Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / bmcweb / 21c0ba6e6d977a46e957916bb0916f440fccb653 / . / redfish-core / lib / redfish_sessions.hpp
blob: 62e655fcc69e2221f28f4e937b0c9bcb8ddb5af7 [file] [log] [blame]
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]1/*
Ed Tanous6be832e2024-09-10 11:44:48 -0700[diff] [blame]2Copyright (c) 2018 Intel Corporation
3
4Licensed under the Apache License, Version 2.0 (the "License");
5you may not use this file except in compliance with the License.
6You may obtain a copy of the License at
7
8 http://www.apache.org/licenses/LICENSE-2.0
9
10Unless required by applicable law or agreed to in writing, software
11distributed under the License is distributed on an "AS IS" BASIS,
12WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13See the License for the specific language governing permissions and
14limitations under the License.
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]15*/
16#pragma once
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]17
Paul Fertserce22f602024-06-03 20:53:16 +0000[diff] [blame]18#include "account_service.hpp"
Ed Tanous3ccb3ad2023-01-13 17:40:03 -0800[diff] [blame]19#include "app.hpp"
Paul Fertser29aab242024-06-12 19:28:47 +0000[diff] [blame]20#include "cookies.hpp"
Kowalski, Kamilf4c4dcf2018-01-29 14:55:35 +0100[diff] [blame]21#include "error_messages.hpp"
Ed Tanous3ccb3ad2023-01-13 17:40:03 -0800[diff] [blame]22#include "http/utility.hpp"
Ed Tanous52cc1122020-07-18 13:51:21 -0700[diff] [blame]23#include "persistent_data.hpp"
Ed Tanous3ccb3ad2023-01-13 17:40:03 -0800[diff] [blame]24#include "query.hpp"
25#include "registries/privilege_registry.hpp"
26#include "utils/json_utils.hpp"
John Edward Broadbent7e860f12021-04-08 15:57:16 -0700[diff] [blame]27
Ed Tanousef4c65b2023-04-24 15:28:50 -0700[diff] [blame]28#include <boost/url/format.hpp>
29
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]30#include <string>
31#include <vector>
32
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]33namespace redfish
34{
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]35
Ed Tanous4f48d5f2021-06-21 08:27:45 -0700[diff] [blame]36inline void fillSessionObject(crow::Response& res,
37 const persistent_data::UserSession& session)
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]38{
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]39 res.jsonValue["Id"] = session.uniqueId;
40 res.jsonValue["UserName"] = session.username;
Paul Fertserce22f602024-06-03 20:53:16 +0000[diff] [blame]41 nlohmann::json::array_t roles;
42 roles.emplace_back(redfish::getRoleIdFromPrivilege(session.userRole));
43 res.jsonValue["Roles"] = std::move(roles);
Ed Tanousef4c65b2023-04-24 15:28:50 -0700[diff] [blame]44 res.jsonValue["@odata.id"] = boost::urls::format(
45 "/redfish/v1/SessionService/Sessions/{}", session.uniqueId);
Paul Fertserce22f602024-06-03 20:53:16 +0000[diff] [blame]46 res.jsonValue["@odata.type"] = "#Session.v1_7_0.Session";
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]47 res.jsonValue["Name"] = "User Session";
48 res.jsonValue["Description"] = "Manager User Session";
49 res.jsonValue["ClientOriginIPAddress"] = session.clientIp;
Ed Tanousbb759e32022-08-02 17:07:54 -0700[diff] [blame]50 if (session.clientId)
51 {
52 res.jsonValue["Context"] = *session.clientId;
53 }
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]54}
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]55
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]56inline void
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]57 handleSessionHead(crow::App& app, const crow::Request& req,
58 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
59 const std::string& /*sessionId*/)
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]60{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]61 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]62 {
63 return;
64 }
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]65 asyncResp->res.addHeader(
66 boost::beast::http::field::link,
67 "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby");
68}
69
70inline void
71 handleSessionGet(crow::App& app, const crow::Request& req,
72 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
73 const std::string& sessionId)
74{
Ed Tanous65ffbcb2023-05-16 08:54:11 -0700[diff] [blame]75 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
76 {
77 return;
78 }
79 asyncResp->res.addHeader(
80 boost::beast::http::field::link,
81 "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby");
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]82
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]83 // Note that control also reaches here via doPost and doDelete.
84 auto session =
85 persistent_data::SessionStore::getInstance().getSessionByUid(sessionId);
86
87 if (session == nullptr)
88 {
89 messages::resourceNotFound(asyncResp->res, "Session", sessionId);
90 return;
91 }
92
93 fillSessionObject(asyncResp->res, *session);
94}
95
96inline void
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]97 handleSessionDelete(crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]98 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
99 const std::string& sessionId)
100{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]101 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]102 {
103 return;
104 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]105 auto session =
106 persistent_data::SessionStore::getInstance().getSessionByUid(sessionId);
107
108 if (session == nullptr)
109 {
110 messages::resourceNotFound(asyncResp->res, "Session", sessionId);
111 return;
112 }
113
114 // Perform a proper ConfigureSelf authority check. If a
115 // session is being used to DELETE some other user's session,
116 // then the ConfigureSelf privilege does not apply. In that
117 // case, perform the authority check again without the user's
118 // ConfigureSelf privilege.
wukaihua-fii-na0fd29862022-05-18 09:19:16 +0800[diff] [blame]119 if (req.session != nullptr && !session->username.empty() &&
120 session->username != req.session->username)
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]121 {
122 Privileges effectiveUserPrivileges =
Ninad Palsule3e72c202023-03-27 17:19:55 -0500[diff] [blame]123 redfish::getUserPrivileges(*req.session);
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]124
125 if (!effectiveUserPrivileges.isSupersetOf({"ConfigureUsers"}))
126 {
127 messages::insufficientPrivilege(asyncResp->res);
128 return;
129 }
130 }
131
Paul Fertser8812e8b2024-09-18 12:16:37 +0000[diff] [blame]132 if (req.session != nullptr && req.session->uniqueId == sessionId &&
133 session->cookieAuth)
Paul Fertser29aab242024-06-12 19:28:47 +0000[diff] [blame]134 {
135 bmcweb::clearSessionCookies(asyncResp->res);
136 }
137
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]138 persistent_data::SessionStore::getInstance().removeSession(session);
139 messages::success(asyncResp->res);
140}
141
142inline nlohmann::json getSessionCollectionMembers()
143{
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]144 std::vector<std::string> sessionIds =
145 persistent_data::SessionStore::getInstance().getAllUniqueIds();
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]146 nlohmann::json ret = nlohmann::json::array();
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]147 for (const std::string& uid : sessionIds)
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]148 {
Ed Tanous14766872022-03-15 10:44:42 -0700[diff] [blame]149 nlohmann::json::object_t session;
Ed Tanousef4c65b2023-04-24 15:28:50 -0700[diff] [blame]150 session["@odata.id"] =
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]151 boost::urls::format("/redfish/v1/SessionService/Sessions/{}", uid);
Patrick Williamsb2ba3072023-05-12 10:27:39 -0500[diff] [blame]152 ret.emplace_back(std::move(session));
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]153 }
154 return ret;
155}
156
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]157inline void handleSessionCollectionHead(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]158 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]159 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
160{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]161 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]162 {
163 return;
164 }
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]165 asyncResp->res.addHeader(
166 boost::beast::http::field::link,
167 "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby");
168}
169
170inline void handleSessionCollectionGet(
171 crow::App& app, const crow::Request& req,
172 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
173{
Ed Tanous01a89a12022-08-05 09:18:54 -0700[diff] [blame]174 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
175 {
176 return;
177 }
178 asyncResp->res.addHeader(
179 boost::beast::http::field::link,
180 "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby");
181
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]182 asyncResp->res.jsonValue["Members"] = getSessionCollectionMembers();
183 asyncResp->res.jsonValue["Members@odata.count"] =
184 asyncResp->res.jsonValue["Members"].size();
185 asyncResp->res.jsonValue["@odata.type"] =
186 "#SessionCollection.SessionCollection";
187 asyncResp->res.jsonValue["@odata.id"] =
Gunnar Mills7a859ff2024-03-04 23:04:45 -0700[diff] [blame]188 "/redfish/v1/SessionService/Sessions";
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]189 asyncResp->res.jsonValue["Name"] = "Session Collection";
190 asyncResp->res.jsonValue["Description"] = "Session Collection";
191}
192
193inline void handleSessionCollectionMembersGet(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]194 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]195 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
196{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]197 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]198 {
199 return;
200 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]201 asyncResp->res.jsonValue = getSessionCollectionMembers();
202}
203
Ed Tanous4ee8e212022-05-28 09:42:51 -0700[diff] [blame]204inline void handleSessionCollectionPost(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]205 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]206 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
207{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]208 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]209 {
210 return;
211 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]212 std::string username;
213 std::string password;
Ed Tanousbb759e32022-08-02 17:07:54 -0700[diff] [blame]214 std::optional<std::string> clientId;
Ravi Teja2ccce1f2024-08-10 04:05:36 -0500[diff] [blame]215 std::optional<std::string> token;
Myung Baeafc474a2024-10-09 00:53:29 -0700[diff] [blame]216 if (!json_util::readJsonPatch( //
217 req, asyncResp->res, //
218 "Context", clientId, //
219 "Password", password, //
220 "Token", token, //
221 "UserName", username //
222 ))
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]223 {
224 return;
225 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]226 if (password.empty() || username.empty() ||
227 asyncResp->res.result() != boost::beast::http::status::ok)
228 {
229 if (username.empty())
230 {
231 messages::propertyMissing(asyncResp->res, "UserName");
232 }
233
234 if (password.empty())
235 {
236 messages::propertyMissing(asyncResp->res, "Password");
237 }
238
239 return;
240 }
241
Ravi Teja2ccce1f2024-08-10 04:05:36 -0500[diff] [blame]242 int pamrc = pamAuthenticateUser(username, password, token);
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]243 bool isConfigureSelfOnly = pamrc == PAM_NEW_AUTHTOK_REQD;
244 if ((pamrc != PAM_SUCCESS) && !isConfigureSelfOnly)
245 {
Ed Tanous39662a32023-02-06 15:09:46 -0800[diff] [blame]246 messages::resourceAtUriUnauthorized(asyncResp->res, req.url(),
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]247 "Invalid username or password");
248 return;
249 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]250
251 // User is authenticated - create session
252 std::shared_ptr<persistent_data::UserSession> session =
253 persistent_data::SessionStore::getInstance().generateUserSession(
254 username, req.ipAddress, clientId,
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]255 persistent_data::SessionType::Session, isConfigureSelfOnly);
Brad Bishop02e53ae2022-07-29 14:38:40 -0400[diff] [blame]256 if (session == nullptr)
257 {
258 messages::internalError(asyncResp->res);
259 return;
260 }
261
Paul Fertser29aab242024-06-12 19:28:47 +0000[diff] [blame]262 // When session is created by webui-vue give it session cookies as a
263 // non-standard Redfish extension. This is needed for authentication for
264 // WebSockets-based functionality.
265 if (!req.getHeaderValue("X-Requested-With").empty())
266 {
267 bmcweb::setSessionCookies(asyncResp->res, *session);
268 }
269 else
270 {
271 asyncResp->res.addHeader("X-Auth-Token", session->sessionToken);
272 }
273
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]274 asyncResp->res.addHeader(
275 "Location", "/redfish/v1/SessionService/Sessions/" + session->uniqueId);
276 asyncResp->res.result(boost::beast::http::status::created);
277 if (session->isConfigureSelfOnly)
278 {
279 messages::passwordChangeRequired(
280 asyncResp->res,
Ed Tanousef4c65b2023-04-24 15:28:50 -0700[diff] [blame]281 boost::urls::format("/redfish/v1/AccountService/Accounts/{}",
282 session->username));
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]283 }
284
Paul Fertser478c5a52024-06-26 22:27:59 +0000[diff] [blame]285 crow::getUserInfo(asyncResp, username, session, [asyncResp, session]() {
286 fillSessionObject(asyncResp->res, *session);
287 });
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]288}
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]289inline void handleSessionServiceHead(
290 crow::App& app, const crow::Request& req,
291 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
292{
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]293 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
294 {
295 return;
296 }
297 asyncResp->res.addHeader(
298 boost::beast::http::field::link,
299 "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby");
300}
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]301inline void
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]302 handleSessionServiceGet(crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]303 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
304
305{
Gunnar Mills78e39002023-05-17 11:52:44 -0500[diff] [blame]306 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
307 {
308 return;
309 }
310 asyncResp->res.addHeader(
311 boost::beast::http::field::link,
312 "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby");
313
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]314 asyncResp->res.jsonValue["@odata.type"] =
315 "#SessionService.v1_0_2.SessionService";
Gunnar Mills7a859ff2024-03-04 23:04:45 -0700[diff] [blame]316 asyncResp->res.jsonValue["@odata.id"] = "/redfish/v1/SessionService";
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]317 asyncResp->res.jsonValue["Name"] = "Session Service";
318 asyncResp->res.jsonValue["Id"] = "SessionService";
319 asyncResp->res.jsonValue["Description"] = "Session Service";
320 asyncResp->res.jsonValue["SessionTimeout"] =
321 persistent_data::SessionStore::getInstance().getTimeoutInSeconds();
322 asyncResp->res.jsonValue["ServiceEnabled"] = true;
323
Ed Tanous14766872022-03-15 10:44:42 -0700[diff] [blame]324 asyncResp->res.jsonValue["Sessions"]["@odata.id"] =
325 "/redfish/v1/SessionService/Sessions";
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]326}
327
328inline void handleSessionServicePatch(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]329 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]330 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
331{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]332 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]333 {
334 return;
335 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]336 std::optional<int64_t> sessionTimeout;
Myung Baeafc474a2024-10-09 00:53:29 -0700[diff] [blame]337 if (!json_util::readJsonPatch( //
338 req, asyncResp->res, //
339 "SessionTimeout", sessionTimeout //
340 ))
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]341 {
342 return;
343 }
344
345 if (sessionTimeout)
346 {
Ed Tanous8ece0e42024-01-02 13:16:50 -0800[diff] [blame]347 // The minimum & maximum allowed values for session timeout
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]348 // are 30 seconds and 86400 seconds respectively as per the
349 // session service schema mentioned at
350 // https://redfish.dmtf.org/schemas/v1/SessionService.v1_1_7.json
351
352 if (*sessionTimeout <= 86400 && *sessionTimeout >= 30)
353 {
354 std::chrono::seconds sessionTimeoutInseconds(*sessionTimeout);
355 persistent_data::SessionStore::getInstance().updateSessionTimeout(
356 sessionTimeoutInseconds);
357 messages::propertyValueModified(asyncResp->res, "SessionTimeOut",
358 std::to_string(*sessionTimeout));
359 }
360 else
361 {
Ed Tanouse2616cc2022-06-27 12:45:55 -0700[diff] [blame]362 messages::propertyValueNotInList(asyncResp->res, *sessionTimeout,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]363 "SessionTimeOut");
364 }
365 }
366}
367
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]368inline void requestRoutesSession(App& app)
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]369{
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]370 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/")
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]371 .privileges(redfish::privileges::headSession)
372 .methods(boost::beast::http::verb::head)(
373 std::bind_front(handleSessionHead, std::ref(app)));
374
375 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]376 .privileges(redfish::privileges::getSession)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]377 .methods(boost::beast::http::verb::get)(
378 std::bind_front(handleSessionGet, std::ref(app)));
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]379
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]380 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]381 .privileges(redfish::privileges::deleteSession)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]382 .methods(boost::beast::http::verb::delete_)(
383 std::bind_front(handleSessionDelete, std::ref(app)));
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]384
385 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/")
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]386 .privileges(redfish::privileges::headSessionCollection)
387 .methods(boost::beast::http::verb::head)(
388 std::bind_front(handleSessionCollectionHead, std::ref(app)));
389
390 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]391 .privileges(redfish::privileges::getSessionCollection)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]392 .methods(boost::beast::http::verb::get)(
393 std::bind_front(handleSessionCollectionGet, std::ref(app)));
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]394
Ed Tanouse76cd862022-03-14 09:12:00 -0700[diff] [blame]395 // Note, the next two routes technically don't match the privilege
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]396 // registry given the way login mechanisms work. The base privilege
397 // registry lists this endpoint as requiring login privilege, but because
398 // this is the endpoint responsible for giving the login privilege, and it
399 // is itself its own route, it needs to not require Login
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]400 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/")
401 .privileges({})
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]402 .methods(boost::beast::http::verb::post)(
403 std::bind_front(handleSessionCollectionPost, std::ref(app)));
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]404
Ed Tanouse76cd862022-03-14 09:12:00 -0700[diff] [blame]405 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/Members/")
406 .privileges({})
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]407 .methods(boost::beast::http::verb::post)(
408 std::bind_front(handleSessionCollectionPost, std::ref(app)));
Ed Tanouse76cd862022-03-14 09:12:00 -0700[diff] [blame]409
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]410 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/")
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]411 .privileges(redfish::privileges::headSessionService)
412 .methods(boost::beast::http::verb::head)(
413 std::bind_front(handleSessionServiceHead, std::ref(app)));
414
415 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]416 .privileges(redfish::privileges::getSessionService)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]417 .methods(boost::beast::http::verb::get)(
418 std::bind_front(handleSessionServiceGet, std::ref(app)));
Borawski.Lukasz5d27b852018-02-08 13:24:24 +0100[diff] [blame]419
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]420 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]421 .privileges(redfish::privileges::patchSessionService)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]422 .methods(boost::beast::http::verb::patch)(
423 std::bind_front(handleSessionServicePatch, std::ref(app)));
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]424}
Borawski.Lukasz5d27b852018-02-08 13:24:24 +0100[diff] [blame]425
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]426} // namespace redfish