Rename host firmware to bios firmware

Problem:
- Host firmware naming was inconsistent with actual functionality

Changes:
- Rename hostFirmware to biosFirmware in store
- Update component names and

Rename host firmware to bios firmware

Problem:
- Host firmware naming was inconsistent with actual functionality

Changes:
- Rename hostFirmware to biosFirmware in store
- Update component names and references
- Modify i18n translation keys

Tested:
- Verified store mutations/actions
- Confirmed component rendering
- Checked i18n translations
- npx eslint without error related to 'host'

Change-Id: Ib97e4682f649d4a52f65e69df50422d84f23e916
Signed-off-by: Shane Lin <hslin@nvidia.com>

show more ...

inventory: move serial console to system

SerialConsole was deprecated in Manager v1_10_0 and has been
removed in bmcweb [1].

Because the SerialConsole values were not available anymore, the
Manager

inventory: move serial console to system

SerialConsole was deprecated in Manager v1_10_0 and has been
removed in bmcweb [1].

Because the SerialConsole values were not available anymore, the
Managers were not displayed because "setBmcInfo" couldn't find the
"SerialConsole" properties. THe following error will be logged:

```
TypeError: Cannot read properties of undefined (reading 'ConnectTypesSupported')
at Wa.setBmcInfo (app.25e72670.js:58:745295)
at app.25e72670.js:50:2774
at app.25e72670.js:50:10113
at Array.forEach (<anonymous>)
at app.25e72670.js:50:10092
at Wa._withCommit (app.25e72670.js:50:11953)
at Wa.commit (app.25e72670.js:50:10066)
at Wa.commit (app.25e72670.js:50:9518)
at o.commit (app.25e72670.js:50:2216)
at app.25e72670.js:58:745747
```

[1]: https://github.com/openbmc/bmcweb/commit/fa800c8a141aa4b209269e0fb50cae34aa24f75d

Tested: BMC manager being listed in the inventory and serial console
variables being displayed for the system.

Change-Id: I1a24178717805ca50eef2c89042c0bd9ede1d5bc
Signed-off-by: Tan Siewert <tan@siewert.io>

show more ...

Update to api function for MessageID

Update to api function for MessageIDs - PaswordChangeRequired

This patch is just a small tweak while still assuming the current
X.Y.Z version format.
When searc

Update to api function for MessageID

Update to api function for MessageIDs - PaswordChangeRequired

This patch is just a small tweak while still assuming the current
X.Y.Z version format.
When searching for a standard Registry string from @Message.ExtendedInfo
-which is an array of Message objects-,
we should stick to the default namespace.
For example,
if someone added OpenBMC.0.5.0.PaswordChangeRequired it could be
erroneous to assume that it has the same meaning, since
semantically it is a different message.
For our use, trying to do something useful with version portion
seems problematic, so I am fine with ignoring them as already done
with code being updated here.

The search function has been made generic to allow reuse,
and some IntelliSense sugar was added.

Tested, as Paul documented:
Tested: logging in, navigating, logging out with non-expired password.
Logging in, navigating, then running `passwd -e <accountname>` via ssh
leads to functional password change page on the next request and then
navigating proceeds normally, and logging out too. If password is
expired before logging in the user gets redirected to the password
change page automatically after logging in.

Change-Id: I306ace2024efea13f25e24528a048d0955b2f95b
Signed-off-by: j-westover <jwestover@nvidia.com>

show more ...

Retrieve role information the Redfish standard way

Currently webui-vue has a hardcoded list of pages and sidebar menu items
restricted to a specific Redfish role (from a predefined default set).
To

Retrieve role information the Redfish standard way

Currently webui-vue has a hardcoded list of pages and sidebar menu items
restricted to a specific Redfish role (from a predefined default set).
To disallow navigating to restricted pages and to hide disallowed menu
items the application needs to know the roles assigned to the session.

bmcweb only implements a single role identity per session so the Roles
array returned within a Session object always has just one element.

This patch changes the mechanism used to retrieve the current role from
buggy direct query to AccountService (which can only return information
about BMC local users) to extracting it from standard Redfish Session
object.

In case the role is not available (e.g. when backend implementation
predates #Session.v1_7_0.Session) the application assumes Administrator
role which is meant as a best effort to continue working given the
circumstances. This doesn't pose a security risk because all validation
is always performed by the backend itself, so the worst that can happen
is end user getting error messages trying to access something without
enough privileges.

Tested: logging in and out of accounts with different roles without
reloading the page, observing the list of queries made, the role
variable assignments and presence of the menu items depending on
account, navigating to different pages. Also tested reloading the page
and confirmed the correct role was retrieved without going through login
again. Also tested deleting and mangling localStorage variable
sessionURI prior to doing page reload, in those cases redirect to login
page was observed.

Change-Id: I8b6c84060a987489cc1d35c46c1b00618a88b607
Signed-off-by: Paul Fertser <fercerpav@gmail.com>

show more ...

i18n fix after vue3 merge to master

Fix i18n issue in the Power restore policy, Inventory LEDs, and User
management page.

After merge the vue3 code to master the i18n Power restore policy,
Inventor

i18n fix after vue3 merge to master

Fix i18n issue in the Power restore policy, Inventory LEDs, and User
management page.

After merge the vue3 code to master the i18n Power restore policy,
Inventory LEDs, and User management page got conflicts and old code
retrieved in master. So unable to render the Power restore policy,
Inventory LEDs and unable to disable the user in user management page

change the i18n.t method to i18n.global.t for the vue3 support.

Change-Id: I46f3f56632308ceaee321dd896e16e922d964b60
Signed-off-by: Surya Venkatesan <suryav@ami.com>

show more ...

LDAP and server power operation page fix

In LDAP loading declare outside the form, form validation condition
change, server power operation page validation added and i18n method
changed in the event

LDAP and server power operation page fix

In LDAP loading declare outside the form, form validation condition
change, server power operation page validation added and i18n method
changed in the event log store.

Change-Id: I903b4dec7da1a5a2cc8441c65693c57201405d70
Signed-off-by: Surya Venkatesan <suryav@ami.com>

show more ...

Network page validation and i18n issue fix

In network page invalid if condition changed, added validations and i18n
function changed based on the vue 3 support.

Change-Id: If5b9c00f6da722984f1c568c

Network page validation and i18n issue fix

In network page invalid if condition changed, added validations and i18n
function changed based on the vue 3 support.

Change-Id: If5b9c00f6da722984f1c568cfbcb6b34537c3df1
Signed-off-by: Surya Venkatesan <suryav@ami.com>

show more ...

Vuelidate, I18n, and filter are upgraded to vue3

While navigating to the pages i18n, vuelidate, and filters errors
occurred. i18n, and vuelidate code changes in each page adapted to
vue3. Filter glo

Vuelidate, I18n, and filter are upgraded to vue3

While navigating to the pages i18n, vuelidate, and filters errors
occurred. i18n, and vuelidate code changes in each page adapted to
vue3. Filter global function for date and time format implemented
in the main.js file and those files which as called the filter
functions.

Change-Id: If1a2ee22d47750faef1c35ef2c263299067d9a20
Signed-off-by: Surya Venkatesan <suryav@ami.com>

show more ...

Upgrade vue3 and all dependencies

Start the process of porting everything to Vue 3. I have most things
working. npm run-scripts build works, npm install works. prettier
passes. Styles load, logi

Upgrade vue3 and all dependencies

Start the process of porting everything to Vue 3. I have most things
working. npm run-scripts build works, npm install works. prettier
passes. Styles load, login works, webui loads.

This was primarily done using the linked documents below. It makes the
following design decisions:
1. Vue is put in compat 2 mode, which allows most of the components to
work as-is.
2. Bootstrap v4 is used along with bootstrap-vue to keep our components
working.
3. Minor changes are made to load the latest versions of vue-router,
vuex, and vue-i18n.

I suspect this patchset is good enough to start with, and we can clean
up the broken things one patchset at a time. The things that need to
happen are:

1. Get remaining features working again. This primiarily is vue-i18n
for mixins, and non vue components. This likely needs to be done by
not pulling in i18n into the non vue components, then using the .Vue
files to do the internationalization in the component context, NOT in
the mixin context. Alternatively, we could drop MixIns alltogether.
2. Get custom styles working again. Previously, we used some path
hackery in vue.config.js to optionally pre-load styles. This stops
working now that we're required to @import our modules. Likely we
need some rearangement of the paths such that custom styles are a
complete replacement (possibly importing the original) rather than
additive with overrides. That's a guess, but I don't really see
anyone else doing customization the way we've defined it here.
3. Bootstrap 5 no longer requires ANY custom vue modules, as it has
dropped the jquery dependency. We won't be able to pull in bootstrap
5 all at once, so pull in bootstrap 5 under an alias, like
"bootstrap5" that we can optionally import 5 or 4.
4. One at a time, start porting components over to Vue3 syntax and
bootstrap 5. This will be the bulk of the manual work and review.

The only thing I think left is getting unit tests passing, which I
commented out the pre-commit hook to make this PR.

Tested: Code builds. Needs better testing.

[1] https://router.vuejs.org/guide/migration/
[2] https://vue-i18n.intlify.dev/guide/migration/vue3
[3] https://vuelidate-next.netlify.app/migration_guide.html#package-name-and-imports

Change-Id: I5bb3187b9efbf2e4ff63e57994bc528756e2a981
Signed-off-by: Ed Tanous <ed@tanous.net>

show more ...

Updated Power restore policy URI

- Previously, we used to get the values for power restore policy page
from“JsonSchemas/ComputerSystem/ComputerSystem.json”. Now we have
removed the hardcoded API

Updated Power restore policy URI

- Previously, we used to get the values for power restore policy page
from“JsonSchemas/ComputerSystem/ComputerSystem.json”. Now we have
removed the hardcoded API call and are fetching the values from
the JsonSchemas/ComputerSystem’s URI because we would have versioned
ComputerSystem.json in the redfish response.

Change-Id: I1a25cbbb3dfc536485a6f71a359ae32c6eadf5f7
Signed-off-by: Nikhil Ashoka <a.nikhil@ibm.com>

show more ...

Fix event entry download

Event entry should be downloaded with specific http header of "Accept:
application/octet-stream" or "*/*", but the default http header is set
to "Accept: application/json",

Fix event entry download

Event entry should be downloaded with specific http header of "Accept:
application/octet-stream" or "*/*", but the default http header is set
to "Accept: application/json", so need to specify the header for event
downloading.

Refer: https://gerrit.openbmc.org/c/openbmc/bmcweb/+/40136

Tested:
Event entry data can be downloaded with the fix.

Change-Id: Ia45123340da79a54fc4229470e6822206b8df808
Signed-off-by: Sean Zhang <xiazhang@nvidia.com>

show more ...

Add default Target to MultipartHttpPush

When no targets are provided, webui will now default to the BMC:
i.e. "/redfish/v1/Managers/bmc"

The current version of bmcweb requires the Targets parameter

Add default Target to MultipartHttpPush

When no targets are provided, webui will now default to the BMC:
i.e. "/redfish/v1/Managers/bmc"

The current version of bmcweb requires the Targets parameter.
bmcweb will be updated for multipart to match the behavior of
simpleupdate:
if Targets is empty or missing, default to the BMC.

Also, the fwupdate page will be updated soon to allow the
selection of Targets from the FirmwareInventory list.

This should be a temp webui fix until we are comfortable with
the upcoming changes to bmcweb.

Change-Id: I630dcb40068b98aad8e1d276d17fe9af4793e788
Signed-off-by: jason westover <jwestover@nvidia.com>

show more ...

Add support for MultipartHttpPushUri in fw push

According to the Redfish Firmware Update Whitepaper [1]
due to the vendor-specific details of this operation,
HttpPushUri has been deprecated in f

Add support for MultipartHttpPushUri in fw push

According to the Redfish Firmware Update Whitepaper [1]
due to the vendor-specific details of this operation,
HttpPushUri has been deprecated in favor of multipartHTTP push
updates.

Availability of update methods is determined from the UpdateService
response.

If MultipartHttpPushUri is found it will be preferred over HttpPushUri

Tested:
-Firmware update by performed via MultipartHttpPushUri

[1]: https://www.dmtf.org/sites/default/files/standards/documents/DSP2062_1.0.1.pdf

Change-Id: I184a889514d5f9f9598f35b2281404335bc0bc82
Signed-off-by: Leo Xu <yongquanx@nvidia.com>

show more ...

Use auth token when not communicating with bmcweb

Redfish backends other than OpenBMC bmcweb expect clients to
authenticate using X-Auth-Token HTTP header as that's the only standard
authentication

Use auth token when not communicating with bmcweb

Redfish backends other than OpenBMC bmcweb expect clients to
authenticate using X-Auth-Token HTTP header as that's the only standard
authentication method for Redfish sessions.

This code falls back to using the token in case Session creation didn't
result in obtaining an XSRF cookie (as should normally happen with
bmcweb).

Limitations: all WebSocket-based functionality can not work (JS-based
NBD Virtual Media, IP KVM, SOL), page reload drops the session and
requires to log in again.

Tested: logging in, observing Overview and successfully logging out of
an AMI MegaRAC BMC. Logging in and navigating around a bmcweb-running
system which doesn't have the code to provide cookies for Session POST
request (everything works as usual sans WS-based features).

Change-Id: I81dc881193440d8d252dcd283b99915bd08c0c5e
Signed-off-by: Paul Fertser <fercerpav@gmail.com>

show more ...

Handle expired passwords Redfish standard way

A password can expire at any moment during session lifetime and bmcweb
starts returning 403 Forbidden errors to the requests made after that.
The respon

Handle expired passwords Redfish standard way

A password can expire at any moment during session lifetime and bmcweb
starts returning 403 Forbidden errors to the requests made after that.
The response contains clear indication of the condition in the standard
`@Message.ExtendedInfo` attribute which is an array of Message objects.

Previously the code was trying to detect this condition by querying
AccountService after logging in but this approach doesn't work when
password expires mid-session. Also it was limited to BMC-managed
accounts and used hardcoded account URIs in violation of Redfish spec.

This patch adds to the interceptor of 403 error so that the user is
automatically redirected to the password change page as soon as the
condition is detected.

The same message is also present in the session creation POST response
201 if the password expired before the log in attempt, in this case the
session is created as usual but the user is automatically redirected to
password change page before any further requests are made.

Tested: logging in, navigating, logging out with non-expired password.
Logging in, navigating, then running `passwd -e <accountname>` via ssh
leads to functional password change page on the next request and then
navigating proceeds normally, and logging out too. If password is
expired before logging in the user gets redirected to the password
change page automatically after logging in.

Fixes: https://github.com/openbmc/webui-vue/issues/118
Change-Id: I03f5ee2526a4bb1d35d3bbea1142fea077d6bfed
Signed-off-by: Paul Fertser <fercerpav@gmail.com>

show more ...

Fix single event entry download

For event entry download, the href not work since the event entry
download only work with header of "Accept: application/octet-stream" or
the default "*/*", change to

Fix single event entry download

For event entry download, the href not work since the event entry
download only work with header of "Accept: application/octet-stream" or
the default "*/*", change to click function to make it work.

Refer: https://gerrit.openbmc.org/c/openbmc/bmcweb/+/40136

Change-Id: I11051e913bfd71ef081bed93ffcbeeb1edd8c730
Signed-off-by: Sean Zhang <xiazhang@nvidia.com>

show more ...

Switch to standard Redfish auth endpoint

To be able to talk to a Redfish-compliant implementation webui should
switch from old non-standard login and logout endpoints to creating a
Session via an ap

Switch to standard Redfish auth endpoint

To be able to talk to a Redfish-compliant implementation webui should
switch from old non-standard login and logout endpoints to creating a
Session via an appropriate POST request and to DELETE it on logout. This
also gives us standard Session object with all the relevant parameters
which allows the frontend to know what session it's using, what
permissions it has etc.

This works against bmcweb which checks for the presence of
webui-vue-specific "X-Requested-With" header in the request and provides
cookies in addition to the Redfish authentication token in the header.

Tested: logging in, logging out, navigating the pages, reloading the
page doesn't require logging in (if the session isn't expired),
WebSocket connections work.

Change-Id: I9d6159850b109a658b8f980637653e7e4576058b
Signed-off-by: Paul Fertser <fercerpav@gmail.com>

show more ...

Removed TFTP code update option

- Removed TFTP server firmware update ability in the UI.

Signed-off-by: Nikhil Ashoka <a.nikhil@ibm.com>
Change-Id: Icbeddc7a3faa262f12e85268206ae70850f37905

fix reboot BMC error message

Remove getLastBmcRebootTime after post BMC reboot action since BMC
connection will be lost after reboot. The last BMC reboot time will be
got after reboot BMC page loadi

fix reboot BMC error message

Remove getLastBmcRebootTime after post BMC reboot action since BMC
connection will be lost after reboot. The last BMC reboot time will be
got after reboot BMC page loading, and after BMC reboot, user need
reload the WEB UI, so there is also no need to send Redfish request to
get the last BMC reboot time just after the post the BMC reboot action.

Change-Id: Ic5d0cbca23a61610cc387a4046b85e9c20c255ea
Signed-off-by: Sean Zhang <xiazhang@nvidia.com>

show more ...

Add support for IPv6 network setting

Add IPv6 setting in network setting page.
- Add IPv6 domain name, DNS servers, NTP servers enable/disable
- Add DHCPv6 enable/disable
- Add IPv6 default gateway

Add support for IPv6 network setting

Add IPv6 setting in network setting page.
- Add IPv6 domain name, DNS servers, NTP servers enable/disable
- Add DHCPv6 enable/disable
- Add IPv6 default gateway
- Add IPv6 addresses
- Add IPv6 static addresses
- Add IPv6 static addresses adding and deleting

Tested:
- IPv6 domain name, DNS servers, NTP servers enable/disable function
- DHCPv6 enable/disable function
- Verified the IPv6 default gateway
- IPv6 addresses adding and deleting
- Verified the IPv6 addresses in IPv6 table

Change-Id: I9eebf6ef5f7de748f79779d8168b8dcfcdda2495
Signed-off-by: Sean Zhang <xiazhang@nvidia.com>

show more ...

Replace fixed paths with response from API

Currently, the Redfish request used fixed URIs, modify the code to use
the BMC and System paths got from response of API calls.
For CertificateStore, since

Replace fixed paths with response from API

Currently, the Redfish request used fixed URIs, modify the code to use
the BMC and System paths got from response of API calls.
For CertificateStore, since it was using the URL for constant variable
assignment, changed the constant CERTIFICATE_TYPES to method call.

Change-Id: I330b7272083e3e6993aae5705aae170b8e9a4659
Signed-off-by: Sean Zhang <xiazhang@nvidia.com>

show more ...

remove setApplyTimeImmediate and its usage

BMCWeb is dropping the support for patch for ApplyOptions, hence remove
the setApplyTimeImmediate and its corresponding usage from webui. The
related patch

remove setApplyTimeImmediate and its usage

BMCWeb is dropping the support for patch for ApplyOptions, hence remove
the setApplyTimeImmediate and its corresponding usage from webui. The
related patch from bmcweb is as under -
https://gerrit.openbmc.org/c/openbmc/bmcweb/+/72150

Change-Id: I4ef64485103db843e1280bc5b8bd8be63813c368
Signed-off-by: Jagpal Singh Gill <paligill@gmail.com>

show more ...

Added toast notification for identify LEDs

- Added success toast notification messages for identify
LEDs present at Inventory and LEDs page and Overview.

- Import of Toast was not present in Over

Added toast notification for identify LEDs

- Added success toast notification messages for identify
LEDs present at Inventory and LEDs page and Overview.

- Import of Toast was not present in Overview's Inventory
card and DIMM slot table, fixed it.

Signed-off-by: Nikhil Ashoka <a.nikhil@ibm.com>
Change-Id: If9ad84e66f6f15616cb8af51b1e84d8d06b1afd0

show more ...

Removed Challenge password option from Generate CSR panel

- Unable to generate Certificate Signing Request (CSR) when filling
optional field-Challenge password values on Certificate page.
- Hence,

Removed Challenge password option from Generate CSR panel

- Unable to generate Certificate Signing Request (CSR) when filling
optional field-Challenge password values on Certificate page.
- Hence, removed the Challenge password option from the Generate
CSR panel.

Change-Id: I862f024de84f34738be5e5cd22701b63c2309152
Signed-off-by: Vedangi Mittal <vedangimittal3004@gmail.com>

show more ...

Allow to log in when using remote authentication

For accounts authenticated remotely (e.g. with LDAP or RADIUS) the API
endpoint (handled by bmcweb) can not provide any information about
RoleId curr

Allow to log in when using remote authentication

For accounts authenticated remotely (e.g. with LDAP or RADIUS) the API
endpoint (handled by bmcweb) can not provide any information about
RoleId currently, reporting 404 instead. This confuses the frontend and
it doesn't allow to navigate at all.

Fix this by lifting all frontend-side restrictions by assuming
'Administrator' role in this case. Since the backend verifies validity
of each and every request anyway this doesn't affect security anyhow.

Tested: logging in, out and incorrectly using local BMC and remote LDAP
users, reloading the page with an active session. In all cases frontend
behaved as expected, storing assumed RoleId after getting 404 not found
reply and using it for unrestricted routing decisions.

Change-Id: If17d06bf0b8a372acd1980f6777227e25d9c78d8
Signed-off-by: Paul Fertser <fercerpav@gmail.com>

show more ...