Fix Crashdump LogServices SubordinateOverrides privileges
This updates SubordinateOverrides permissions on Crashdump LogServices.
1) GET methods
```
- /redfish/v1/Systems/<str>/LogServices/Crashdump/
- /redfish/v1/Systems/<str>/LogServices/Crashdump/Entries/<str>/
```
2) POST methods
```
- /redfish/v1/Systems/<str>/LogServices/Crashdump/Actions/LogService.ClearLog/
- /redfish/v1/Systems/<str>/LogServices/Crashdump/Actions/LogService.CollectDiagnosticData/
```
Tested:
- Redfish Validator passes
Change-Id: Ief83b4aa6a778ee1ed0d0de8725979a5c1266e56
Signed-off-by: Myung Bae <myungbae@us.ibm.com>
diff --git a/redfish-core/lib/log_services.hpp b/redfish-core/lib/log_services.hpp
index d960aad..f756d341 100644
--- a/redfish-core/lib/log_services.hpp
+++ b/redfish-core/lib/log_services.hpp
@@ -2576,15 +2576,11 @@
inline void requestRoutesCrashdumpService(App& app)
{
- // Note: Deviated from redfish privilege registry for GET & HEAD
- // method for security reasons.
/**
* Functions triggers appropriate requests on DBus
*/
BMCWEB_ROUTE(app, "/redfish/v1/Systems/<str>/LogServices/Crashdump/")
- // This is incorrect, should be:
- //.privileges(redfish::privileges::getLogService)
- .privileges({{"ConfigureManager"}})
+ .privileges(redfish::privileges::getLogService)
.methods(
boost::beast::http::verb::
get)([&app](const crow::Request& req,
@@ -2648,9 +2644,8 @@
BMCWEB_ROUTE(
app,
"/redfish/v1/Systems/<str>/LogServices/Crashdump/Actions/LogService.ClearLog/")
- // This is incorrect, should be:
- //.privileges(redfish::privileges::postLogService)
- .privileges({{"ConfigureComponents"}})
+ .privileges(redfish::privileges::
+ postLogServiceSubOverComputerSystemLogServiceCollection)
.methods(boost::beast::http::verb::post)(
[&app](const crow::Request& req,
const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -2762,16 +2757,12 @@
inline void requestRoutesCrashdumpEntryCollection(App& app)
{
- // Note: Deviated from redfish privilege registry for GET & HEAD
- // method for security reasons.
/**
* Functions triggers appropriate requests on DBus
*/
BMCWEB_ROUTE(app,
"/redfish/v1/Systems/<str>/LogServices/Crashdump/Entries/")
- // This is incorrect, should be.
- //.privileges(redfish::privileges::postLogEntryCollection)
- .privileges({{"ConfigureComponents"}})
+ .privileges(redfish::privileges::getLogEntryCollection)
.methods(
boost::beast::http::verb::
get)([&app](const crow::Request& req,
@@ -2844,14 +2835,9 @@
inline void requestRoutesCrashdumpEntry(App& app)
{
- // Note: Deviated from redfish privilege registry for GET & HEAD
- // method for security reasons.
-
BMCWEB_ROUTE(
app, "/redfish/v1/Systems/<str>/LogServices/Crashdump/Entries/<str>/")
- // this is incorrect, should be
- // .privileges(redfish::privileges::getLogEntry)
- .privileges({{"ConfigureComponents"}})
+ .privileges(redfish::privileges::getLogEntry)
.methods(boost::beast::http::verb::get)(
[&app](const crow::Request& req,
const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -2880,8 +2866,6 @@
inline void requestRoutesCrashdumpFile(App& app)
{
- // Note: Deviated from redfish privilege registry for GET & HEAD
- // method for security reasons.
BMCWEB_ROUTE(
app,
"/redfish/v1/Systems/<str>/LogServices/Crashdump/Entries/<str>/<str>/")
@@ -2990,14 +2974,11 @@
inline void requestRoutesCrashdumpCollect(App& app)
{
- // Note: Deviated from redfish privilege registry for GET & HEAD
- // method for security reasons.
BMCWEB_ROUTE(
app,
"/redfish/v1/Systems/<str>/LogServices/Crashdump/Actions/LogService.CollectDiagnosticData/")
- // The below is incorrect; Should be ConfigureManager
- //.privileges(redfish::privileges::postLogService)
- .privileges({{"ConfigureComponents"}})
+ .privileges(redfish::privileges::
+ postLogServiceSubOverComputerSystemLogServiceCollection)
.methods(boost::beast::http::verb::post)(
[&app](const crow::Request& req,
const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,