Automate PrivilegeRegistry to code

This commit attempts to automate the creation of our privileges
structures from the redfish privilege registry.  It accomplishes this by
updating parse_registries.py to also pull down the privilege registry
from DMTF.
The script then generates privilege_registry.hpp, which include const
defines for all the privilege registry entries in the same format that
the Privileges struct accepts.  This allows new clients to simply
reference the variable to these privilege structures, instead of having
to manually (ie error pronely) put the privileges in themselves.

This commit updates all the routes.

For the moment, override and OEM schemas are not considered.  Today we
don't have any OEM-specific Redfish routes, so the existing ones inherit
their parents schema.  Overrides have other issues, and are already
incorrect as Redfish defines them.

Binary size remains unchanged after this patchset.

Tested:
Ran redfish service validator

Ran test case from f9a6708c4c6490257e2eb6a8c04458f500902476 to ensure
that the new privileges constructor didn't cause us to regress the brace
construction initializer.

Checked binary size with:
gzip -c
$BBPATH/tmp/work/s7106-openbmc-linux-gnueabi/obmc-phosphor-image/1.0-r0/rootfs/usr/bin/bmcweb
| wc -c
1244048

(tested on previous patchset)

Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ideede3d5b39d50bffe7fe78a0848bdbc22ac387f
diff --git a/redfish-core/lib/account_service.hpp b/redfish-core/lib/account_service.hpp
index 364d5e2..bce1853 100644
--- a/redfish-core/lib/account_service.hpp
+++ b/redfish-core/lib/account_service.hpp
@@ -20,6 +20,7 @@
 #include <error_messages.hpp>
 #include <openbmc_dbus_rest.hpp>
 #include <persistent_data.hpp>
+#include <registries/privilege_registry.hpp>
 #include <utils/json_utils.hpp>
 
 #include <variant>
@@ -1256,7 +1257,7 @@
 {
 
     BMCWEB_ROUTE(app, "/redfish/v1/AccountService/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getAccountService)
         .methods(
             boost::beast::http::verb::get)([](const crow::Request& req,
                                               const std::shared_ptr<
@@ -1375,7 +1376,7 @@
         });
 
     BMCWEB_ROUTE(app, "/redfish/v1/AccountService/Accounts/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getManagerAccountCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) -> void {
@@ -1447,7 +1448,7 @@
             });
 
     BMCWEB_ROUTE(app, "/redfish/v1/AccountService/Accounts/")
-        .privileges({{"ConfigureUsers"}})
+        .privileges(redfish::privileges::postManagerAccountCollection)
         .methods(boost::beast::http::verb::post)([](const crow::Request& req,
                                                     const std::shared_ptr<
                                                         bmcweb::AsyncResp>&
@@ -1564,8 +1565,7 @@
         });
 
     BMCWEB_ROUTE(app, "/redfish/v1/AccountService/Accounts/<str>/")
-        .privileges(
-            {{"ConfigureUsers"}, {"ConfigureManager"}, {"ConfigureSelf"}})
+        .privileges(redfish::privileges::getManagerAccount)
         .methods(
             boost::beast::http::verb::
                 get)([](const crow::Request& req,
@@ -1723,6 +1723,9 @@
         });
 
     BMCWEB_ROUTE(app, "/redfish/v1/AccountService/Accounts/<str>/")
+        // TODO this privilege should be using the generated endpoints, but
+        // because of the special handling of ConfigureSelf, it's not able to
+        // yet
         .privileges({{"ConfigureUsers"}, {"ConfigureSelf"}})
         .methods(boost::beast::http::verb::patch)(
             [](const crow::Request& req,
@@ -1797,7 +1800,7 @@
             });
 
     BMCWEB_ROUTE(app, "/redfish/v1/AccountService/Accounts/<str>/")
-        .privileges({{"ConfigureUsers"}})
+        .privileges(redfish::privileges::deleteManagerAccount)
         .methods(boost::beast::http::verb::delete_)(
             [](const crow::Request& /*req*/,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
diff --git a/redfish-core/lib/bios.hpp b/redfish-core/lib/bios.hpp
index 4ea0727..604b8e7 100644
--- a/redfish-core/lib/bios.hpp
+++ b/redfish-core/lib/bios.hpp
@@ -1,6 +1,7 @@
 #pragma once
 
 #include <app.hpp>
+#include <registries/privilege_registry.hpp>
 #include <utils/fw_utils.hpp>
 namespace redfish
 {
@@ -10,7 +11,7 @@
 inline void requestRoutesBiosService(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/Bios/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getBios)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -41,6 +42,8 @@
 inline void requestRoutesBiosReset(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/Bios/Actions/Bios.ResetBios/")
+        // Incorrect Privilege;  Should be ConfigureComponents
+        //.privileges(redfish::privileges::postBios)
         .privileges({{"ConfigureManager"}})
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request&,
diff --git a/redfish-core/lib/certificate_service.hpp b/redfish-core/lib/certificate_service.hpp
index 6eb66c5..467b0fd 100644
--- a/redfish-core/lib/certificate_service.hpp
+++ b/redfish-core/lib/certificate_service.hpp
@@ -3,6 +3,7 @@
 #include <app.hpp>
 #include <boost/convert.hpp>
 #include <boost/convert/strtol.hpp>
+#include <registries/privilege_registry.hpp>
 
 #include <variant>
 namespace redfish
@@ -42,7 +43,7 @@
 inline void requestRoutesCertificateService(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/CertificateService/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getCertificateService)
         .methods(
             boost::beast::http::verb::
                 get)([](const crow::Request& req,
@@ -236,6 +237,8 @@
 {
     BMCWEB_ROUTE(app, "/redfish/v1/CertificateService/Actions/"
                       "CertificateService.GenerateCSR/")
+        // Incorrect Privilege;  Should be ConfigureManager
+        //.privileges(redfish::privileges::postCertificateService)
         .privileges({{"ConfigureComponents"}})
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request& req,
@@ -675,7 +678,7 @@
 {
     BMCWEB_ROUTE(app, "/redfish/v1/CertificateService/Actions/"
                       "CertificateService.ReplaceCertificate/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::postCertificateService)
         .methods(
             boost::beast::http::verb::
                 post)([](const crow::Request& req,
@@ -793,7 +796,7 @@
     BMCWEB_ROUTE(
         app,
         "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/<str>/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::getCertificate)
         .methods(
             boost::beast::http::verb::
                 get)([](const crow::Request& req,
@@ -827,7 +830,7 @@
 {
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::getCertificateCollection)
         .methods(
             boost::beast::http::verb::
                 get)([](const crow::Request&,
@@ -872,7 +875,7 @@
 
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::postCertificateCollection)
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -979,7 +982,7 @@
 inline void requestRoutesCertificateLocations(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/CertificateService/CertificateLocations/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::getCertificateLocations)
         .methods(
             boost::beast::http::verb::
                 get)([](const crow::Request&,
@@ -1018,7 +1021,7 @@
 inline void requestRoutesLDAPCertificateCollection(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/AccountService/LDAP/Certificates/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::getCertificateCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -1064,7 +1067,7 @@
             });
 
     BMCWEB_ROUTE(app, "/redfish/v1/AccountService/LDAP/Certificates/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::postCertificateCollection)
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -1121,7 +1124,7 @@
 inline void requestRoutesLDAPCertificate(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/AccountService/LDAP/Certificates/<str>/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::getCertificate)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -1152,7 +1155,7 @@
 inline void requestRoutesTrustStoreCertificateCollection(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/Truststore/Certificates/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::getCertificate)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -1196,7 +1199,7 @@
             });
 
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/Truststore/Certificates/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::postCertificateCollection)
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -1254,7 +1257,7 @@
 inline void requestRoutesTrustStoreCertificate(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/Truststore/Certificates/<str>/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::getCertificate)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -1280,7 +1283,7 @@
             });
 
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/Truststore/Certificates/<str>/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::deleteCertificate)
         .methods(boost::beast::http::verb::delete_)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
diff --git a/redfish-core/lib/chassis.hpp b/redfish-core/lib/chassis.hpp
index 8fa25f0..c41b7e1 100644
--- a/redfish-core/lib/chassis.hpp
+++ b/redfish-core/lib/chassis.hpp
@@ -20,6 +20,7 @@
 
 #include <app.hpp>
 #include <boost/container/flat_map.hpp>
+#include <registries/privilege_registry.hpp>
 #include <utils/collection.hpp>
 
 #include <variant>
@@ -162,7 +163,7 @@
 inline void requestRoutesChassisCollection(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Chassis/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getChassisCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -185,7 +186,7 @@
 inline void requestRoutesChassis(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Chassis/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getChassis)
         .methods(
             boost::beast::http::verb::get)([](const crow::Request&,
                                               const std::shared_ptr<
@@ -443,7 +444,7 @@
         });
 
     BMCWEB_ROUTE(app, "/redfish/v1/Chassis/<str>/")
-        .privileges({{"ConfigureComponents"}})
+        .privileges(redfish::privileges::patchChassis)
         .methods(
             boost::beast::http::verb::
                 patch)([](const crow::Request& req,
@@ -642,7 +643,7 @@
 inline void requestRoutesChassisResetAction(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Chassis/<str>/Actions/Chassis.Reset/")
-        .privileges({{"ConfigureComponents"}})
+        .privileges(redfish::privileges::postChassis)
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -677,7 +678,7 @@
 inline void requestRoutesChassisResetActionInfo(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Chassis/<str>/ResetActionInfo/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getActionInfo)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
diff --git a/redfish-core/lib/ethernet.hpp b/redfish-core/lib/ethernet.hpp
index 49aa3db..5141300 100644
--- a/redfish-core/lib/ethernet.hpp
+++ b/redfish-core/lib/ethernet.hpp
@@ -20,6 +20,7 @@
 #include <boost/container/flat_set.hpp>
 #include <dbus_singleton.hpp>
 #include <error_messages.hpp>
+#include <registries/privilege_registry.hpp>
 #include <utils/json_utils.hpp>
 
 #include <optional>
@@ -1829,7 +1830,7 @@
 inline void requestEthernetInterfacesRoutes(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/EthernetInterfaces/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getEthernetInterfaceCollection)
         .methods(
             boost::beast::http::verb::
                 get)([](const crow::Request&,
@@ -1878,7 +1879,7 @@
         });
 
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/EthernetInterfaces/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getEthernetInterface)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -1914,7 +1915,8 @@
             });
 
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/EthernetInterfaces/<str>/")
-        .privileges({{"ConfigureComponents"}})
+        .privileges(redfish::privileges::patchEthernetInterface)
+
         .methods(boost::beast::http::verb::patch)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -2064,7 +2066,8 @@
 
     BMCWEB_ROUTE(
         app, "/redfish/v1/Managers/bmc/EthernetInterfaces/<str>/VLANs/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getVLanNetworkInterface)
+
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request& /* req */,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -2106,6 +2109,8 @@
 
     BMCWEB_ROUTE(
         app, "/redfish/v1/Managers/bmc/EthernetInterfaces/<str>/VLANs/<str>/")
+        // This privilege is incorrect, it should be ConfigureManager
+        //.privileges(redfish::privileges::patchVLanNetworkInterface)
         .privileges({{"ConfigureComponents"}})
         .methods(boost::beast::http::verb::patch)(
             [](const crow::Request& req,
@@ -2186,6 +2191,8 @@
 
     BMCWEB_ROUTE(
         app, "/redfish/v1/Managers/bmc/EthernetInterfaces/<str>/VLANs/<str>/")
+        // This privilege is incorrect, it should be ConfigureManager
+        //.privileges(redfish::privileges::deleteVLanNetworkInterface)
         .privileges({{"ConfigureComponents"}})
         .methods(boost::beast::http::verb::delete_)(
             [](const crow::Request& /* req */,
@@ -2238,7 +2245,8 @@
 
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Managers/bmc/EthernetInterfaces/<str>/VLANs/")
-        .privileges({{"Login"}})
+
+        .privileges(redfish::privileges::getVLanNetworkInterfaceCollection)
         .methods(
             boost::beast::http::verb::
                 get)([](const crow::Request& /* req */,
@@ -2296,6 +2304,8 @@
 
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Managers/bmc/EthernetInterfaces/<str>/VLANs/")
+        // This privilege is wrong, it should be ConfigureManager
+        //.privileges(redfish::privileges::postVLanNetworkInterfaceCollection)
         .privileges({{"ConfigureComponents"}})
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request& req,
diff --git a/redfish-core/lib/event_service.hpp b/redfish-core/lib/event_service.hpp
index bd11751..1330438 100644
--- a/redfish-core/lib/event_service.hpp
+++ b/redfish-core/lib/event_service.hpp
@@ -17,6 +17,8 @@
 #include "event_service_manager.hpp"
 
 #include <app.hpp>
+#include <registries/privilege_registry.hpp>
+
 namespace redfish
 {
 
@@ -40,7 +42,7 @@
 inline void requestRoutesEventService(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/EventService/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getEventService)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -83,7 +85,7 @@
             });
 
     BMCWEB_ROUTE(app, "/redfish/v1/EventService/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::patchEventService)
         .methods(boost::beast::http::verb::patch)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
@@ -149,7 +151,7 @@
 
     BMCWEB_ROUTE(
         app, "/redfish/v1/EventService/Actions/EventService.SubmitTestEvent/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::postEventService)
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -161,7 +163,7 @@
 inline void requestRoutesEventDestinationCollection(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/EventService/Subscriptions")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getEventDestinationCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -188,6 +190,9 @@
                 }
             });
     BMCWEB_ROUTE(app, "/redfish/v1/EventService/Subscriptions/")
+        // The below privilege is wrong, it should be ConfigureManager OR
+        // ConfigureComponents
+        //.privileges(redfish::privileges::postEventDestinationCollection)
         .privileges({{"ConfigureManager"}})
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request& req,
@@ -483,8 +488,8 @@
 
 inline void requestRoutesEventDestination(App& app)
 {
-    BMCWEB_ROUTE(app, "/redfish/v1/EventService/Subscriptions/<str>/")
-        .privileges({{"Login"}})
+    BMCWEB_ROUTE(app, "redfish/v1/EventService/Subscriptions/<str>/")
+        .privileges(redfish::privileges::getEventDestination)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -535,7 +540,11 @@
             });
     /////redfish/v1/EventService/Subscriptions/
     // ConfigureManager
-    BMCWEB_ROUTE(app, "/redfish/v1/EventService/Subscriptions/<str>/")
+    BMCWEB_ROUTE(app, "redfish/v1/EventService/Subscriptions/<str>/")
+        // The below privilege is wrong, it should be ConfigureManager OR
+        // ConfigureSelf
+        // TODO(ed) follow up with DMTF spec and understand ConfigureSelf
+        //.privileges(redfish::privileges::patchEventDestination)
         .privileges({{"ConfigureManager"}})
         .methods(boost::beast::http::verb::patch)(
             [](const crow::Request& req,
@@ -588,7 +597,10 @@
 
                 EventServiceManager::getInstance().updateSubscriptionData();
             });
-    BMCWEB_ROUTE(app, "/redfish/v1/EventService/Subscriptions/<str>/")
+    BMCWEB_ROUTE(app, "redfish/v1/EventService/Subscriptions/<str>/")
+        // The below privilege is wrong, it should be ConfigureManager OR
+        // ConfigureSelf
+        //.privileges(redfish::privileges::deleteEventDestination)
         .privileges({{"ConfigureManager"}})
         .methods(boost::beast::http::verb::delete_)(
             [](const crow::Request&,
diff --git a/redfish-core/lib/hypervisor_system.hpp b/redfish-core/lib/hypervisor_system.hpp
index 5274e53..79a89fa 100644
--- a/redfish-core/lib/hypervisor_system.hpp
+++ b/redfish-core/lib/hypervisor_system.hpp
@@ -5,6 +5,7 @@
 #include <boost/container/flat_set.hpp>
 #include <dbus_singleton.hpp>
 #include <error_messages.hpp>
+#include <registries/privilege_registry.hpp>
 #include <utils/json_utils.hpp>
 
 #include <optional>
@@ -725,7 +726,7 @@
      */
 
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/hypervisor/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getComputerSystem)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -769,7 +770,7 @@
      */
 
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/hypervisor/EthernetInterfaces/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getEthernetInterfaceCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -825,7 +826,7 @@
 
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Systems/hypervisor/EthernetInterfaces/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getEthernetInterface)
         .methods(
             boost::beast::http::verb::get)([](const crow::Request&,
                                               const std::shared_ptr<
@@ -856,7 +857,7 @@
 
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Systems/hypervisor/EthernetInterfaces/<str>/")
-        .privileges({{"ConfigureComponents"}})
+        .privileges(redfish::privileges::patchEthernetInterface)
         .methods(
             boost::beast::http::verb::
                 patch)([](const crow::Request& req,
@@ -970,7 +971,7 @@
         });
 
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/hypervisor/ResetActionInfo/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getActionInfo)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -1029,7 +1030,7 @@
 
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Systems/hypervisor/Actions/ComputerSystem.Reset/")
-        .privileges({{"ConfigureComponents"}})
+        .privileges(redfish::privileges::postComputerSystem)
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
diff --git a/redfish-core/lib/log_services.hpp b/redfish-core/lib/log_services.hpp
index 31f046e..b5fb066 100644
--- a/redfish-core/lib/log_services.hpp
+++ b/redfish-core/lib/log_services.hpp
@@ -31,6 +31,7 @@
 #include <boost/container/flat_map.hpp>
 #include <boost/system/linux_error.hpp>
 #include <error_messages.hpp>
+#include <registries/privilege_registry.hpp>
 
 #include <filesystem>
 #include <optional>
@@ -908,7 +909,7 @@
      * Functions triggers appropriate requests on DBus
      */
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogServiceCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
@@ -979,7 +980,7 @@
 inline void requestRoutesEventLogService(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/EventLog/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogService)
         .methods(
             boost::beast::http::verb::
                 get)([](const crow::Request&,
@@ -1150,7 +1151,7 @@
 {
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Systems/system/LogServices/EventLog/Entries/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogEntry)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -1244,7 +1245,7 @@
 {
     BMCWEB_ROUTE(
         app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogEntry)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -1305,7 +1306,7 @@
 {
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Systems/system/LogServices/EventLog/Entries/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogEntryCollection)
         .methods(
             boost::beast::http::verb::
                 get)([](const crow::Request&,
@@ -1478,7 +1479,7 @@
 {
     BMCWEB_ROUTE(
         app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogEntry)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -1609,7 +1610,7 @@
 
     BMCWEB_ROUTE(
         app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/<str>/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::patchLogEntry)
         .methods(boost::beast::http::verb::patch)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -1642,7 +1643,8 @@
 
     BMCWEB_ROUTE(
         app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/<str>/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::deleteLogEntry)
+
         .methods(boost::beast::http::verb::delete_)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -1692,7 +1694,7 @@
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/"
                       "<str>/attachment")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogEntry)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -1802,7 +1804,7 @@
 inline void requestRoutesBMCLogServiceCollection(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogService)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -1837,7 +1839,7 @@
 inline void requestRoutesBMCJournalLogService(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Journal/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogService)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
@@ -1931,7 +1933,7 @@
 inline void requestRoutesBMCJournalLogEntryCollection(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Journal/Entries/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogEntryCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -2021,7 +2023,7 @@
 {
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Managers/bmc/LogServices/Journal/Entries/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogEntry)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -2090,7 +2092,7 @@
 inline void requestRoutesBMCDumpService(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Dump/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogService)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -2130,7 +2132,7 @@
      * Functions triggers appropriate requests on DBus
      */
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Dump/Entries/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogEntryCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -2150,7 +2152,7 @@
 {
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Managers/bmc/LogServices/Dump/Entries/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogEntry)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -2159,7 +2161,7 @@
             });
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Managers/bmc/LogServices/Dump/Entries/<str>/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::deleteLogEntry)
         .methods(boost::beast::http::verb::delete_)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -2174,7 +2176,7 @@
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Dump/"
                       "Actions/"
                       "LogService.CollectDiagnosticData/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::postLogService)
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -2187,7 +2189,7 @@
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Dump/"
                       "Actions/"
                       "LogService.ClearLog/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::postLogService)
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -2198,7 +2200,7 @@
 inline void requestRoutesSystemDumpService(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Dump/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogService)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
@@ -2242,8 +2244,8 @@
     /**
      * Functions triggers appropriate requests on DBus
      */
-    BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Dump/Entries/")
-        .privileges({{"Login"}})
+    BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Dump/Entries/")
+        .privileges(redfish::privileges::getLogEntryCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -2263,7 +2265,8 @@
 {
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Systems/system/LogServices/Dump/Entries/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogEntry)
+
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -2273,7 +2276,7 @@
 
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Systems/system/LogServices/Dump/Entries/<str>/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::deleteLogEntry)
         .methods(boost::beast::http::verb::delete_)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -2287,7 +2290,7 @@
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Dump/"
                       "Actions/"
                       "LogService.CollectDiagnosticData/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::postLogService)
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
@@ -2300,7 +2303,7 @@
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Dump/"
                       "Actions/"
                       "LogService.ClearLog/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::postLogService)
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
@@ -2316,6 +2319,8 @@
      * Functions triggers appropriate requests on DBus
      */
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Crashdump/")
+        // This is incorrect, should be:
+        //.privileges(redfish::privileges::getLogService)
         .privileges({{"ConfigureManager"}})
         .methods(
             boost::beast::http::verb::
@@ -2357,6 +2362,8 @@
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Systems/system/LogServices/Crashdump/Actions/"
                  "LogService.ClearLog/")
+        // This is incorrect, should be:
+        //.privileges(redfish::privileges::postLogService)
         .privileges({{"ConfigureComponents"}})
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request&,
@@ -2441,6 +2448,8 @@
      */
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Systems/system/LogServices/Crashdump/Entries/")
+        // This is incorrect, should be.
+        //.privileges(redfish::privileges::postLogEntryCollection)
         .privileges({{"ConfigureComponents"}})
         .methods(
             boost::beast::http::verb::
@@ -2515,6 +2524,8 @@
 
     BMCWEB_ROUTE(
         app, "/redfish/v1/Systems/system/LogServices/Crashdump/Entries/<str>/")
+        // this is incorrect, should be
+        // .privileges(redfish::privileges::getLogEntry)
         .privileges({{"ConfigureComponents"}})
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
@@ -2532,7 +2543,7 @@
     BMCWEB_ROUTE(
         app,
         "/redfish/v1/Systems/system/LogServices/Crashdump/Entries/<str>/<str>/")
-        .privileges({{"ConfigureComponents"}})
+        .privileges(redfish::privileges::getLogEntry)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -2619,6 +2630,8 @@
     // method for security reasons.
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Crashdump/"
                       "Actions/LogService.CollectDiagnosticData/")
+        // The below is incorrect;  Should be ConfigureManager
+        //.privileges(redfish::privileges::postLogService)
         .privileges({{"ConfigureComponents"}})
         .methods(
             boost::beast::http::verb::
@@ -2729,7 +2742,7 @@
 
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/EventLog/Actions/"
                       "LogService.ClearLog/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::postLogService)
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -2769,7 +2782,7 @@
 inline void requestRoutesPostCodesLogService(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/PostCodes/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogService)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -2804,6 +2817,8 @@
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Systems/system/LogServices/PostCodes/Actions/"
                  "LogService.ClearLog/")
+        // The following privilege is incorrect;  It should be ConfigureManager
+        //.privileges(redfish::privileges::postLogService)
         .privileges({{"ConfigureComponents"}})
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request&,
@@ -3076,7 +3091,7 @@
 {
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Systems/system/LogServices/PostCodes/Entries/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogEntryCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -3108,7 +3123,7 @@
 {
     BMCWEB_ROUTE(
         app, "/redfish/v1/Systems/system/LogServices/PostCodes/Entries/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getLogEntry)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
diff --git a/redfish-core/lib/managers.hpp b/redfish-core/lib/managers.hpp
index c6e6019..344ca83 100644
--- a/redfish-core/lib/managers.hpp
+++ b/redfish-core/lib/managers.hpp
@@ -22,6 +22,7 @@
 #include <boost/algorithm/string/replace.hpp>
 #include <boost/date_time.hpp>
 #include <dbus_utility.hpp>
+#include <registries/privilege_registry.hpp>
 #include <utils/fw_utils.hpp>
 #include <utils/systemd_utils.hpp>
 
@@ -109,7 +110,7 @@
      */
 
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/Actions/Manager.Reset/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::postManager)
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -165,7 +166,7 @@
 
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Managers/bmc/Actions/Manager.ResetToDefaults/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::postManager)
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -224,7 +225,7 @@
      */
 
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/ResetActionInfo/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getActionInfo)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -1923,7 +1924,7 @@
     std::string uuid = persistent_data::getConfig().systemUuid;
 
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getManager)
         .methods(boost::beast::http::verb::get)([uuid](const crow::Request&,
                                                        const std::shared_ptr<
                                                            bmcweb::AsyncResp>&
@@ -2187,7 +2188,7 @@
         });
 
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::patchManager)
         .methods(
             boost::beast::http::verb::
                 patch)([](const crow::Request& req,
@@ -2270,7 +2271,7 @@
 inline void requestRoutesManagerCollection(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getManagerCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
diff --git a/redfish-core/lib/memory.hpp b/redfish-core/lib/memory.hpp
index 377d730..62d5933 100644
--- a/redfish-core/lib/memory.hpp
+++ b/redfish-core/lib/memory.hpp
@@ -20,6 +20,7 @@
 #include <app.hpp>
 #include <boost/container/flat_map.hpp>
 #include <boost/format.hpp>
+#include <registries/privilege_registry.hpp>
 #include <utils/collection.hpp>
 #include <utils/json_utils.hpp>
 
@@ -886,7 +887,7 @@
      * Functions triggers appropriate requests on DBus
      */
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/Memory/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getMemoryCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -908,7 +909,7 @@
      * Functions triggers appropriate requests on DBus
      */
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/Memory/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getMemory)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
diff --git a/redfish-core/lib/message_registries.hpp b/redfish-core/lib/message_registries.hpp
index ae1358e..e3bd5bf 100644
--- a/redfish-core/lib/message_registries.hpp
+++ b/redfish-core/lib/message_registries.hpp
@@ -22,6 +22,7 @@
 #include "registries/task_event_message_registry.hpp"
 
 #include <app.hpp>
+#include <registries/privilege_registry.hpp>
 
 namespace redfish
 {
@@ -32,7 +33,7 @@
      * Functions triggers appropriate requests on DBus
      */
     BMCWEB_ROUTE(app, "/redfish/v1/Registries/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getMessageRegistryFileCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -57,7 +58,7 @@
 inline void requestRoutesMessageRegistryFile(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Registries/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getMessageRegistryFile)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -123,7 +124,7 @@
 inline void requestRoutesMessageRegistry(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Registries/<str>/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getMessageRegistryFile)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
diff --git a/redfish-core/lib/metric_report.hpp b/redfish-core/lib/metric_report.hpp
index 66f4f93..63c8c19 100644
--- a/redfish-core/lib/metric_report.hpp
+++ b/redfish-core/lib/metric_report.hpp
@@ -3,6 +3,7 @@
 #include "utils/telemetry_utils.hpp"
 
 #include <app.hpp>
+#include <registries/privilege_registry.hpp>
 
 namespace redfish
 {
@@ -63,7 +64,7 @@
 inline void requestRoutesMetricReportCollection(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/TelemetryService/MetricReports/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getMetricReportCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -81,7 +82,7 @@
 inline void requestRoutesMetricReport(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/TelemetryService/MetricReports/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getMetricReport)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
diff --git a/redfish-core/lib/metric_report_definition.hpp b/redfish-core/lib/metric_report_definition.hpp
index 76ff2b2..a0c4f1d 100644
--- a/redfish-core/lib/metric_report_definition.hpp
+++ b/redfish-core/lib/metric_report_definition.hpp
@@ -6,6 +6,7 @@
 
 #include <app.hpp>
 #include <boost/container/flat_map.hpp>
+#include <registries/privilege_registry.hpp>
 
 #include <tuple>
 #include <variant>
@@ -350,7 +351,7 @@
 inline void requestRoutesMetricReportDefinitionCollection(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/TelemetryService/MetricReportDefinitions/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getMetricReportDefinitionCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -367,7 +368,7 @@
             });
 
     BMCWEB_ROUTE(app, "/redfish/v1/TelemetryService/MetricReportDefinitions/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::postMetricReportDefinitionCollection)
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -413,7 +414,7 @@
 {
     BMCWEB_ROUTE(app,
                  "/redfish/v1/TelemetryService/MetricReportDefinitions/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getMetricReportDefinition)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -447,7 +448,7 @@
             });
     BMCWEB_ROUTE(app,
                  "/redfish/v1/TelemetryService/MetricReportDefinitions/<str>/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::deleteMetricReportDefinitionCollection)
         .methods(boost::beast::http::verb::delete_)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
diff --git a/redfish-core/lib/network_protocol.hpp b/redfish-core/lib/network_protocol.hpp
index daa1965..b74513b 100644
--- a/redfish-core/lib/network_protocol.hpp
+++ b/redfish-core/lib/network_protocol.hpp
@@ -19,6 +19,7 @@
 #include "openbmc_dbus_rest.hpp"
 
 #include <app.hpp>
+#include <registries/privilege_registry.hpp>
 #include <utils/json_utils.hpp>
 
 #include <optional>
@@ -458,7 +459,7 @@
 inline void requestRoutesNetworkProtocol(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/NetworkProtocol/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::patchManagerNetworkProtocol)
         .methods(boost::beast::http::verb::patch)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -550,7 +551,7 @@
             });
 
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/NetworkProtocol/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getManagerNetworkProtocol)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
diff --git a/redfish-core/lib/pcie.hpp b/redfish-core/lib/pcie.hpp
index daff5c0..e534434 100644
--- a/redfish-core/lib/pcie.hpp
+++ b/redfish-core/lib/pcie.hpp
@@ -18,6 +18,7 @@
 
 #include <app.hpp>
 #include <boost/system/linux_error.hpp>
+#include <registries/privilege_registry.hpp>
 
 namespace redfish
 {
@@ -75,7 +76,7 @@
      * Functions triggers appropriate requests on DBus
      */
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/PCIeDevices/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getPCIeDeviceCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
@@ -96,7 +97,7 @@
 inline void requestRoutesSystemPCIeDevice(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/PCIeDevices/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getPCIeDevice)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -170,7 +171,7 @@
      */
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Systems/system/PCIeDevices/<str>/PCIeFunctions/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getPCIeFunctionCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -251,7 +252,7 @@
     BMCWEB_ROUTE(
         app,
         "/redfish/v1/Systems/system/PCIeDevices/<str>/PCIeFunctions/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getPCIeFunction)
         .methods(
             boost::beast::http::verb::get)([](const crow::Request&,
                                               const std::shared_ptr<
diff --git a/redfish-core/lib/power.hpp b/redfish-core/lib/power.hpp
index c2a9945..3a024d3 100644
--- a/redfish-core/lib/power.hpp
+++ b/redfish-core/lib/power.hpp
@@ -19,6 +19,7 @@
 #include "sensors.hpp"
 
 #include <app.hpp>
+#include <registries/privilege_registry.hpp>
 
 namespace redfish
 {
@@ -128,7 +129,7 @@
 {
 
     BMCWEB_ROUTE(app, "/redfish/v1/Chassis/<str>/Power/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getPower)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -319,7 +320,7 @@
             });
 
     BMCWEB_ROUTE(app, "/redfish/v1/Chassis/<str>/Power/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::patchPower)
         .methods(boost::beast::http::verb::patch)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
diff --git a/redfish-core/lib/processor.hpp b/redfish-core/lib/processor.hpp
index 8111717..7f973cf 100644
--- a/redfish-core/lib/processor.hpp
+++ b/redfish-core/lib/processor.hpp
@@ -19,6 +19,7 @@
 
 #include <app.hpp>
 #include <boost/container/flat_map.hpp>
+#include <registries/privilege_registry.hpp>
 #include <sdbusplus/message/native_types.hpp>
 #include <sdbusplus/utility/dedup_variant.hpp>
 #include <utils/collection.hpp>
@@ -1066,7 +1067,7 @@
 
     BMCWEB_ROUTE(
         app, "/redfish/v1/Systems/system/Processors/<str>/OperatingConfigs/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getOperatingConfigCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -1129,7 +1130,7 @@
     BMCWEB_ROUTE(
         app,
         "/redfish/v1/Systems/system/Processors/<str>/OperatingConfigs/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getOperatingConfig)
         .methods(
             boost::beast::http::verb::get)([](const crow::Request& req,
                                               const std::shared_ptr<
@@ -1192,7 +1193,7 @@
      * Functions triggers appropriate requests on DBus
      */
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/Processors/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getProcessorCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -1217,7 +1218,7 @@
      */
 
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/Processors/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getProcessor)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -1231,7 +1232,7 @@
             });
 
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/Processors/<str>/")
-        .privileges({{"ConfigureComponents"}})
+        .privileges(redfish::privileges::patchProcessor)
         .methods(boost::beast::http::verb::patch)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
diff --git a/redfish-core/lib/redfish_sessions.hpp b/redfish-core/lib/redfish_sessions.hpp
index bb7ad12..472151a 100644
--- a/redfish-core/lib/redfish_sessions.hpp
+++ b/redfish-core/lib/redfish_sessions.hpp
@@ -19,6 +19,7 @@
 #include "persistent_data.hpp"
 
 #include <app.hpp>
+#include <registries/privilege_registry.hpp>
 
 namespace redfish
 {
@@ -46,7 +47,7 @@
 inline void requestRoutesSession(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getSession)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request& /*req*/,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -66,7 +67,7 @@
             });
 
     BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/")
-        .privileges({{"ConfigureManager"}, {"ConfigureSelf"}})
+        .privileges(redfish::privileges::deleteSession)
         .methods(boost::beast::http::verb::delete_)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -105,7 +106,7 @@
             });
 
     BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getSessionCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request& /*req*/,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) -> void {
@@ -133,6 +134,11 @@
             });
 
     BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/")
+        // Note, this technically doesn't match the privilege registry given the
+        // way login mechanisms work.  The base privilege registry lists this
+        // endpoint as requiring login privilege, but because this is the
+        // endpoint responsible for giving the login privilege, and it is itself
+        // its own route, it needs to not require Login
         .privileges({})
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request& req,
@@ -214,7 +220,7 @@
             });
 
     BMCWEB_ROUTE(app, "/redfish/v1/SessionService/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getSessionService)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request& /* req */,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) -> void {
@@ -235,7 +241,7 @@
             });
 
     BMCWEB_ROUTE(app, "/redfish/v1/SessionService/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::patchSessionService)
         .methods(boost::beast::http::verb::patch)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) -> void {
diff --git a/redfish-core/lib/roles.hpp b/redfish-core/lib/roles.hpp
index 90b8de3..8f14b2e 100644
--- a/redfish-core/lib/roles.hpp
+++ b/redfish-core/lib/roles.hpp
@@ -16,6 +16,7 @@
 #pragma once
 
 #include <app.hpp>
+#include <registries/privilege_registry.hpp>
 
 #include <variant>
 
@@ -73,7 +74,7 @@
 inline void requestRoutesRoles(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/AccountService/Roles/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getRole)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -102,7 +103,7 @@
 inline void requestRoutesRoleCollection(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/AccountService/Roles/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getRoleCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
diff --git a/redfish-core/lib/sensors.hpp b/redfish-core/lib/sensors.hpp
index 0566e93..d986565 100644
--- a/redfish-core/lib/sensors.hpp
+++ b/redfish-core/lib/sensors.hpp
@@ -21,6 +21,7 @@
 #include <boost/container/flat_map.hpp>
 #include <boost/range/algorithm/replace_copy_if.hpp>
 #include <dbus_singleton.hpp>
+#include <registries/privilege_registry.hpp>
 #include <utils/json_utils.hpp>
 
 #include <cmath>
@@ -2978,7 +2979,7 @@
 inline void requestRoutesSensorCollection(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Chassis/<str>/Sensors/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getSensorCollection)
         .methods(
             boost::beast::http::verb::get)([](const crow::Request&,
                                               const std::shared_ptr<
@@ -3034,7 +3035,7 @@
 inline void requestRoutesSensor(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Chassis/<str>/Sensors/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getSensor)
         .methods(
             boost::beast::http::verb::get)([](const crow::Request&,
                                               const std::shared_ptr<
diff --git a/redfish-core/lib/service_root.hpp b/redfish-core/lib/service_root.hpp
index efc3fed..6778141 100644
--- a/redfish-core/lib/service_root.hpp
+++ b/redfish-core/lib/service_root.hpp
@@ -16,6 +16,7 @@
 #pragma once
 
 #include <app.hpp>
+#include <registries/privilege_registry.hpp>
 #include <utils/systemd_utils.hpp>
 
 namespace redfish
@@ -25,7 +26,7 @@
 {
     std::string uuid = persistent_data::getConfig().systemUuid;
     BMCWEB_ROUTE(app, "/redfish/v1/")
-        .privileges({})
+        .privileges(redfish::privileges::getServiceRoot)
         .methods(boost::beast::http::verb::get)(
             [uuid](const crow::Request&,
                    const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
diff --git a/redfish-core/lib/storage.hpp b/redfish-core/lib/storage.hpp
index 0a1d4e6..a48ef8c 100644
--- a/redfish-core/lib/storage.hpp
+++ b/redfish-core/lib/storage.hpp
@@ -19,13 +19,14 @@
 #include "openbmc_dbus_rest.hpp"
 
 #include <app.hpp>
+#include <registries/privilege_registry.hpp>
 
 namespace redfish
 {
 inline void requestRoutesStorageCollection(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/Storage/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getStorageCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -43,7 +44,7 @@
 inline void requestRoutesStorage(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/Storage/1/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getStorage)
         .methods(
             boost::beast::http::verb::
                 get)([](const crow::Request&,
@@ -266,7 +267,7 @@
 inline void requestRoutesDrive(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/Storage/1/Drives/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getDrive)
         .methods(
             boost::beast::http::verb::get)([](const crow::Request&,
                                               const std::shared_ptr<
diff --git a/redfish-core/lib/systems.hpp b/redfish-core/lib/systems.hpp
index 3e7b4739..2b9636f 100644
--- a/redfish-core/lib/systems.hpp
+++ b/redfish-core/lib/systems.hpp
@@ -22,6 +22,7 @@
 
 #include <app.hpp>
 #include <boost/container/flat_map.hpp>
+#include <registries/privilege_registry.hpp>
 #include <utils/fw_utils.hpp>
 #include <utils/json_utils.hpp>
 
@@ -2220,7 +2221,7 @@
 inline void requestRoutesSystemsCollection(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getComputerSystemCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -2294,7 +2295,7 @@
      */
     BMCWEB_ROUTE(app,
                  "/redfish/v1/Systems/system/Actions/ComputerSystem.Reset/")
-        .privileges({{"ConfigureComponent"}})
+        .privileges(redfish::privileges::postComputerSystem)
         .methods(
             boost::beast::http::verb::
                 post)([](const crow::Request& req,
@@ -2421,7 +2422,7 @@
      * Functions triggers appropriate requests on DBus
      */
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getComputerSystem)
         .methods(
             boost::beast::http::verb::
                 get)([](const crow::Request&,
@@ -2542,7 +2543,7 @@
             getPowerMode(asyncResp);
         });
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/")
-        .privileges({{"ConfigureComponent"}})
+        .privileges(redfish::privileges::patchComputerSystem)
         .methods(boost::beast::http::verb::patch)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -2651,7 +2652,7 @@
      * Functions triggers appropriate requests on DBus
      */
     BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/ResetActionInfo/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getActionInfo)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
diff --git a/redfish-core/lib/task.hpp b/redfish-core/lib/task.hpp
index bca25a1..22e9743 100644
--- a/redfish-core/lib/task.hpp
+++ b/redfish-core/lib/task.hpp
@@ -19,6 +19,7 @@
 #include <boost/asio/post.hpp>
 #include <boost/asio/steady_timer.hpp>
 #include <boost/container/flat_map.hpp>
+#include <registries/privilege_registry.hpp>
 #include <task_messages.hpp>
 
 #include <chrono>
@@ -316,7 +317,7 @@
 inline void requestRoutesTaskMonitor(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/TaskService/Tasks/<str>/Monitor/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getTask)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -355,7 +356,7 @@
 inline void requestRoutesTask(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/TaskService/Tasks/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getTask)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -423,7 +424,7 @@
 inline void requestRoutesTaskCollection(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/TaskService/Tasks/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getTaskCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -453,7 +454,7 @@
 inline void requestRoutesTaskService(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/TaskService/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getTaskService)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
diff --git a/redfish-core/lib/telemetry_service.hpp b/redfish-core/lib/telemetry_service.hpp
index 2ab69b9..ad86d5c 100644
--- a/redfish-core/lib/telemetry_service.hpp
+++ b/redfish-core/lib/telemetry_service.hpp
@@ -3,6 +3,7 @@
 #include "utils/telemetry_utils.hpp"
 
 #include <app.hpp>
+#include <registries/privilege_registry.hpp>
 
 #include <variant>
 
@@ -12,7 +13,7 @@
 inline void requestRoutesTelemetryService(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/TelemetryService/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getTelemetryService)
         .methods(
             boost::beast::http::verb::
                 get)([](const crow::Request&,
diff --git a/redfish-core/lib/thermal.hpp b/redfish-core/lib/thermal.hpp
index 90f04e8..feb78a0 100644
--- a/redfish-core/lib/thermal.hpp
+++ b/redfish-core/lib/thermal.hpp
@@ -18,6 +18,7 @@
 #include "sensors.hpp"
 
 #include <app.hpp>
+#include <registries/privilege_registry.hpp>
 
 namespace redfish
 {
@@ -25,7 +26,7 @@
 inline void requestRoutesThermal(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Chassis/<str>/Thermal/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getThermal)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -47,7 +48,7 @@
             });
 
     BMCWEB_ROUTE(app, "/redfish/v1/Chassis/<str>/Thermal/")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::patchThermal)
         .methods(boost::beast::http::verb::patch)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
diff --git a/redfish-core/lib/update_service.hpp b/redfish-core/lib/update_service.hpp
index 33747dd..663d48b 100644
--- a/redfish-core/lib/update_service.hpp
+++ b/redfish-core/lib/update_service.hpp
@@ -19,6 +19,7 @@
 
 #include <app.hpp>
 #include <boost/container/flat_map.hpp>
+#include <registries/privilege_registry.hpp>
 #include <utils/fw_utils.hpp>
 
 #include <variant>
@@ -388,7 +389,7 @@
 {
     BMCWEB_ROUTE(
         app, "/redfish/v1/UpdateService/Actions/UpdateService.SimpleUpdate/")
-        .privileges({{"ConfigureComponents"}})
+        .privileges(redfish::privileges::postUpdateService)
         .methods(
             boost::beast::http::verb::
                 post)([](const crow::Request& req,
@@ -507,7 +508,7 @@
 inline void requestRoutesUpdateService(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/UpdateService/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getUpdateService)
         .methods(
             boost::beast::http::verb::
                 get)([](const crow::Request&,
@@ -579,7 +580,7 @@
                 "xyz.openbmc_project.Software.ApplyTime", "RequestedApplyTime");
         });
     BMCWEB_ROUTE(app, "/redfish/v1/UpdateService/")
-        .privileges({{"ConfigureComponents"}})
+        .privileges(redfish::privileges::patchUpdateService)
         .methods(boost::beast::http::verb::patch)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -661,7 +662,7 @@
                 }
             });
     BMCWEB_ROUTE(app, "/redfish/v1/UpdateService/")
-        .privileges({{"ConfigureComponents"}})
+        .privileges(redfish::privileges::postUpdateService)
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -687,7 +688,7 @@
 inline void requestRoutesSoftwareInventoryCollection(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/UpdateService/FirmwareInventory/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getSoftwareInventoryCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request&,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) {
@@ -776,7 +777,7 @@
 inline void requestRoutesSoftwareInventory(App& app)
 {
     BMCWEB_ROUTE(app, "/redfish/v1/UpdateService/FirmwareInventory/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getSoftwareInventory)
         .methods(
             boost::beast::http::verb::get)([](const crow::Request&,
                                               const std::shared_ptr<
diff --git a/redfish-core/lib/virtual_media.hpp b/redfish-core/lib/virtual_media.hpp
index 8fe31d5..6e69f20 100644
--- a/redfish-core/lib/virtual_media.hpp
+++ b/redfish-core/lib/virtual_media.hpp
@@ -21,8 +21,10 @@
 #include <boost/type_traits/has_dereference.hpp>
 #include <utils/json_utils.hpp>
 // for GetObjectType and ManagedObjectType
+
 #include <account_service.hpp>
 #include <boost/url/url_view.hpp>
+#include <registries/privilege_registry.hpp>
 
 namespace redfish
 {
@@ -775,7 +777,7 @@
 {
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/<str>/VirtualMedia/<str>/Actions/"
                       "VirtualMedia.InsertMedia")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::postVirtualMedia)
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -920,7 +922,7 @@
 
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/<str>/VirtualMedia/<str>/Actions/"
                       "VirtualMedia.EjectMedia")
-        .privileges({{"ConfigureManager"}})
+        .privileges(redfish::privileges::postVirtualMedia)
         .methods(boost::beast::http::verb::post)(
             [](const crow::Request& req,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -1010,7 +1012,7 @@
                     std::array<const char*, 0>());
             });
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/<str>/VirtualMedia/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getVirtualMediaCollection)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request& /* req */,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
@@ -1054,7 +1056,7 @@
             });
 
     BMCWEB_ROUTE(app, "/redfish/v1/Managers/<str>/VirtualMedia/<str>/")
-        .privileges({{"Login"}})
+        .privileges(redfish::privileges::getVirtualMedia)
         .methods(boost::beast::http::verb::get)(
             [](const crow::Request& /* req */,
                const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,