Authenticate expand query parameter

Addressed the below requirements for security GAP

1) PrivilegeRegistry is now enforced for all users and all expanded
resources. If a user lacks access, the n

Authenticate expand query parameter

Addressed the below requirements for security GAP

1) PrivilegeRegistry is now enforced for all users and all expanded
resources. If a user lacks access, the node will not be expanded.

2) If a user with Operator privilege calls '/redfish/v1?$expand',
the response includes only resources the user has access to.

3) 'ReadOnly' and 'Operator' roles can expand, but not into nodes
they lack privileges for.

4) Expand is completely disallowed without authentication. Requests
without valid credentials receive 401 Unauthorized.

Testing:
Tested and verified that users can access only authorized resources.
Unauthorized access and unauthenticated expand requests are blocked.

Change-Id: Ic1c2761f30db73a2884cdecdb8eb08168446523b
Signed-off-by: Chandramohan Harkude <chandramohan.harkude@gmail.com>

show more ...

Remove is_object

is_object doesn't throw, but generally is_object is used in some kind of
pattern of.

if (x.is_object()){
x["thing"];
}

operator[] technically throws if it's the wrong type, whi

Remove is_object

is_object doesn't throw, but generally is_object is used in some kind of
pattern of.

if (x.is_object()){
x["thing"];
}

operator[] technically throws if it's the wrong type, which bloats
binary sizes.

Replace these with the equivalent get_ptr<object_t>

Change-Id: If3734d7920f0a6f81efa10b3a2d91595e9e0af5a
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Fix more moves

This commit is fixing coverity issues reported for copy in stead of
move.

Tested: redfish service validator passes

Change-Id: I97e755830f28390e7c4bfaba6f3f947898a21423
Signed-off-by

Fix more moves

This commit is fixing coverity issues reported for copy in stead of
move.

Tested: redfish service validator passes

Change-Id: I97e755830f28390e7c4bfaba6f3f947898a21423
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Avoid http request copy in OEM handler

Initial copy was done to avoid request object going out of scope before
OEM handler are invoked.
The MR avoids the whole copy of the request object and create

Avoid http request copy in OEM handler

Initial copy was done to avoid request object going out of scope before
OEM handler are invoked.
The MR avoids the whole copy of the request object and create a sub
route object which contains elements required for OEM route handling.

Tested
- Service Validator Passes
- OpenBMC OEM properties and rendered well.

Change-Id: I3ef80a130afe6ab764a13704a8b672f5b0635126
Signed-off-by: Rohit PAI <ropai@nvidia.com>

show more ...

OEM Route Handling Infrastructure

Goal of the MR is to provide infrastructure support in bmcweb to manage
the OEM fragment handling separately. OEM schema are vendor defined and
per DMTF resource we

OEM Route Handling Infrastructure

Goal of the MR is to provide infrastructure support in bmcweb to manage
the OEM fragment handling separately. OEM schema are vendor defined and
per DMTF resource we could have multiple vendor defined OEM schema to be
enabled.

The feature allows registration of route handler per schema per OEM
namespace.
Example
```
REDFISH_SUB_ROUTE<"/redfish/v1/Managers/<str>/#/Oem/OpenBmc">(service,
HttpVerb::Get)(oemOpenBmcCallback);
REDFISH_SUB_ROUTE<"/redfish/v1/Managers/<str>/#/Oem/Nvidia">(service,
HttpVerb::Get)(oemNidiaCallback);
```

We can have separate vendor defined route handlers per resource. Each of
these route handlers can populate their own vendor specific OEM data.
The OEM code can be better organized and enabled/disabled as per the
platform needs. The current MR has the code changes related to handling
GET requests alone. The feature only supports requests
where the response payload is JSON.

Tests
- All UT cases passes
- New UT added for RF OEM router passes
- Service Validator passes on qemu
- GET Response on Manager/bmc resource contains the OEM fragment

```
curl -c cjar -b cjar -k -X GET https://127.0.0.1:2443/redfish/v1/Managers/bmc
{
"@odata.id": "/redfish/v1/Managers/bmc",
"@odata.type": "#Manager.v1_14_0.Manager",

"Oem": {
"OpenBmc": {
"@odata.id": "/redfish/v1/Managers/bmc#/Oem/OpenBmc",
"@odata.type": "#OpenBMCManager.v1_0_0.Manager",
"Certificates": {
"@odata.id": "/redfish/v1/Managers/bmc/Truststore/Certificates"
}
}
},

"UUID": "40575e98-90d7-4c10-9eb5-8d8a7156c9b9"
}
```

Change-Id: Ic82aa5fe760eda31e2792fbdfb6884ac3ea613dc
Signed-off-by: Rohit PAI <rohitpai77@gmail.com>

show more ...

clang-format: update latest spec and reformat

Copy the latest format file from the docs repository and apply.

Change-Id: I2f0b9d0fb6e01ed36a2f34c750ba52de3b6d15d1
Signed-off-by: Patrick Williams <p

clang-format: update latest spec and reformat

Copy the latest format file from the docs repository and apply.

Change-Id: I2f0b9d0fb6e01ed36a2f34c750ba52de3b6d15d1
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

show more ...

Move error code utils into new file

Error code utils can be used for aggregating error
responses from multiples responses including use case
for managing separate route handlers for OEM namespace

T

Move error code utils into new file

Error code utils can be used for aggregating error
responses from multiples responses including use case
for managing separate route handlers for OEM namespace

Tests
Units tests are passing.

Change-Id: I2223d41fb318c0276de1ca64dd3e841bb988d902
Signed-off-by: rohitpai <rohitpai77@gmail.com>

show more ...

Fix includes

Clang-tidy misc-include-cleaner appears to now be enforcing
significantly more headers than previously. That is overall a good
thing, but forces us to fix some issues. This commit is

Fix includes

Clang-tidy misc-include-cleaner appears to now be enforcing
significantly more headers than previously. That is overall a good
thing, but forces us to fix some issues. This commit is largely just
taking the clang-recommended fixes and checking them in. Subsequent
patches will fix the more unique issues.

Note, that a number of new ignores are added into the .clang-tidy file.
These can be cleaned up over time as they're understood. The majority
are places where boost includes a impl/x.hpp and x.hpp, but expects you
to use the later. include-cleaner opts for the impl, but it isn't clear
why.

Change-Id: Id3fdd7ee6df6c33b2fd35626898523048dd51bfb
Signed-off-by: Ed Tanous <etanous@nvidia.com>
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>

show more ...

Roll out error message utils

This code should really be in a cpp/hpp file, not in a generated python
script. The python script housed this temporarily to allow us to
generate the registries. It's

Roll out error message utils

This code should really be in a cpp/hpp file, not in a generated python
script. The python script housed this temporarily to allow us to
generate the registries. It's time to roll it out.

Tested: Message registries generate successfully on GET. Redfish
service validator passes.

Change-Id: I7aca2d0a7fac6d530511421b667ff732617df61e
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Use SPDX identifiers

SPDX identifiers are simpler, and reduce the amount of cruft we have in
code files. They are recommended by linux foundation, and therefore we
should do as they allow.

This pa

Use SPDX identifiers

SPDX identifiers are simpler, and reduce the amount of cruft we have in
code files. They are recommended by linux foundation, and therefore we
should do as they allow.

This patchset does not intend to modify any intent on any existing
copyrights or licenses, only to standardize their inclusion.

[1] https://www.linuxfoundation.org/blog/blog/copyright-notices-in-open-source-software-projects

Change-Id: I935c7c0156caa78fc368c929cebd0f068031e830
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Remove IWYU pragmas

These were added as part of
d5c80ad9c07b94465d8ea62d2b6f87c30cac765e: test treewide: iwyu

Since then, Nan hasn't been very active on the project, and to my
knowledge, since the

Remove IWYU pragmas

These were added as part of
d5c80ad9c07b94465d8ea62d2b6f87c30cac765e: test treewide: iwyu

Since then, Nan hasn't been very active on the project, and to my
knowledge, since the initial run, we've never used IWYU again.

clang-include-cleaner seems to work well without needing these pragmas,
and is what we're using, even if it's less useful than IWYU.

Remove all mention of IWYU.

Tested: Code compiles.

Change-Id: I06feedeeac9a114f5bdec81d59ca83223efd8aa7
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

clang-format: re-format for clang-18

clang-format-18 isn't compatible with the clang-format-17 output, so we
need to reformat the code with the latest version. The way clang-18
handles lambda forma

clang-format: re-format for clang-18

clang-format-18 isn't compatible with the clang-format-17 output, so we
need to reformat the code with the latest version. The way clang-18
handles lambda formatting also changed, so we have made changes to the
organization default style format to better handle lambda formatting.

See I5e08687e696dd240402a2780158664b7113def0e for updated style.
See Iea0776aaa7edd483fa395e23de25ebf5a6288f71 for clang-18 enablement.

Change-Id: Iceec1dc95b6c908ec6c21fb40093de9dd18bf11a
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>

show more ...

Add SSE filter param support

The Redfish spec require filtering of SSE entries to be supported.
This commit rearranges the code, and implements SSE sorting as well
as support for Last-Event-Id. To

Add SSE filter param support

The Redfish spec require filtering of SSE entries to be supported.
This commit rearranges the code, and implements SSE sorting as well
as support for Last-Event-Id. To do this it adds a dependency on
boost circular_buffer.

Tested:

SSE connections succeed. Show filtered results.

Change-Id: I7aeb266fc40471519674c7b65cd5cc4625019e68
Signed-off-by: Ed Tanous <etanous@nvidia.com>

show more ...

Add filter parameter support

$filter is a parameter documented in the Redfish specification, section
7.3.4. It defines a mechanism for filtering arbitrary collections of
parameters based on a set o

Add filter parameter support

$filter is a parameter documented in the Redfish specification, section
7.3.4. It defines a mechanism for filtering arbitrary collections of
parameters based on a set of arbitrary language expressions.

From the specification, it supports the following language operators:

() Precedence grouping operator.
(Status/State eq 'Enabled' and Status/Health eq 'OK')
or SystemType eq 'Physical'

and Logical and operator.
ProcessorSummary/Count eq 2 and MemorySummary/TotalSystemMemoryGiB gt 64

eq Equal comparison operator.
ProcessorSummary/Count eq 2

ge Greater than or equal to comparison operator.
ProcessorSummary/Count ge 2

gt Great than comparison operator.
ProcessorSummary/Count gt 2

le Less than or equal to comparison operator
MemorySummary/TotalSystemMemoryGiB le 64

lt Less than comparison operator.
MemorySummary/TotalSystemMemoryGiB lt 64

ne Not equal comparison operator.
SystemType ne 'Physical'

not Logical negation operator.
not (ProcessorSummary/Count eq 2)

or Logical or operator.
ProcessorSummary/Count eq 2 or ProcessorSummary/Count eq 4

Support for these operators have been added in previous commits. This
commit enables them behind the insecure-enable-redfish-query meson
option. This is an arbitrary language, so the likelihood there's some
improper implementation in the patch is high. This gives folks the
ability to test it.

Tested:
Lots of unit tests included in this patch.

Functionally tested the basic operators:
```
GET /redfish/v1/Managers/bmc/LogServices/Journal/Entries?\$filter=EntryType+eq+'Oem'
GET /redfish/v1/Managers/bmc/LogServices/Journal/Entries?\$filter=EntryType+ne+'Oem'
```

Function as expected, producing multiple results or no results
respectively.

GET /redfish/v1 reports "FilterQuery": true

Redfish service validator passes.

Change-Id: Id568acc5dcfce868af12da5ee16c4f0caae8060a
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Manage Request with shared_ptr

This is an attempt to solve a class of use-after-move bugs on the
Request objects which have popped up several times. This more clearly
identifies code which owns the

Manage Request with shared_ptr

This is an attempt to solve a class of use-after-move bugs on the
Request objects which have popped up several times. This more clearly
identifies code which owns the Request objects and has a need to keep it
alive. Currently it's just the `Connection` (or `HTTP2Connection`)
(which needs to access Request headers while sending the response), and
the `validatePrivilege()` function (which needs to temporarily own the
Request while doing an asynchronous D-Bus call). Route handlers are
provided a non-owning `Request&` for immediate use and required to not
hold the `Request&` for future use.

Tested: Redfish validator passes (with a few unrelated fails).
Redfish URLs are sent to a browser as HTML instead of raw JSON.

Change-Id: Id581fda90b6bceddd08a5dc7ff0a04b91e7394bf
Signed-off-by: Jonathan Doman <jonathan.doman@intel.com>
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Bring consistency to config options

The configuration options that exist in bmcweb are an amalgimation of
CROW options, CMAKE options using #define, pre-bmcweb ifdef mechanisms
and meson options usi

Bring consistency to config options

The configuration options that exist in bmcweb are an amalgimation of
CROW options, CMAKE options using #define, pre-bmcweb ifdef mechanisms
and meson options using a config file. This history has led to a lot of
different ways to configure code in the codebase itself, which has led
to problems, and issues in consistency.

ifdef options do no compile time checking of code not within the branch.
This is good when you have optional dependencies, but not great when
you're trying to ensure both options compile.

This commit moves all internal configuration options to:
1. A namespace called bmcweb
2. A naming scheme matching the meson option. hyphens are replaced with
underscores, and the option is uppercased. This consistent transform
allows matching up option keys with their code counterparts, without
naming changes.
3. All options are bool true = enabled, and any options with _ENABLED or
_DISABLED postfixes have those postfixes removed. (note, there are
still some options with disable in the name, those are left as-is)
4. All options are now constexpr booleans, without an explicit compare.

To accomplish this, unfortunately an option list in config/meson.build
is required, given that meson doesn't provide a way to dump all options,
as is a manual entry in bmcweb_config.h.in, in addition to the
meson_options. This obsoletes the map in the main meson.build, which
helps some of the complexity.

Now that we've done this, we have some rules that will be documented.
1. Runtime behavior changes should be added as a constexpr bool to
bmcweb_config.h
2. Options that require optionally pulling in a dependency shall use an
ifdef, defined in the primary meson.build. (note, there are no
options that currently meet this class, but it's included for
completeness.)

Note, that this consolidation means that at configure time, all options
are printed. This is a good thing and allows direct comparison of
configs in log files.

Tested: Code compiles
Server boots, and shows options configured in the default build. (HTTPS,
log level, etc)

Change-Id: I94e79a56bcdc01755036e4e7278c7e69e25809ce
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Break out formatters

In the change made to move to std::format, we defined some custom type
formatters in logging.hpp. This had the unintended effect of making
all compile units pull in the majorit

Break out formatters

In the change made to move to std::format, we defined some custom type
formatters in logging.hpp. This had the unintended effect of making
all compile units pull in the majority of boost::url, and nlohmann::json
as includes.

This commit breaks out boost and json formatters into their own separate
includes.

Tested: Code compiles. Logging changes only.

Change-Id: I6a788533169f10e19130a1910cd3be0cc729b020
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Simplify query_param

Static analysis notes that the values in these functions are never
initialized, and that a small section of the branch is no longer
possible to hit, now that a default case has

Simplify query_param

Static analysis notes that the values in these functions are never
initialized, and that a small section of the branch is no longer
possible to hit, now that a default case has been added in
4da0490bc07a458ad3fc7d586c7eabf6053c572f

Remove the dead code and initialize variables where appropriate.

Tested: Unit tests pass. Decent coverage here.

Change-Id: I42ec4678672fea5b21f98aaae05dfca0629652e7
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Fix redundant inline operators

inline is not required on member methods. Clang-tidy has a check for
this. Enable the check and fix the two bad usages.

Tested: Code compiles.

Change-Id: I3115b7c0

Fix redundant inline operators

inline is not required on member methods. Clang-tidy has a check for
this. Enable the check and fix the two bad usages.

Tested: Code compiles.

Change-Id: I3115b7c0c4005e1082e0005b818fbe6569511f49
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Use no-switch-default on clang

clang-18 improves this check so that we can actually use it. Enable it
and fix all violations.

Change-Id: Ibe4ce19c423d447a4cbe593d1abba948362426af
Signed-off-by: Ed

Use no-switch-default on clang

clang-18 improves this check so that we can actually use it. Enable it
and fix all violations.

Change-Id: Ibe4ce19c423d447a4cbe593d1abba948362426af
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Fix redundant init issues

clang-tidy-18 must've fixed their checking for these in headers.
Resolve as the robot commands.

Tested: Noop changes made by tidy. Code compiles.

Change-Id: I1de7686c597

Fix redundant init issues

clang-tidy-18 must've fixed their checking for these in headers.
Resolve as the robot commands.

Tested: Noop changes made by tidy. Code compiles.

Change-Id: I1de7686c597deffb0df91c30dae1a29f9ba7900e
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Simplify body

Now that we have a custom boost http body class, we can use it in more
cases. There's some significant overhead and code when switching to a
file body, namely removing all the headers

Simplify body

Now that we have a custom boost http body class, we can use it in more
cases. There's some significant overhead and code when switching to a
file body, namely removing all the headers. Making the body class
support strings would allow us to completely avoid that inefficiency.
At the same time, it would mean that we can now use that class for all
cases, including HttpClient, and http::Request. This leads to some code
reduction overall, and means we're reliant on fewer beast structures.

As an added benefit, we no longer have to take a dependency on
boost::variant2.

Tested: Redfish service validator passes, with the exception of
badNamespaceInclude, which is showing warnings prior to this commit.

Change-Id: I061883a73230d6085d951c15891465c2c8445969
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Remove some boost includes

The less we rely on boost, and more on std algorithms, the less people
have to look up, and the more likely that our code will deduplicate.

Replace all uses of boost::alg

Remove some boost includes

The less we rely on boost, and more on std algorithms, the less people
have to look up, and the more likely that our code will deduplicate.

Replace all uses of boost::algorithms with std alternatives.

Tested: Redfish Service Validator passes.

Change-Id: I8a26f39b5709adc444b4178e92f5f3c7b988b05b
Signed-off-by: Ed Tanous <edtanous@google.com>

show more ...

Fix spelling mistakes

These were found with:
codespell -w $(git ls-files | grep "\.[hc]\(pp\)\?$")

At some point in the future, we might want to get this enabled in CI.

Change-Id: Iccb57b2adfd06a2

Fix spelling mistakes

These were found with:
codespell -w $(git ls-files | grep "\.[hc]\(pp\)\?$")

At some point in the future, we might want to get this enabled in CI.

Change-Id: Iccb57b2adfd06a2e177e99db2923fe4e8e329118
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Use ranges

C++20 brought us std::ranges for a lot of algorithms. Most of these
conversions were done using comby, similar to:

```
comby -verbose 'std::lower_bound(:[a].begin(),:[b].end(),:[c])' 's

Use ranges

C++20 brought us std::ranges for a lot of algorithms. Most of these
conversions were done using comby, similar to:

```
comby -verbose 'std::lower_bound(:[a].begin(),:[b].end(),:[c])' 'std::ranges::lower_bound(:[a], :[c])' $(git ls-files | grep "\.[hc]\(pp\)\?$") -in-place
```

Change-Id: I0c99c04e9368312555c08147d474ca93a5959e8d
Signed-off-by: Ed Tanous <edtanous@google.com>

show more ...