Fix AccountService PATCH regression/merge conflict
A merge conflict appears to have dropped the patch handling for the
/redfish/v1/AccountService uri. This commit takes the code that was
previously there, and re-adds it back, with the needed adjustments to
privileges that have landed in the meantime.
Tested:
redfishtool -S Always -u root -p 0penBmc -vvvvvvvvv -r 192.168.7.2
AccountService patch "{\"AccountLockoutThreshold\": 21}"
Returns 200, and subsequent reads show AccountLockoutThreshold set to
21.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I552ac95808e0abdc713817479575eee7806688c8
diff --git a/redfish-core/lib/account_service.hpp b/redfish-core/lib/account_service.hpp
index 31bdd16..e6fe205 100644
--- a/redfish-core/lib/account_service.hpp
+++ b/redfish-core/lib/account_service.hpp
@@ -1380,6 +1380,110 @@
getLDAPConfigData("ActiveDirectory", callback);
});
+ BMCWEB_ROUTE(app, "/redfish/v1/AccountService/")
+ .privileges(redfish::privileges::getAccountService)
+ .methods(boost::beast::http::verb::patch)(
+ [](const crow::Request& req,
+ const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) -> void {
+ std::optional<uint32_t> unlockTimeout;
+ std::optional<uint16_t> lockoutThreshold;
+ std::optional<uint16_t> minPasswordLength;
+ std::optional<uint16_t> maxPasswordLength;
+ std::optional<nlohmann::json> ldapObject;
+ std::optional<nlohmann::json> activeDirectoryObject;
+ std::optional<nlohmann::json> oemObject;
+
+ if (!json_util::readJson(
+ req, asyncResp->res, "AccountLockoutDuration",
+ unlockTimeout, "AccountLockoutThreshold",
+ lockoutThreshold, "MaxPasswordLength",
+ maxPasswordLength, "MinPasswordLength",
+ minPasswordLength, "LDAP", ldapObject,
+ "ActiveDirectory", activeDirectoryObject, "Oem",
+ oemObject))
+ {
+ return;
+ }
+
+ if (minPasswordLength)
+ {
+ messages::propertyNotWritable(asyncResp->res,
+ "MinPasswordLength");
+ }
+
+ if (maxPasswordLength)
+ {
+ messages::propertyNotWritable(asyncResp->res,
+ "MaxPasswordLength");
+ }
+
+ if (ldapObject)
+ {
+ handleLDAPPatch(*ldapObject, asyncResp, "LDAP");
+ }
+
+ if (std::optional<nlohmann::json> oemOpenBMCObject;
+ oemObject &&
+ json_util::readJson(*oemObject, asyncResp->res, "OpenBMC",
+ oemOpenBMCObject))
+ {
+ if (std::optional<nlohmann::json> authMethodsObject;
+ oemOpenBMCObject &&
+ json_util::readJson(*oemOpenBMCObject, asyncResp->res,
+ "AuthMethods", authMethodsObject))
+ {
+ if (authMethodsObject)
+ {
+ handleAuthMethodsPatch(*authMethodsObject,
+ asyncResp);
+ }
+ }
+ }
+
+ if (activeDirectoryObject)
+ {
+ handleLDAPPatch(*activeDirectoryObject, asyncResp,
+ "ActiveDirectory");
+ }
+
+ if (unlockTimeout)
+ {
+ crow::connections::systemBus->async_method_call(
+ [asyncResp](const boost::system::error_code ec) {
+ if (ec)
+ {
+ messages::internalError(asyncResp->res);
+ return;
+ }
+ messages::success(asyncResp->res);
+ },
+ "xyz.openbmc_project.User.Manager",
+ "/xyz/openbmc_project/user",
+ "org.freedesktop.DBus.Properties", "Set",
+ "xyz.openbmc_project.User.AccountPolicy",
+ "AccountUnlockTimeout",
+ std::variant<uint32_t>(*unlockTimeout));
+ }
+ if (lockoutThreshold)
+ {
+ crow::connections::systemBus->async_method_call(
+ [asyncResp](const boost::system::error_code ec) {
+ if (ec)
+ {
+ messages::internalError(asyncResp->res);
+ return;
+ }
+ messages::success(asyncResp->res);
+ },
+ "xyz.openbmc_project.User.Manager",
+ "/xyz/openbmc_project/user",
+ "org.freedesktop.DBus.Properties", "Set",
+ "xyz.openbmc_project.User.AccountPolicy",
+ "MaxLoginAttemptBeforeLockout",
+ std::variant<uint16_t>(*lockoutThreshold));
+ }
+ });
+
BMCWEB_ROUTE(app, "/redfish/v1/AccountService/Accounts/")
.privileges(redfish::privileges::getManagerAccountCollection)
.methods(boost::beast::http::verb::get)(