Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / bmcweb / be2f124cec67c51dae320e856b83da9e846a148c / . / redfish-core / lib / redfish_sessions.hpp
blob: 5b5234ad82e591092671525a24ee5a4fd20b89bd [file] [log] [blame]
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]1/*
Ed Tanous6be832e2024-09-10 11:44:48 -0700[diff] [blame]2Copyright (c) 2018 Intel Corporation
3
4Licensed under the Apache License, Version 2.0 (the "License");
5you may not use this file except in compliance with the License.
6You may obtain a copy of the License at
7
8 http://www.apache.org/licenses/LICENSE-2.0
9
10Unless required by applicable law or agreed to in writing, software
11distributed under the License is distributed on an "AS IS" BASIS,
12WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13See the License for the specific language governing permissions and
14limitations under the License.
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]15*/
16#pragma once
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]17
Paul Fertserce22f602024-06-03 20:53:16 +0000[diff] [blame]18#include "account_service.hpp"
Ed Tanous3ccb3ad2023-01-13 17:40:03 -0800[diff] [blame]19#include "app.hpp"
Paul Fertser29aab242024-06-12 19:28:47 +0000[diff] [blame]20#include "cookies.hpp"
Kowalski, Kamilf4c4dcf2018-01-29 14:55:35 +0100[diff] [blame]21#include "error_messages.hpp"
Ed Tanous3ccb3ad2023-01-13 17:40:03 -0800[diff] [blame]22#include "http/utility.hpp"
Ed Tanous52cc1122020-07-18 13:51:21 -0700[diff] [blame]23#include "persistent_data.hpp"
Ed Tanous3ccb3ad2023-01-13 17:40:03 -0800[diff] [blame]24#include "query.hpp"
25#include "registries/privilege_registry.hpp"
26#include "utils/json_utils.hpp"
John Edward Broadbent7e860f12021-04-08 15:57:16 -0700[diff] [blame]27
Ed Tanousef4c65b2023-04-24 15:28:50 -0700[diff] [blame]28#include <boost/url/format.hpp>
29
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]30#include <string>
31#include <vector>
32
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]33namespace redfish
34{
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]35
Ed Tanous4f48d5f2021-06-21 08:27:45 -0700[diff] [blame]36inline void fillSessionObject(crow::Response& res,
37 const persistent_data::UserSession& session)
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]38{
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]39 res.jsonValue["Id"] = session.uniqueId;
40 res.jsonValue["UserName"] = session.username;
Paul Fertserce22f602024-06-03 20:53:16 +0000[diff] [blame]41 nlohmann::json::array_t roles;
42 roles.emplace_back(redfish::getRoleIdFromPrivilege(session.userRole));
43 res.jsonValue["Roles"] = std::move(roles);
Ed Tanousef4c65b2023-04-24 15:28:50 -0700[diff] [blame]44 res.jsonValue["@odata.id"] = boost::urls::format(
45 "/redfish/v1/SessionService/Sessions/{}", session.uniqueId);
Paul Fertserce22f602024-06-03 20:53:16 +0000[diff] [blame]46 res.jsonValue["@odata.type"] = "#Session.v1_7_0.Session";
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]47 res.jsonValue["Name"] = "User Session";
48 res.jsonValue["Description"] = "Manager User Session";
49 res.jsonValue["ClientOriginIPAddress"] = session.clientIp;
Ed Tanousbb759e32022-08-02 17:07:54 -0700[diff] [blame]50 if (session.clientId)
51 {
52 res.jsonValue["Context"] = *session.clientId;
53 }
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]54}
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]55
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]56inline void
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]57 handleSessionHead(crow::App& app, const crow::Request& req,
58 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
59 const std::string& /*sessionId*/)
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]60{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]61 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]62 {
63 return;
64 }
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]65 asyncResp->res.addHeader(
66 boost::beast::http::field::link,
67 "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby");
68}
69
70inline void
71 handleSessionGet(crow::App& app, const crow::Request& req,
72 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
73 const std::string& sessionId)
74{
Ed Tanous65ffbcb2023-05-16 08:54:11 -0700[diff] [blame]75 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
76 {
77 return;
78 }
79 asyncResp->res.addHeader(
80 boost::beast::http::field::link,
81 "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby");
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]82
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]83 // Note that control also reaches here via doPost and doDelete.
84 auto session =
85 persistent_data::SessionStore::getInstance().getSessionByUid(sessionId);
86
87 if (session == nullptr)
88 {
89 messages::resourceNotFound(asyncResp->res, "Session", sessionId);
90 return;
91 }
92
93 fillSessionObject(asyncResp->res, *session);
94}
95
96inline void
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]97 handleSessionDelete(crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]98 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
99 const std::string& sessionId)
100{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]101 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]102 {
103 return;
104 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]105 auto session =
106 persistent_data::SessionStore::getInstance().getSessionByUid(sessionId);
107
108 if (session == nullptr)
109 {
110 messages::resourceNotFound(asyncResp->res, "Session", sessionId);
111 return;
112 }
113
114 // Perform a proper ConfigureSelf authority check. If a
115 // session is being used to DELETE some other user's session,
116 // then the ConfigureSelf privilege does not apply. In that
117 // case, perform the authority check again without the user's
118 // ConfigureSelf privilege.
wukaihua-fii-na0fd29862022-05-18 09:19:16 +0800[diff] [blame]119 if (req.session != nullptr && !session->username.empty() &&
120 session->username != req.session->username)
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]121 {
122 Privileges effectiveUserPrivileges =
Ninad Palsule3e72c202023-03-27 17:19:55 -0500[diff] [blame]123 redfish::getUserPrivileges(*req.session);
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]124
125 if (!effectiveUserPrivileges.isSupersetOf({"ConfigureUsers"}))
126 {
127 messages::insufficientPrivilege(asyncResp->res);
128 return;
129 }
130 }
131
Paul Fertser8812e8b2024-09-18 12:16:37 +0000[diff] [blame]132 if (req.session != nullptr && req.session->uniqueId == sessionId &&
133 session->cookieAuth)
Paul Fertser29aab242024-06-12 19:28:47 +0000[diff] [blame]134 {
135 bmcweb::clearSessionCookies(asyncResp->res);
136 }
137
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]138 persistent_data::SessionStore::getInstance().removeSession(session);
139 messages::success(asyncResp->res);
140}
141
142inline nlohmann::json getSessionCollectionMembers()
143{
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]144 std::vector<std::string> sessionIds =
145 persistent_data::SessionStore::getInstance().getAllUniqueIds();
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]146 nlohmann::json ret = nlohmann::json::array();
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]147 for (const std::string& uid : sessionIds)
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]148 {
Ed Tanous14766872022-03-15 10:44:42 -0700[diff] [blame]149 nlohmann::json::object_t session;
Ed Tanousef4c65b2023-04-24 15:28:50 -0700[diff] [blame]150 session["@odata.id"] =
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]151 boost::urls::format("/redfish/v1/SessionService/Sessions/{}", uid);
Patrick Williamsb2ba3072023-05-12 10:27:39 -0500[diff] [blame]152 ret.emplace_back(std::move(session));
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]153 }
154 return ret;
155}
156
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]157inline void handleSessionCollectionHead(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]158 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]159 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
160{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]161 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]162 {
163 return;
164 }
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]165 asyncResp->res.addHeader(
166 boost::beast::http::field::link,
167 "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby");
168}
169
170inline void handleSessionCollectionGet(
171 crow::App& app, const crow::Request& req,
172 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
173{
Ed Tanous01a89a12022-08-05 09:18:54 -0700[diff] [blame]174 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
175 {
176 return;
177 }
178 asyncResp->res.addHeader(
179 boost::beast::http::field::link,
180 "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby");
181
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]182 asyncResp->res.jsonValue["Members"] = getSessionCollectionMembers();
183 asyncResp->res.jsonValue["Members@odata.count"] =
184 asyncResp->res.jsonValue["Members"].size();
185 asyncResp->res.jsonValue["@odata.type"] =
186 "#SessionCollection.SessionCollection";
187 asyncResp->res.jsonValue["@odata.id"] =
Gunnar Mills7a859ff2024-03-04 23:04:45 -0700[diff] [blame]188 "/redfish/v1/SessionService/Sessions";
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]189 asyncResp->res.jsonValue["Name"] = "Session Collection";
190 asyncResp->res.jsonValue["Description"] = "Session Collection";
191}
192
193inline void handleSessionCollectionMembersGet(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]194 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]195 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
196{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]197 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]198 {
199 return;
200 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]201 asyncResp->res.jsonValue = getSessionCollectionMembers();
202}
203
Jishnu CMbe2f1242024-12-03 00:45:20 -0600[diff] [blame^]204inline void processAfterSessionCreation(
205 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
206 const crow::Request& req, const std::string& username,
207 std::shared_ptr<persistent_data::UserSession>& session)
208{
209 // When session is created by webui-vue give it session cookies as a
210 // non-standard Redfish extension. This is needed for authentication for
211 // WebSockets-based functionality.
212 if (!req.getHeaderValue("X-Requested-With").empty())
213 {
214 bmcweb::setSessionCookies(asyncResp->res, *session);
215 }
216 else
217 {
218 asyncResp->res.addHeader("X-Auth-Token", session->sessionToken);
219 }
220
221 asyncResp->res.addHeader(
222 "Location", "/redfish/v1/SessionService/Sessions/" + session->uniqueId);
223 asyncResp->res.result(boost::beast::http::status::created);
224 if (session->isConfigureSelfOnly)
225 {
226 messages::passwordChangeRequired(
227 asyncResp->res,
228 boost::urls::format("/redfish/v1/AccountService/Accounts/{}",
229 session->username));
230 }
231
232 crow::getUserInfo(asyncResp, username, session, [asyncResp, session]() {
233 fillSessionObject(asyncResp->res, *session);
234 });
235}
236
Ed Tanous4ee8e212022-05-28 09:42:51 -0700[diff] [blame]237inline void handleSessionCollectionPost(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]238 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]239 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
240{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]241 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]242 {
243 return;
244 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]245 std::string username;
246 std::string password;
Ed Tanousbb759e32022-08-02 17:07:54 -0700[diff] [blame]247 std::optional<std::string> clientId;
Ravi Teja2ccce1f2024-08-10 04:05:36 -0500[diff] [blame]248 std::optional<std::string> token;
Myung Baeafc474a2024-10-09 00:53:29 -0700[diff] [blame]249 if (!json_util::readJsonPatch( //
250 req, asyncResp->res, //
251 "Context", clientId, //
252 "Password", password, //
253 "Token", token, //
254 "UserName", username //
255 ))
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]256 {
257 return;
258 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]259 if (password.empty() || username.empty() ||
260 asyncResp->res.result() != boost::beast::http::status::ok)
261 {
262 if (username.empty())
263 {
264 messages::propertyMissing(asyncResp->res, "UserName");
265 }
266
267 if (password.empty())
268 {
269 messages::propertyMissing(asyncResp->res, "Password");
270 }
271
272 return;
273 }
274
Ravi Teja2ccce1f2024-08-10 04:05:36 -0500[diff] [blame]275 int pamrc = pamAuthenticateUser(username, password, token);
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]276 bool isConfigureSelfOnly = pamrc == PAM_NEW_AUTHTOK_REQD;
277 if ((pamrc != PAM_SUCCESS) && !isConfigureSelfOnly)
278 {
Ed Tanous39662a32023-02-06 15:09:46 -0800[diff] [blame]279 messages::resourceAtUriUnauthorized(asyncResp->res, req.url(),
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]280 "Invalid username or password");
281 return;
282 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]283
284 // User is authenticated - create session
285 std::shared_ptr<persistent_data::UserSession> session =
286 persistent_data::SessionStore::getInstance().generateUserSession(
287 username, req.ipAddress, clientId,
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]288 persistent_data::SessionType::Session, isConfigureSelfOnly);
Brad Bishop02e53ae2022-07-29 14:38:40 -0400[diff] [blame]289 if (session == nullptr)
290 {
291 messages::internalError(asyncResp->res);
292 return;
293 }
Jishnu CMbe2f1242024-12-03 00:45:20 -0600[diff] [blame^]294 processAfterSessionCreation(asyncResp, req, username, session);
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]295}
Jishnu CMbe2f1242024-12-03 00:45:20 -0600[diff] [blame^]296
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]297inline void handleSessionServiceHead(
298 crow::App& app, const crow::Request& req,
299 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
300{
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]301 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
302 {
303 return;
304 }
305 asyncResp->res.addHeader(
306 boost::beast::http::field::link,
307 "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby");
308}
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]309inline void
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]310 handleSessionServiceGet(crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]311 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
312
313{
Gunnar Mills78e39002023-05-17 11:52:44 -0500[diff] [blame]314 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
315 {
316 return;
317 }
318 asyncResp->res.addHeader(
319 boost::beast::http::field::link,
320 "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby");
321
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]322 asyncResp->res.jsonValue["@odata.type"] =
323 "#SessionService.v1_0_2.SessionService";
Gunnar Mills7a859ff2024-03-04 23:04:45 -0700[diff] [blame]324 asyncResp->res.jsonValue["@odata.id"] = "/redfish/v1/SessionService";
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]325 asyncResp->res.jsonValue["Name"] = "Session Service";
326 asyncResp->res.jsonValue["Id"] = "SessionService";
327 asyncResp->res.jsonValue["Description"] = "Session Service";
328 asyncResp->res.jsonValue["SessionTimeout"] =
329 persistent_data::SessionStore::getInstance().getTimeoutInSeconds();
330 asyncResp->res.jsonValue["ServiceEnabled"] = true;
331
Ed Tanous14766872022-03-15 10:44:42 -0700[diff] [blame]332 asyncResp->res.jsonValue["Sessions"]["@odata.id"] =
333 "/redfish/v1/SessionService/Sessions";
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]334}
335
336inline void handleSessionServicePatch(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]337 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]338 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
339{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]340 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]341 {
342 return;
343 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]344 std::optional<int64_t> sessionTimeout;
Myung Baeafc474a2024-10-09 00:53:29 -0700[diff] [blame]345 if (!json_util::readJsonPatch( //
346 req, asyncResp->res, //
347 "SessionTimeout", sessionTimeout //
348 ))
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]349 {
350 return;
351 }
352
353 if (sessionTimeout)
354 {
Ed Tanous8ece0e42024-01-02 13:16:50 -0800[diff] [blame]355 // The minimum & maximum allowed values for session timeout
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]356 // are 30 seconds and 86400 seconds respectively as per the
357 // session service schema mentioned at
358 // https://redfish.dmtf.org/schemas/v1/SessionService.v1_1_7.json
359
360 if (*sessionTimeout <= 86400 && *sessionTimeout >= 30)
361 {
362 std::chrono::seconds sessionTimeoutInseconds(*sessionTimeout);
363 persistent_data::SessionStore::getInstance().updateSessionTimeout(
364 sessionTimeoutInseconds);
365 messages::propertyValueModified(asyncResp->res, "SessionTimeOut",
366 std::to_string(*sessionTimeout));
367 }
368 else
369 {
Ed Tanouse2616cc2022-06-27 12:45:55 -0700[diff] [blame]370 messages::propertyValueNotInList(asyncResp->res, *sessionTimeout,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]371 "SessionTimeOut");
372 }
373 }
374}
375
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]376inline void requestRoutesSession(App& app)
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]377{
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]378 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/")
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]379 .privileges(redfish::privileges::headSession)
380 .methods(boost::beast::http::verb::head)(
381 std::bind_front(handleSessionHead, std::ref(app)));
382
383 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]384 .privileges(redfish::privileges::getSession)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]385 .methods(boost::beast::http::verb::get)(
386 std::bind_front(handleSessionGet, std::ref(app)));
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]387
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]388 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]389 .privileges(redfish::privileges::deleteSession)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]390 .methods(boost::beast::http::verb::delete_)(
391 std::bind_front(handleSessionDelete, std::ref(app)));
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]392
393 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/")
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]394 .privileges(redfish::privileges::headSessionCollection)
395 .methods(boost::beast::http::verb::head)(
396 std::bind_front(handleSessionCollectionHead, std::ref(app)));
397
398 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]399 .privileges(redfish::privileges::getSessionCollection)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]400 .methods(boost::beast::http::verb::get)(
401 std::bind_front(handleSessionCollectionGet, std::ref(app)));
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]402
Ed Tanouse76cd862022-03-14 09:12:00 -0700[diff] [blame]403 // Note, the next two routes technically don't match the privilege
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]404 // registry given the way login mechanisms work. The base privilege
405 // registry lists this endpoint as requiring login privilege, but because
406 // this is the endpoint responsible for giving the login privilege, and it
407 // is itself its own route, it needs to not require Login
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]408 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/")
409 .privileges({})
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]410 .methods(boost::beast::http::verb::post)(
411 std::bind_front(handleSessionCollectionPost, std::ref(app)));
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]412
Ed Tanouse76cd862022-03-14 09:12:00 -0700[diff] [blame]413 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/Members/")
414 .privileges({})
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]415 .methods(boost::beast::http::verb::post)(
416 std::bind_front(handleSessionCollectionPost, std::ref(app)));
Ed Tanouse76cd862022-03-14 09:12:00 -0700[diff] [blame]417
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]418 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/")
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]419 .privileges(redfish::privileges::headSessionService)
420 .methods(boost::beast::http::verb::head)(
421 std::bind_front(handleSessionServiceHead, std::ref(app)));
422
423 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]424 .privileges(redfish::privileges::getSessionService)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]425 .methods(boost::beast::http::verb::get)(
426 std::bind_front(handleSessionServiceGet, std::ref(app)));
Borawski.Lukasz5d27b852018-02-08 13:24:24 +0100[diff] [blame]427
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]428 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]429 .privileges(redfish::privileges::patchSessionService)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]430 .methods(boost::beast::http::verb::patch)(
431 std::bind_front(handleSessionServicePatch, std::ref(app)));
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]432}
Borawski.Lukasz5d27b852018-02-08 13:24:24 +0100[diff] [blame]433
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]434} // namespace redfish