Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / bmcweb / 92e11bf8fe87746f6981b9c416e6f2d26c86169f / . / redfish-core / lib / redfish_sessions.hpp
blob: 40b946f787e74e0fd8ac3a53fd48ef268f252c21 [file] [log] [blame]
Ed Tanous40e9b922024-09-10 13:50:16 -0700[diff] [blame]1// SPDX-License-Identifier: Apache-2.0
2// SPDX-FileCopyrightText: Copyright OpenBMC Authors
3// SPDX-FileCopyrightText: Copyright 2018 Intel Corporation
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]4#pragma once
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]5
Paul Fertserce22f602024-06-03 20:53:16 +0000[diff] [blame]6#include "account_service.hpp"
Ed Tanous3ccb3ad2023-01-13 17:40:03 -0800[diff] [blame]7#include "app.hpp"
Ed Tanousd7857202025-01-28 15:32:26 -0800[diff] [blame]8#include "async_resp.hpp"
Paul Fertser29aab242024-06-12 19:28:47 +0000[diff] [blame]9#include "cookies.hpp"
Ed Tanousd7857202025-01-28 15:32:26 -0800[diff] [blame]10#include "dbus_privileges.hpp"
Kowalski, Kamilf4c4dcf2018-01-29 14:55:35 +0100[diff] [blame]11#include "error_messages.hpp"
Ed Tanousd7857202025-01-28 15:32:26 -0800[diff] [blame]12#include "http_request.hpp"
13#include "http_response.hpp"
14#include "pam_authenticate.hpp"
15#include "privileges.hpp"
Ed Tanous3ccb3ad2023-01-13 17:40:03 -0800[diff] [blame]16#include "query.hpp"
17#include "registries/privilege_registry.hpp"
Ed Tanousd7857202025-01-28 15:32:26 -0800[diff] [blame]18#include "sessions.hpp"
Ed Tanous3ccb3ad2023-01-13 17:40:03 -0800[diff] [blame]19#include "utils/json_utils.hpp"
John Edward Broadbent7e860f12021-04-08 15:57:16 -0700[diff] [blame]20
Ed Tanousd7857202025-01-28 15:32:26 -0800[diff] [blame]21#include <security/_pam_types.h>
22
23#include <boost/beast/http/field.hpp>
24#include <boost/beast/http/status.hpp>
25#include <boost/beast/http/verb.hpp>
Ed Tanousef4c65b2023-04-24 15:28:50 -0700[diff] [blame]26#include <boost/url/format.hpp>
27
Ed Tanousd7857202025-01-28 15:32:26 -0800[diff] [blame]28#include <chrono>
29#include <cstdint>
30#include <functional>
31#include <memory>
32#include <optional>
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]33#include <string>
Ed Tanousd7857202025-01-28 15:32:26 -0800[diff] [blame]34#include <utility>
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]35#include <vector>
36
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]37namespace redfish
38{
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]39
Ed Tanous4f48d5f2021-06-21 08:27:45 -0700[diff] [blame]40inline void fillSessionObject(crow::Response& res,
41 const persistent_data::UserSession& session)
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]42{
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]43 res.jsonValue["Id"] = session.uniqueId;
44 res.jsonValue["UserName"] = session.username;
Paul Fertserce22f602024-06-03 20:53:16 +0000[diff] [blame]45 nlohmann::json::array_t roles;
46 roles.emplace_back(redfish::getRoleIdFromPrivilege(session.userRole));
47 res.jsonValue["Roles"] = std::move(roles);
Ed Tanousef4c65b2023-04-24 15:28:50 -0700[diff] [blame]48 res.jsonValue["@odata.id"] = boost::urls::format(
49 "/redfish/v1/SessionService/Sessions/{}", session.uniqueId);
Paul Fertserce22f602024-06-03 20:53:16 +0000[diff] [blame]50 res.jsonValue["@odata.type"] = "#Session.v1_7_0.Session";
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]51 res.jsonValue["Name"] = "User Session";
52 res.jsonValue["Description"] = "Manager User Session";
53 res.jsonValue["ClientOriginIPAddress"] = session.clientIp;
Ed Tanousbb759e32022-08-02 17:07:54 -0700[diff] [blame]54 if (session.clientId)
55 {
56 res.jsonValue["Context"] = *session.clientId;
57 }
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]58}
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]59
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]60inline void
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]61 handleSessionHead(crow::App& app, const crow::Request& req,
62 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
63 const std::string& /*sessionId*/)
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]64{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]65 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]66 {
67 return;
68 }
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]69 asyncResp->res.addHeader(
70 boost::beast::http::field::link,
71 "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby");
72}
73
74inline void
75 handleSessionGet(crow::App& app, const crow::Request& req,
76 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
77 const std::string& sessionId)
78{
Ed Tanous65ffbcb2023-05-16 08:54:11 -0700[diff] [blame]79 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
80 {
81 return;
82 }
83 asyncResp->res.addHeader(
84 boost::beast::http::field::link,
85 "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby");
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]86
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]87 // Note that control also reaches here via doPost and doDelete.
88 auto session =
89 persistent_data::SessionStore::getInstance().getSessionByUid(sessionId);
90
91 if (session == nullptr)
92 {
93 messages::resourceNotFound(asyncResp->res, "Session", sessionId);
94 return;
95 }
96
97 fillSessionObject(asyncResp->res, *session);
98}
99
100inline void
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]101 handleSessionDelete(crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]102 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
103 const std::string& sessionId)
104{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]105 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]106 {
107 return;
108 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]109 auto session =
110 persistent_data::SessionStore::getInstance().getSessionByUid(sessionId);
111
112 if (session == nullptr)
113 {
114 messages::resourceNotFound(asyncResp->res, "Session", sessionId);
115 return;
116 }
117
118 // Perform a proper ConfigureSelf authority check. If a
119 // session is being used to DELETE some other user's session,
120 // then the ConfigureSelf privilege does not apply. In that
121 // case, perform the authority check again without the user's
122 // ConfigureSelf privilege.
wukaihua-fii-na0fd29862022-05-18 09:19:16 +0800[diff] [blame]123 if (req.session != nullptr && !session->username.empty() &&
124 session->username != req.session->username)
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]125 {
126 Privileges effectiveUserPrivileges =
Ninad Palsule3e72c202023-03-27 17:19:55 -0500[diff] [blame]127 redfish::getUserPrivileges(*req.session);
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]128
129 if (!effectiveUserPrivileges.isSupersetOf({"ConfigureUsers"}))
130 {
131 messages::insufficientPrivilege(asyncResp->res);
132 return;
133 }
134 }
135
Paul Fertser8812e8b2024-09-18 12:16:37 +0000[diff] [blame]136 if (req.session != nullptr && req.session->uniqueId == sessionId &&
137 session->cookieAuth)
Paul Fertser29aab242024-06-12 19:28:47 +0000[diff] [blame]138 {
139 bmcweb::clearSessionCookies(asyncResp->res);
140 }
141
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]142 persistent_data::SessionStore::getInstance().removeSession(session);
143 messages::success(asyncResp->res);
144}
145
146inline nlohmann::json getSessionCollectionMembers()
147{
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]148 std::vector<std::string> sessionIds =
149 persistent_data::SessionStore::getInstance().getAllUniqueIds();
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]150 nlohmann::json ret = nlohmann::json::array();
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]151 for (const std::string& uid : sessionIds)
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]152 {
Ed Tanous14766872022-03-15 10:44:42 -0700[diff] [blame]153 nlohmann::json::object_t session;
Ed Tanousef4c65b2023-04-24 15:28:50 -0700[diff] [blame]154 session["@odata.id"] =
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]155 boost::urls::format("/redfish/v1/SessionService/Sessions/{}", uid);
Patrick Williamsb2ba3072023-05-12 10:27:39 -0500[diff] [blame]156 ret.emplace_back(std::move(session));
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]157 }
158 return ret;
159}
160
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]161inline void handleSessionCollectionHead(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]162 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]163 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
164{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]165 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]166 {
167 return;
168 }
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]169 asyncResp->res.addHeader(
170 boost::beast::http::field::link,
171 "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby");
172}
173
174inline void handleSessionCollectionGet(
175 crow::App& app, const crow::Request& req,
176 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
177{
Ed Tanous01a89a12022-08-05 09:18:54 -0700[diff] [blame]178 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
179 {
180 return;
181 }
182 asyncResp->res.addHeader(
183 boost::beast::http::field::link,
184 "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby");
185
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]186 asyncResp->res.jsonValue["Members"] = getSessionCollectionMembers();
187 asyncResp->res.jsonValue["Members@odata.count"] =
188 asyncResp->res.jsonValue["Members"].size();
189 asyncResp->res.jsonValue["@odata.type"] =
190 "#SessionCollection.SessionCollection";
191 asyncResp->res.jsonValue["@odata.id"] =
Gunnar Mills7a859ff2024-03-04 23:04:45 -0700[diff] [blame]192 "/redfish/v1/SessionService/Sessions";
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]193 asyncResp->res.jsonValue["Name"] = "Session Collection";
194 asyncResp->res.jsonValue["Description"] = "Session Collection";
195}
196
197inline void handleSessionCollectionMembersGet(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]198 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]199 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
200{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]201 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]202 {
203 return;
204 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]205 asyncResp->res.jsonValue = getSessionCollectionMembers();
206}
207
Jishnu CMbe2f1242024-12-03 00:45:20 -0600[diff] [blame]208inline void processAfterSessionCreation(
209 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
210 const crow::Request& req, const std::string& username,
211 std::shared_ptr<persistent_data::UserSession>& session)
212{
213 // When session is created by webui-vue give it session cookies as a
214 // non-standard Redfish extension. This is needed for authentication for
215 // WebSockets-based functionality.
216 if (!req.getHeaderValue("X-Requested-With").empty())
217 {
218 bmcweb::setSessionCookies(asyncResp->res, *session);
219 }
220 else
221 {
222 asyncResp->res.addHeader("X-Auth-Token", session->sessionToken);
223 }
224
225 asyncResp->res.addHeader(
226 "Location", "/redfish/v1/SessionService/Sessions/" + session->uniqueId);
227 asyncResp->res.result(boost::beast::http::status::created);
228 if (session->isConfigureSelfOnly)
229 {
230 messages::passwordChangeRequired(
231 asyncResp->res,
232 boost::urls::format("/redfish/v1/AccountService/Accounts/{}",
233 session->username));
234 }
235
236 crow::getUserInfo(asyncResp, username, session, [asyncResp, session]() {
237 fillSessionObject(asyncResp->res, *session);
238 });
239}
240
Ed Tanous4ee8e212022-05-28 09:42:51 -0700[diff] [blame]241inline void handleSessionCollectionPost(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]242 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]243 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
244{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]245 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]246 {
247 return;
248 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]249 std::string username;
250 std::string password;
Ed Tanousbb759e32022-08-02 17:07:54 -0700[diff] [blame]251 std::optional<std::string> clientId;
Ravi Teja2ccce1f2024-08-10 04:05:36 -0500[diff] [blame]252 std::optional<std::string> token;
Myung Baeafc474a2024-10-09 00:53:29 -0700[diff] [blame]253 if (!json_util::readJsonPatch( //
254 req, asyncResp->res, //
255 "Context", clientId, //
256 "Password", password, //
257 "Token", token, //
258 "UserName", username //
259 ))
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]260 {
261 return;
262 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]263 if (password.empty() || username.empty() ||
264 asyncResp->res.result() != boost::beast::http::status::ok)
265 {
266 if (username.empty())
267 {
268 messages::propertyMissing(asyncResp->res, "UserName");
269 }
270
271 if (password.empty())
272 {
273 messages::propertyMissing(asyncResp->res, "Password");
274 }
275
276 return;
277 }
278
Ravi Teja2ccce1f2024-08-10 04:05:36 -0500[diff] [blame]279 int pamrc = pamAuthenticateUser(username, password, token);
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]280 bool isConfigureSelfOnly = pamrc == PAM_NEW_AUTHTOK_REQD;
281 if ((pamrc != PAM_SUCCESS) && !isConfigureSelfOnly)
282 {
Ed Tanous39662a32023-02-06 15:09:46 -0800[diff] [blame]283 messages::resourceAtUriUnauthorized(asyncResp->res, req.url(),
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]284 "Invalid username or password");
285 return;
286 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]287
288 // User is authenticated - create session
289 std::shared_ptr<persistent_data::UserSession> session =
290 persistent_data::SessionStore::getInstance().generateUserSession(
291 username, req.ipAddress, clientId,
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]292 persistent_data::SessionType::Session, isConfigureSelfOnly);
Brad Bishop02e53ae2022-07-29 14:38:40 -0400[diff] [blame]293 if (session == nullptr)
294 {
295 messages::internalError(asyncResp->res);
296 return;
297 }
Jishnu CMbe2f1242024-12-03 00:45:20 -0600[diff] [blame]298 processAfterSessionCreation(asyncResp, req, username, session);
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]299}
Jishnu CMbe2f1242024-12-03 00:45:20 -0600[diff] [blame]300
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]301inline void handleSessionServiceHead(
302 crow::App& app, const crow::Request& req,
303 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
304{
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]305 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
306 {
307 return;
308 }
309 asyncResp->res.addHeader(
310 boost::beast::http::field::link,
311 "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby");
312}
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]313inline void
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]314 handleSessionServiceGet(crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]315 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
316
317{
Gunnar Mills78e39002023-05-17 11:52:44 -0500[diff] [blame]318 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
319 {
320 return;
321 }
322 asyncResp->res.addHeader(
323 boost::beast::http::field::link,
324 "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby");
325
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]326 asyncResp->res.jsonValue["@odata.type"] =
327 "#SessionService.v1_0_2.SessionService";
Gunnar Mills7a859ff2024-03-04 23:04:45 -0700[diff] [blame]328 asyncResp->res.jsonValue["@odata.id"] = "/redfish/v1/SessionService";
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]329 asyncResp->res.jsonValue["Name"] = "Session Service";
330 asyncResp->res.jsonValue["Id"] = "SessionService";
331 asyncResp->res.jsonValue["Description"] = "Session Service";
332 asyncResp->res.jsonValue["SessionTimeout"] =
333 persistent_data::SessionStore::getInstance().getTimeoutInSeconds();
334 asyncResp->res.jsonValue["ServiceEnabled"] = true;
335
Ed Tanous14766872022-03-15 10:44:42 -0700[diff] [blame]336 asyncResp->res.jsonValue["Sessions"]["@odata.id"] =
337 "/redfish/v1/SessionService/Sessions";
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]338}
339
340inline void handleSessionServicePatch(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]341 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]342 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
343{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]344 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]345 {
346 return;
347 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]348 std::optional<int64_t> sessionTimeout;
Myung Baeafc474a2024-10-09 00:53:29 -0700[diff] [blame]349 if (!json_util::readJsonPatch( //
350 req, asyncResp->res, //
351 "SessionTimeout", sessionTimeout //
352 ))
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]353 {
354 return;
355 }
356
357 if (sessionTimeout)
358 {
Ed Tanous8ece0e42024-01-02 13:16:50 -0800[diff] [blame]359 // The minimum & maximum allowed values for session timeout
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]360 // are 30 seconds and 86400 seconds respectively as per the
361 // session service schema mentioned at
362 // https://redfish.dmtf.org/schemas/v1/SessionService.v1_1_7.json
363
364 if (*sessionTimeout <= 86400 && *sessionTimeout >= 30)
365 {
366 std::chrono::seconds sessionTimeoutInseconds(*sessionTimeout);
367 persistent_data::SessionStore::getInstance().updateSessionTimeout(
368 sessionTimeoutInseconds);
369 messages::propertyValueModified(asyncResp->res, "SessionTimeOut",
370 std::to_string(*sessionTimeout));
371 }
372 else
373 {
Ed Tanouse2616cc2022-06-27 12:45:55 -0700[diff] [blame]374 messages::propertyValueNotInList(asyncResp->res, *sessionTimeout,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]375 "SessionTimeOut");
376 }
377 }
378}
379
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]380inline void requestRoutesSession(App& app)
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]381{
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]382 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/")
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]383 .privileges(redfish::privileges::headSession)
384 .methods(boost::beast::http::verb::head)(
385 std::bind_front(handleSessionHead, std::ref(app)));
386
387 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]388 .privileges(redfish::privileges::getSession)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]389 .methods(boost::beast::http::verb::get)(
390 std::bind_front(handleSessionGet, std::ref(app)));
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]391
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]392 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]393 .privileges(redfish::privileges::deleteSession)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]394 .methods(boost::beast::http::verb::delete_)(
395 std::bind_front(handleSessionDelete, std::ref(app)));
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]396
397 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/")
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]398 .privileges(redfish::privileges::headSessionCollection)
399 .methods(boost::beast::http::verb::head)(
400 std::bind_front(handleSessionCollectionHead, std::ref(app)));
401
402 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]403 .privileges(redfish::privileges::getSessionCollection)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]404 .methods(boost::beast::http::verb::get)(
405 std::bind_front(handleSessionCollectionGet, std::ref(app)));
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]406
Ed Tanouse76cd862022-03-14 09:12:00 -0700[diff] [blame]407 // Note, the next two routes technically don't match the privilege
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]408 // registry given the way login mechanisms work. The base privilege
409 // registry lists this endpoint as requiring login privilege, but because
410 // this is the endpoint responsible for giving the login privilege, and it
411 // is itself its own route, it needs to not require Login
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]412 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/")
413 .privileges({})
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]414 .methods(boost::beast::http::verb::post)(
415 std::bind_front(handleSessionCollectionPost, std::ref(app)));
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]416
Ed Tanouse76cd862022-03-14 09:12:00 -0700[diff] [blame]417 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/Members/")
418 .privileges({})
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]419 .methods(boost::beast::http::verb::post)(
420 std::bind_front(handleSessionCollectionPost, std::ref(app)));
Ed Tanouse76cd862022-03-14 09:12:00 -0700[diff] [blame]421
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]422 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/")
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]423 .privileges(redfish::privileges::headSessionService)
424 .methods(boost::beast::http::verb::head)(
425 std::bind_front(handleSessionServiceHead, std::ref(app)));
426
427 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]428 .privileges(redfish::privileges::getSessionService)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]429 .methods(boost::beast::http::verb::get)(
430 std::bind_front(handleSessionServiceGet, std::ref(app)));
Borawski.Lukasz5d27b852018-02-08 13:24:24 +0100[diff] [blame]431
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]432 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]433 .privileges(redfish::privileges::patchSessionService)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]434 .methods(boost::beast::http::verb::patch)(
435 std::bind_front(handleSessionServicePatch, std::ref(app)));
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]436}
Borawski.Lukasz5d27b852018-02-08 13:24:24 +0100[diff] [blame]437
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]438} // namespace redfish