Security Panel add additional features
Added RTAD under Network interfaces
Added VirtualTPM under Network services
Removed the sub-headings in Policies page
Signed-off-by: Nikhil Ashoka <a.nikhil@ibm.com>
Change-Id: I6290362cecdfe7f8cd7bfde20fcaca88b6bc2c09
diff --git a/src/locales/en-US.json b/src/locales/en-US.json
index f29ba0e..ddc556d 100644
--- a/src/locales/en-US.json
+++ b/src/locales/en-US.json
@@ -714,7 +714,8 @@
"pagePolicies": {
"ipmi": "Network IPMI (out-of-band IPMI)",
"ipmiDescription": "Allow remote management of the platform via IPMI. Tools such as ipmitool require this setting to be enabled.",
- "networkServices": "Network services",
+ "rtad": "RTAD",
+ "rtadDescription": "This option enables or disables the Remote Trusted Attestation Daemon for host firmware",
"ssh": "BMC shell (via SSH)",
"sshDescription": "Allow access to shell sessions via SSH, through port 22 on the BMC.",
"modal": {
@@ -730,13 +731,23 @@
"toast": {
"errorIpmiDisabled": "Error disabling IPMI security setting.",
"errorIpmiEnabled": "Error enabling IPMI security setting.",
+ "errorRtadDisabled": "Error disabling RTAD security setting.",
+ "errorRtadEnabled": "Error enabling RTAD security setting.",
"errorSshDisabled": "Error disabling SSH security setting.",
"errorSshEnabled": "Error enabling SSH security setting.",
+ "errorVtpmDisabled": "Error disabling VitualTPM security setting.",
+ "errorVtpmEnabled": "Error enabling VitualTPM security setting.",
"successIpmiDisabled": "Successfully disabled IPMI security setting.",
"successIpmiEnabled": "Successfully enabled IPMI security setting.",
+ "successRtadDisabled": "Successfully disabled RTAD security setting.",
+ "successRtadEnabled": "Successfully enabled RTAD security setting.",
"successSshDisabled": "Successfully disabled SSH security setting.",
- "successSshEnabled": "Successfully enabled SSH security setting."
- }
+ "successSshEnabled": "Successfully enabled SSH security setting.",
+ "successVtpmDisabled": "Successfully disabled VitualTPM security setting.",
+ "successVtpmEnabled": "Successfully enabled VitualTPM security setting."
+ },
+ "vtpm": "VirtualTPM",
+ "vtpmDescription": "Enabling vTPM makes a TPM available to the guest operating system."
},
"pagePower": {
"description": "Set a power cap to keep power consumption at or below the specified value in watts",
diff --git a/src/store/modules/SecurityAndAccess/PoliciesStore.js b/src/store/modules/SecurityAndAccess/PoliciesStore.js
index 1e19552..64bd336 100644
--- a/src/store/modules/SecurityAndAccess/PoliciesStore.js
+++ b/src/store/modules/SecurityAndAccess/PoliciesStore.js
@@ -6,16 +6,22 @@
state: {
sshProtocolEnabled: false,
ipmiProtocolEnabled: false,
+ rtadEnabled: 'Disabled',
+ vtpmEnabled: 'Disabled',
},
getters: {
sshProtocolEnabled: (state) => state.sshProtocolEnabled,
ipmiProtocolEnabled: (state) => state.ipmiProtocolEnabled,
+ rtadEnabled: (state) => state.rtadEnabled,
+ vtpmEnabled: (state) => state.vtpmEnabled,
},
mutations: {
setSshProtocolEnabled: (state, sshProtocolEnabled) =>
(state.sshProtocolEnabled = sshProtocolEnabled),
setIpmiProtocolEnabled: (state, ipmiProtocolEnabled) =>
(state.ipmiProtocolEnabled = ipmiProtocolEnabled),
+ setRtadEnabled: (state, rtadEnabled) => (state.rtadEnabled = rtadEnabled),
+ setVtpmEnabled: (state, vtpmEnabled) => (state.vtpmEnabled = vtpmEnabled),
},
actions: {
async getNetworkProtocolStatus({ commit }) {
@@ -29,6 +35,15 @@
})
.catch((error) => console.log(error));
},
+ async getBiosStatus({ commit }) {
+ return await api
+ .get('/redfish/v1/Systems/system/Bios')
+ .then((response) => {
+ commit('setRtadEnabled', response.data.Attributes.pvm_rtad);
+ commit('setVtpmEnabled', response.data.Attributes.pvm_vtpm);
+ })
+ .catch((error) => console.log(error));
+ },
async saveIpmiProtocolState({ commit }, protocolEnabled) {
commit('setIpmiProtocolEnabled', protocolEnabled);
const ipmi = {
@@ -81,6 +96,54 @@
}
});
},
+ async saveRtadState({ commit }, updatedRtad) {
+ commit('setRtadEnabled', updatedRtad);
+ return await api
+ .patch('/redfish/v1/Systems/system/Bios/Settings', {
+ Attributes: {
+ pvm_rtad: updatedRtad,
+ },
+ })
+ .then(() => {
+ if (updatedRtad === 'Enabled') {
+ return i18n.t('pagePolicies.toast.successRtadEnabled');
+ } else {
+ return i18n.t('pagePolicies.toast.successRtadDisabled');
+ }
+ })
+ .catch((error) => {
+ console.log(error);
+ if (updatedRtad === 'Enabled') {
+ throw new Error(i18n.t('pagePolicies.toast.errorRtadEnabled'));
+ } else {
+ throw new Error(i18n.t('pagePolicies.toast.errorRtadDisabled'));
+ }
+ });
+ },
+ async saveVtpmState({ commit }, updatedVtpm) {
+ commit('setVtpmEnabled', updatedVtpm);
+ return await api
+ .patch('/redfish/v1/Systems/system/Bios/Settings', {
+ Attributes: {
+ pvm_vtpm: updatedVtpm,
+ },
+ })
+ .then(() => {
+ if (updatedVtpm === 'Enabled') {
+ return i18n.t('pagePolicies.toast.successVtpmEnabled');
+ } else {
+ return i18n.t('pagePolicies.toast.successVtpmDisabled');
+ }
+ })
+ .catch((error) => {
+ console.log(error);
+ if (updatedVtpm === 'Enabled') {
+ throw new Error(i18n.t('pagePolicies.toast.errorVtpmEnabled'));
+ } else {
+ throw new Error(i18n.t('pagePolicies.toast.errorVtpmDisabled'));
+ }
+ });
+ },
},
};
diff --git a/src/views/SecurityAndAccess/Policies/Policies.vue b/src/views/SecurityAndAccess/Policies/Policies.vue
index ebcb002..1dc197c 100644
--- a/src/views/SecurityAndAccess/Policies/Policies.vue
+++ b/src/views/SecurityAndAccess/Policies/Policies.vue
@@ -3,65 +3,112 @@
<page-title />
<b-row>
<b-col md="8">
- <page-section :section-title="$t('pagePolicies.networkServices')">
- <b-row v-if="!modifySSHPolicyDisabled" class="setting-section">
- <b-col class="d-flex align-items-center justify-content-between">
- <dl class="mr-3 w-75">
- <dt>{{ $t('pagePolicies.ssh') }}</dt>
- <dd>
- {{ $t('pagePolicies.sshDescription') }}
- </dd>
- </dl>
- <b-form-checkbox
- id="sshSwitch"
- v-model="sshProtocolState"
- data-test-id="policies-toggle-bmcShell"
- switch
- @change="changeSshProtocolState"
- >
- <span class="sr-only">
- {{ $t('pagePolicies.ssh') }}
- </span>
- <span v-if="sshProtocolState">
- {{ $t('global.status.enabled') }}
- </span>
- <span v-else>{{ $t('global.status.disabled') }}</span>
- </b-form-checkbox>
- </b-col>
- </b-row>
- <b-row class="setting-section">
- <b-col class="d-flex align-items-center justify-content-between">
- <dl class="mt-3 mr-3 w-75">
- <dt>{{ $t('pagePolicies.ipmi') }}</dt>
- <dd>
- {{ $t('pagePolicies.ipmiDescription') }}
- </dd>
- </dl>
- <b-form-checkbox
- id="ipmiSwitch"
- v-model="ipmiProtocolState"
- data-test-id="polices-toggle-networkIpmi"
- switch
- @change="changeIpmiProtocolState"
- >
- <span class="sr-only">
- {{ $t('pagePolicies.ipmi') }}
- </span>
- <span v-if="ipmiProtocolState">
- {{ $t('global.status.enabled') }}
- </span>
- <span v-else>{{ $t('global.status.disabled') }}</span>
- </b-form-checkbox>
- </b-col>
- </b-row>
- </page-section>
+ <b-row v-if="!modifySSHPolicyDisabled" class="setting-section">
+ <b-col class="d-flex align-items-center justify-content-between">
+ <dl class="mr-3 w-75">
+ <dt>{{ $t('pagePolicies.ssh') }}</dt>
+ <dd>
+ {{ $t('pagePolicies.sshDescription') }}
+ </dd>
+ </dl>
+ <b-form-checkbox
+ id="sshSwitch"
+ v-model="sshProtocolState"
+ data-test-id="policies-toggle-bmcShell"
+ switch
+ @change="changeSshProtocolState"
+ >
+ <span class="sr-only">
+ {{ $t('pagePolicies.ssh') }}
+ </span>
+ <span v-if="sshProtocolState">
+ {{ $t('global.status.enabled') }}
+ </span>
+ <span v-else>{{ $t('global.status.disabled') }}</span>
+ </b-form-checkbox>
+ </b-col>
+ </b-row>
+ <b-row class="setting-section">
+ <b-col class="d-flex align-items-center justify-content-between">
+ <dl class="mt-3 mr-3 w-75">
+ <dt>{{ $t('pagePolicies.ipmi') }}</dt>
+ <dd>
+ {{ $t('pagePolicies.ipmiDescription') }}
+ </dd>
+ </dl>
+ <b-form-checkbox
+ id="ipmiSwitch"
+ v-model="ipmiProtocolState"
+ data-test-id="polices-toggle-networkIpmi"
+ switch
+ @change="changeIpmiProtocolState"
+ >
+ <span class="sr-only">
+ {{ $t('pagePolicies.ipmi') }}
+ </span>
+ <span v-if="ipmiProtocolState">
+ {{ $t('global.status.enabled') }}
+ </span>
+ <span v-else>{{ $t('global.status.disabled') }}</span>
+ </b-form-checkbox>
+ </b-col>
+ </b-row>
+ <b-row class="setting-section">
+ <b-col class="d-flex align-items-center justify-content-between">
+ <dl class="mt-3 mr-3 w-75">
+ <dt>{{ $t('pagePolicies.vtpm') }}</dt>
+ <dd>
+ {{ $t('pagePolicies.vtpmDescription') }}
+ </dd>
+ </dl>
+ <b-form-checkbox
+ id="vtpmSwitch"
+ v-model="vtpmState"
+ data-test-id="policies-toggle-vtpm"
+ switch
+ @change="changeVtpmState"
+ >
+ <span class="sr-only">
+ {{ $t('pagePolicies.vtpm') }}
+ </span>
+ <span v-if="vtpmState">
+ {{ $t('global.status.enabled') }}
+ </span>
+ <span v-else>{{ $t('global.status.disabled') }}</span>
+ </b-form-checkbox>
+ </b-col>
+ </b-row>
+ <b-row class="setting-section">
+ <b-col class="d-flex align-items-center justify-content-between">
+ <dl class="mt-3 mr-3 w-75">
+ <dt>{{ $t('pagePolicies.rtad') }}</dt>
+ <dd>
+ {{ $t('pagePolicies.rtadDescription') }}
+ </dd>
+ </dl>
+ <b-form-checkbox
+ id="rtadSwitch"
+ v-model="rtadState"
+ data-test-id="policies-toggle-rtad"
+ switch
+ @change="changeRtadState"
+ >
+ <span class="sr-only">
+ {{ $t('pagePolicies.rtad') }}
+ </span>
+ <span v-if="rtadState">
+ {{ $t('global.status.enabled') }}
+ </span>
+ <span v-else>{{ $t('global.status.disabled') }}</span>
+ </b-form-checkbox>
+ </b-col>
+ </b-row>
</b-col>
</b-row>
</b-container>
</template>
<script>
-import PageSection from '@/components/Global/PageSection';
import PageTitle from '@/components/Global/PageTitle';
import LoadingBarMixin from '@/components/Mixins/LoadingBarMixin';
@@ -69,7 +116,7 @@
export default {
name: 'Policies',
- components: { PageTitle, PageSection },
+ components: { PageTitle },
mixins: [LoadingBarMixin, BVToastMixin],
beforeRouteLeave(to, from, next) {
this.hideLoader();
@@ -98,12 +145,37 @@
return newValue;
},
},
+ rtadState: {
+ get() {
+ if (this.$store.getters['policies/rtadEnabled'] === 'Enabled') {
+ return true;
+ } else {
+ return false;
+ }
+ },
+ set(newValue) {
+ return newValue;
+ },
+ },
+ vtpmState: {
+ get() {
+ if (this.$store.getters['policies/vtpmEnabled'] === 'Enabled') {
+ return true;
+ } else {
+ return false;
+ }
+ },
+ set(newValue) {
+ return newValue;
+ },
+ },
},
created() {
this.startLoader();
- this.$store
- .dispatch('policies/getNetworkProtocolStatus')
- .finally(() => this.endLoader());
+ Promise.all([
+ this.$store.dispatch('policies/getBiosStatus'),
+ this.$store.dispatch('policies/getNetworkProtocolStatus'),
+ ]).finally(() => this.endLoader());
},
methods: {
changeIpmiProtocolState(state) {
@@ -118,6 +190,18 @@
.then((message) => this.successToast(message))
.catch(({ message }) => this.errorToast(message));
},
+ changeRtadState(state) {
+ this.$store
+ .dispatch('policies/saveRtadState', state ? 'Enabled' : 'Disabled')
+ .then((message) => this.successToast(message))
+ .catch(({ message }) => this.errorToast(message));
+ },
+ changeVtpmState(state) {
+ this.$store
+ .dispatch('policies/saveVtpmState', state ? 'Enabled' : 'Disabled')
+ .then((message) => this.successToast(message))
+ .catch(({ message }) => this.errorToast(message));
+ },
},
};
</script>