Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / bmcweb / 900f949773795141266271107219ea019f2839cd / . / redfish-core / include / node.hpp
blob: fddeaa01e5a8dac8ab823337c50e305b6ce801a4 [file] [log] [blame]
Borawski.Lukasz86e1b662018-01-19 14:22:14 +0100[diff] [blame]1/*
2// Copyright (c) 2018 Intel Corporation
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8// http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15*/
16#pragma once
17
Borawski.Lukasz86e1b662018-01-19 14:22:14 +0100[diff] [blame]18#include "privileges.hpp"
19#include "token_authorization_middleware.hpp"
Borawski.Lukaszc1a46bd2018-02-08 13:31:59 +0100[diff] [blame]20#include "webserver_common.hpp"
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]21
Ed Tanousa0803ef2018-08-29 13:29:23 -0700[diff] [blame]22#include <error_messages.hpp>
Ed Tanous770841b2019-02-27 10:25:45 -0800[diff] [blame]23#include <vector>
Ed Tanousa0803ef2018-08-29 13:29:23 -0700[diff] [blame]24
Ed Tanousc94ad492019-10-10 15:39:33 -0700[diff] [blame]25#include "http_request.h"
26#include "http_response.h"
Borawski.Lukasz86e1b662018-01-19 14:22:14 +0100[diff] [blame]27
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]28namespace redfish
29{
Borawski.Lukasz86e1b662018-01-19 14:22:14 +0100[diff] [blame]30
31/**
Kowalski, Kamil588c3f02018-04-03 14:55:27 +0200[diff] [blame]32 * AsyncResp
33 * Gathers data needed for response processing after async calls are done
34 */
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]35class AsyncResp
36{
37 public:
38 AsyncResp(crow::Response& response) : res(response)
39 {
40 }
Kowalski, Kamil588c3f02018-04-03 14:55:27 +0200[diff] [blame]41
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]42 ~AsyncResp()
43 {
44 res.end();
45 }
Kowalski, Kamil588c3f02018-04-03 14:55:27 +0200[diff] [blame]46
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]47 crow::Response& res;
Kowalski, Kamil588c3f02018-04-03 14:55:27 +0200[diff] [blame]48};
49
50/**
Borawski.Lukasz86e1b662018-01-19 14:22:14 +0100[diff] [blame]51 * @brief Abstract class used for implementing Redfish nodes.
52 *
53 */
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]54class Node
55{
56 public:
57 template <typename... Params>
Ed Tanous271584a2019-07-09 16:24:22 -0700[diff] [blame]58 Node(CrowApp& app, std::string&& entityUrl, Params... paramsIn)
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]59 {
Tanousf00032d2018-11-05 01:18:10 -0300[diff] [blame]60 crow::DynamicRule& get = app.routeDynamic(entityUrl.c_str());
61 getRule = &get;
62 get.methods("GET"_method)([this](const crow::Request& req,
63 crow::Response& res,
64 Params... params) {
65 std::vector<std::string> paramVec = {params...};
66 doGet(res, req, paramVec);
67 });
68
69 crow::DynamicRule& patch = app.routeDynamic(entityUrl.c_str());
70 patchRule = &patch;
71 patch.methods("PATCH"_method)([this](const crow::Request& req,
72 crow::Response& res,
73 Params... params) {
74 std::vector<std::string> paramVec = {params...};
75 doPatch(res, req, paramVec);
76 });
77
78 crow::DynamicRule& post = app.routeDynamic(entityUrl.c_str());
79 postRule = &post;
80 post.methods("POST"_method)([this](const crow::Request& req,
81 crow::Response& res,
82 Params... params) {
83 std::vector<std::string> paramVec = {params...};
84 doPost(res, req, paramVec);
85 });
86
87 crow::DynamicRule& delete_ = app.routeDynamic(entityUrl.c_str());
88 deleteRule = &delete_;
89 delete_.methods("DELETE"_method)([this](const crow::Request& req,
90 crow::Response& res,
91 Params... params) {
92 std::vector<std::string> paramVec = {params...};
93 doDelete(res, req, paramVec);
94 });
95 }
96
97 void initPrivileges()
98 {
99 auto it = entityPrivileges.find(boost::beast::http::verb::get);
100 if (it != entityPrivileges.end())
101 {
102 if (getRule != nullptr)
103 {
104 getRule->requires(it->second);
105 }
106 }
107 it = entityPrivileges.find(boost::beast::http::verb::post);
108 if (it != entityPrivileges.end())
109 {
110 if (postRule != nullptr)
111 {
112 postRule->requires(it->second);
113 }
114 }
115 it = entityPrivileges.find(boost::beast::http::verb::patch);
116 if (it != entityPrivileges.end())
117 {
118 if (patchRule != nullptr)
119 {
120 patchRule->requires(it->second);
121 }
122 }
123 it = entityPrivileges.find(boost::beast::http::verb::delete_);
124 if (it != entityPrivileges.end())
125 {
126 if (deleteRule != nullptr)
127 {
128 deleteRule->requires(it->second);
129 }
130 }
Borawski.Lukaszc1a46bd2018-02-08 13:31:59 +0100[diff] [blame]131 }
Ed Tanouscbbfa962018-03-13 16:46:28 -0700[diff] [blame]132
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]133 virtual ~Node() = default;
Borawski.Lukaszc1a46bd2018-02-08 13:31:59 +0100[diff] [blame]134
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]135 OperationMap entityPrivileges;
Borawski.Lukasz86e1b662018-01-19 14:22:14 +0100[diff] [blame]136
Tanousf00032d2018-11-05 01:18:10 -0300[diff] [blame]137 crow::DynamicRule* getRule = nullptr;
138 crow::DynamicRule* postRule = nullptr;
139 crow::DynamicRule* patchRule = nullptr;
140 crow::DynamicRule* deleteRule = nullptr;
141
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]142 protected:
143 // Node is designed to be an abstract class, so doGet is pure virtual
144 virtual void doGet(crow::Response& res, const crow::Request& req,
145 const std::vector<std::string>& params)
146 {
147 res.result(boost::beast::http::status::method_not_allowed);
Borawski.Lukasz86e1b662018-01-19 14:22:14 +0100[diff] [blame]148 res.end();
149 }
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]150
151 virtual void doPatch(crow::Response& res, const crow::Request& req,
152 const std::vector<std::string>& params)
153 {
154 res.result(boost::beast::http::status::method_not_allowed);
155 res.end();
156 }
157
158 virtual void doPost(crow::Response& res, const crow::Request& req,
159 const std::vector<std::string>& params)
160 {
161 res.result(boost::beast::http::status::method_not_allowed);
162 res.end();
163 }
164
165 virtual void doDelete(crow::Response& res, const crow::Request& req,
166 const std::vector<std::string>& params)
167 {
168 res.result(boost::beast::http::status::method_not_allowed);
169 res.end();
170 }
Joseph Reynolds900f9492019-11-25 15:37:29 -0600[diff] [blame^]171
172 /* @brief Would the operation be allowed if the user did not have
173 * the ConfigureSelf Privilege?
174 *
175 * @param req the request
176 *
177 * @returns True if allowed, false otherwise
178 */
179 inline bool isAllowedWithoutConfigureSelf(const crow::Request& req)
180 {
181 const std::string& userRole =
182 crow::persistent_data::UserRoleMap::getInstance().getUserRole(
183 req.session->username);
184 Privileges effectiveUserPrivileges =
185 redfish::getUserPrivileges(userRole);
186 effectiveUserPrivileges.resetSinglePrivilege("ConfigureSelf");
187 const auto& requiredPrivilegesIt = entityPrivileges.find(req.method());
188 return (requiredPrivilegesIt != entityPrivileges.end()) &&
189 isOperationAllowedWithPrivileges(requiredPrivilegesIt->second,
190 effectiveUserPrivileges);
191 }
Borawski.Lukasz86e1b662018-01-19 14:22:14 +0100[diff] [blame]192};
193
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]194} // namespace redfish