certificate: Allow deleting LDAP client certificate
Users should be able to delete LDAP client certificate, and phosphor-
certificate-manager already supports this. This patch adds the Redfish
API endpoint for it.
Tested:
DELETE /redfish/v1/AccountService/LDAP/Certificates/1 removes the LDAP
client certificate installed on system.
Change-Id: If1c082c78c404b5877e74ba50de3a970cd823a90
Signed-off-by: Jiaqing Zhao <jiaqing.zhao@intel.com>
diff --git a/redfish-core/lib/certificate_service.hpp b/redfish-core/lib/certificate_service.hpp
index cb89792..24c84eb 100644
--- a/redfish-core/lib/certificate_service.hpp
+++ b/redfish-core/lib/certificate_service.hpp
@@ -1068,6 +1068,22 @@
certURL, "LDAP Certificate");
}
+inline void handleLDAPCertificateDelete(
+ App& app, const crow::Request& req,
+ const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, const std::string& id)
+{
+ if (!redfish::setUpRedfishRoute(app, req, asyncResp))
+ {
+ return;
+ }
+
+ BMCWEB_LOG_DEBUG << "Delete LDAP Certificate ID=" << id;
+ std::string objPath =
+ sdbusplus::message::object_path(certs::ldapObjectPath) / id;
+
+ deleteCertificate(asyncResp, certs::ldapServiceName, objPath);
+}
+
inline void requestRoutesLDAPCertificate(App& app)
{
BMCWEB_ROUTE(app, "/redfish/v1/AccountService/LDAP/Certificates/")
@@ -1084,6 +1100,11 @@
.privileges(redfish::privileges::getCertificate)
.methods(boost::beast::http::verb::get)(
std::bind_front(handleLDAPCertificateGet, std::ref(app)));
+
+ BMCWEB_ROUTE(app, "/redfish/v1/AccountService/LDAP/Certificates/<str>/")
+ .privileges(redfish::privileges::deleteCertificate)
+ .methods(boost::beast::http::verb::delete_)(
+ std::bind_front(handleLDAPCertificateDelete, std::ref(app)));
} // requestRoutesLDAPCertificate
inline void handleTrustStoreCertificateCollectionGet(