Remove Redfish Node class
Reduces the total number of lines and will allow for easier testing of
the redfish responses.
A main purpose of the node class was to set app.routeDynamic(). However
now app.routeDynamic can handle the complexity that was once in critical
to node. The macro app.routeDynamic() provides a shorter cleaner
interface to the unerlying app.routeDyanic call. The old pattern set
permissions for 6 interfaces (get, head, patch, put, delete_, and post)
even if only one interface is created. That pattern creates unneeded
code that can be safely removed with no effect.
Unit test for the responses would have to mock the node the class in
order to fully test responses.
see https://github.com/openbmc/bmcweb/issues/181
The following files still need node to be extracted.
virtual_media.hpp
account_service.hpp
redfish_sessions.hpp
ethernet.hpp
The files above use a pattern that is not trivial to address. Often their
responses call an async lambda capturing the inherited class. ie
(https://github.com/openbmc/bmcweb/blob/ffed87b5ad1797ca966d030e7f979770
28d258fa/redfish-core/lib/account_service.hpp#L1393)
At a later point I plan to remove node from the files above.
Tested:
I ran the docker unit test with the following command.
WORKSPACE=$(pwd) UNIT_TEST_PKG=bmcweb
./openbmc-build-scripts/run-unit-test-docker.sh
I ran the validator and this change did not create any issues.
python3 RedfishServiceValidator.py -c config.ini
Signed-off-by: John Edward Broadbent <jebr@google.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I147a0289c52cb4198345b1ad9bfe6fdddf57f3df
diff --git a/redfish-core/lib/certificate_service.hpp b/redfish-core/lib/certificate_service.hpp
index 0e53571..0e26a86 100644
--- a/redfish-core/lib/certificate_service.hpp
+++ b/redfish-core/lib/certificate_service.hpp
@@ -1,7 +1,6 @@
#pragma once
-#include "node.hpp"
-
+#include <app.hpp>
#include <boost/convert.hpp>
#include <boost/convert/strtol.hpp>
@@ -34,47 +33,42 @@
* actions available to manage certificates and links to where certificates
* are installed.
*/
-class CertificateService : public Node
-{
- public:
- CertificateService(App& app) : Node(app, "/redfish/v1/CertificateService/")
- {
- // TODO: Issue#61 No entries are available for Certificate
- // service at https://www.dmtf.org/standards/redfish
- // "redfish standard registries". Need to modify after DMTF
- // publish Privilege details for certificate service
- entityPrivileges = {
- {boost::beast::http::verb::get, {{"Login"}}},
- {boost::beast::http::verb::head, {{"Login"}}},
- {boost::beast::http::verb::patch, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::put, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::delete_, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::post, {{"ConfigureComponents"}}}};
- }
- private:
- void doGet(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
- const crow::Request&, const std::vector<std::string>&) override
- {
- asyncResp->res.jsonValue = {
- {"@odata.type", "#CertificateService.v1_0_0.CertificateService"},
- {"@odata.id", "/redfish/v1/CertificateService"},
- {"Id", "CertificateService"},
- {"Name", "Certificate Service"},
- {"Description", "Actions available to manage certificates"}};
- asyncResp->res.jsonValue["CertificateLocations"] = {
- {"@odata.id",
- "/redfish/v1/CertificateService/CertificateLocations"}};
- asyncResp->res
- .jsonValue["Actions"]["#CertificateService.ReplaceCertificate"] = {
- {"target", "/redfish/v1/CertificateService/Actions/"
- "CertificateService.ReplaceCertificate"},
- {"CertificateType@Redfish.AllowableValues", {"PEM"}}};
- asyncResp->res.jsonValue["Actions"]["#CertificateService.GenerateCSR"] =
- {{"target", "/redfish/v1/CertificateService/Actions/"
- "CertificateService.GenerateCSR"}};
- }
-}; // CertificateService
+// TODO: Issue#61 No entries are available for Certificate
+// service at https://www.dmtf.org/standards/redfish
+// "redfish standard registries". Need to modify after DMTF
+// publish Privilege details for certificate service
+
+inline void requestRoutesCertificateService(App& app)
+{
+ BMCWEB_ROUTE(app, "/redfish/v1/CertificateService/")
+ .privileges({"Login"})
+ .methods(boost::beast::http::verb::get)(
+ [](const crow::Request&,
+ const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
+ asyncResp->res.jsonValue = {
+ {"@odata.type",
+ "#CertificateService.v1_0_0.CertificateService"},
+ {"@odata.id", "/redfish/v1/CertificateService"},
+ {"Id", "CertificateService"},
+ {"Name", "Certificate Service"},
+ {"Description",
+ "Actions available to manage certificates"}};
+ asyncResp->res.jsonValue["CertificateLocations"] = {
+ {"@odata.id",
+ "/redfish/v1/CertificateService/CertificateLocations"}};
+ asyncResp->res
+ .jsonValue["Actions"]
+ ["#CertificateService.ReplaceCertificate"] = {
+ {"target", "/redfish/v1/CertificateService/Actions/"
+ "CertificateService.ReplaceCertificate"},
+ {"CertificateType@Redfish.AllowableValues", {"PEM"}}};
+ asyncResp->res
+ .jsonValue["Actions"]["#CertificateService.GenerateCSR"] = {
+ {"target", "/redfish/v1/CertificateService/Actions/"
+ "CertificateService.GenerateCSR"}};
+ });
+} // requestRoutesCertificateService
/**
* @brief Find the ID specified in the URL
@@ -230,259 +224,259 @@
/**
* Action to Generate CSR
*/
-class CertificateActionGenerateCSR : public Node
+inline void requestRoutesCertificateActionGenerateCSR(App& app)
{
- public:
- CertificateActionGenerateCSR(App& app) :
- Node(app, "/redfish/v1/CertificateService/Actions/"
- "CertificateService.GenerateCSR/")
- {
- entityPrivileges = {
- {boost::beast::http::verb::get, {{"Login"}}},
- {boost::beast::http::verb::head, {{"Login"}}},
- {boost::beast::http::verb::patch, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::put, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::delete_, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::post, {{"ConfigureComponents"}}}};
- }
+ BMCWEB_ROUTE(app, "/redfish/v1/CertificateService/Actions/"
+ "CertificateService.GenerateCSR/")
+ .privileges({"ConfigureComponents"})
+ .methods(boost::beast::http::verb::post)(
+ [](const crow::Request& req,
+ const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
+ static const int rsaKeyBitLength = 2048;
- private:
- void doPost(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
- const crow::Request& req,
- const std::vector<std::string>&) override
- {
- static const int rsaKeyBitLength = 2048;
+ // Required parameters
+ std::string city;
+ std::string commonName;
+ std::string country;
+ std::string organization;
+ std::string organizationalUnit;
+ std::string state;
+ nlohmann::json certificateCollection;
- // Required parameters
- std::string city;
- std::string commonName;
- std::string country;
- std::string organization;
- std::string organizationalUnit;
- std::string state;
- nlohmann::json certificateCollection;
+ // Optional parameters
+ std::optional<std::vector<std::string>> optAlternativeNames =
+ std::vector<std::string>();
+ std::optional<std::string> optContactPerson = "";
+ std::optional<std::string> optChallengePassword = "";
+ std::optional<std::string> optEmail = "";
+ std::optional<std::string> optGivenName = "";
+ std::optional<std::string> optInitials = "";
+ std::optional<int64_t> optKeyBitLength = rsaKeyBitLength;
+ std::optional<std::string> optKeyCurveId = "secp384r1";
+ std::optional<std::string> optKeyPairAlgorithm = "EC";
+ std::optional<std::vector<std::string>> optKeyUsage =
+ std::vector<std::string>();
+ std::optional<std::string> optSurname = "";
+ std::optional<std::string> optUnstructuredName = "";
+ if (!json_util::readJson(
+ req, asyncResp->res, "City", city, "CommonName",
+ commonName, "ContactPerson", optContactPerson,
+ "Country", country, "Organization", organization,
+ "OrganizationalUnit", organizationalUnit, "State",
+ state, "CertificateCollection", certificateCollection,
+ "AlternativeNames", optAlternativeNames,
+ "ChallengePassword", optChallengePassword, "Email",
+ optEmail, "GivenName", optGivenName, "Initials",
+ optInitials, "KeyBitLength", optKeyBitLength,
+ "KeyCurveId", optKeyCurveId, "KeyPairAlgorithm",
+ optKeyPairAlgorithm, "KeyUsage", optKeyUsage, "Surname",
+ optSurname, "UnstructuredName", optUnstructuredName))
+ {
+ return;
+ }
- // Optional parameters
- std::optional<std::vector<std::string>> optAlternativeNames =
- std::vector<std::string>();
- std::optional<std::string> optContactPerson = "";
- std::optional<std::string> optChallengePassword = "";
- std::optional<std::string> optEmail = "";
- std::optional<std::string> optGivenName = "";
- std::optional<std::string> optInitials = "";
- std::optional<int64_t> optKeyBitLength = rsaKeyBitLength;
- std::optional<std::string> optKeyCurveId = "secp384r1";
- std::optional<std::string> optKeyPairAlgorithm = "EC";
- std::optional<std::vector<std::string>> optKeyUsage =
- std::vector<std::string>();
- std::optional<std::string> optSurname = "";
- std::optional<std::string> optUnstructuredName = "";
- if (!json_util::readJson(
- req, asyncResp->res, "City", city, "CommonName", commonName,
- "ContactPerson", optContactPerson, "Country", country,
- "Organization", organization, "OrganizationalUnit",
- organizationalUnit, "State", state, "CertificateCollection",
- certificateCollection, "AlternativeNames", optAlternativeNames,
- "ChallengePassword", optChallengePassword, "Email", optEmail,
- "GivenName", optGivenName, "Initials", optInitials,
- "KeyBitLength", optKeyBitLength, "KeyCurveId", optKeyCurveId,
- "KeyPairAlgorithm", optKeyPairAlgorithm, "KeyUsage",
- optKeyUsage, "Surname", optSurname, "UnstructuredName",
- optUnstructuredName))
- {
- return;
- }
+ // bmcweb has no way to store or decode a private key challenge
+ // password, which will likely cause bmcweb to crash on startup
+ // if this is not set on a post so not allowing the user to set
+ // value
+ if (*optChallengePassword != "")
+ {
+ messages::actionParameterNotSupported(
+ asyncResp->res, "GenerateCSR", "ChallengePassword");
+ return;
+ }
- // bmcweb has no way to store or decode a private key challenge
- // password, which will likely cause bmcweb to crash on startup if this
- // is not set on a post so not allowing the user to set value
- if (*optChallengePassword != "")
- {
- messages::actionParameterNotSupported(asyncResp->res, "GenerateCSR",
- "ChallengePassword");
- return;
- }
+ std::string certURI;
+ if (!redfish::json_util::readJson(certificateCollection,
+ asyncResp->res, "@odata.id",
+ certURI))
+ {
+ return;
+ }
- std::string certURI;
- if (!redfish::json_util::readJson(certificateCollection, asyncResp->res,
- "@odata.id", certURI))
- {
- return;
- }
+ std::string objectPath;
+ std::string service;
+ if (boost::starts_with(certURI,
+ "/redfish/v1/Managers/bmc/"
+ "NetworkProtocol/HTTPS/Certificates"))
+ {
+ objectPath = certs::httpsObjectPath;
+ service = certs::httpsServiceName;
+ }
+ else if (boost::starts_with(
+ certURI,
+ "/redfish/v1/AccountService/LDAP/Certificates"))
+ {
+ objectPath = certs::ldapObjectPath;
+ service = certs::ldapServiceName;
+ }
+ else
+ {
+ messages::actionParameterNotSupported(
+ asyncResp->res, "CertificateCollection", "GenerateCSR");
+ return;
+ }
- std::string objectPath;
- std::string service;
- if (boost::starts_with(
- certURI,
- "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates"))
- {
- objectPath = certs::httpsObjectPath;
- service = certs::httpsServiceName;
- }
- else if (boost::starts_with(
- certURI, "/redfish/v1/AccountService/LDAP/Certificates"))
- {
- objectPath = certs::ldapObjectPath;
- service = certs::ldapServiceName;
- }
- else
- {
- messages::actionParameterNotSupported(
- asyncResp->res, "CertificateCollection", "GenerateCSR");
- return;
- }
+ // supporting only EC and RSA algorithm
+ if (*optKeyPairAlgorithm != "EC" &&
+ *optKeyPairAlgorithm != "RSA")
+ {
+ messages::actionParameterNotSupported(
+ asyncResp->res, "KeyPairAlgorithm", "GenerateCSR");
+ return;
+ }
- // supporting only EC and RSA algorithm
- if (*optKeyPairAlgorithm != "EC" && *optKeyPairAlgorithm != "RSA")
- {
- messages::actionParameterNotSupported(
- asyncResp->res, "KeyPairAlgorithm", "GenerateCSR");
- return;
- }
-
- // supporting only 2048 key bit length for RSA algorithm due to time
- // consumed in generating private key
- if (*optKeyPairAlgorithm == "RSA" &&
- *optKeyBitLength != rsaKeyBitLength)
- {
- messages::propertyValueNotInList(asyncResp->res,
- std::to_string(*optKeyBitLength),
- "KeyBitLength");
- return;
- }
-
- // validate KeyUsage supporting only 1 type based on URL
- if (boost::starts_with(
- certURI,
- "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates"))
- {
- if (optKeyUsage->size() == 0)
- {
- optKeyUsage->push_back("ServerAuthentication");
- }
- else if (optKeyUsage->size() == 1)
- {
- if ((*optKeyUsage)[0] != "ServerAuthentication")
+ // supporting only 2048 key bit length for RSA algorithm due to
+ // time consumed in generating private key
+ if (*optKeyPairAlgorithm == "RSA" &&
+ *optKeyBitLength != rsaKeyBitLength)
{
messages::propertyValueNotInList(
- asyncResp->res, (*optKeyUsage)[0], "KeyUsage");
+ asyncResp->res, std::to_string(*optKeyBitLength),
+ "KeyBitLength");
return;
}
- }
- else
- {
- messages::actionParameterNotSupported(
- asyncResp->res, "KeyUsage", "GenerateCSR");
- return;
- }
- }
- else if (boost::starts_with(
- certURI, "/redfish/v1/AccountService/LDAP/Certificates"))
- {
- if (optKeyUsage->size() == 0)
- {
- optKeyUsage->push_back("ClientAuthentication");
- }
- else if (optKeyUsage->size() == 1)
- {
- if ((*optKeyUsage)[0] != "ClientAuthentication")
- {
- messages::propertyValueNotInList(
- asyncResp->res, (*optKeyUsage)[0], "KeyUsage");
- return;
- }
- }
- else
- {
- messages::actionParameterNotSupported(
- asyncResp->res, "KeyUsage", "GenerateCSR");
- return;
- }
- }
- // Only allow one CSR matcher at a time so setting retry time-out and
- // timer expiry to 10 seconds for now.
- static const int timeOut = 10;
- if (csrMatcher)
- {
- messages::serviceTemporarilyUnavailable(asyncResp->res,
- std::to_string(timeOut));
- return;
- }
-
- // Make this static so it survives outside this method
- static boost::asio::steady_timer timeout(*req.ioService);
- timeout.expires_after(std::chrono::seconds(timeOut));
- timeout.async_wait([asyncResp](const boost::system::error_code& ec) {
- csrMatcher = nullptr;
- if (ec)
- {
- // operation_aborted is expected if timer is canceled before
- // completion.
- if (ec != boost::asio::error::operation_aborted)
+ // validate KeyUsage supporting only 1 type based on URL
+ if (boost::starts_with(certURI,
+ "/redfish/v1/Managers/bmc/"
+ "NetworkProtocol/HTTPS/Certificates"))
{
- BMCWEB_LOG_ERROR << "Async_wait failed " << ec;
- }
- return;
- }
- BMCWEB_LOG_ERROR << "Timed out waiting for Generating CSR";
- messages::internalError(asyncResp->res);
- });
-
- // create a matcher to wait on CSR object
- BMCWEB_LOG_DEBUG << "create matcher with path " << objectPath;
- std::string match("type='signal',"
- "interface='org.freedesktop.DBus.ObjectManager',"
- "path='" +
- objectPath +
- "',"
- "member='InterfacesAdded'");
- csrMatcher = std::make_unique<sdbusplus::bus::match::match>(
- *crow::connections::systemBus, match,
- [asyncResp, service, objectPath,
- certURI](sdbusplus::message::message& m) {
- timeout.cancel();
- if (m.is_method_error())
- {
- BMCWEB_LOG_ERROR << "Dbus method error!!!";
- messages::internalError(asyncResp->res);
- return;
- }
- std::vector<std::pair<
- std::string, std::vector<std::pair<
- std::string, std::variant<std::string>>>>>
- interfacesProperties;
- sdbusplus::message::object_path csrObjectPath;
- m.read(csrObjectPath, interfacesProperties);
- BMCWEB_LOG_DEBUG << "CSR object added" << csrObjectPath.str;
- for (auto& interface : interfacesProperties)
- {
- if (interface.first == "xyz.openbmc_project.Certs.CSR")
+ if (optKeyUsage->size() == 0)
{
- getCSR(asyncResp, certURI, service, objectPath,
- csrObjectPath.str);
- break;
+ optKeyUsage->push_back("ServerAuthentication");
+ }
+ else if (optKeyUsage->size() == 1)
+ {
+ if ((*optKeyUsage)[0] != "ServerAuthentication")
+ {
+ messages::propertyValueNotInList(
+ asyncResp->res, (*optKeyUsage)[0], "KeyUsage");
+ return;
+ }
+ }
+ else
+ {
+ messages::actionParameterNotSupported(
+ asyncResp->res, "KeyUsage", "GenerateCSR");
+ return;
}
}
- });
- crow::connections::systemBus->async_method_call(
- [asyncResp](const boost::system::error_code& ec,
- const std::string&) {
- if (ec)
+ else if (boost::starts_with(
+ certURI,
+ "/redfish/v1/AccountService/LDAP/Certificates"))
{
- BMCWEB_LOG_ERROR << "DBUS response error: " << ec.message();
- messages::internalError(asyncResp->res);
+ if (optKeyUsage->size() == 0)
+ {
+ optKeyUsage->push_back("ClientAuthentication");
+ }
+ else if (optKeyUsage->size() == 1)
+ {
+ if ((*optKeyUsage)[0] != "ClientAuthentication")
+ {
+ messages::propertyValueNotInList(
+ asyncResp->res, (*optKeyUsage)[0], "KeyUsage");
+ return;
+ }
+ }
+ else
+ {
+ messages::actionParameterNotSupported(
+ asyncResp->res, "KeyUsage", "GenerateCSR");
+ return;
+ }
+ }
+
+ // Only allow one CSR matcher at a time so setting retry
+ // time-out and timer expiry to 10 seconds for now.
+ static const int timeOut = 10;
+ if (csrMatcher)
+ {
+ messages::serviceTemporarilyUnavailable(
+ asyncResp->res, std::to_string(timeOut));
return;
}
- },
- service, objectPath, "xyz.openbmc_project.Certs.CSR.Create",
- "GenerateCSR", *optAlternativeNames, *optChallengePassword, city,
- commonName, *optContactPerson, country, *optEmail, *optGivenName,
- *optInitials, *optKeyBitLength, *optKeyCurveId,
- *optKeyPairAlgorithm, *optKeyUsage, organization,
- organizationalUnit, state, *optSurname, *optUnstructuredName);
- }
-}; // CertificateActionGenerateCSR
+
+ // Make this static so it survives outside this method
+ static boost::asio::steady_timer timeout(*req.ioService);
+ timeout.expires_after(std::chrono::seconds(timeOut));
+ timeout.async_wait([asyncResp](
+ const boost::system::error_code& ec) {
+ csrMatcher = nullptr;
+ if (ec)
+ {
+ // operation_aborted is expected if timer is canceled
+ // before completion.
+ if (ec != boost::asio::error::operation_aborted)
+ {
+ BMCWEB_LOG_ERROR << "Async_wait failed " << ec;
+ }
+ return;
+ }
+ BMCWEB_LOG_ERROR << "Timed out waiting for Generating CSR";
+ messages::internalError(asyncResp->res);
+ });
+
+ // create a matcher to wait on CSR object
+ BMCWEB_LOG_DEBUG << "create matcher with path " << objectPath;
+ std::string match(
+ "type='signal',"
+ "interface='org.freedesktop.DBus.ObjectManager',"
+ "path='" +
+ objectPath +
+ "',"
+ "member='InterfacesAdded'");
+ csrMatcher = std::make_unique<sdbusplus::bus::match::match>(
+ *crow::connections::systemBus, match,
+ [asyncResp, service, objectPath,
+ certURI](sdbusplus::message::message& m) {
+ timeout.cancel();
+ if (m.is_method_error())
+ {
+ BMCWEB_LOG_ERROR << "Dbus method error!!!";
+ messages::internalError(asyncResp->res);
+ return;
+ }
+ std::vector<std::pair<
+ std::string,
+ std::vector<std::pair<std::string,
+ std::variant<std::string>>>>>
+ interfacesProperties;
+ sdbusplus::message::object_path csrObjectPath;
+ m.read(csrObjectPath, interfacesProperties);
+ BMCWEB_LOG_DEBUG << "CSR object added"
+ << csrObjectPath.str;
+ for (auto& interface : interfacesProperties)
+ {
+ if (interface.first ==
+ "xyz.openbmc_project.Certs.CSR")
+ {
+ getCSR(asyncResp, certURI, service, objectPath,
+ csrObjectPath.str);
+ break;
+ }
+ }
+ });
+ crow::connections::systemBus->async_method_call(
+ [asyncResp](const boost::system::error_code& ec,
+ const std::string&) {
+ if (ec)
+ {
+ BMCWEB_LOG_ERROR << "DBUS response error: "
+ << ec.message();
+ messages::internalError(asyncResp->res);
+ return;
+ }
+ },
+ service, objectPath, "xyz.openbmc_project.Certs.CSR.Create",
+ "GenerateCSR", *optAlternativeNames, *optChallengePassword,
+ city, commonName, *optContactPerson, country, *optEmail,
+ *optGivenName, *optInitials, *optKeyBitLength,
+ *optKeyCurveId, *optKeyPairAlgorithm, *optKeyUsage,
+ organization, organizationalUnit, state, *optSurname,
+ *optUnstructuredName);
+ });
+} // requestRoutesCertificateActionGenerateCSR
/**
* @brief Parse and update Certificate Issue/Subject property
@@ -669,713 +663,656 @@
/**
* Action to replace an existing certificate
*/
-class CertificateActionsReplaceCertificate : public Node
+inline void requestRoutesCertificateActionsReplaceCertificate(App& app)
{
- public:
- CertificateActionsReplaceCertificate(App& app) :
- Node(app, "/redfish/v1/CertificateService/Actions/"
- "CertificateService.ReplaceCertificate/")
- {
- entityPrivileges = {
- {boost::beast::http::verb::get, {{"Login"}}},
- {boost::beast::http::verb::head, {{"Login"}}},
- {boost::beast::http::verb::patch, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::put, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::delete_, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::post, {{"ConfigureComponents"}}}};
- }
+ BMCWEB_ROUTE(app, "/redfish/v1/CertificateService/Actions/"
+ "CertificateService.ReplaceCertificate/")
+ .privileges({"ConfigureComponents"})
+ .methods(
+ boost::beast::http::verb::
+ post)([](const crow::Request& req,
+ const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
+ std::string certificate;
+ nlohmann::json certificateUri;
+ std::optional<std::string> certificateType = "PEM";
- private:
- void doPost(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
- const crow::Request& req,
- const std::vector<std::string>&) override
- {
- std::string certificate;
- nlohmann::json certificateUri;
- std::optional<std::string> certificateType = "PEM";
+ if (!json_util::readJson(req, asyncResp->res, "CertificateString",
+ certificate, "CertificateUri",
+ certificateUri, "CertificateType",
+ certificateType))
+ {
+ BMCWEB_LOG_ERROR << "Required parameters are missing";
+ messages::internalError(asyncResp->res);
+ return;
+ }
- if (!json_util::readJson(req, asyncResp->res, "CertificateString",
- certificate, "CertificateUri", certificateUri,
- "CertificateType", certificateType))
- {
- BMCWEB_LOG_ERROR << "Required parameters are missing";
- messages::internalError(asyncResp->res);
- return;
- }
+ if (!certificateType)
+ {
+ // should never happen, but it never hurts to be paranoid.
+ return;
+ }
+ if (certificateType != "PEM")
+ {
+ messages::actionParameterNotSupported(
+ asyncResp->res, "CertificateType", "ReplaceCertificate");
+ return;
+ }
- if (!certificateType)
- {
- // should never happen, but it never hurts to be paranoid.
- return;
- }
- if (certificateType != "PEM")
- {
- messages::actionParameterNotSupported(
- asyncResp->res, "CertificateType", "ReplaceCertificate");
- return;
- }
+ std::string certURI;
+ if (!redfish::json_util::readJson(certificateUri, asyncResp->res,
+ "@odata.id", certURI))
+ {
+ messages::actionParameterMissing(
+ asyncResp->res, "ReplaceCertificate", "CertificateUri");
+ return;
+ }
- std::string certURI;
- if (!redfish::json_util::readJson(certificateUri, asyncResp->res,
- "@odata.id", certURI))
- {
- messages::actionParameterMissing(
- asyncResp->res, "ReplaceCertificate", "CertificateUri");
- return;
- }
+ BMCWEB_LOG_INFO << "Certificate URI to replace" << certURI;
+ long id = getIDFromURL(certURI);
+ if (id < 0)
+ {
+ messages::actionParameterValueFormatError(
+ asyncResp->res, certURI, "CertificateUri",
+ "ReplaceCertificate");
+ return;
+ }
+ std::string objectPath;
+ std::string name;
+ std::string service;
+ if (boost::starts_with(certURI,
+ "/redfish/v1/Managers/bmc/NetworkProtocol/"
+ "HTTPS/Certificates/"))
+ {
+ objectPath = std::string(certs::httpsObjectPath) + "/" +
+ std::to_string(id);
+ name = "HTTPS certificate";
+ service = certs::httpsServiceName;
+ }
+ else if (boost::starts_with(
+ certURI,
+ "/redfish/v1/AccountService/LDAP/Certificates/"))
+ {
+ objectPath = std::string(certs::ldapObjectPath) + "/" +
+ std::to_string(id);
+ name = "LDAP certificate";
+ service = certs::ldapServiceName;
+ }
+ else if (boost::starts_with(
+ certURI,
+ "/redfish/v1/Managers/bmc/Truststore/Certificates/"))
+ {
+ objectPath = std::string(certs::authorityObjectPath) + "/" +
+ std::to_string(id);
+ name = "TrustStore certificate";
+ service = certs::authorityServiceName;
+ }
+ else
+ {
+ messages::actionParameterNotSupported(
+ asyncResp->res, "CertificateUri", "ReplaceCertificate");
+ return;
+ }
- BMCWEB_LOG_INFO << "Certificate URI to replace" << certURI;
- long id = getIDFromURL(certURI);
- if (id < 0)
- {
- messages::actionParameterValueFormatError(asyncResp->res, certURI,
- "CertificateUri",
- "ReplaceCertificate");
- return;
- }
- std::string objectPath;
- std::string name;
- std::string service;
- if (boost::starts_with(
- certURI,
- "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/"))
- {
- objectPath =
- std::string(certs::httpsObjectPath) + "/" + std::to_string(id);
- name = "HTTPS certificate";
- service = certs::httpsServiceName;
- }
- else if (boost::starts_with(
- certURI, "/redfish/v1/AccountService/LDAP/Certificates/"))
- {
- objectPath =
- std::string(certs::ldapObjectPath) + "/" + std::to_string(id);
- name = "LDAP certificate";
- service = certs::ldapServiceName;
- }
- else if (boost::starts_with(
- certURI,
- "/redfish/v1/Managers/bmc/Truststore/Certificates/"))
- {
- objectPath = std::string(certs::authorityObjectPath) + "/" +
- std::to_string(id);
- name = "TrustStore certificate";
- service = certs::authorityServiceName;
- }
- else
- {
- messages::actionParameterNotSupported(
- asyncResp->res, "CertificateUri", "ReplaceCertificate");
- return;
- }
-
- std::shared_ptr<CertificateFile> certFile =
- std::make_shared<CertificateFile>(certificate);
- crow::connections::systemBus->async_method_call(
- [asyncResp, certFile, objectPath, service, certURI, id,
- name](const boost::system::error_code ec) {
- if (ec)
- {
- BMCWEB_LOG_ERROR << "DBUS response error: " << ec;
- messages::resourceNotFound(asyncResp->res, name,
- std::to_string(id));
- return;
- }
- getCertificateProperties(asyncResp, objectPath, service, id,
- certURI, name);
- BMCWEB_LOG_DEBUG << "HTTPS certificate install file="
- << certFile->getCertFilePath();
- },
- service, objectPath, certs::certReplaceIntf, "Replace",
- certFile->getCertFilePath());
- }
-}; // CertificateActionsReplaceCertificate
+ std::shared_ptr<CertificateFile> certFile =
+ std::make_shared<CertificateFile>(certificate);
+ crow::connections::systemBus->async_method_call(
+ [asyncResp, certFile, objectPath, service, certURI, id,
+ name](const boost::system::error_code ec) {
+ if (ec)
+ {
+ BMCWEB_LOG_ERROR << "DBUS response error: " << ec;
+ messages::resourceNotFound(asyncResp->res, name,
+ std::to_string(id));
+ return;
+ }
+ getCertificateProperties(asyncResp, objectPath, service, id,
+ certURI, name);
+ BMCWEB_LOG_DEBUG << "HTTPS certificate install file="
+ << certFile->getCertFilePath();
+ },
+ service, objectPath, certs::certReplaceIntf, "Replace",
+ certFile->getCertFilePath());
+ });
+} // requestRoutesCertificateActionsReplaceCertificate
/**
* Certificate resource describes a certificate used to prove the identity
* of a component, account or service.
*/
-class HTTPSCertificate : public Node
+
+inline void requestRoutesHTTPSCertificate(App& app)
{
- public:
- HTTPSCertificate(App& app) :
- Node(app,
- "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/"
- "<str>/",
- std::string())
- {
- entityPrivileges = {
- {boost::beast::http::verb::get, {{"Login"}}},
- {boost::beast::http::verb::head, {{"Login"}}},
- {boost::beast::http::verb::patch, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::put, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::delete_, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::post, {{"ConfigureComponents"}}}};
- }
+ BMCWEB_ROUTE(
+ app,
+ "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/<str>/")
+ .privileges({"Login"})
+ .methods(
+ boost::beast::http::verb::
+ get)([](const crow::Request& req,
+ const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
+ const std::string& param) -> void {
+ if (param.empty())
+ {
+ messages::internalError(asyncResp->res);
+ return;
+ }
+ long id = getIDFromURL(req.url);
- void doGet(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
- const crow::Request& req,
- const std::vector<std::string>& params) override
- {
-
- if (params.size() != 1)
- {
- messages::internalError(asyncResp->res);
- return;
- }
- long id = getIDFromURL(req.url);
-
- BMCWEB_LOG_DEBUG << "HTTPSCertificate::doGet ID=" << std::to_string(id);
- std::string certURL =
- "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/" +
- std::to_string(id);
- std::string objectPath = certs::httpsObjectPath;
- objectPath += "/";
- objectPath += std::to_string(id);
- getCertificateProperties(asyncResp, objectPath, certs::httpsServiceName,
- id, certURL, "HTTPS Certificate");
- }
-
-}; // namespace redfish
+ BMCWEB_LOG_DEBUG << "HTTPSCertificate::doGet ID="
+ << std::to_string(id);
+ std::string certURL =
+ "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/" +
+ std::to_string(id);
+ std::string objectPath = certs::httpsObjectPath;
+ objectPath += "/";
+ objectPath += std::to_string(id);
+ getCertificateProperties(asyncResp, objectPath,
+ certs::httpsServiceName, id, certURL,
+ "HTTPS Certificate");
+ });
+}
/**
* Collection of HTTPS certificates
*/
-class HTTPSCertificateCollection : public Node
+inline void requestRoutesHTTPSCertificateCollection(App& app)
{
- public:
- HTTPSCertificateCollection(App& app) :
- Node(app,
- "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/")
- {
- entityPrivileges = {
- {boost::beast::http::verb::get, {{"Login"}}},
- {boost::beast::http::verb::head, {{"Login"}}},
- {boost::beast::http::verb::patch, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::put, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::delete_, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::post, {{"ConfigureComponents"}}}};
- }
- void doGet(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
- const crow::Request&, const std::vector<std::string>&) override
- {
- asyncResp->res.jsonValue = {
- {"@odata.id",
- "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates"},
- {"@odata.type", "#CertificateCollection.CertificateCollection"},
- {"Name", "HTTPS Certificates Collection"},
- {"Description", "A Collection of HTTPS certificate instances"}};
+ BMCWEB_ROUTE(app,
+ "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/")
+ .privileges({"Login"})
+ .methods(
+ boost::beast::http::verb::
+ get)([](const crow::Request&,
+ const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
+ asyncResp->res.jsonValue = {
+ {"@odata.id",
+ "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates"},
+ {"@odata.type", "#CertificateCollection.CertificateCollection"},
+ {"Name", "HTTPS Certificates Collection"},
+ {"Description", "A Collection of HTTPS certificate instances"}};
- crow::connections::systemBus->async_method_call(
- [asyncResp](const boost::system::error_code ec,
- const ManagedObjectType& certs) {
- if (ec)
- {
- BMCWEB_LOG_ERROR << "DBUS response error: " << ec;
- messages::internalError(asyncResp->res);
- return;
- }
- nlohmann::json& members = asyncResp->res.jsonValue["Members"];
- members = nlohmann::json::array();
- for (const auto& cert : certs)
- {
- long id = getIDFromURL(cert.first.str);
- if (id >= 0)
+ crow::connections::systemBus->async_method_call(
+ [asyncResp](const boost::system::error_code ec,
+ const ManagedObjectType& certs) {
+ if (ec)
{
- members.push_back(
- {{"@odata.id",
- "/redfish/v1/Managers/bmc/"
- "NetworkProtocol/HTTPS/Certificates/" +
- std::to_string(id)}});
+ BMCWEB_LOG_ERROR << "DBUS response error: " << ec;
+ messages::internalError(asyncResp->res);
+ return;
}
- }
- asyncResp->res.jsonValue["Members@odata.count"] =
- members.size();
- },
- certs::httpsServiceName, certs::httpsObjectPath,
- certs::dbusObjManagerIntf, "GetManagedObjects");
- }
+ nlohmann::json& members =
+ asyncResp->res.jsonValue["Members"];
+ members = nlohmann::json::array();
+ for (const auto& cert : certs)
+ {
+ long id = getIDFromURL(cert.first.str);
+ if (id >= 0)
+ {
+ members.push_back(
+ {{"@odata.id",
+ "/redfish/v1/Managers/bmc/"
+ "NetworkProtocol/HTTPS/Certificates/" +
+ std::to_string(id)}});
+ }
+ }
+ asyncResp->res.jsonValue["Members@odata.count"] =
+ members.size();
+ },
+ certs::httpsServiceName, certs::httpsObjectPath,
+ certs::dbusObjManagerIntf, "GetManagedObjects");
+ });
- void doPost(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
- const crow::Request& req,
- const std::vector<std::string>&) override
- {
- BMCWEB_LOG_DEBUG << "HTTPSCertificateCollection::doPost";
+ BMCWEB_ROUTE(app,
+ "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/")
+ .privileges({"ConfigureComponents"})
+ .methods(boost::beast::http::verb::post)(
+ [](const crow::Request& req,
+ const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
+ BMCWEB_LOG_DEBUG << "HTTPSCertificateCollection::doPost";
- asyncResp->res.jsonValue = {{"Name", "HTTPS Certificate"},
- {"Description", "HTTPS Certificate"}};
+ asyncResp->res.jsonValue = {
+ {"Name", "HTTPS Certificate"},
+ {"Description", "HTTPS Certificate"}};
- std::string certFileBody = getCertificateFromReqBody(asyncResp, req);
+ std::string certFileBody =
+ getCertificateFromReqBody(asyncResp, req);
- if (certFileBody.empty())
- {
- BMCWEB_LOG_ERROR << "Cannot get certificate from request body.";
- messages::unrecognizedRequestBody(asyncResp->res);
- return;
- }
-
- std::shared_ptr<CertificateFile> certFile =
- std::make_shared<CertificateFile>(certFileBody);
-
- crow::connections::systemBus->async_method_call(
- [asyncResp, certFile](const boost::system::error_code ec,
- const std::string& objectPath) {
- if (ec)
+ if (certFileBody.empty())
{
- BMCWEB_LOG_ERROR << "DBUS response error: " << ec;
- messages::internalError(asyncResp->res);
+ BMCWEB_LOG_ERROR
+ << "Cannot get certificate from request body.";
+ messages::unrecognizedRequestBody(asyncResp->res);
return;
}
- long certId = getIDFromURL(objectPath);
- if (certId < 0)
+
+ std::shared_ptr<CertificateFile> certFile =
+ std::make_shared<CertificateFile>(certFileBody);
+
+ crow::connections::systemBus->async_method_call(
+ [asyncResp, certFile](const boost::system::error_code ec,
+ const std::string& objectPath) {
+ if (ec)
+ {
+ BMCWEB_LOG_ERROR << "DBUS response error: " << ec;
+ messages::internalError(asyncResp->res);
+ return;
+ }
+ long certId = getIDFromURL(objectPath);
+ if (certId < 0)
+ {
+ BMCWEB_LOG_ERROR << "Invalid objectPath value"
+ << objectPath;
+ messages::internalError(asyncResp->res);
+ return;
+ }
+ std::string certURL =
+ "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/"
+ "Certificates/" +
+ std::to_string(certId);
+ getCertificateProperties(
+ asyncResp, objectPath, certs::httpsServiceName,
+ certId, certURL, "HTTPS Certificate");
+ BMCWEB_LOG_DEBUG << "HTTPS certificate install file="
+ << certFile->getCertFilePath();
+ },
+ certs::httpsServiceName, certs::httpsObjectPath,
+ certs::certInstallIntf, "Install",
+ certFile->getCertFilePath());
+ });
+} // requestRoutesHTTPSCertificateCollection
+
+/**
+ * @brief Retrieve the certificates installed list and append to the
+ * response
+ *
+ * @param[in] asyncResp Shared pointer to the response message
+ * @param[in] certURL Path of the certificate object
+ * @param[in] path Path of the D-Bus service object
+ * @return None
+ */
+void getCertificateLocations(
+ const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
+ const std::string& certURL, const std::string& path,
+ const std::string& service)
+{
+ BMCWEB_LOG_DEBUG << "getCertificateLocations URI=" << certURL
+ << " Path=" << path << " service= " << service;
+ crow::connections::systemBus->async_method_call(
+ [asyncResp, certURL](const boost::system::error_code ec,
+ const ManagedObjectType& certs) {
+ if (ec)
+ {
+ BMCWEB_LOG_WARNING
+ << "Certificate collection query failed: " << ec
+ << ", skipping " << certURL;
+ return;
+ }
+ nlohmann::json& links =
+ asyncResp->res.jsonValue["Links"]["Certificates"];
+ for (auto& cert : certs)
+ {
+ long id = getIDFromURL(cert.first.str);
+ if (id >= 0)
{
- BMCWEB_LOG_ERROR << "Invalid objectPath value"
- << objectPath;
- messages::internalError(asyncResp->res);
- return;
+ links.push_back(
+ {{"@odata.id", certURL + std::to_string(id)}});
}
- std::string certURL =
- "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/"
- "Certificates/" +
- std::to_string(certId);
- getCertificateProperties(asyncResp, objectPath,
- certs::httpsServiceName, certId,
- certURL, "HTTPS Certificate");
- BMCWEB_LOG_DEBUG << "HTTPS certificate install file="
- << certFile->getCertFilePath();
- },
- certs::httpsServiceName, certs::httpsObjectPath,
- certs::certInstallIntf, "Install", certFile->getCertFilePath());
- }
-}; // HTTPSCertificateCollection
+ }
+ asyncResp->res.jsonValue["Links"]["Certificates@odata.count"] =
+ links.size();
+ },
+ service, path, certs::dbusObjManagerIntf, "GetManagedObjects");
+}
/**
* The certificate location schema defines a resource that an administrator
* can use in order to locate all certificates installed on a given service.
*/
-class CertificateLocations : public Node
+inline void requestRoutesCertificateLocations(App& app)
{
- public:
- CertificateLocations(App& app) :
- Node(app, "/redfish/v1/CertificateService/CertificateLocations/")
- {
- entityPrivileges = {
- {boost::beast::http::verb::get, {{"Login"}}},
- {boost::beast::http::verb::head, {{"Login"}}},
- {boost::beast::http::verb::patch, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::put, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::delete_, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::post, {{"ConfigureComponents"}}}};
- }
+ BMCWEB_ROUTE(app, "/redfish/v1/CertificateService/CertificateLocations/")
+ .privileges({"Login"})
+ .methods(
+ boost::beast::http::verb::
+ get)([](const crow::Request&,
+ const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
+ asyncResp->res.jsonValue = {
+ {"@odata.id",
+ "/redfish/v1/CertificateService/CertificateLocations"},
+ {"@odata.type",
+ "#CertificateLocations.v1_0_0.CertificateLocations"},
+ {"Name", "Certificate Locations"},
+ {"Id", "CertificateLocations"},
+ {"Description",
+ "Defines a resource that an administrator can use in order to "
+ "locate all certificates installed on a given service"}};
- private:
- void doGet(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
- const crow::Request&, const std::vector<std::string>&) override
- {
- asyncResp->res.jsonValue = {
- {"@odata.id",
- "/redfish/v1/CertificateService/CertificateLocations"},
- {"@odata.type",
- "#CertificateLocations.v1_0_0.CertificateLocations"},
- {"Name", "Certificate Locations"},
- {"Id", "CertificateLocations"},
- {"Description",
- "Defines a resource that an administrator can use in order to "
- "locate all certificates installed on a given service"}};
-
- nlohmann::json& links =
- asyncResp->res.jsonValue["Links"]["Certificates"];
- links = nlohmann::json::array();
- getCertificateLocations(
- asyncResp,
- "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/",
- certs::httpsObjectPath, certs::httpsServiceName);
- getCertificateLocations(asyncResp,
- "/redfish/v1/AccountService/LDAP/Certificates/",
- certs::ldapObjectPath, certs::ldapServiceName);
- getCertificateLocations(
- asyncResp, "/redfish/v1/Managers/bmc/Truststore/Certificates/",
- certs::authorityObjectPath, certs::authorityServiceName);
- }
- /**
- * @brief Retrieve the certificates installed list and append to the
- * response
- *
- * @param[in] asyncResp Shared pointer to the response message
- * @param[in] certURL Path of the certificate object
- * @param[in] path Path of the D-Bus service object
- * @return None
- */
- void getCertificateLocations(
- const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
- const std::string& certURL, const std::string& path,
- const std::string& service)
- {
- BMCWEB_LOG_DEBUG << "getCertificateLocations URI=" << certURL
- << " Path=" << path << " service= " << service;
- crow::connections::systemBus->async_method_call(
- [asyncResp, certURL](const boost::system::error_code ec,
- const ManagedObjectType& certs) {
- if (ec)
- {
- BMCWEB_LOG_WARNING
- << "Certificate collection query failed: " << ec
- << ", skipping " << certURL;
- return;
- }
- nlohmann::json& links =
- asyncResp->res.jsonValue["Links"]["Certificates"];
- for (auto& cert : certs)
- {
- long id = getIDFromURL(cert.first.str);
- if (id >= 0)
- {
- links.push_back(
- {{"@odata.id", certURL + std::to_string(id)}});
- }
- }
- asyncResp->res.jsonValue["Links"]["Certificates@odata.count"] =
- links.size();
- },
- service, path, certs::dbusObjManagerIntf, "GetManagedObjects");
- }
-}; // CertificateLocations
+ nlohmann::json& links =
+ asyncResp->res.jsonValue["Links"]["Certificates"];
+ links = nlohmann::json::array();
+ getCertificateLocations(
+ asyncResp,
+ "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/",
+ certs::httpsObjectPath, certs::httpsServiceName);
+ getCertificateLocations(
+ asyncResp, "/redfish/v1/AccountService/LDAP/Certificates/",
+ certs::ldapObjectPath, certs::ldapServiceName);
+ getCertificateLocations(
+ asyncResp, "/redfish/v1/Managers/bmc/Truststore/Certificates/",
+ certs::authorityObjectPath, certs::authorityServiceName);
+ });
+}
+// requestRoutesCertificateLocations
/**
* Collection of LDAP certificates
*/
-class LDAPCertificateCollection : public Node
+inline void requestRoutesLDAPCertificateCollection(App& app)
{
- public:
- LDAPCertificateCollection(App& app) :
- Node(app, "/redfish/v1/AccountService/LDAP/Certificates/")
- {
- entityPrivileges = {
- {boost::beast::http::verb::get, {{"Login"}}},
- {boost::beast::http::verb::head, {{"Login"}}},
- {boost::beast::http::verb::patch, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::put, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::delete_, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::post, {{"ConfigureComponents"}}}};
- }
- void doGet(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
- const crow::Request&, const std::vector<std::string>&) override
- {
- asyncResp->res.jsonValue = {
- {"@odata.id", "/redfish/v1/AccountService/LDAP/Certificates"},
- {"@odata.type", "#CertificateCollection.CertificateCollection"},
- {"Name", "LDAP Certificates Collection"},
- {"Description", "A Collection of LDAP certificate instances"}};
+ BMCWEB_ROUTE(app, "/redfish/v1/AccountService/LDAP/Certificates/")
+ .privileges({"Login"})
+ .methods(boost::beast::http::verb::get)(
+ [](const crow::Request&,
+ const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
+ asyncResp->res.jsonValue = {
+ {"@odata.id",
+ "/redfish/v1/AccountService/LDAP/Certificates"},
+ {"@odata.type",
+ "#CertificateCollection.CertificateCollection"},
+ {"Name", "LDAP Certificates Collection"},
+ {"Description",
+ "A Collection of LDAP certificate instances"}};
- crow::connections::systemBus->async_method_call(
- [asyncResp](const boost::system::error_code ec,
- const ManagedObjectType& certs) {
- nlohmann::json& members = asyncResp->res.jsonValue["Members"];
- nlohmann::json& count =
- asyncResp->res.jsonValue["Members@odata.count"];
- members = nlohmann::json::array();
- count = 0;
- if (ec)
+ crow::connections::systemBus->async_method_call(
+ [asyncResp](const boost::system::error_code ec,
+ const ManagedObjectType& certs) {
+ nlohmann::json& members =
+ asyncResp->res.jsonValue["Members"];
+ nlohmann::json& count =
+ asyncResp->res.jsonValue["Members@odata.count"];
+ members = nlohmann::json::array();
+ count = 0;
+ if (ec)
+ {
+ BMCWEB_LOG_WARNING
+ << "LDAP certificate query failed: " << ec;
+ return;
+ }
+ for (const auto& cert : certs)
+ {
+ long id = getIDFromURL(cert.first.str);
+ if (id >= 0)
+ {
+ members.push_back(
+ {{"@odata.id", "/redfish/v1/AccountService/"
+ "LDAP/Certificates/" +
+ std::to_string(id)}});
+ }
+ }
+ count = members.size();
+ },
+ certs::ldapServiceName, certs::ldapObjectPath,
+ certs::dbusObjManagerIntf, "GetManagedObjects");
+ });
+
+ BMCWEB_ROUTE(app, "/redfish/v1/AccountService/LDAP/Certificates/")
+ .privileges({"ConfigureComponents"})
+ .methods(boost::beast::http::verb::post)(
+ [](const crow::Request& req,
+ const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
+ std::string certFileBody =
+ getCertificateFromReqBody(asyncResp, req);
+
+ if (certFileBody.empty())
{
- BMCWEB_LOG_WARNING << "LDAP certificate query failed: "
- << ec;
+ BMCWEB_LOG_ERROR
+ << "Cannot get certificate from request body.";
+ messages::unrecognizedRequestBody(asyncResp->res);
return;
}
- for (const auto& cert : certs)
- {
- long id = getIDFromURL(cert.first.str);
- if (id >= 0)
- {
- members.push_back(
- {{"@odata.id", "/redfish/v1/AccountService/"
- "LDAP/Certificates/" +
- std::to_string(id)}});
- }
- }
- count = members.size();
- },
- certs::ldapServiceName, certs::ldapObjectPath,
- certs::dbusObjManagerIntf, "GetManagedObjects");
- }
- void doPost(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
- const crow::Request& req,
- const std::vector<std::string>&) override
- {
+ std::shared_ptr<CertificateFile> certFile =
+ std::make_shared<CertificateFile>(certFileBody);
- std::string certFileBody = getCertificateFromReqBody(asyncResp, req);
-
- if (certFileBody.empty())
- {
- BMCWEB_LOG_ERROR << "Cannot get certificate from request body.";
- messages::unrecognizedRequestBody(asyncResp->res);
- return;
- }
-
- std::shared_ptr<CertificateFile> certFile =
- std::make_shared<CertificateFile>(certFileBody);
-
- crow::connections::systemBus->async_method_call(
- [asyncResp, certFile](const boost::system::error_code ec,
- const std::string& objectPath) {
- if (ec)
- {
- BMCWEB_LOG_ERROR << "DBUS response error: " << ec;
- messages::internalError(asyncResp->res);
- return;
- }
- long certId = getIDFromURL(objectPath);
- if (certId < 0)
- {
- BMCWEB_LOG_ERROR << "Invalid objectPath value"
- << objectPath;
- messages::internalError(asyncResp->res);
- return;
- }
- std::string certURL =
- "/redfish/v1/AccountService/LDAP/Certificates/" +
- std::to_string(certId);
- getCertificateProperties(asyncResp, objectPath,
- certs::ldapServiceName, certId,
- certURL, "LDAP Certificate");
- BMCWEB_LOG_DEBUG << "LDAP certificate install file="
- << certFile->getCertFilePath();
- },
- certs::ldapServiceName, certs::ldapObjectPath,
- certs::certInstallIntf, "Install", certFile->getCertFilePath());
- }
-}; // LDAPCertificateCollection
+ crow::connections::systemBus->async_method_call(
+ [asyncResp, certFile](const boost::system::error_code ec,
+ const std::string& objectPath) {
+ if (ec)
+ {
+ BMCWEB_LOG_ERROR << "DBUS response error: " << ec;
+ messages::internalError(asyncResp->res);
+ return;
+ }
+ long certId = getIDFromURL(objectPath);
+ if (certId < 0)
+ {
+ BMCWEB_LOG_ERROR << "Invalid objectPath value"
+ << objectPath;
+ messages::internalError(asyncResp->res);
+ return;
+ }
+ std::string certURL =
+ "/redfish/v1/AccountService/LDAP/Certificates/" +
+ std::to_string(certId);
+ getCertificateProperties(asyncResp, objectPath,
+ certs::ldapServiceName, certId,
+ certURL, "LDAP Certificate");
+ BMCWEB_LOG_DEBUG << "LDAP certificate install file="
+ << certFile->getCertFilePath();
+ },
+ certs::ldapServiceName, certs::ldapObjectPath,
+ certs::certInstallIntf, "Install",
+ certFile->getCertFilePath());
+ });
+} // requestRoutesLDAPCertificateCollection
/**
* Certificate resource describes a certificate used to prove the identity
* of a component, account or service.
*/
-class LDAPCertificate : public Node
+inline void requestRoutesLDAPCertificate(App& app)
{
- public:
- LDAPCertificate(App& app) :
- Node(app, "/redfish/v1/AccountService/LDAP/Certificates/<str>/",
- std::string())
- {
- entityPrivileges = {
- {boost::beast::http::verb::get, {{"Login"}}},
- {boost::beast::http::verb::head, {{"Login"}}},
- {boost::beast::http::verb::patch, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::put, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::delete_, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::post, {{"ConfigureComponents"}}}};
- }
-
- void doGet(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
- const crow::Request& req,
- const std::vector<std::string>&) override
- {
-
- long id = getIDFromURL(req.url);
- if (id < 0)
- {
- BMCWEB_LOG_ERROR << "Invalid url value" << req.url;
- messages::internalError(asyncResp->res);
- return;
- }
- BMCWEB_LOG_DEBUG << "LDAP Certificate ID=" << std::to_string(id);
- std::string certURL = "/redfish/v1/AccountService/LDAP/Certificates/" +
- std::to_string(id);
- std::string objectPath = certs::ldapObjectPath;
- objectPath += "/";
- objectPath += std::to_string(id);
- getCertificateProperties(asyncResp, objectPath, certs::ldapServiceName,
- id, certURL, "LDAP Certificate");
- }
-}; // LDAPCertificate
+ BMCWEB_ROUTE(app, "/redfish/v1/AccountService/LDAP/Certificates/<str>/")
+ .privileges({"Login"})
+ .methods(boost::beast::http::verb::get)(
+ [](const crow::Request& req,
+ const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
+ const std::string&) {
+ long id = getIDFromURL(req.url);
+ if (id < 0)
+ {
+ BMCWEB_LOG_ERROR << "Invalid url value" << req.url;
+ messages::internalError(asyncResp->res);
+ return;
+ }
+ BMCWEB_LOG_DEBUG << "LDAP Certificate ID="
+ << std::to_string(id);
+ std::string certURL =
+ "/redfish/v1/AccountService/LDAP/Certificates/" +
+ std::to_string(id);
+ std::string objectPath = certs::ldapObjectPath;
+ objectPath += "/";
+ objectPath += std::to_string(id);
+ getCertificateProperties(asyncResp, objectPath,
+ certs::ldapServiceName, id, certURL,
+ "LDAP Certificate");
+ });
+} // requestRoutesLDAPCertificate
/**
* Collection of TrustStoreCertificate certificates
*/
-class TrustStoreCertificateCollection : public Node
+inline void requestRoutesTrustStoreCertificateCollection(App& app)
{
- public:
- TrustStoreCertificateCollection(App& app) :
- Node(app, "/redfish/v1/Managers/bmc/Truststore/Certificates/")
- {
- entityPrivileges = {
- {boost::beast::http::verb::get, {{"Login"}}},
- {boost::beast::http::verb::head, {{"Login"}}},
- {boost::beast::http::verb::patch, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::put, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::delete_, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::post, {{"ConfigureComponents"}}}};
- }
- void doGet(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
- const crow::Request&, const std::vector<std::string>&) override
- {
- asyncResp->res.jsonValue = {
- {"@odata.id", "/redfish/v1/Managers/bmc/Truststore/Certificates/"},
- {"@odata.type", "#CertificateCollection.CertificateCollection"},
- {"Name", "TrustStore Certificates Collection"},
- {"Description",
- "A Collection of TrustStore certificate instances"}};
+ BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/Truststore/Certificates/")
+ .privileges({"Login"})
+ .methods(boost::beast::http::verb::get)(
+ [](const crow::Request&,
+ const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
+ asyncResp->res.jsonValue = {
+ {"@odata.id",
+ "/redfish/v1/Managers/bmc/Truststore/Certificates/"},
+ {"@odata.type",
+ "#CertificateCollection.CertificateCollection"},
+ {"Name", "TrustStore Certificates Collection"},
+ {"Description",
+ "A Collection of TrustStore certificate instances"}};
- crow::connections::systemBus->async_method_call(
- [asyncResp](const boost::system::error_code ec,
- const ManagedObjectType& certs) {
- if (ec)
+ crow::connections::systemBus->async_method_call(
+ [asyncResp](const boost::system::error_code ec,
+ const ManagedObjectType& certs) {
+ if (ec)
+ {
+ BMCWEB_LOG_ERROR << "DBUS response error: " << ec;
+ messages::internalError(asyncResp->res);
+ return;
+ }
+ nlohmann::json& members =
+ asyncResp->res.jsonValue["Members"];
+ members = nlohmann::json::array();
+ for (const auto& cert : certs)
+ {
+ long id = getIDFromURL(cert.first.str);
+ if (id >= 0)
+ {
+ members.push_back(
+ {{"@odata.id", "/redfish/v1/Managers/bmc/"
+ "Truststore/Certificates/" +
+ std::to_string(id)}});
+ }
+ }
+ asyncResp->res.jsonValue["Members@odata.count"] =
+ members.size();
+ },
+ certs::authorityServiceName, certs::authorityObjectPath,
+ certs::dbusObjManagerIntf, "GetManagedObjects");
+ });
+
+ BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/Truststore/Certificates/")
+ .privileges({"ConfigureComponents"})
+ .methods(boost::beast::http::verb::post)(
+ [](const crow::Request& req,
+ const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
+ std::string certFileBody =
+ getCertificateFromReqBody(asyncResp, req);
+
+ if (certFileBody.empty())
{
- BMCWEB_LOG_ERROR << "DBUS response error: " << ec;
- messages::internalError(asyncResp->res);
+ BMCWEB_LOG_ERROR
+ << "Cannot get certificate from request body.";
+ messages::unrecognizedRequestBody(asyncResp->res);
return;
}
- nlohmann::json& members = asyncResp->res.jsonValue["Members"];
- members = nlohmann::json::array();
- for (const auto& cert : certs)
- {
- long id = getIDFromURL(cert.first.str);
- if (id >= 0)
- {
- members.push_back(
- {{"@odata.id", "/redfish/v1/Managers/bmc/"
- "Truststore/Certificates/" +
- std::to_string(id)}});
- }
- }
- asyncResp->res.jsonValue["Members@odata.count"] =
- members.size();
- },
- certs::authorityServiceName, certs::authorityObjectPath,
- certs::dbusObjManagerIntf, "GetManagedObjects");
- }
- void doPost(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
- const crow::Request& req,
- const std::vector<std::string>&) override
- {
+ std::shared_ptr<CertificateFile> certFile =
+ std::make_shared<CertificateFile>(certFileBody);
+ crow::connections::systemBus->async_method_call(
+ [asyncResp, certFile](const boost::system::error_code ec,
+ const std::string& objectPath) {
+ if (ec)
+ {
+ BMCWEB_LOG_ERROR << "DBUS response error: " << ec;
+ messages::internalError(asyncResp->res);
+ return;
+ }
+ long certId = getIDFromURL(objectPath);
+ if (certId < 0)
+ {
+ BMCWEB_LOG_ERROR << "Invalid objectPath value"
+ << objectPath;
+ messages::internalError(asyncResp->res);
+ return;
+ }
+ std::string certURL = "/redfish/v1/Managers/bmc/"
+ "Truststore/Certificates/" +
+ std::to_string(certId);
- std::string certFileBody = getCertificateFromReqBody(asyncResp, req);
-
- if (certFileBody.empty())
- {
- BMCWEB_LOG_ERROR << "Cannot get certificate from request body.";
- messages::unrecognizedRequestBody(asyncResp->res);
- return;
- }
-
- std::shared_ptr<CertificateFile> certFile =
- std::make_shared<CertificateFile>(certFileBody);
- crow::connections::systemBus->async_method_call(
- [asyncResp, certFile](const boost::system::error_code ec,
- const std::string& objectPath) {
- if (ec)
- {
- BMCWEB_LOG_ERROR << "DBUS response error: " << ec;
- messages::internalError(asyncResp->res);
- return;
- }
- long certId = getIDFromURL(objectPath);
- if (certId < 0)
- {
- BMCWEB_LOG_ERROR << "Invalid objectPath value"
- << objectPath;
- messages::internalError(asyncResp->res);
- return;
- }
- std::string certURL = "/redfish/v1/Managers/bmc/"
- "Truststore/Certificates/" +
- std::to_string(certId);
-
- getCertificateProperties(asyncResp, objectPath,
- certs::authorityServiceName, certId,
- certURL, "TrustStore Certificate");
- BMCWEB_LOG_DEBUG << "TrustStore certificate install file="
- << certFile->getCertFilePath();
- },
- certs::authorityServiceName, certs::authorityObjectPath,
- certs::certInstallIntf, "Install", certFile->getCertFilePath());
- }
-}; // TrustStoreCertificateCollection
+ getCertificateProperties(
+ asyncResp, objectPath, certs::authorityServiceName,
+ certId, certURL, "TrustStore Certificate");
+ BMCWEB_LOG_DEBUG
+ << "TrustStore certificate install file="
+ << certFile->getCertFilePath();
+ },
+ certs::authorityServiceName, certs::authorityObjectPath,
+ certs::certInstallIntf, "Install",
+ certFile->getCertFilePath());
+ });
+} // requestRoutesTrustStoreCertificateCollection
/**
* Certificate resource describes a certificate used to prove the identity
* of a component, account or service.
*/
-class TrustStoreCertificate : public Node
+inline void requestRoutesTrustStoreCertificate(App& app)
{
- public:
- TrustStoreCertificate(App& app) :
- Node(app, "/redfish/v1/Managers/bmc/Truststore/Certificates/<str>/",
- std::string())
- {
- entityPrivileges = {
- {boost::beast::http::verb::get, {{"Login"}}},
- {boost::beast::http::verb::head, {{"Login"}}},
- {boost::beast::http::verb::patch, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::put, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::delete_, {{"ConfigureComponents"}}},
- {boost::beast::http::verb::post, {{"ConfigureComponents"}}}};
- }
-
- void doGet(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
- const crow::Request& req,
- const std::vector<std::string>&) override
- {
-
- long id = getIDFromURL(req.url);
- if (id < 0)
- {
- BMCWEB_LOG_ERROR << "Invalid url value" << req.url;
- messages::internalError(asyncResp->res);
- return;
- }
- BMCWEB_LOG_DEBUG << "TrustStoreCertificate::doGet ID="
- << std::to_string(id);
- std::string certURL =
- "/redfish/v1/Managers/bmc/Truststore/Certificates/" +
- std::to_string(id);
- std::string objectPath = certs::authorityObjectPath;
- objectPath += "/";
- objectPath += std::to_string(id);
- getCertificateProperties(asyncResp, objectPath,
- certs::authorityServiceName, id, certURL,
- "TrustStore Certificate");
- }
-
- void doDelete(const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
- const crow::Request& req,
- const std::vector<std::string>& params) override
- {
-
- if (params.size() != 1)
- {
- messages::internalError(asyncResp->res);
- return;
- }
-
- long id = getIDFromURL(req.url);
- if (id < 0)
- {
- BMCWEB_LOG_ERROR << "Invalid url value: " << req.url;
- messages::resourceNotFound(asyncResp->res, "TrustStore Certificate",
- std::string(req.url));
- return;
- }
- BMCWEB_LOG_DEBUG << "TrustStoreCertificate::doDelete ID="
- << std::to_string(id);
- std::string certPath = certs::authorityObjectPath;
- certPath += "/";
- certPath += std::to_string(id);
-
- crow::connections::systemBus->async_method_call(
- [asyncResp, id](const boost::system::error_code ec) {
- if (ec)
+ BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/Truststore/Certificates/<str>/")
+ .privileges({"Loign"})
+ .methods(boost::beast::http::verb::get)(
+ [](const crow::Request& req,
+ const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
+ const std::string&) {
+ long id = getIDFromURL(req.url);
+ if (id < 0)
{
- messages::resourceNotFound(asyncResp->res,
- "TrustStore Certificate",
- std::to_string(id));
+ BMCWEB_LOG_ERROR << "Invalid url value" << req.url;
+ messages::internalError(asyncResp->res);
return;
}
- BMCWEB_LOG_INFO << "Certificate deleted";
- asyncResp->res.result(boost::beast::http::status::no_content);
- },
- certs::authorityServiceName, certPath, certs::objDeleteIntf,
- "Delete");
- }
-}; // TrustStoreCertificate
+ BMCWEB_LOG_DEBUG << "TrustStoreCertificate::doGet ID="
+ << std::to_string(id);
+ std::string certURL =
+ "/redfish/v1/Managers/bmc/Truststore/Certificates/" +
+ std::to_string(id);
+ std::string objectPath = certs::authorityObjectPath;
+ objectPath += "/";
+ objectPath += std::to_string(id);
+ getCertificateProperties(asyncResp, objectPath,
+ certs::authorityServiceName, id,
+ certURL, "TrustStore Certificate");
+ });
+
+ BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/Truststore/Certificates/<str>/")
+ .privileges({"ConfigureComponents"})
+ .methods(boost::beast::http::verb::delete_)(
+ [](const crow::Request& req,
+ const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
+ const std::string& param) {
+ if (param.empty())
+ {
+ messages::internalError(asyncResp->res);
+ return;
+ }
+
+ long id = getIDFromURL(req.url);
+ if (id < 0)
+ {
+ BMCWEB_LOG_ERROR << "Invalid url value: " << req.url;
+ messages::resourceNotFound(asyncResp->res,
+ "TrustStore Certificate",
+ std::string(req.url));
+ return;
+ }
+ BMCWEB_LOG_DEBUG << "TrustStoreCertificate::doDelete ID="
+ << std::to_string(id);
+ std::string certPath = certs::authorityObjectPath;
+ certPath += "/";
+ certPath += std::to_string(id);
+
+ crow::connections::systemBus->async_method_call(
+ [asyncResp, id](const boost::system::error_code ec) {
+ if (ec)
+ {
+ messages::resourceNotFound(asyncResp->res,
+ "TrustStore Certificate",
+ std::to_string(id));
+ return;
+ }
+ BMCWEB_LOG_INFO << "Certificate deleted";
+ asyncResp->res.result(
+ boost::beast::http::status::no_content);
+ },
+ certs::authorityServiceName, certPath, certs::objDeleteIntf,
+ "Delete");
+ });
+} // requestRoutesTrustStoreCertificate
} // namespace redfish