Fix bmcweb crash problem when no-auth
After insecure-disable-auth=enabled. it is not needed to do login and
establish session before request.
GET /redfish/v1/AccountService/Accounts won't get any status code and
cause the bmcweb service crashed.
Set the default string value for `thisUser`.
Assign the user only if the session is not nullptr.
Test:
Use no-auth:
curl -k -X GET https://<bmcip>/redfish/v1/AccountService/Accounts
{
"@odata.id": "/redfish/v1/AccountService/Accounts",
"@odata.type": "#ManagerAccountCollection.ManagerAccountCollection",
"Description": "BMC User Accounts",
"Members": [],
"Members@odata.count": 0,
"Name": "Accounts Collection"
}
Use basic-auth:
curl -k -u root:0penBmc -X GET
https://<bmcip>/redfish/v1/AccountService/Accounts
{
"@odata.id": "/redfish/v1/AccountService/Accounts",
"@odata.type": "#ManagerAccountCollection.ManagerAccountCollection",
"Description": "BMC User Accounts",
"Members": [
{
"@odata.id": "/redfish/v1/AccountService/Accounts/root"
}
],
"Members@odata.count": 1,
"Name": "Accounts Collection"
}
Signed-off-by: JunLin Chen <Jun-Lin.Chen@quantatw.com>
Change-Id: Ifa9844c4dbc2f172338b24fba7a09ae013b6d473
Signed-off-by: Willy Tu <wltu@google.com>
diff --git a/redfish-core/lib/account_service.hpp b/redfish-core/lib/account_service.hpp
index 8890ae1..d59c8c2 100644
--- a/redfish-core/lib/account_service.hpp
+++ b/redfish-core/lib/account_service.hpp
@@ -1501,8 +1501,11 @@
Privileges effectiveUserPrivileges =
redfish::getUserPrivileges(req.userRole);
- std::string thisUser = req.session->username;
-
+ std::string thisUser;
+ if (req.session)
+ {
+ thisUser = req.session->username;
+ }
crow::connections::systemBus->async_method_call(
[asyncResp, thisUser, effectiveUserPrivileges](
const boost::system::error_code ec,