Fix a bunch of warnings

using the list of warnings from here:
https://github.com/lefticus/cppbestpractices/blob/e73393f25a85f83fed7399d8b65cb117d00b2231/02-Use_the_Tools_Available.md#L100

Seems lik

Fix a bunch of warnings

using the list of warnings from here:
https://github.com/lefticus/cppbestpractices/blob/e73393f25a85f83fed7399d8b65cb117d00b2231/02-Use_the_Tools_Available.md#L100

Seems like a good place to start, and would improve things a bit
type-wise. This patchset attempts to correct all the issues in one
shot.

Tested:
It builds. Will test various subsystems that have been touched

Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: I588c26440e5a97f718a0f0ea74cc84107d53aa1e

show more ...

Revert "Fix remove callback user privilege access to login"

This reverts commit 8e69d148249f6a45cea10e988ec03430a5932784.

Reason for revert: This causes service validator failures.

I missed the fa

Revert "Fix remove callback user privilege access to login"

This reverts commit 8e69d148249f6a45cea10e988ec03430a5932784.

Reason for revert: This causes service validator failures.

I missed the fact that despite being asked a couple times, the service validator wasn't run. Please run it, resolve your bug, and resubmit as a new review.

Change-Id: I0bb61ab1a618a96b2ed2c600825ec72b8d020ec0

show more ...

Fix remove callback user privilege access to login

Callback privilege user must not be allowed to login,similar to IPMI.
This user is used for callback purpose from IPMI point of it, and
must be mai

Fix remove callback user privilege access to login

Callback privilege user must not be allowed to login,similar to IPMI.
This user is used for callback purpose from IPMI point of it, and
must be maintained in bmcweb to be consistent with IPMI, Hence
removing the access to login for callback user

Tested:
1.Create a user with username 'test1' and privilege -
"Callback" via Redfish.
2.Using that Callback level credentials, try to do
"Get" at this URI https://<ip-addr>/redfish/v1/Systems/system
3.output: Forbidden
4.use same URL to login from webUI with callback privilege
https://<ip-addr>/redfish/v1/Systems/system
5.output: Forbidden
Signed-off-by: anil kumar appana <anil.kumarx.appana@intel.com>
Change-Id: I86dac565fc874e5d0fe033640ffc3de576a1f693

show more ...

Redfish(Authorization): Map the user role with the Redfish privileges

This commit gets the role of the user from the session object and
map it with the redfish privileges and then allow/reject the a

Redfish(Authorization): Map the user role with the Redfish privileges

This commit gets the role of the user from the session object and
map it with the redfish privileges and then allow/reject the asked
operation depending on the userprivileges and the entity privileges.

Change-Id: I40be06c28e80b47fe76891cacf863f8495bace88
Signed-off-by: Ratan Gupta <ratagupt@linux.vnet.ibm.com>

show more ...

Allow multiple registrations

This patchset is the beginings of the infrastructure to allow
separate registrations, and map privileges to the actual node in the
url table rather than having each regi

Allow multiple registrations

This patchset is the beginings of the infrastructure to allow
separate registrations, and map privileges to the actual node in the
url table rather than having each registration manage privileges
manually.

Tested by:
Running redfish compliance tool. All things still pass.

Change-Id: I72d278cc19c60ba5b6e563fbd705b0551faf9a6a
Signed-off-by: Ed Tanous <ed.tanous@intel.com>

show more ...

Revert "bmcweb: Fix a bunch of warnings"

This reverts commit 6ea007a2faec52ad62680015d2a3f00371a1e351.

Reason for revert: Reports of bmcweb seg faults.

Change-Id: I408f1bb29c2f8e427a6621cdaac8c31b

Revert "bmcweb: Fix a bunch of warnings"

This reverts commit 6ea007a2faec52ad62680015d2a3f00371a1e351.

Reason for revert: Reports of bmcweb seg faults.

Change-Id: I408f1bb29c2f8e427a6621cdaac8c31b847ebf06

show more ...

bmcweb: Fix a bunch of warnings

bmcweb classically has not taken a strong opinion on warnings. With
this commit, that policy is changing, and bmcweb will invoke the best
warnings we are able to ena

bmcweb: Fix a bunch of warnings

bmcweb classically has not taken a strong opinion on warnings. With
this commit, that policy is changing, and bmcweb will invoke the best
warnings we are able to enable, and turn on -Werror for all builds.

This is intended to reduce the likelihood of hard-to-debug situations
that the compiler coulve caught early on.

Change-Id: I57474410821e82666b3a108cfd0db7d070e8900a
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Move some include headers to a less specific folder

Tested by:
Code still compiles

Change-Id: I95d443f5c21e9839b6338fb72c5a940d0d91d479

bmcweb: Move boost::optional to std::optional

This change is largely a sed replace, and gets us closer to standards
compliance.

Change-Id: Ie60437eff43de830ef19389344a55430dabd9d16
Signed-off-by: E

bmcweb: Move boost::optional to std::optional

This change is largely a sed replace, and gets us closer to standards
compliance.

Change-Id: Ie60437eff43de830ef19389344a55430dabd9d16
Signed-off-by: Ed Tanous <ed.tanous@intel.com>

show more ...

Move to clang-format-6.0

This commit moves the codebase to the lastest clang-format file from
upstream, as well as clang-format-6.0.

Change-Id: Ice8313468097c0c42317fbb9e10ddf036e8cff4c
Signed-off-

Move to clang-format-6.0

This commit moves the codebase to the lastest clang-format file from
upstream, as well as clang-format-6.0.

Change-Id: Ice8313468097c0c42317fbb9e10ddf036e8cff4c
Signed-off-by: Ed Tanous <ed.tanous@intel.com>

show more ...

Move over to upstream c++ style

This patchset moves bmcweb over to the upstream style naming
conventions for variables, classes, and functions, as well as imposes
the latest clang-format file.

This

Move over to upstream c++ style

This patchset moves bmcweb over to the upstream style naming
conventions for variables, classes, and functions, as well as imposes
the latest clang-format file.

This changeset was mostly built automatically by the included
.clang-tidy file, which has the ability to autoformat and auto rename
variables. At some point in the future I would like to see this in
greater use, but for now, we will impose it on bmcweb, and see how it
goes.

Tested: Code still compiles, and appears to run, although other issues
are possible and likely.

Change-Id: If422a2e36df924e897736b3feffa89f411d9dac1
Signed-off-by: Ed Tanous <ed.tanous@intel.com>

show more ...

Boost beast

This commit is the beginings of attempting to transition away from
crow, and toward boost::beast. Unit tests are passing, and
implementation appears to be slightly faster than crow.

Ch

Boost beast

This commit is the beginings of attempting to transition away from
crow, and toward boost::beast. Unit tests are passing, and
implementation appears to be slightly faster than crow.

Change-Id: Ic8d946dc7a04f514c67b1098f181eee1ced69171

show more ...

Merge OEM and Base privileges bitsets into a single bitset

This saves memory overall, and should lead to fewer runtime branches,
and more inlining of functions overall.
getPrivilegeIndex is now remo

Merge OEM and Base privileges bitsets into a single bitset

This saves memory overall, and should lead to fewer runtime branches,
and more inlining of functions overall.
getPrivilegeIndex is now removed, as it is embedded into
getActivePrivilegeNames. oemPrivilegeBitset and basePrivilegeBitset
are now merged into a single privilegeBitset field

TestedBy: Running relevant unit tests, which pass, and verifying login
still functions

Change-Id: Iaa4189b37f39cf65fa95b72b95ed92d8826cab0d
Signed-off-by: Ed Tanous <ed.tanous@intel.com>

show more ...

Make a few changes to privileges commit

1. Create char* overloads for the things that need it.
2. Fix up a couple errant moves
3. Use the gtest APIs for testing container membership, rather than sor

Make a few changes to privileges commit

1. Create char* overloads for the things that need it.
2. Fix up a couple errant moves
3. Use the gtest APIs for testing container membership, rather than sort
4. Move the index management to vector rather than map to avoid a lookup
5. Remove errant use of .at()
6. Move privilege comparison into the privilege class, in order to keep
the bitset implementation private. This removes the requirment on the
forward declaration of PrivilegeProvider, and the use of friend class
7. Remove unimplemented override strcutures. Feel free to add them
back once implemented
8. Make setSignlePrivilege return a code if the set failed
9. Remove the need for an extra construction of a blank privileges
object for things that require no privileges.

Tested by: updating unit tests with the appropriate APIs. Relevant
unit tests pass

Change-Id: Ie9cde003b6c865979b4cac086379d0a3473896ce
Signed-off-by: Ed Tanous <ed.tanous@intel.com>

show more ...

Privilege implementation change

- privilege_registry.json has been removed
- PrivilegeProvider class has been removed
- default privileges for nodes are now hard-coded
- privilege overriding feature

Privilege implementation change

- privilege_registry.json has been removed
- PrivilegeProvider class has been removed
- default privileges for nodes are now hard-coded
- privilege overriding feature is not yet implemented

Change-Id: Ic9fdfa1c692c1abd26e339e2a8c702fc4aebd19f
Signed-off-by: Borawski.Lukasz <lukasz.borawski@intel.com>

show more ...

Redfish privileges

Redfish privilege authorization subsystem controlled by the
privilege_registy.json configuration file.

PropertyOverrides, SubordinateOverrides and ResourceURIOverrides
are not ye

Redfish privileges

Redfish privilege authorization subsystem controlled by the
privilege_registy.json configuration file.

PropertyOverrides, SubordinateOverrides and ResourceURIOverrides
are not yet implemented.

Change-Id: I4d5670d557f4da172460ada3512e015830dab667
Signed-off-by: Borawski.Lukasz <lukasz.borawski@intel.com>
Signed-off-by: Ed Tanous <ed.tanous@intel.com>

show more ...

Service Root

Change-Id: Ibf9d463802d77014852a92ecfcb8096324f3670f
Signed-off-by: Borawski.Lukasz <lukasz.borawski@intel.com>

Node abstraction layer

Change-Id: I3cbad5b566cd005d33a9fbd18ff4e6669dae3a31
Signed-off-by: Borawski.Lukasz <lukasz.borawski@intel.com>