Make SOL layout responsive to the window changes

The current version of a SOL window layout have several
downsides:
-terminal content doesn't resize with the window changes
-when opened in a separat

Make SOL layout responsive to the window changes

The current version of a SOL window layout have several
downsides:
-terminal content doesn't resize with the window changes
-when opened in a separate window terminal content doesn't
use full viewport space
-when opened in a separate window terminal viewport takes
only a small part of the window

Screenshots with the problems descriptions are documented in
the github issue:
https://github.com/openbmc/phosphor-webui/issues/125

This commit adds responsiveness to the SOL layout.
The main SOL tab:
-terminal content automatically resizes with the viewport changes

The separate SOL window:
-XTERM always use full terminal viewport space
-terminal viewport width always equals window space width
-terminal viewport automatically resizes on window size changes
-terminal content automatically resizes with the viewport changes

As SOL UI is resposive now, this commit also removes fixed size
configurations for the SOL terminal via JSON 'customConsoleDisplaySize'
variable. It is worth noting that in reality it wasn't really
used anyway.

Signed-off-by: Konstantin Aladyshev <aladyshev22@gmail.com>
Change-Id: Ia5d929e9a309281366a9d3119ac326ebd73c73f0

show more ...

clang-format-11: reformat

Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I74d01806faf1884b8077c6c5c841ef194ff0b021

server-overview: supporting all MACs and IPs

Show MAC and IP address information for all the present
ethernet interfaces on the server overview page.

Tested: the `webui`-overview page on a system h

server-overview: supporting all MACs and IPs

Show MAC and IP address information for all the present
ethernet interfaces on the server overview page.

Tested: the `webui`-overview page on a system having
2 physical ethernet interfaces shows all IP addresses
assigned to the interface and also shows MAC addresses
for each interface

```
ETH0 IP ADDRESSES
IPv4: 172.17.26.67
IPv4: 169.254.28.79
IPv6: FE80::702C:BFFF:FEDE:DEC3

ETH1 IP ADDRESSES
IPv4: 169.254.51.25
IPv6: FE80::14B7:7EFF:FEF1:2EF

ETH0 MAC ADDRESS
72:2C:BF:DE:DE:C3

ETH1 MAC ADDRESS
16:B7:7E:F1:02:EF
```

End-user-impact: The server-overview page is now able to
display information about each ethernet's
MAC, IPv4 and IPv6 adresses.

Signed-off-by: Igor Kononenko <i.kononenko@yadro.com>
Change-Id: I677b645cc33bfc49c2dd91f4acc743973dc29998

show more ...

Fix Internet Explorer

Looks like this got merged before it got tested, and broke IE. Apparently
we still have users using it, as they noticed pretty quick. we might
want to keep that in mind for t

Fix Internet Explorer

Looks like this got merged before it got tested, and broke IE. Apparently
we still have users using it, as they noticed pretty quick. we might
want to keep that in mind for the future.

A short note on the failure, this snippet contained a section that
enabled use scrict on the code, which accidentally allowed babel to
enable it everywhere. So far as I can tell, the existing code doesn't
follow strict (although there's only one outlier).

in short, this fixes IE.

Tested:
Launched webui in IE11 with debug console open. Observed UI launches
with no unexpected warnings.

Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: I85cc83b34f4f5906e827ea55c4b4fb4bda0fe6ac

show more ...

Remove scaled

Scale was removed from phosphor-dbus-interfaces when moving to a
double.
https://github.com/openbmc/phosphor-dbus-interfaces/commit/4ec6587fa908fe9df41cc0962ab6ff6446fbd54f

A future i

Remove scaled

Scale was removed from phosphor-dbus-interfaces when moving to a
double.
https://github.com/openbmc/phosphor-dbus-interfaces/commit/4ec6587fa908fe9df41cc0962ab6ff6446fbd54f

A future improvement could be some sort of rounding.

Tested: Loaded GUI on a Witherspoon
Change-Id: I771e575c85cc97196678a1da8e01d1fdb96ddf8c
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>

show more ...

Drop encoding library

Commit f4a43cca440535a63592877c9bdbbe28636d803c attempted to fix a IE
bug in the SOL library. Unfortunately, it did it by pulling in the
entire NPM encoding library, which is

Drop encoding library

Commit f4a43cca440535a63592877c9bdbbe28636d803c attempted to fix a IE
bug in the SOL library. Unfortunately, it did it by pulling in the
entire NPM encoding library, which is insanely large (190kb after
minification and compression). This is almost equivalent to the rest of
our javascript put together! That's nuts, and I don't think anyone
would argue that's a binary hit worth taking for IE9 support.

This commit removes it, and swaps in an inline polyfill from the mozilla
recommendations, that compresses much....much smaller.

Before this patchset build prints:
app.bundle.js.gz 522 KiB [emitted] [big]

After this patchset:
app.bundle.js.gz 332 KiB [emitted] [big]

If you don't want to break out a calculator, that's 190KB savings in the
root filesystem, and should cut the initial page load time (on slow
connections) by nearly 30 percent.

Note: text-encodings was never pinned in the package-lock.json, hence
why you don't see a diff removing it from package lock. This was a miss
on the original commiters part, although it doesn't really matter, as
it's now removed.

PS: A reviewer may note, I could've moved the polyfill into its own
file. Considering the serial console is the only page that uses that,
and it's not that big I elected not to, to make removing it analagous
with removing xterm/the serial console.

Bonus content!
Added a (commented out) webpack config that allows you to generate the
webui as individual gzipped fragments, instead of one bundle. This
allows you to see file sizes on a package by package basis, and was how
I found this commit in question.

Testing:
This is where this patchset gets hairy. I dont' have an IE9 instance to
test on. Given it's low usage, and the fact that it's a relatively
straightforward change we can probably just wait for someone to tell us
it's broken again.

Enjoy the sweet sweet savings.

Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: I2820ff1c4b33d725ebc63490793a72fe600b8ed3
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Fix SENSOR_SORT_ORDER array

'Meters' entry had been duplicated; 'Watts' was missing.

Signed-off-by: Zev Weiss <zev@bewilderbeest.net>
Change-Id: I836efa74120dd427253a4aee817216d37a93049a

Fix layout bugs on server power operations page

Add missing closing div tag that caused strange column layout
breaks.

Resolves openbmc/phosphor-webui#112

Tested: No longer see the problem on a Wit

Fix layout bugs on server power operations page

Add missing closing div tag that caused strange column layout
breaks.

Resolves openbmc/phosphor-webui#112

Tested: No longer see the problem on a Witherspoon.

Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
Signed-off-by: Yoshie Muranaka <yoshiemuranaka@gmail.com>
Change-Id: I87f4947f60f95c7991df3f7c429ac51726a894b9

show more ...

Add CSRF check to more websockets

This adds the token to more websockets that were
missing it.

Change-Id: I633ce28ec9602d33a79d613f94582ba0ff265368
Signed-off-by: James Feist <james.feist@linux.int

Add CSRF check to more websockets

This adds the token to more websockets that were
missing it.

Change-Id: I633ce28ec9602d33a79d613f94582ba0ff265368
Signed-off-by: James Feist <james.feist@linux.intel.com>

show more ...

Pass cookies into function

This was missed in the websocket upgrade.

Change-Id: Id2256fa87d728d71790d3046d280449feefe326c
Signed-off-by: James Feist <james.feist@linux.intel.com>

Add CSRF to all remaining websockets

This passes the CSRF with the websocket so that
the pages continue to work after CSRF is added.

Tested: Verified SOL still worked

Change-Id: I8f1066c2769f92034

Add CSRF to all remaining websockets

This passes the CSRF with the websocket so that
the pages continue to work after CSRF is added.

Tested: Verified SOL still worked

Change-Id: I8f1066c2769f92034c349e7112ebc1070adcd35b
Signed-off-by: James Feist <james.feist@linux.intel.com>

show more ...

Add XSRF token into websocket request

Add XSRF token so we can implement CRSF checking
on websockets.

Tested: Saw it in bmcweb logs

Change-Id: Ie9479508bc69fad631f66fb282133ad18d025300
Signed-off-

Add XSRF token into websocket request

Add XSRF token so we can implement CRSF checking
on websockets.

Tested: Saw it in bmcweb logs

Change-Id: Ie9479508bc69fad631f66fb282133ad18d025300
Signed-off-by: James Feist <james.feist@linux.intel.com>

show more ...

Improve blocking of non local urls

It was found that the original check didn't stop
http:www.google.com forwards. This fixes that issue.

Tested: Verified that the url forward didn't work

Change-Id

Improve blocking of non local urls

It was found that the original check didn't stop
http:www.google.com forwards. This fixes that issue.

Tested: Verified that the url forward didn't work

Change-Id: I44a9b84218e15ddd0d37d5fbda633b66326da1f4
Signed-off-by: James Feist <james.feist@linux.intel.com>

show more ...

Fix "Clear Oem Logs" functionality in System Logs

Issue Symptom:
1. "Clear Oem Logs" button didn't show on webui when type select to "Oem".
2. "Clear Oem Logs" button was showed on then pressed with

Fix "Clear Oem Logs" functionality in System Logs

Issue Symptom:
1. "Clear Oem Logs" button didn't show on webui when type select to "Oem".
2. "Clear Oem Logs" button was showed on then pressed with fix, but the function didn't work correctly.
Event logs were deleted instead of Oem logs.

Root cause:
1. getSystemLogs() always get Event logs by default no matter type be selected to "Oem".
2. clearSystemLogs() always clear Event logs by default no matter type be selected to "Oem".

Solution:
1. According "recordType" to get Oem logs from uri:
'/redfish/v1/Systems/' + DataService.systemName + '/LogServices/Crashdump/Entries'
2. According "selectedRecordType" to clear Oem logs by action: uri = '/redfish/v1/Systems/' +
DataService.systemName + '/LogServices/Crashdump/Actions/LogService.ClearLog'

Modified files:
webui/app/common/services/api-utils.js
webui/app/server-health/controllers/syslog-controller.html
webui/app/server-health/controllers/syslog-controller.js

Tested by:
1. In WebUI/Server health/System Logs, select system log type as "Oem", then click "Clear Oem Logs" button.
The Oem logs (CPU Crashdump log) all were deleted.
2. Select system log type as "Event", then click "Clear Event Logs" button.
The System Event Log all were deleted.

Signed-off-by: Tim Lee <timlee660101@gmail.com>
Change-Id: I2a3d42a61f53df84b88585cf7c65a10688eaef05

show more ...

Create profile settings page

Adding a profile settings page so readonly and operator
roles are able to change their own password.

Signed-off-by: Yoshie Muranaka <yoshiemuranaka@gmail.com>
Change-Id

Create profile settings page

Adding a profile settings page so readonly and operator
roles are able to change their own password.

Signed-off-by: Yoshie Muranaka <yoshiemuranaka@gmail.com>
Change-Id: Iee9536255ad47f4df4af8746c1e01da37c407f2b

show more ...

Block forwarding to non-local url

Currently we don't protect against forwarding to remote
url, so things like:

https://<bmc-address>/#/login?next=http:%2F%2Fyahoo.com

can be used to forward an uns

Block forwarding to non-local url

Currently we don't protect against forwarding to remote
url, so things like:

https://<bmc-address>/#/login?next=http:%2F%2Fyahoo.com

can be used to forward an unsuspecting user to a different
url. This fixes that issue.

Tested: Local redirects still work, above link does not

Closes #109

Change-Id: I4d6c52880156802860f405af43037fb84235912f
Signed-off-by: James Feist <james.feist@linux.intel.com>

show more ...

Update navigation to accordian-style menu

- New navigation provides intuitive structure for showing relationship
between sections and pages
- Menu keeps an open state, which allows easy clicking to

Update navigation to accordian-style menu

- New navigation provides intuitive structure for showing relationship
between sections and pages
- Menu keeps an open state, which allows easy clicking to sibling pages
- Ability to preview all page sections w/o hover over blocking page content
- Allows user to see where they are within navigation at all times

Tested: Opened each page and confirmed new navigation worked, clicked through
to all pages successfully.

Change-Id: Ie10dc95d8e15ee9bf89a3bec9ff231c0a7065ed9
Signed-off-by: Kathy Pine <kathryn.elainex.pine@intel.com>

show more ...

Users: Role Table: Update ssh

https://github.com/openbmc/openbmc/commit/19e81d3f3b731681a57bb5ef9681d33cc291bde8
restricts SSH authentication to only admin role users.

Updated the table.

Tested: L

Users: Role Table: Update ssh

https://github.com/openbmc/openbmc/commit/19e81d3f3b731681a57bb5ef9681d33cc291bde8
restricts SSH authentication to only admin role users.

Updated the table.

Tested: Loaded on a Witherspoon
Change-Id: Ice5c93dc6dc4aa937de2c3fb9072c2f81719325c
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>

show more ...

Users: Update Callback/NoAccess Role

https://github.com/openbmc/bmcweb/commit/e9e6d240ab85e515f8d264e39b47a75043b73374
added a new user role, NoAccess.

https://github.com/openbmc/bmcweb/commit/cb3e

Users: Update Callback/NoAccess Role

https://github.com/openbmc/bmcweb/commit/e9e6d240ab85e515f8d264e39b47a75043b73374
added a new user role, NoAccess.

https://github.com/openbmc/bmcweb/commit/cb3e11fadd77b04f5b26aefbde18411625e5e304
removed Callback.

This "NoAccess" role can not ssh, access Redfish, the D-Bus API, or
IPMI.

Tested: Loaded on a witherspoon.
Change-Id: I4f870fdefb5342344fd442876d671a59864bbf34
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>

show more ...

User logged in when IsAuthenticated cookie is set.

Related to https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/27270

Currently the only condition checked when user is logged in was the
"LOGIN_

User logged in when IsAuthenticated cookie is set.

Related to https://gerrit.openbmc-project.xyz/c/openbmc/bmcweb/+/27270

Currently the only condition checked when user is logged in was the
"LOGIN_ID" value in browser session storage. The only place in the code
where it is set is the Basic Authorization flow.

In case of mTLS authentication, we are not able to set session storage
value. This is why additional 'IsAuthenticated' cookie is added.

In the case when user session expires, the failing XHR should cause the
page to redirect to the login prompt. Additionally, IsAuthenticated
cookie is removed to disable redirection.

Tested: verified the flow with the mTLS changes. User is put in the
webUI interface without login prompt when using mTLS authentication. If
the authentication fails, browser redirects to the login page.

Signed-off-by: Wiktor Gołgowski <wiktor.golgowski@intel.com>
Change-Id: Ia7061f3e146c6547d4bfdf42940150b1a5c06903

show more ...

Fix LDAP request resulting in 400 response

- Remove all references to the AuthenticationType property since our
request is a PATCH and we are not changing the value.

Resolves: https://github.com/op

Fix LDAP request resulting in 400 response

- Remove all references to the AuthenticationType property since our
request is a PATCH and we are not changing the value.

Resolves: https://github.com/openbmc/phosphor-webui/issues/102

Signed-off-by: Derick Montague <derick.montague@ibm.com>
Change-Id: I911ac41bf61250847e4c308f09df8fd59dd27fa7

show more ...

Sorting certificate table

So far the certificate table was not sorted and it happen that having
multiple certificates they appear on different table position after
machine restart.
That is because t

Sorting certificate table

So far the certificate table was not sorted and it happen that having
multiple certificates they appear on different table position after
machine restart.
That is because the Redfish was used to get the list of certificates
and it does not guarantee any order of elements in returned
collections.

After merging this commit certificates will be always sorted by:
type, issuer name and then by date.

Tested:
Manual tests were made to cofirm that certificates are properly sorted.

Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com>
Change-Id: Ie8e63d598cd04e2396ed09244a69284e49566f8d

show more ...

Add file upload component

Created reusuable file upload component to be used on updated firmware page.
Component can:
-Upload file
-Display status icon
-Clear upload field

Made minor style change t

Add file upload component

Created reusuable file upload component to be used on updated firmware page.
Component can:
-Upload file
-Display status icon
-Clear upload field

Made minor style change to file upload on certificate management.

Tested in GUI.

Signed-off-by: Dixsie Wolmers <dixsiew@gmail.com>
Change-Id: I09bf56eee4d670681ea5e95c1807f8177c0e4c08

show more ...

Update loading spinner

Loader was updated with loading icon svg. Added inline style
for loading icon and added loader svg to status-icon directive.
Status icons will be used in file-upload component

Update loading spinner

Loader was updated with loading icon svg. Added inline style
for loading icon and added loader svg to status-icon directive.
Status icons will be used in file-upload component for firmware page update.

Signed-off-by: Dixsie Wolmers <dixsiew@gmail.com>
Change-Id: I15e6f9fa39a08fcc8cfe354f8ed4447aab6425a9

show more ...

Fix truncated button icons on Safari

Removing margin offset to fix issue with button icons being
visually truncated on Safari. Removing additional redundant
code around same icon/buttons.

Signed-of

Fix truncated button icons on Safari

Removing margin offset to fix issue with button icons being
visually truncated on Safari. Removing additional redundant
code around same icon/buttons.

Signed-off-by: Yoshie Muranaka <yoshiemuranaka@gmail.com>
Change-Id: Ie1ef89023a043a70a0126a21be57febb9afae19a

show more ...