Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / bmcweb / ac1e1246464e28fe4313ba936a6b8f64ec65bb12 / . / redfish-core / lib / redfish_sessions.hpp
blob: dba1aac770a92762efd5e71516f5130085d27bba [file] [log] [blame]
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]1/*
2// Copyright (c) 2018 Intel Corporation
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8// http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15*/
16#pragma once
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]17
Paul Fertserce22f602024-06-03 20:53:16 +0000[diff] [blame]18#include "account_service.hpp"
Ed Tanous3ccb3ad2023-01-13 17:40:03 -0800[diff] [blame]19#include "app.hpp"
Paul Fertser29aab242024-06-12 19:28:47 +0000[diff] [blame]20#include "cookies.hpp"
Kowalski, Kamilf4c4dcf2018-01-29 14:55:35 +0100[diff] [blame]21#include "error_messages.hpp"
Ed Tanous3ccb3ad2023-01-13 17:40:03 -0800[diff] [blame]22#include "http/utility.hpp"
Ed Tanous52cc1122020-07-18 13:51:21 -0700[diff] [blame]23#include "persistent_data.hpp"
Ed Tanous3ccb3ad2023-01-13 17:40:03 -0800[diff] [blame]24#include "query.hpp"
25#include "registries/privilege_registry.hpp"
26#include "utils/json_utils.hpp"
John Edward Broadbent7e860f12021-04-08 15:57:16 -0700[diff] [blame]27
Ed Tanousef4c65b2023-04-24 15:28:50 -0700[diff] [blame]28#include <boost/url/format.hpp>
29
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]30namespace redfish
31{
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]32
Ed Tanous4f48d5f2021-06-21 08:27:45 -0700[diff] [blame]33inline void fillSessionObject(crow::Response& res,
34 const persistent_data::UserSession& session)
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]35{
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]36 res.jsonValue["Id"] = session.uniqueId;
37 res.jsonValue["UserName"] = session.username;
Paul Fertserce22f602024-06-03 20:53:16 +0000[diff] [blame]38 nlohmann::json::array_t roles;
39 roles.emplace_back(redfish::getRoleIdFromPrivilege(session.userRole));
40 res.jsonValue["Roles"] = std::move(roles);
Ed Tanousef4c65b2023-04-24 15:28:50 -0700[diff] [blame]41 res.jsonValue["@odata.id"] = boost::urls::format(
42 "/redfish/v1/SessionService/Sessions/{}", session.uniqueId);
Paul Fertserce22f602024-06-03 20:53:16 +0000[diff] [blame]43 res.jsonValue["@odata.type"] = "#Session.v1_7_0.Session";
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]44 res.jsonValue["Name"] = "User Session";
45 res.jsonValue["Description"] = "Manager User Session";
46 res.jsonValue["ClientOriginIPAddress"] = session.clientIp;
Ed Tanousbb759e32022-08-02 17:07:54 -0700[diff] [blame]47 if (session.clientId)
48 {
49 res.jsonValue["Context"] = *session.clientId;
50 }
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]51}
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]52
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]53inline void
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]54 handleSessionHead(crow::App& app, const crow::Request& req,
55 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
56 const std::string& /*sessionId*/)
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]57{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]58 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]59 {
60 return;
61 }
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]62 asyncResp->res.addHeader(
63 boost::beast::http::field::link,
64 "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby");
65}
66
67inline void
68 handleSessionGet(crow::App& app, const crow::Request& req,
69 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
70 const std::string& sessionId)
71{
Ed Tanous65ffbcb2023-05-16 08:54:11 -0700[diff] [blame]72 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
73 {
74 return;
75 }
76 asyncResp->res.addHeader(
77 boost::beast::http::field::link,
78 "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby");
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]79
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]80 // Note that control also reaches here via doPost and doDelete.
81 auto session =
82 persistent_data::SessionStore::getInstance().getSessionByUid(sessionId);
83
84 if (session == nullptr)
85 {
86 messages::resourceNotFound(asyncResp->res, "Session", sessionId);
87 return;
88 }
89
90 fillSessionObject(asyncResp->res, *session);
91}
92
93inline void
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]94 handleSessionDelete(crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]95 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
96 const std::string& sessionId)
97{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]98 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]99 {
100 return;
101 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]102 auto session =
103 persistent_data::SessionStore::getInstance().getSessionByUid(sessionId);
104
105 if (session == nullptr)
106 {
107 messages::resourceNotFound(asyncResp->res, "Session", sessionId);
108 return;
109 }
110
111 // Perform a proper ConfigureSelf authority check. If a
112 // session is being used to DELETE some other user's session,
113 // then the ConfigureSelf privilege does not apply. In that
114 // case, perform the authority check again without the user's
115 // ConfigureSelf privilege.
wukaihua-fii-na0fd29862022-05-18 09:19:16 +0800[diff] [blame]116 if (req.session != nullptr && !session->username.empty() &&
117 session->username != req.session->username)
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]118 {
119 Privileges effectiveUserPrivileges =
Ninad Palsule3e72c202023-03-27 17:19:55 -0500[diff] [blame]120 redfish::getUserPrivileges(*req.session);
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]121
122 if (!effectiveUserPrivileges.isSupersetOf({"ConfigureUsers"}))
123 {
124 messages::insufficientPrivilege(asyncResp->res);
125 return;
126 }
127 }
128
Paul Fertser29aab242024-06-12 19:28:47 +0000[diff] [blame]129 if (session->cookieAuth)
130 {
131 bmcweb::clearSessionCookies(asyncResp->res);
132 }
133
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]134 persistent_data::SessionStore::getInstance().removeSession(session);
135 messages::success(asyncResp->res);
136}
137
138inline nlohmann::json getSessionCollectionMembers()
139{
140 std::vector<const std::string*> sessionIds =
141 persistent_data::SessionStore::getInstance().getUniqueIds(
142 false, persistent_data::PersistenceType::TIMEOUT);
143 nlohmann::json ret = nlohmann::json::array();
144 for (const std::string* uid : sessionIds)
145 {
Ed Tanous14766872022-03-15 10:44:42 -0700[diff] [blame]146 nlohmann::json::object_t session;
Ed Tanousef4c65b2023-04-24 15:28:50 -0700[diff] [blame]147 session["@odata.id"] =
148 boost::urls::format("/redfish/v1/SessionService/Sessions/{}", *uid);
Patrick Williamsb2ba3072023-05-12 10:27:39 -0500[diff] [blame]149 ret.emplace_back(std::move(session));
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]150 }
151 return ret;
152}
153
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]154inline void handleSessionCollectionHead(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]155 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]156 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
157{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]158 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]159 {
160 return;
161 }
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]162 asyncResp->res.addHeader(
163 boost::beast::http::field::link,
164 "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby");
165}
166
167inline void handleSessionCollectionGet(
168 crow::App& app, const crow::Request& req,
169 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
170{
Ed Tanous01a89a12022-08-05 09:18:54 -0700[diff] [blame]171 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
172 {
173 return;
174 }
175 asyncResp->res.addHeader(
176 boost::beast::http::field::link,
177 "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby");
178
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]179 asyncResp->res.jsonValue["Members"] = getSessionCollectionMembers();
180 asyncResp->res.jsonValue["Members@odata.count"] =
181 asyncResp->res.jsonValue["Members"].size();
182 asyncResp->res.jsonValue["@odata.type"] =
183 "#SessionCollection.SessionCollection";
184 asyncResp->res.jsonValue["@odata.id"] =
Gunnar Mills7a859ff2024-03-04 23:04:45 -0700[diff] [blame]185 "/redfish/v1/SessionService/Sessions";
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]186 asyncResp->res.jsonValue["Name"] = "Session Collection";
187 asyncResp->res.jsonValue["Description"] = "Session Collection";
188}
189
190inline void handleSessionCollectionMembersGet(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]191 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]192 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
193{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]194 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]195 {
196 return;
197 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]198 asyncResp->res.jsonValue = getSessionCollectionMembers();
199}
200
Ed Tanous4ee8e212022-05-28 09:42:51 -0700[diff] [blame]201inline void handleSessionCollectionPost(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]202 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]203 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
204{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]205 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]206 {
207 return;
208 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]209 std::string username;
210 std::string password;
Ed Tanousbb759e32022-08-02 17:07:54 -0700[diff] [blame]211 std::optional<std::string> clientId;
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]212 if (!json_util::readJsonPatch(req, asyncResp->res, "UserName", username,
Ed Tanousd678d4f2023-01-07 14:40:40 -0800[diff] [blame]213 "Password", password, "Context", clientId))
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]214 {
215 return;
216 }
217
218 if (password.empty() || username.empty() ||
219 asyncResp->res.result() != boost::beast::http::status::ok)
220 {
221 if (username.empty())
222 {
223 messages::propertyMissing(asyncResp->res, "UserName");
224 }
225
226 if (password.empty())
227 {
228 messages::propertyMissing(asyncResp->res, "Password");
229 }
230
231 return;
232 }
233
234 int pamrc = pamAuthenticateUser(username, password);
235 bool isConfigureSelfOnly = pamrc == PAM_NEW_AUTHTOK_REQD;
236 if ((pamrc != PAM_SUCCESS) && !isConfigureSelfOnly)
237 {
Ed Tanous39662a32023-02-06 15:09:46 -0800[diff] [blame]238 messages::resourceAtUriUnauthorized(asyncResp->res, req.url(),
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]239 "Invalid username or password");
240 return;
241 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]242
243 // User is authenticated - create session
244 std::shared_ptr<persistent_data::UserSession> session =
245 persistent_data::SessionStore::getInstance().generateUserSession(
246 username, req.ipAddress, clientId,
247 persistent_data::PersistenceType::TIMEOUT, isConfigureSelfOnly);
Brad Bishop02e53ae2022-07-29 14:38:40 -0400[diff] [blame]248 if (session == nullptr)
249 {
250 messages::internalError(asyncResp->res);
251 return;
252 }
253
Paul Fertser29aab242024-06-12 19:28:47 +0000[diff] [blame]254 // When session is created by webui-vue give it session cookies as a
255 // non-standard Redfish extension. This is needed for authentication for
256 // WebSockets-based functionality.
257 if (!req.getHeaderValue("X-Requested-With").empty())
258 {
259 bmcweb::setSessionCookies(asyncResp->res, *session);
260 }
261 else
262 {
263 asyncResp->res.addHeader("X-Auth-Token", session->sessionToken);
264 }
265
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]266 asyncResp->res.addHeader(
267 "Location", "/redfish/v1/SessionService/Sessions/" + session->uniqueId);
268 asyncResp->res.result(boost::beast::http::status::created);
269 if (session->isConfigureSelfOnly)
270 {
271 messages::passwordChangeRequired(
272 asyncResp->res,
Ed Tanousef4c65b2023-04-24 15:28:50 -0700[diff] [blame]273 boost::urls::format("/redfish/v1/AccountService/Accounts/{}",
274 session->username));
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]275 }
276
Paul Fertser478c5a52024-06-26 22:27:59 +0000[diff] [blame]277 crow::getUserInfo(asyncResp, username, session, [asyncResp, session]() {
278 fillSessionObject(asyncResp->res, *session);
279 });
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]280}
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]281inline void handleSessionServiceHead(
282 crow::App& app, const crow::Request& req,
283 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
284{
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]285 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
286 {
287 return;
288 }
289 asyncResp->res.addHeader(
290 boost::beast::http::field::link,
291 "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby");
292}
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]293inline void
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]294 handleSessionServiceGet(crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]295 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
296
297{
Gunnar Mills78e39002023-05-17 11:52:44 -0500[diff] [blame]298 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
299 {
300 return;
301 }
302 asyncResp->res.addHeader(
303 boost::beast::http::field::link,
304 "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby");
305
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]306 asyncResp->res.jsonValue["@odata.type"] =
307 "#SessionService.v1_0_2.SessionService";
Gunnar Mills7a859ff2024-03-04 23:04:45 -0700[diff] [blame]308 asyncResp->res.jsonValue["@odata.id"] = "/redfish/v1/SessionService";
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]309 asyncResp->res.jsonValue["Name"] = "Session Service";
310 asyncResp->res.jsonValue["Id"] = "SessionService";
311 asyncResp->res.jsonValue["Description"] = "Session Service";
312 asyncResp->res.jsonValue["SessionTimeout"] =
313 persistent_data::SessionStore::getInstance().getTimeoutInSeconds();
314 asyncResp->res.jsonValue["ServiceEnabled"] = true;
315
Ed Tanous14766872022-03-15 10:44:42 -0700[diff] [blame]316 asyncResp->res.jsonValue["Sessions"]["@odata.id"] =
317 "/redfish/v1/SessionService/Sessions";
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]318}
319
320inline void handleSessionServicePatch(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]321 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]322 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
323{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]324 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]325 {
326 return;
327 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]328 std::optional<int64_t> sessionTimeout;
329 if (!json_util::readJsonPatch(req, asyncResp->res, "SessionTimeout",
330 sessionTimeout))
331 {
332 return;
333 }
334
335 if (sessionTimeout)
336 {
Ed Tanous8ece0e42024-01-02 13:16:50 -0800[diff] [blame]337 // The minimum & maximum allowed values for session timeout
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]338 // are 30 seconds and 86400 seconds respectively as per the
339 // session service schema mentioned at
340 // https://redfish.dmtf.org/schemas/v1/SessionService.v1_1_7.json
341
342 if (*sessionTimeout <= 86400 && *sessionTimeout >= 30)
343 {
344 std::chrono::seconds sessionTimeoutInseconds(*sessionTimeout);
345 persistent_data::SessionStore::getInstance().updateSessionTimeout(
346 sessionTimeoutInseconds);
347 messages::propertyValueModified(asyncResp->res, "SessionTimeOut",
348 std::to_string(*sessionTimeout));
349 }
350 else
351 {
Ed Tanouse2616cc2022-06-27 12:45:55 -0700[diff] [blame]352 messages::propertyValueNotInList(asyncResp->res, *sessionTimeout,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]353 "SessionTimeOut");
354 }
355 }
356}
357
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]358inline void requestRoutesSession(App& app)
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]359{
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]360 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/")
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]361 .privileges(redfish::privileges::headSession)
362 .methods(boost::beast::http::verb::head)(
363 std::bind_front(handleSessionHead, std::ref(app)));
364
365 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]366 .privileges(redfish::privileges::getSession)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]367 .methods(boost::beast::http::verb::get)(
368 std::bind_front(handleSessionGet, std::ref(app)));
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]369
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]370 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]371 .privileges(redfish::privileges::deleteSession)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]372 .methods(boost::beast::http::verb::delete_)(
373 std::bind_front(handleSessionDelete, std::ref(app)));
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]374
375 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/")
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]376 .privileges(redfish::privileges::headSessionCollection)
377 .methods(boost::beast::http::verb::head)(
378 std::bind_front(handleSessionCollectionHead, std::ref(app)));
379
380 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]381 .privileges(redfish::privileges::getSessionCollection)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]382 .methods(boost::beast::http::verb::get)(
383 std::bind_front(handleSessionCollectionGet, std::ref(app)));
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]384
Ed Tanouse76cd862022-03-14 09:12:00 -0700[diff] [blame]385 // Note, the next two routes technically don't match the privilege
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]386 // registry given the way login mechanisms work. The base privilege
387 // registry lists this endpoint as requiring login privilege, but because
388 // this is the endpoint responsible for giving the login privilege, and it
389 // is itself its own route, it needs to not require Login
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]390 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/")
391 .privileges({})
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]392 .methods(boost::beast::http::verb::post)(
393 std::bind_front(handleSessionCollectionPost, std::ref(app)));
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]394
Ed Tanouse76cd862022-03-14 09:12:00 -0700[diff] [blame]395 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/Members/")
396 .privileges({})
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]397 .methods(boost::beast::http::verb::post)(
398 std::bind_front(handleSessionCollectionPost, std::ref(app)));
Ed Tanouse76cd862022-03-14 09:12:00 -0700[diff] [blame]399
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]400 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/")
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]401 .privileges(redfish::privileges::headSessionService)
402 .methods(boost::beast::http::verb::head)(
403 std::bind_front(handleSessionServiceHead, std::ref(app)));
404
405 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]406 .privileges(redfish::privileges::getSessionService)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]407 .methods(boost::beast::http::verb::get)(
408 std::bind_front(handleSessionServiceGet, std::ref(app)));
Borawski.Lukasz5d27b852018-02-08 13:24:24 +0100[diff] [blame]409
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]410 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]411 .privileges(redfish::privileges::patchSessionService)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]412 .methods(boost::beast::http::verb::patch)(
413 std::bind_front(handleSessionServicePatch, std::ref(app)));
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]414}
Borawski.Lukasz5d27b852018-02-08 13:24:24 +0100[diff] [blame]415
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]416} // namespace redfish