Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / bmcweb / 3d66430a19af19df9669ccad106af292eec0cdd7 / . / redfish-core / lib / redfish_sessions.hpp
blob: 4561f52c3ed324bb248acaa36823be92febb2ed6 [file] [log] [blame]
Ed Tanous40e9b922024-09-10 13:50:16 -0700[diff] [blame]1// SPDX-License-Identifier: Apache-2.0
2// SPDX-FileCopyrightText: Copyright OpenBMC Authors
3// SPDX-FileCopyrightText: Copyright 2018 Intel Corporation
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]4#pragma once
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]5
Paul Fertserce22f602024-06-03 20:53:16 +0000[diff] [blame]6#include "account_service.hpp"
Ed Tanous3ccb3ad2023-01-13 17:40:03 -0800[diff] [blame]7#include "app.hpp"
Paul Fertser29aab242024-06-12 19:28:47 +0000[diff] [blame]8#include "cookies.hpp"
Kowalski, Kamilf4c4dcf2018-01-29 14:55:35 +0100[diff] [blame]9#include "error_messages.hpp"
Ed Tanous3ccb3ad2023-01-13 17:40:03 -0800[diff] [blame]10#include "http/utility.hpp"
Ed Tanous52cc1122020-07-18 13:51:21 -0700[diff] [blame]11#include "persistent_data.hpp"
Ed Tanous3ccb3ad2023-01-13 17:40:03 -0800[diff] [blame]12#include "query.hpp"
13#include "registries/privilege_registry.hpp"
14#include "utils/json_utils.hpp"
John Edward Broadbent7e860f12021-04-08 15:57:16 -0700[diff] [blame]15
Ed Tanousef4c65b2023-04-24 15:28:50 -0700[diff] [blame]16#include <boost/url/format.hpp>
17
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]18#include <string>
19#include <vector>
20
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]21namespace redfish
22{
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]23
Ed Tanous4f48d5f2021-06-21 08:27:45 -0700[diff] [blame]24inline void fillSessionObject(crow::Response& res,
25 const persistent_data::UserSession& session)
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]26{
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]27 res.jsonValue["Id"] = session.uniqueId;
28 res.jsonValue["UserName"] = session.username;
Paul Fertserce22f602024-06-03 20:53:16 +0000[diff] [blame]29 nlohmann::json::array_t roles;
30 roles.emplace_back(redfish::getRoleIdFromPrivilege(session.userRole));
31 res.jsonValue["Roles"] = std::move(roles);
Ed Tanousef4c65b2023-04-24 15:28:50 -0700[diff] [blame]32 res.jsonValue["@odata.id"] = boost::urls::format(
33 "/redfish/v1/SessionService/Sessions/{}", session.uniqueId);
Paul Fertserce22f602024-06-03 20:53:16 +0000[diff] [blame]34 res.jsonValue["@odata.type"] = "#Session.v1_7_0.Session";
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]35 res.jsonValue["Name"] = "User Session";
36 res.jsonValue["Description"] = "Manager User Session";
37 res.jsonValue["ClientOriginIPAddress"] = session.clientIp;
Ed Tanousbb759e32022-08-02 17:07:54 -0700[diff] [blame]38 if (session.clientId)
39 {
40 res.jsonValue["Context"] = *session.clientId;
41 }
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]42}
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]43
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]44inline void
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]45 handleSessionHead(crow::App& app, const crow::Request& req,
46 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
47 const std::string& /*sessionId*/)
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]48{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]49 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]50 {
51 return;
52 }
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]53 asyncResp->res.addHeader(
54 boost::beast::http::field::link,
55 "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby");
56}
57
58inline void
59 handleSessionGet(crow::App& app, const crow::Request& req,
60 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
61 const std::string& sessionId)
62{
Ed Tanous65ffbcb2023-05-16 08:54:11 -0700[diff] [blame]63 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
64 {
65 return;
66 }
67 asyncResp->res.addHeader(
68 boost::beast::http::field::link,
69 "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby");
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]70
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]71 // Note that control also reaches here via doPost and doDelete.
72 auto session =
73 persistent_data::SessionStore::getInstance().getSessionByUid(sessionId);
74
75 if (session == nullptr)
76 {
77 messages::resourceNotFound(asyncResp->res, "Session", sessionId);
78 return;
79 }
80
81 fillSessionObject(asyncResp->res, *session);
82}
83
84inline void
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]85 handleSessionDelete(crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]86 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
87 const std::string& sessionId)
88{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]89 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]90 {
91 return;
92 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]93 auto session =
94 persistent_data::SessionStore::getInstance().getSessionByUid(sessionId);
95
96 if (session == nullptr)
97 {
98 messages::resourceNotFound(asyncResp->res, "Session", sessionId);
99 return;
100 }
101
102 // Perform a proper ConfigureSelf authority check. If a
103 // session is being used to DELETE some other user's session,
104 // then the ConfigureSelf privilege does not apply. In that
105 // case, perform the authority check again without the user's
106 // ConfigureSelf privilege.
wukaihua-fii-na0fd29862022-05-18 09:19:16 +0800[diff] [blame]107 if (req.session != nullptr && !session->username.empty() &&
108 session->username != req.session->username)
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]109 {
110 Privileges effectiveUserPrivileges =
Ninad Palsule3e72c202023-03-27 17:19:55 -0500[diff] [blame]111 redfish::getUserPrivileges(*req.session);
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]112
113 if (!effectiveUserPrivileges.isSupersetOf({"ConfigureUsers"}))
114 {
115 messages::insufficientPrivilege(asyncResp->res);
116 return;
117 }
118 }
119
Paul Fertser8812e8b2024-09-18 12:16:37 +0000[diff] [blame]120 if (req.session != nullptr && req.session->uniqueId == sessionId &&
121 session->cookieAuth)
Paul Fertser29aab242024-06-12 19:28:47 +0000[diff] [blame]122 {
123 bmcweb::clearSessionCookies(asyncResp->res);
124 }
125
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]126 persistent_data::SessionStore::getInstance().removeSession(session);
127 messages::success(asyncResp->res);
128}
129
130inline nlohmann::json getSessionCollectionMembers()
131{
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]132 std::vector<std::string> sessionIds =
133 persistent_data::SessionStore::getInstance().getAllUniqueIds();
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]134 nlohmann::json ret = nlohmann::json::array();
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]135 for (const std::string& uid : sessionIds)
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]136 {
Ed Tanous14766872022-03-15 10:44:42 -0700[diff] [blame]137 nlohmann::json::object_t session;
Ed Tanousef4c65b2023-04-24 15:28:50 -0700[diff] [blame]138 session["@odata.id"] =
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]139 boost::urls::format("/redfish/v1/SessionService/Sessions/{}", uid);
Patrick Williamsb2ba3072023-05-12 10:27:39 -0500[diff] [blame]140 ret.emplace_back(std::move(session));
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]141 }
142 return ret;
143}
144
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]145inline void handleSessionCollectionHead(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]146 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]147 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
148{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]149 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]150 {
151 return;
152 }
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]153 asyncResp->res.addHeader(
154 boost::beast::http::field::link,
155 "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby");
156}
157
158inline void handleSessionCollectionGet(
159 crow::App& app, const crow::Request& req,
160 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
161{
Ed Tanous01a89a12022-08-05 09:18:54 -0700[diff] [blame]162 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
163 {
164 return;
165 }
166 asyncResp->res.addHeader(
167 boost::beast::http::field::link,
168 "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby");
169
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]170 asyncResp->res.jsonValue["Members"] = getSessionCollectionMembers();
171 asyncResp->res.jsonValue["Members@odata.count"] =
172 asyncResp->res.jsonValue["Members"].size();
173 asyncResp->res.jsonValue["@odata.type"] =
174 "#SessionCollection.SessionCollection";
175 asyncResp->res.jsonValue["@odata.id"] =
Gunnar Mills7a859ff2024-03-04 23:04:45 -0700[diff] [blame]176 "/redfish/v1/SessionService/Sessions";
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]177 asyncResp->res.jsonValue["Name"] = "Session Collection";
178 asyncResp->res.jsonValue["Description"] = "Session Collection";
179}
180
181inline void handleSessionCollectionMembersGet(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]182 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]183 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
184{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]185 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]186 {
187 return;
188 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]189 asyncResp->res.jsonValue = getSessionCollectionMembers();
190}
191
Jishnu CMbe2f1242024-12-03 00:45:20 -0600[diff] [blame]192inline void processAfterSessionCreation(
193 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp,
194 const crow::Request& req, const std::string& username,
195 std::shared_ptr<persistent_data::UserSession>& session)
196{
197 // When session is created by webui-vue give it session cookies as a
198 // non-standard Redfish extension. This is needed for authentication for
199 // WebSockets-based functionality.
200 if (!req.getHeaderValue("X-Requested-With").empty())
201 {
202 bmcweb::setSessionCookies(asyncResp->res, *session);
203 }
204 else
205 {
206 asyncResp->res.addHeader("X-Auth-Token", session->sessionToken);
207 }
208
209 asyncResp->res.addHeader(
210 "Location", "/redfish/v1/SessionService/Sessions/" + session->uniqueId);
211 asyncResp->res.result(boost::beast::http::status::created);
212 if (session->isConfigureSelfOnly)
213 {
214 messages::passwordChangeRequired(
215 asyncResp->res,
216 boost::urls::format("/redfish/v1/AccountService/Accounts/{}",
217 session->username));
218 }
219
220 crow::getUserInfo(asyncResp, username, session, [asyncResp, session]() {
221 fillSessionObject(asyncResp->res, *session);
222 });
223}
224
Ed Tanous4ee8e212022-05-28 09:42:51 -0700[diff] [blame]225inline void handleSessionCollectionPost(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]226 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]227 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
228{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]229 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]230 {
231 return;
232 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]233 std::string username;
234 std::string password;
Ed Tanousbb759e32022-08-02 17:07:54 -0700[diff] [blame]235 std::optional<std::string> clientId;
Ravi Teja2ccce1f2024-08-10 04:05:36 -0500[diff] [blame]236 std::optional<std::string> token;
Myung Baeafc474a2024-10-09 00:53:29 -0700[diff] [blame]237 if (!json_util::readJsonPatch( //
238 req, asyncResp->res, //
239 "Context", clientId, //
240 "Password", password, //
241 "Token", token, //
242 "UserName", username //
243 ))
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]244 {
245 return;
246 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]247 if (password.empty() || username.empty() ||
248 asyncResp->res.result() != boost::beast::http::status::ok)
249 {
250 if (username.empty())
251 {
252 messages::propertyMissing(asyncResp->res, "UserName");
253 }
254
255 if (password.empty())
256 {
257 messages::propertyMissing(asyncResp->res, "Password");
258 }
259
260 return;
261 }
262
Ravi Teja2ccce1f2024-08-10 04:05:36 -0500[diff] [blame]263 int pamrc = pamAuthenticateUser(username, password, token);
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]264 bool isConfigureSelfOnly = pamrc == PAM_NEW_AUTHTOK_REQD;
265 if ((pamrc != PAM_SUCCESS) && !isConfigureSelfOnly)
266 {
Ed Tanous39662a32023-02-06 15:09:46 -0800[diff] [blame]267 messages::resourceAtUriUnauthorized(asyncResp->res, req.url(),
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]268 "Invalid username or password");
269 return;
270 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]271
272 // User is authenticated - create session
273 std::shared_ptr<persistent_data::UserSession> session =
274 persistent_data::SessionStore::getInstance().generateUserSession(
275 username, req.ipAddress, clientId,
Ed Tanous89cda632024-04-16 08:45:54 -0700[diff] [blame]276 persistent_data::SessionType::Session, isConfigureSelfOnly);
Brad Bishop02e53ae2022-07-29 14:38:40 -0400[diff] [blame]277 if (session == nullptr)
278 {
279 messages::internalError(asyncResp->res);
280 return;
281 }
Jishnu CMbe2f1242024-12-03 00:45:20 -0600[diff] [blame]282 processAfterSessionCreation(asyncResp, req, username, session);
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]283}
Jishnu CMbe2f1242024-12-03 00:45:20 -0600[diff] [blame]284
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]285inline void handleSessionServiceHead(
286 crow::App& app, const crow::Request& req,
287 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
288{
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]289 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
290 {
291 return;
292 }
293 asyncResp->res.addHeader(
294 boost::beast::http::field::link,
295 "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby");
296}
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]297inline void
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]298 handleSessionServiceGet(crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]299 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
300
301{
Gunnar Mills78e39002023-05-17 11:52:44 -0500[diff] [blame]302 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
303 {
304 return;
305 }
306 asyncResp->res.addHeader(
307 boost::beast::http::field::link,
308 "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby");
309
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]310 asyncResp->res.jsonValue["@odata.type"] =
311 "#SessionService.v1_0_2.SessionService";
Gunnar Mills7a859ff2024-03-04 23:04:45 -0700[diff] [blame]312 asyncResp->res.jsonValue["@odata.id"] = "/redfish/v1/SessionService";
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]313 asyncResp->res.jsonValue["Name"] = "Session Service";
314 asyncResp->res.jsonValue["Id"] = "SessionService";
315 asyncResp->res.jsonValue["Description"] = "Session Service";
316 asyncResp->res.jsonValue["SessionTimeout"] =
317 persistent_data::SessionStore::getInstance().getTimeoutInSeconds();
318 asyncResp->res.jsonValue["ServiceEnabled"] = true;
319
Ed Tanous14766872022-03-15 10:44:42 -0700[diff] [blame]320 asyncResp->res.jsonValue["Sessions"]["@odata.id"] =
321 "/redfish/v1/SessionService/Sessions";
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]322}
323
324inline void handleSessionServicePatch(
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]325 crow::App& app, const crow::Request& req,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]326 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp)
327{
Carson Labrado3ba00072022-06-06 19:40:56 +0000[diff] [blame]328 if (!redfish::setUpRedfishRoute(app, req, asyncResp))
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]329 {
330 return;
331 }
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]332 std::optional<int64_t> sessionTimeout;
Myung Baeafc474a2024-10-09 00:53:29 -0700[diff] [blame]333 if (!json_util::readJsonPatch( //
334 req, asyncResp->res, //
335 "SessionTimeout", sessionTimeout //
336 ))
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]337 {
338 return;
339 }
340
341 if (sessionTimeout)
342 {
Ed Tanous8ece0e42024-01-02 13:16:50 -0800[diff] [blame]343 // The minimum & maximum allowed values for session timeout
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]344 // are 30 seconds and 86400 seconds respectively as per the
345 // session service schema mentioned at
346 // https://redfish.dmtf.org/schemas/v1/SessionService.v1_1_7.json
347
348 if (*sessionTimeout <= 86400 && *sessionTimeout >= 30)
349 {
350 std::chrono::seconds sessionTimeoutInseconds(*sessionTimeout);
351 persistent_data::SessionStore::getInstance().updateSessionTimeout(
352 sessionTimeoutInseconds);
353 messages::propertyValueModified(asyncResp->res, "SessionTimeOut",
354 std::to_string(*sessionTimeout));
355 }
356 else
357 {
Ed Tanouse2616cc2022-06-27 12:45:55 -0700[diff] [blame]358 messages::propertyValueNotInList(asyncResp->res, *sessionTimeout,
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]359 "SessionTimeOut");
360 }
361 }
362}
363
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]364inline void requestRoutesSession(App& app)
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]365{
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]366 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/")
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]367 .privileges(redfish::privileges::headSession)
368 .methods(boost::beast::http::verb::head)(
369 std::bind_front(handleSessionHead, std::ref(app)));
370
371 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]372 .privileges(redfish::privileges::getSession)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]373 .methods(boost::beast::http::verb::get)(
374 std::bind_front(handleSessionGet, std::ref(app)));
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]375
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]376 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]377 .privileges(redfish::privileges::deleteSession)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]378 .methods(boost::beast::http::verb::delete_)(
379 std::bind_front(handleSessionDelete, std::ref(app)));
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]380
381 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/")
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]382 .privileges(redfish::privileges::headSessionCollection)
383 .methods(boost::beast::http::verb::head)(
384 std::bind_front(handleSessionCollectionHead, std::ref(app)));
385
386 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]387 .privileges(redfish::privileges::getSessionCollection)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]388 .methods(boost::beast::http::verb::get)(
389 std::bind_front(handleSessionCollectionGet, std::ref(app)));
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]390
Ed Tanouse76cd862022-03-14 09:12:00 -0700[diff] [blame]391 // Note, the next two routes technically don't match the privilege
Ed Tanous724340d2022-03-14 09:10:07 -0700[diff] [blame]392 // registry given the way login mechanisms work. The base privilege
393 // registry lists this endpoint as requiring login privilege, but because
394 // this is the endpoint responsible for giving the login privilege, and it
395 // is itself its own route, it needs to not require Login
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]396 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/")
397 .privileges({})
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]398 .methods(boost::beast::http::verb::post)(
399 std::bind_front(handleSessionCollectionPost, std::ref(app)));
Kowalski, Kamil2b7981f2018-01-31 13:24:59 +0100[diff] [blame]400
Ed Tanouse76cd862022-03-14 09:12:00 -0700[diff] [blame]401 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/Members/")
402 .privileges({})
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]403 .methods(boost::beast::http::verb::post)(
404 std::bind_front(handleSessionCollectionPost, std::ref(app)));
Ed Tanouse76cd862022-03-14 09:12:00 -0700[diff] [blame]405
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]406 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/")
Ed Tanousa1e08712022-07-07 16:10:39 -0700[diff] [blame]407 .privileges(redfish::privileges::headSessionService)
408 .methods(boost::beast::http::verb::head)(
409 std::bind_front(handleSessionServiceHead, std::ref(app)));
410
411 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]412 .privileges(redfish::privileges::getSessionService)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]413 .methods(boost::beast::http::verb::get)(
414 std::bind_front(handleSessionServiceGet, std::ref(app)));
Borawski.Lukasz5d27b852018-02-08 13:24:24 +0100[diff] [blame]415
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]416 BMCWEB_ROUTE(app, "/redfish/v1/SessionService/")
Ed Tanoused398212021-06-09 17:05:54 -0700[diff] [blame]417 .privileges(redfish::privileges::patchSessionService)
Ed Tanous45ca1b82022-03-25 13:07:27 -0700[diff] [blame]418 .methods(boost::beast::http::verb::patch)(
419 std::bind_front(handleSessionServicePatch, std::ref(app)));
Ed Tanousfaa34cc2021-06-03 13:27:02 -0700[diff] [blame]420}
Borawski.Lukasz5d27b852018-02-08 13:24:24 +0100[diff] [blame]421
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]422} // namespace redfish