.json");
- out << std::setw(4) << tempJson << std::endl;
- out.close();
- }
-
- void clearArryInJson(const std::string& key) {
- std::ifstream in("privilege_registry_mock.json");
- nlohmann::json tempJson = nlohmann::json::parse(in);
- in.close();
-
- tempJson[key].clear();
-
- std::ofstream out("privilege_registry_mock.json");
- out << std::setw(4) << tempJson << std::endl;
- out.close();
- }
-
- template <typename T>
- void fillPrivilegeArray(const std::string& key,
- const std::vector<T>& values) {
- std::ifstream in("privilege_registry_mock.json");
- nlohmann::json tempJson = nlohmann::json::parse(in);
- in.close();
-
- tempJson[key].clear();
- for (const auto& value : values) {
- tempJson[key].push_back(value);
- }
-
- std::ofstream out("privilege_registry_mock.json");
- out << std::setw(4) << tempJson << std::endl;
- out.close();
- }
-
- template <typename T>
- void addRequiredPrivilege(const T& value) {
- std::ifstream in("privilege_registry_mock.json");
- nlohmann::json tempJson = nlohmann::json::parse(in);
- in.close();
-
- tempJson["Mappings"][0]["OperationMap"]["GET"][0]["Privilege"].push_back(
- value);
-
- std::ofstream out("privilege_registry_mock.json");
- out << std::setw(4) << tempJson << std::endl;
- out.close();
- }
-
- bool isPrivilegeRegistryParsed(const EntityPrivileges& entityPrivileges) {
- auto userPrivileges = Privileges();
- userPrivileges.setSinglePrivilege("Login");
- // given the privileges_registry_mock.json, GET should be allowed with Login
- // if the file got parsed successfully
- return entityPrivileges.isMethodAllowedWithPrivileges(crow::HTTPMethod::GET,
- userPrivileges);
- }
-};
-
-TEST_F(PrivilegeTest, PrivilegeRegistryJsonSuccessfullParse) {
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
- auto entityPrivileges =
- privilegeProvider.getPrivilegesRequiredByEntity("", "foo.bar.TestEntity");
- EXPECT_TRUE(isPrivilegeRegistryParsed(entityPrivileges));
+ EXPECT_EQ(expectedPrivileges, activePrivileges);
}
-TEST_F(PrivilegeTest, PrivilegeRegistryJsonNotFound) {
- std::remove("privilege_registry_mock.json");
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
- auto entityPrivileges =
- privilegeProvider.getPrivilegesRequiredByEntity("", "foo.bar.TestEntity");
- EXPECT_FALSE(isPrivilegeRegistryParsed(entityPrivileges));
-}
+TEST(PrivilegeTest, PrivilegeCheckForNoPrivilegesRequired) {
+ auto userPrivileges = Privileges{"Login"};
+ OperationMap operationMap = {{crow::HTTPMethod::GET, {{}}}};
+ auto entityPrivileges = EntityPrivileges(std::move(operationMap));
-TEST_F(PrivilegeTest, PrivilegeRegistryMissingCopyright) {
- removeFieldFromRegistry("@Redfish.Copyright");
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
- auto entityPrivileges =
- privilegeProvider.getPrivilegesRequiredByEntity("", "foo.bar.TestEntity");
- EXPECT_FALSE(isPrivilegeRegistryParsed(entityPrivileges));
-}
-
-TEST_F(PrivilegeTest, PrivilegeRegistryMissingOdataType) {
- removeFieldFromRegistry("@odata.type");
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
- auto entityPrivileges =
- privilegeProvider.getPrivilegesRequiredByEntity("", "foo.bar.TestEntity");
- EXPECT_FALSE(isPrivilegeRegistryParsed(entityPrivileges));
-}
-
-TEST_F(PrivilegeTest, PrivilegeRegistryMissingId) {
- removeFieldFromRegistry("Id");
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
- auto entityPrivileges =
- privilegeProvider.getPrivilegesRequiredByEntity("", "foo.bar.TestEntity");
- EXPECT_FALSE(isPrivilegeRegistryParsed(entityPrivileges));
-}
-
-TEST_F(PrivilegeTest, PrivilegeRegistryMissingName) {
- removeFieldFromRegistry("Name");
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
- auto entityPrivileges =
- privilegeProvider.getPrivilegesRequiredByEntity("", "foo.bar.TestEntity");
- EXPECT_FALSE(isPrivilegeRegistryParsed(entityPrivileges));
-}
-
-TEST_F(PrivilegeTest, PrivilegeRegistryMissingMappings) {
- removeFieldFromRegistry("Mappings");
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
- auto entityPrivileges =
- privilegeProvider.getPrivilegesRequiredByEntity("", "foo.bar.TestEntity");
- EXPECT_FALSE(isPrivilegeRegistryParsed(entityPrivileges));
-}
-
-TEST_F(PrivilegeTest, PrivilegeRegistryMissingPrivilegesUsed) {
- removeFieldFromRegistry("PrivilegesUsed");
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
- auto entityPrivileges =
- privilegeProvider.getPrivilegesRequiredByEntity("", "foo.bar.TestEntity");
- EXPECT_FALSE(isPrivilegeRegistryParsed(entityPrivileges));
-}
-
-TEST_F(PrivilegeTest, PrivilegeRegistryMissingOEMPrivilegesUsed) {
- removeFieldFromRegistry("OEMPrivilegesUsed");
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
- auto entityPrivileges =
- privilegeProvider.getPrivilegesRequiredByEntity("", "foo.bar.TestEntity");
- EXPECT_FALSE(isPrivilegeRegistryParsed(entityPrivileges));
-}
-
-TEST_F(PrivilegeTest, PrivilegeRegistryMissingOperationMap) {
- removeFieldFromMappings("OperationMap");
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
-
- auto entityPrivileges =
- privilegeProvider.getPrivilegesRequiredByEntity("", "foo.bar.TestEntity");
- EXPECT_FALSE(isPrivilegeRegistryParsed(entityPrivileges));
-}
-
-TEST_F(PrivilegeTest, PrivilegeRegistryPrivilegesUsedMayNotBeEmpty) {
- clearArryInJson("PrivilegesUsed");
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
- auto entityPrivileges =
- privilegeProvider.getPrivilegesRequiredByEntity("", "foo.bar.TestEntity");
- EXPECT_FALSE(isPrivilegeRegistryParsed(entityPrivileges));
-}
-
-TEST_F(PrivilegeTest, PrivilegeRegistryOEMPrivilegesUsedMayByEmpty) {
- clearArryInJson("OEMPrivilegesUsed");
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
- auto entityPrivileges =
- privilegeProvider.getPrivilegesRequiredByEntity("", "foo.bar.TestEntity");
- EXPECT_TRUE(isPrivilegeRegistryParsed(entityPrivileges));
-}
-
-TEST_F(PrivilegeTest, PrivilegeValuesMayOnlyBeStrings) {
- std::vector<int> privilegesUsed = {1, 3, 4};
- fillPrivilegeArray("PrivilegesUsed", privilegesUsed);
-
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
- auto entityPrivileges =
- privilegeProvider.getPrivilegesRequiredByEntity("", "foo.bar.TestEntity");
- EXPECT_FALSE(isPrivilegeRegistryParsed(entityPrivileges));
-}
-
-TEST_F(PrivilegeTest, OnlyMaxNoOfBasePrivilegesGetsLoaded) {
- const std::string excessivePrivilege("ExcessivePrivilege");
- std::vector<std::string> privilegesUsed;
-
- for (int i = 0; i < MAX_PRIVILEGE_COUNT; i++) {
- privilegesUsed.push_back(std::to_string(i));
- }
- privilegesUsed.push_back(excessivePrivilege);
-
- fillPrivilegeArray("PrivilegesUsed", privilegesUsed);
- addRequiredPrivilege(excessivePrivilege);
-
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
-
- Privileges privileges;
- privileges.setSinglePrivilege(excessivePrivilege);
-
- EXPECT_EQ(privileges.getBasePrivilegeBitset(), 0);
-}
-
-TEST_F(PrivilegeTest, OnlyMaxNoOfOEMPrivilegesGetsLoaded) {
- const std::string excessivePrivilege("ExcessivePrivilege");
- std::vector<std::string> privilegesUsed;
-
- for (int i = 0; i < MAX_PRIVILEGE_COUNT; i++) {
- privilegesUsed.push_back(std::to_string(i));
- }
- privilegesUsed.push_back(excessivePrivilege);
-
- fillPrivilegeArray("OEMPrivilegesUsed", privilegesUsed);
- addRequiredPrivilege(excessivePrivilege);
-
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
-
- Privileges privileges;
- privileges.setSinglePrivilege(excessivePrivilege);
-
- EXPECT_EQ(privileges.getOEMPrivilegeBitset(), 0);
-}
-
-TEST_F(PrivilegeTest, LoadEntityPrivilegesForExistingEntity) {
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
- auto entityPrivileges =
- privilegeProvider.getPrivilegesRequiredByEntity("", "foo.bar.TestEntity");
- EXPECT_TRUE(isPrivilegeRegistryParsed(entityPrivileges));
-}
-
-TEST_F(PrivilegeTest, LoadEntityPrivilegesForNonExistingEntity) {
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
- auto entityPrivileges =
- privilegeProvider.getPrivilegesRequiredByEntity("", "foo.bar.NotExists");
- EXPECT_FALSE(isPrivilegeRegistryParsed(entityPrivileges));
-}
-
-TEST_F(PrivilegeTest, LoadEntityPrivilegesForEntityWithNonStringPrivilege) {
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
- auto entityPrivileges = privilegeProvider.getPrivilegesRequiredByEntity(
- "", "foo.bar.EntityWithNonStringPrivilege");
- EXPECT_FALSE(isPrivilegeRegistryParsed(entityPrivileges));
-}
-
-TEST_F(PrivilegeTest, DefaultEntityPrivilegesDenyAccess) {
- auto entityPrivileges = EntityPrivileges();
-
- auto res =
- entityPrivileges.isMethodAllowedForUser(crow::HTTPMethod::GET, "user");
- EXPECT_FALSE(res);
-}
-
-TEST_F(PrivilegeTest, PrivilegeCheckForSingleCaseSuccess) {
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
-
- auto entityPrivileges = EntityPrivileges();
- auto userPrivileges = Privileges();
- auto requiredPrivileges = Privileges();
-
- userPrivileges.setSinglePrivilege("Login");
- requiredPrivileges.setSinglePrivilege("Login");
- entityPrivileges.addPrivilegesRequiredByMethod(crow::HTTPMethod::GET,
- requiredPrivileges);
EXPECT_TRUE(entityPrivileges.isMethodAllowedWithPrivileges(
crow::HTTPMethod::GET, userPrivileges));
}
-TEST_F(PrivilegeTest, PrivilegeCheckForSingleCaseFailure) {
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
+TEST(PrivilegeTest, PrivilegeCheckForSingleCaseSuccess) {
+ auto userPrivileges = Privileges{"Login"};
+ OperationMap operationMap = {{crow::HTTPMethod::GET, {{"Login"}}}};
+ auto entityPrivileges = EntityPrivileges(std::move(operationMap));
- auto entityPrivileges = EntityPrivileges();
- auto userPrivileges = Privileges();
- auto requiredPrivileges = Privileges();
-
- userPrivileges.setSinglePrivilege("Login");
- requiredPrivileges.setSinglePrivilege("ConfigureManager");
- entityPrivileges.addPrivilegesRequiredByMethod(crow::HTTPMethod::GET,
- requiredPrivileges);
- EXPECT_FALSE(entityPrivileges.isMethodAllowedWithPrivileges(
- crow::HTTPMethod::GET, userPrivileges));
-}
-
-TEST_F(PrivilegeTest, PrivilegeCheckForANDCaseSuccess) {
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
-
- auto entityPrivileges = EntityPrivileges();
- auto userPrivileges = Privileges();
- auto requiredPrivileges = Privileges();
-
- userPrivileges.setSinglePrivilege("Login");
- userPrivileges.setSinglePrivilege("ConfigureManager");
- userPrivileges.setSinglePrivilege("OEMRoot");
- requiredPrivileges.setSinglePrivilege("Login");
- requiredPrivileges.setSinglePrivilege("ConfigureManager");
- requiredPrivileges.setSinglePrivilege("OEMRoot");
- entityPrivileges.addPrivilegesRequiredByMethod(crow::HTTPMethod::GET,
- requiredPrivileges);
EXPECT_TRUE(entityPrivileges.isMethodAllowedWithPrivileges(
crow::HTTPMethod::GET, userPrivileges));
}
-TEST_F(PrivilegeTest, PrivilegeCheckForANDCaseFailure) {
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
+TEST(PrivilegeTest, PrivilegeCheckForSingleCaseFailure) {
+ auto userPrivileges = Privileges{"Login"};
+ OperationMap operationMap = {{crow::HTTPMethod::GET, {{"ConfigureManager"}}}};
+ auto entityPrivileges = EntityPrivileges(std::move(operationMap));
- auto entityPrivileges = EntityPrivileges();
- auto userPrivileges = Privileges();
- auto requiredPrivileges = Privileges();
-
- userPrivileges.setSinglePrivilege("Login");
- userPrivileges.setSinglePrivilege("ConfigureUsers");
- requiredPrivileges.setSinglePrivilege("Login");
- requiredPrivileges.setSinglePrivilege("OEMDummy");
- requiredPrivileges.setSinglePrivilege("ConfigureUsers");
- entityPrivileges.addPrivilegesRequiredByMethod(crow::HTTPMethod::GET,
- requiredPrivileges);
EXPECT_FALSE(entityPrivileges.isMethodAllowedWithPrivileges(
crow::HTTPMethod::GET, userPrivileges));
}
-TEST_F(PrivilegeTest, PrivilegeCheckForORCaseSuccess) {
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
+TEST(PrivilegeTest, PrivilegeCheckForANDCaseSuccess) {
+ auto userPrivileges =
+ Privileges{"Login", "ConfigureManager", "ConfigureSelf"};
+ OperationMap operationMap = {
+ {crow::HTTPMethod::GET,
+ {{"Login", "ConfigureManager", "ConfigureSelf"}}}};
+ auto entityPrivileges = EntityPrivileges(std::move(operationMap));
- auto entityPrivileges = EntityPrivileges();
- auto userPrivileges = Privileges();
- auto requiredPrivileges = Privileges();
-
- userPrivileges.setSinglePrivilege("OEMRoot");
- requiredPrivileges.setSinglePrivilege("Login");
- entityPrivileges.addPrivilegesRequiredByMethod(crow::HTTPMethod::GET,
- requiredPrivileges);
- requiredPrivileges = Privileges();
- requiredPrivileges.setSinglePrivilege("OEMRoot");
- entityPrivileges.addPrivilegesRequiredByMethod(crow::HTTPMethod::GET,
- requiredPrivileges);
EXPECT_TRUE(entityPrivileges.isMethodAllowedWithPrivileges(
crow::HTTPMethod::GET, userPrivileges));
}
-TEST_F(PrivilegeTest, PrivilegeCheckForORCaseFailure) {
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
+TEST(PrivilegeTest, PrivilegeCheckForANDCaseFailure) {
+ auto userPrivileges = Privileges{"Login", "ConfigureManager"};
+ OperationMap operationMap = {
+ {crow::HTTPMethod::GET,
+ {{"Login", "ConfigureManager", "ConfigureSelf"}}}};
+ auto entityPrivileges = EntityPrivileges(std::move(operationMap));
- auto entityPrivileges = EntityPrivileges();
- auto userPrivileges = Privileges();
- auto requiredPrivileges = Privileges();
-
- userPrivileges.setSinglePrivilege("ConfigureComponents");
- requiredPrivileges.setSinglePrivilege("Login");
- entityPrivileges.addPrivilegesRequiredByMethod(crow::HTTPMethod::GET,
- requiredPrivileges);
- requiredPrivileges = Privileges();
- requiredPrivileges.setSinglePrivilege("ConfigureManager");
- entityPrivileges.addPrivilegesRequiredByMethod(crow::HTTPMethod::GET,
- requiredPrivileges);
EXPECT_FALSE(entityPrivileges.isMethodAllowedWithPrivileges(
crow::HTTPMethod::GET, userPrivileges));
}
-TEST_F(PrivilegeTest, DefaultPrivilegeBitsetsAreEmpty) {
+TEST(PrivilegeTest, PrivilegeCheckForORCaseSuccess) {
+ auto userPrivileges = Privileges{"ConfigureManager"};
+ OperationMap operationMap = {
+ {crow::HTTPMethod::GET, {{"Login"}, {"ConfigureManager"}}}};
+ auto entityPrivileges = EntityPrivileges(std::move(operationMap));
+
+ EXPECT_TRUE(entityPrivileges.isMethodAllowedWithPrivileges(
+ crow::HTTPMethod::GET, userPrivileges));
+}
+
+TEST(PrivilegeTest, PrivilegeCheckForORCaseFailure) {
+ auto userPrivileges = Privileges{"ConfigureComponents"};
+ OperationMap operationMap = {
+ {crow::HTTPMethod::GET, {{"Login"}, {"ConfigureManager"}}}};
+ auto entityPrivileges = EntityPrivileges(std::move(operationMap));
+
+ EXPECT_FALSE(entityPrivileges.isMethodAllowedWithPrivileges(
+ crow::HTTPMethod::GET, userPrivileges));
+}
+
+TEST(PrivilegeTest, DefaultPrivilegeBitsetsAreEmpty) {
Privileges privileges;
EXPECT_TRUE(privileges.getBasePrivilegeBitset() == 0);
EXPECT_TRUE(privileges.getOEMPrivilegeBitset() == 0);
}
-TEST_F(PrivilegeTest, UniqueBitsAssignedForAllPrivilegeNames) {
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
-
+TEST(PrivilegeTest, UniqueBitsAssignedForAllPrivilegeNames) {
Privileges privileges;
+ std::vector<std::string> expectedPrivileges{
+ "Login", "ConfigureManager", "ConfigureUsers", "ConfigureComponents",
+ "ConfigureSelf"};
- for (const auto& privilege : expectedBasePrivileges) {
- privileges.setSinglePrivilege(privilege);
- }
-
- for (const auto& privilege : expectedOEMPrivileges) {
+ for (const auto& privilege : expectedPrivileges) {
privileges.setSinglePrivilege(privilege);
}
EXPECT_EQ(privileges.getBasePrivilegeBitset().count(),
- expectedBasePrivileges.size());
- EXPECT_EQ(privileges.getOEMPrivilegeBitset().count(),
- expectedOEMPrivileges.size());
+ expectedPrivileges.size());
}
-TEST_F(PrivilegeTest, GetActiveBasePrivilegeNames) {
+TEST(PrivilegeTest, GetActivePrivilegeNames) {
Privileges privileges;
EXPECT_EQ(privileges.getActivePrivilegeNames(PrivilegeType::BASE),
std::vector<std::string>());
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
+ std::vector<std::string> expectedPrivileges{
+ "Login", "ConfigureManager", "ConfigureUsers", "ConfigureComponents",
+ "ConfigureSelf"};
- for (const auto& privilege : expectedBasePrivileges) {
+ for (const auto& privilege : expectedPrivileges) {
privileges.setSinglePrivilege(privilege);
}
std::vector<std::string> activePrivileges =
privileges.getActivePrivilegeNames(PrivilegeType::BASE);
- std::sort(expectedBasePrivileges.begin(), expectedBasePrivileges.end());
+ std::sort(expectedPrivileges.begin(), expectedPrivileges.end());
std::sort(activePrivileges.begin(), activePrivileges.end());
- EXPECT_EQ(activePrivileges, expectedBasePrivileges);
+ EXPECT_EQ(activePrivileges, expectedPrivileges);
}
-TEST_F(PrivilegeTest, GetActiveOEMPrivilegeNames) {
- Privileges privileges;
-
- EXPECT_EQ(privileges.getActivePrivilegeNames(PrivilegeType::OEM),
- std::vector<std::string>());
-
- PrivilegeProvider privilegeProvider("privilege_registry_mock.json");
-
- for (const auto& privilege : expectedOEMPrivileges) {
- privileges.setSinglePrivilege(privilege);
- }
-
- std::vector<std::string> activePrivileges =
- privileges.getActivePrivilegeNames(PrivilegeType::OEM);
-
- std::sort(expectedOEMPrivileges.begin(), expectedOEMPrivileges.end());
- std::sort(activePrivileges.begin(), activePrivileges.end());
-
- EXPECT_EQ(activePrivileges, expectedOEMPrivileges);
+TEST(PrivilegeTest, PropertyOverrideConstructor) {
+ OperationMap operationMap = {
+ {crow::HTTPMethod::GET, {{"Login"}, {"ConfigureManager"}}}};
+ PropertyOverride propertyOverride(std::move(operationMap),
+ {"Password", "Id"});
}