Blame - redfish-core/include/node.hpp - openbmc/bmcweb

blob: 74d511fcb688c292301d10a361dbdee7d24caf72 [file] [log] [blame]

Borawski.Lukasz	86e1b66	2018-01-19 14:22:14 +0100	[diff] [blame]	1	/*
				2	// Copyright (c) 2018 Intel Corporation
				3	//
				4	// Licensed under the Apache License, Version 2.0 (the "License");
				5	// you may not use this file except in compliance with the License.
				6	// You may obtain a copy of the License at
				7	//
				8	// http://www.apache.org/licenses/LICENSE-2.0
				9	//
				10	// Unless required by applicable law or agreed to in writing, software
				11	// distributed under the License is distributed on an "AS IS" BASIS,
				12	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				13	// See the License for the specific language governing permissions and
				14	// limitations under the License.
				15	*/
				16	#pragma once
				17
Gunnar Mills	1214b7e	2020-06-04 10:11:30 -0500	[diff] [blame]	18	#include "http_request.h"
				19	#include "http_response.h"
				20
Borawski.Lukasz	86e1b66	2018-01-19 14:22:14 +0100	[diff] [blame]	21	#include "privileges.hpp"
Borawski.Lukasz	c1a46bd	2018-02-08 13:31:59 +0100	[diff] [blame]	22	#include "webserver_common.hpp"
Ed Tanous	1abe55e	2018-09-05 08:30:59 -0700	[diff] [blame]	23
Ed Tanous	a0803ef	2018-08-29 13:29:23 -0700	[diff] [blame]	24	#include <error_messages.hpp>
				25
Gunnar Mills	1214b7e	2020-06-04 10:11:30 -0500	[diff] [blame]	26	#include <vector>
Borawski.Lukasz	86e1b66	2018-01-19 14:22:14 +0100	[diff] [blame]	27
Ed Tanous	1abe55e	2018-09-05 08:30:59 -0700	[diff] [blame]	28	namespace redfish
				29	{
Borawski.Lukasz	86e1b66	2018-01-19 14:22:14 +0100	[diff] [blame]	30
				31	/**
Kowalski, Kamil	588c3f0	2018-04-03 14:55:27 +0200	[diff] [blame]	32	* AsyncResp
				33	* Gathers data needed for response processing after async calls are done
				34	*/
Ed Tanous	1abe55e	2018-09-05 08:30:59 -0700	[diff] [blame]	35	class AsyncResp
				36	{
				37	public:
				38	AsyncResp(crow::Response& response) : res(response)
Gunnar Mills	1214b7e	2020-06-04 10:11:30 -0500	[diff] [blame]	39	{}
Kowalski, Kamil	588c3f0	2018-04-03 14:55:27 +0200	[diff] [blame]	40
Ed Tanous	1abe55e	2018-09-05 08:30:59 -0700	[diff] [blame]	41	~AsyncResp()
				42	{
				43	res.end();
				44	}
Kowalski, Kamil	588c3f0	2018-04-03 14:55:27 +0200	[diff] [blame]	45
Ed Tanous	1abe55e	2018-09-05 08:30:59 -0700	[diff] [blame]	46	crow::Response& res;
Kowalski, Kamil	588c3f0	2018-04-03 14:55:27 +0200	[diff] [blame]	47	};
				48
				49	/**
Borawski.Lukasz	86e1b66	2018-01-19 14:22:14 +0100	[diff] [blame]	50	* @brief Abstract class used for implementing Redfish nodes.
				51	*
				52	*/
Ed Tanous	1abe55e	2018-09-05 08:30:59 -0700	[diff] [blame]	53	class Node
				54	{
				55	public:
				56	template <typename... Params>
Ed Tanous	271584a	2019-07-09 16:24:22 -0700	[diff] [blame]	57	Node(CrowApp& app, std::string&& entityUrl, Params... paramsIn)
Ed Tanous	1abe55e	2018-09-05 08:30:59 -0700	[diff] [blame]	58	{
Tanous	f00032d	2018-11-05 01:18:10 -0300	[diff] [blame]	59	crow::DynamicRule& get = app.routeDynamic(entityUrl.c_str());
				60	getRule = &get;
Ed Tanous	b41187f	2019-10-24 16:30:02 -0700	[diff] [blame^]	61	get.methods(boost::beast::http::verb::get)(
				62	[this](const crow::Request& req, crow::Response& res,
				63	Params... params) {
				64	std::vector<std::string> paramVec = {params...};
				65	doGet(res, req, paramVec);
				66	});
Tanous	f00032d	2018-11-05 01:18:10 -0300	[diff] [blame]	67
				68	crow::DynamicRule& patch = app.routeDynamic(entityUrl.c_str());
				69	patchRule = &patch;
Ed Tanous	b41187f	2019-10-24 16:30:02 -0700	[diff] [blame^]	70	patch.methods(boost::beast::http::verb::patch)(
				71	[this](const crow::Request& req, crow::Response& res,
				72	Params... params) {
				73	std::vector<std::string> paramVec = {params...};
				74	doPatch(res, req, paramVec);
				75	});
Tanous	f00032d	2018-11-05 01:18:10 -0300	[diff] [blame]	76
				77	crow::DynamicRule& post = app.routeDynamic(entityUrl.c_str());
				78	postRule = &post;
Ed Tanous	b41187f	2019-10-24 16:30:02 -0700	[diff] [blame^]	79	post.methods(boost::beast::http::verb::post)(
				80	[this](const crow::Request& req, crow::Response& res,
				81	Params... params) {
				82	std::vector<std::string> paramVec = {params...};
				83	doPost(res, req, paramVec);
				84	});
Tanous	f00032d	2018-11-05 01:18:10 -0300	[diff] [blame]	85
				86	crow::DynamicRule& delete_ = app.routeDynamic(entityUrl.c_str());
				87	deleteRule = &delete_;
Ed Tanous	b41187f	2019-10-24 16:30:02 -0700	[diff] [blame^]	88	delete_.methods(boost::beast::http::verb::delete_)(
				89	[this](const crow::Request& req, crow::Response& res,
				90	Params... params) {
				91	std::vector<std::string> paramVec = {params...};
				92	doDelete(res, req, paramVec);
				93	});
Tanous	f00032d	2018-11-05 01:18:10 -0300	[diff] [blame]	94	}
				95
				96	void initPrivileges()
				97	{
				98	auto it = entityPrivileges.find(boost::beast::http::verb::get);
				99	if (it != entityPrivileges.end())
				100	{
				101	if (getRule != nullptr)
				102	{
				103	getRule->requires(it->second);
				104	}
				105	}
				106	it = entityPrivileges.find(boost::beast::http::verb::post);
				107	if (it != entityPrivileges.end())
				108	{
				109	if (postRule != nullptr)
				110	{
				111	postRule->requires(it->second);
				112	}
				113	}
				114	it = entityPrivileges.find(boost::beast::http::verb::patch);
				115	if (it != entityPrivileges.end())
				116	{
				117	if (patchRule != nullptr)
				118	{
				119	patchRule->requires(it->second);
				120	}
				121	}
				122	it = entityPrivileges.find(boost::beast::http::verb::delete_);
				123	if (it != entityPrivileges.end())
				124	{
				125	if (deleteRule != nullptr)
				126	{
				127	deleteRule->requires(it->second);
				128	}
				129	}
Borawski.Lukasz	c1a46bd	2018-02-08 13:31:59 +0100	[diff] [blame]	130	}
Ed Tanous	cbbfa96	2018-03-13 16:46:28 -0700	[diff] [blame]	131
Ed Tanous	1abe55e	2018-09-05 08:30:59 -0700	[diff] [blame]	132	virtual ~Node() = default;
Borawski.Lukasz	c1a46bd	2018-02-08 13:31:59 +0100	[diff] [blame]	133
Ed Tanous	1abe55e	2018-09-05 08:30:59 -0700	[diff] [blame]	134	OperationMap entityPrivileges;
Borawski.Lukasz	86e1b66	2018-01-19 14:22:14 +0100	[diff] [blame]	135
Tanous	f00032d	2018-11-05 01:18:10 -0300	[diff] [blame]	136	crow::DynamicRule* getRule = nullptr;
				137	crow::DynamicRule* postRule = nullptr;
				138	crow::DynamicRule* patchRule = nullptr;
				139	crow::DynamicRule* deleteRule = nullptr;
				140
Ed Tanous	1abe55e	2018-09-05 08:30:59 -0700	[diff] [blame]	141	protected:
				142	// Node is designed to be an abstract class, so doGet is pure virtual
				143	virtual void doGet(crow::Response& res, const crow::Request& req,
				144	const std::vector<std::string>& params)
				145	{
				146	res.result(boost::beast::http::status::method_not_allowed);
Borawski.Lukasz	86e1b66	2018-01-19 14:22:14 +0100	[diff] [blame]	147	res.end();
				148	}
Ed Tanous	1abe55e	2018-09-05 08:30:59 -0700	[diff] [blame]	149
				150	virtual void doPatch(crow::Response& res, const crow::Request& req,
				151	const std::vector<std::string>& params)
				152	{
				153	res.result(boost::beast::http::status::method_not_allowed);
				154	res.end();
				155	}
				156
				157	virtual void doPost(crow::Response& res, const crow::Request& req,
				158	const std::vector<std::string>& params)
				159	{
				160	res.result(boost::beast::http::status::method_not_allowed);
				161	res.end();
				162	}
				163
				164	virtual void doDelete(crow::Response& res, const crow::Request& req,
				165	const std::vector<std::string>& params)
				166	{
				167	res.result(boost::beast::http::status::method_not_allowed);
				168	res.end();
				169	}
Joseph Reynolds	900f949	2019-11-25 15:37:29 -0600	[diff] [blame]	170
Joseph Reynolds	3bf4e63	2020-02-06 14:44:32 -0600	[diff] [blame]	171	/* @brief Would the operation be allowed if the user did not have the
				172	* ConfigureSelf Privilege? Also honors session.isConfigureSelfOnly.
Joseph Reynolds	900f949	2019-11-25 15:37:29 -0600	[diff] [blame]	173	*
				174	* @param req the request
				175	*
				176	* @returns True if allowed, false otherwise
				177	*/
				178	inline bool isAllowedWithoutConfigureSelf(const crow::Request& req)
				179	{
RAJESWARAN THILLAIGOVINDAN	61dbeef	2019-12-13 04:26:54 -0600	[diff] [blame]	180	const std::string& userRole = req.userRole;
				181	BMCWEB_LOG_DEBUG << "isAllowedWithoutConfigureSelf for the role "
				182	<< req.userRole;
Joseph Reynolds	3bf4e63	2020-02-06 14:44:32 -0600	[diff] [blame]	183	Privileges effectiveUserPrivileges;
				184	if (req.session && req.session->isConfigureSelfOnly)
				185	{
				186	// The session has no privileges because it is limited to
				187	// configureSelfOnly and we are disregarding that privilege.
				188	// Note that some operations do not require any privilege.
				189	}
				190	else
				191	{
				192	effectiveUserPrivileges = redfish::getUserPrivileges(userRole);
				193	effectiveUserPrivileges.resetSinglePrivilege("ConfigureSelf");
				194	}
Joseph Reynolds	900f949	2019-11-25 15:37:29 -0600	[diff] [blame]	195	const auto& requiredPrivilegesIt = entityPrivileges.find(req.method());
				196	return (requiredPrivilegesIt != entityPrivileges.end()) &&
				197	isOperationAllowedWithPrivileges(requiredPrivilegesIt->second,
				198	effectiveUserPrivileges);
				199	}
Borawski.Lukasz	86e1b66	2018-01-19 14:22:14 +0100	[diff] [blame]	200	};
				201
Ed Tanous	1abe55e	2018-09-05 08:30:59 -0700	[diff] [blame]	202	} // namespace redfish