privileges (full) in projects: openbmc - OpenGrok search results

Searched full:privileges (Results 1 – 25 of 396) sorted by relevance

/openbmc/bmcweb/redfish-core/include/
H A D	privileges.hpp	31 /** @brief A fixed array of compile time privileges / 38 /* @brief Max number of privileges per type / 52 @brief Redfish privileges 54 * This implements a set of Redfish privileges. These directly represent 55 * user privileges and help represent entity privileges. 57 * Each incoming Connection requires a comparison between privileges held 58 * by the user issuing a request and the target entity's privileges. 60 * To ensure best runtime performance of this comparison, privileges 68 class Privileges class 72 * @brief Constructs object without any privileges active [all …]
/openbmc/bmcweb/test/redfish-core/include/
H A D	privileges_test.cpp	3 #include "privileges.hpp" 22 Privileges privileges{"Login", "ConfigureManager"}; in TEST() local 24 EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE), in TEST() 30 Privileges userPrivileges{"Login"}; in TEST() 40 auto userPrivileges = Privileges{"Login"}; in TEST() 49 auto userPrivileges = Privileges{"Login"}; in TEST() 60 Privileges{"Login", "ConfigureManager", "ConfigureSelf"}; in TEST() 71 auto userPrivileges = Privileges{"Login", "ConfigureManager"}; in TEST() 82 auto userPrivileges = Privileges{"ConfigureManager"}; in TEST() 92 auto userPrivileges = Privileges{"ConfigureComponents"}; in TEST() [all …]
/openbmc/docs/designs/
H A D	redfish-authorization.md	25 of them is assigned a fixed array of standard privileges (e.g., `Login`, 32 type. It is used to determine whether the identity privileges of an 40 `ConfigureComponents`, and `ConfigureSelf` privileges, is authorized to send a 63 group, privileges, status, and account policies). It has a hardcoded list of 64 user groups (SSH, IPMI, Redfish, Web) and a hardcoded list of privileges 65 ("priv-admin", "priv-operator", "priv-user", "priv-noaccess"). These privileges 94 phosphor-user-manager to query the user's privileges and uses a hardcoded map to 95 convert the privileges to Redfish roles. The hardcoded map is listed below: 97 \| Phosphor-user-manager privileges (implemented as groups) \| BMCWeb Redfish Roles \| 104 To map Redfish role to their assigned Redfish privileges, BMCWeb implements the [all …]
/openbmc/bmcweb/redfish-core/schema/dmtf/installed/
H A D	Privileges_v1.xml	4 <!--# Redfish Schema: Privileges v1.0.6 --> 23 <Schema xmlns="http://docs.oasis-open.org/odata/ns/edm" Namespace="Privileges"> 114 <Schema xmlns="http://docs.oasis-open.org/odata/ns/edm" Namespace="Privileges.v1_0_0"> 119 …privileges might be defined on a `Link` element to provide read privileges for the referenced reso… 122 …privileges might be defined on a `Link` element to provide create privileges for the referenced re… 125 …privileges might be defined on a `Link` element to provide update privileges for the referenced re… 128 …privileges might be defined on a `Link` element to provide update privileges for the referenced re… 132 <Schema xmlns="http://docs.oasis-open.org/odata/ns/edm" Namespace="Privileges.v1_0_2"> 137 <Schema xmlns="http://docs.oasis-open.org/odata/ns/edm" Namespace="Privileges.v1_0_3"> 142 <Schema xmlns="http://docs.oasis-open.org/odata/ns/edm" Namespace="Privileges.v1_0_4"> [all …]
/openbmc/bmcweb/redfish-core/schema/dmtf/csdl/
H A D	Privileges_v1.xml	4 <!--# Redfish Schema: Privileges v1.0.6 --> 23 <Schema xmlns="http://docs.oasis-open.org/odata/ns/edm" Namespace="Privileges"> 114 <Schema xmlns="http://docs.oasis-open.org/odata/ns/edm" Namespace="Privileges.v1_0_0"> 119 …privileges might be defined on a `Link` element to provide read privileges for the referenced reso… 122 …privileges might be defined on a `Link` element to provide create privileges for the referenced re… 125 …privileges might be defined on a `Link` element to provide update privileges for the referenced re… 128 …privileges might be defined on a `Link` element to provide update privileges for the referenced re… 132 <Schema xmlns="http://docs.oasis-open.org/odata/ns/edm" Namespace="Privileges.v1_0_2"> 137 <Schema xmlns="http://docs.oasis-open.org/odata/ns/edm" Namespace="Privileges.v1_0_3"> 142 <Schema xmlns="http://docs.oasis-open.org/odata/ns/edm" Namespace="Privileges.v1_0_4"> [all …]
H A D	PrivilegeRegistry_v1.xml	27 <edmx:Include Namespace="Privileges"/> 62 … <Property Name="PrivilegesUsed" Type="Collection(Privileges.PrivilegeType)" Nullable="false"> 64 …<Annotation Term="OData.Description" String="The set of Redfish standard privileges used in this m… 65 …tion" String="This property shall contain an array of Redfish standard privileges used in this map… 69 … <Annotation Term="OData.Description" String="The set of OEM privileges used in this mapping."/> 70 …a.LongDescription" String="This property shall contain an array of OEM privileges used in this map… 73 …ta.Description" String="The mappings between entities and the relevant privileges that access thos… 74 …property shall describe the mappings between entities and the relevant privileges that access thos… 79 …cription" String="The mapping between a resource type and the relevant privileges that accesses th… 80 …type shall describe a mapping between a resource type and the relevant privileges that accesses th… [all …]
/openbmc/bmcweb/redfish-core/lib/
H A D	redfish_sessions.hpp	15 #include "privileges.hpp" 126 Privileges effectiveUserPrivileges = in handleSessionDelete() 383 .privileges(redfish::privileges::headSession) in requestRoutesSession() 388 .privileges(redfish::privileges::getSession) in requestRoutesSession() 393 .privileges(redfish::privileges::deleteSession) in requestRoutesSession() 398 .privileges(redfish::privileges::headSessionCollection) in requestRoutesSession() 403 .privileges(redfish::privileges::getSessionCollection) in requestRoutesSession() 413 .privileges({}) in requestRoutesSession() 418 .privileges({}) in requestRoutesSession() 423 .privileges(redfish::privileges::headSessionService) in requestRoutesSession() [all …]
H A D	aggregation_service.hpp	67 .privileges(redfish::privileges::headAggregationService) in requestRoutesAggregationService() 71 .privileges(redfish::privileges::getAggregationService) in requestRoutesAggregationService() 137 .privileges(redfish::privileges::getAggregationSourceCollection) in requestRoutesAggregationSourceCollection() 142 .privileges(redfish::privileges::getAggregationSourceCollection) in requestRoutesAggregationSourceCollection() 230 .privileges(redfish::privileges::getAggregationSource) in requestRoutesAggregationSource()
H A D	log_services.hpp	1134 .privileges(redfish::privileges::getLogServiceCollection) in requestRoutesSystemLogServiceCollection() 1244 .privileges(redfish::privileges::getLogService) in requestRoutesEventLogService() 1340 .privileges({{"ConfigureComponents"}}) in requestRoutesJournalEventLogClear() 1632 .privileges(redfish::privileges::getLogEntryCollection) in requestRoutesJournalEventLogEntryCollection() 1713 .privileges(redfish::privileges::getLogEntry) in requestRoutesJournalEventLogEntry() 1746 .privileges(redfish::privileges::getLogEntryCollection) in requestRoutesDBusEventLogEntryCollection() 1862 .privileges(redfish::privileges::getLogEntry) in requestRoutesDBusEventLogEntry() 1890 .privileges(redfish::privileges::patchLogEntry) in requestRoutesDBusEventLogEntry() 1918 .privileges(redfish::privileges::deleteLogEntry) in requestRoutesDBusEventLogEntry() 2036 .privileges(redfish::privileges::getLogServiceCollection) in requestRoutesBMCLogServiceCollection() [all …]
H A D	redfish_v1.hpp	`243 .privileges(redfish::privileges::getJsonSchemaFile) in requestRoutesRedfish() 247 .privileges(redfish::privileges::getJsonSchemaFileCollection) in requestRoutesRedfish() 252 .privileges(redfish::privileges::getJsonSchemaFile) in requestRoutesRedfish() 259 .privileges(redfish::privileges::privilegeSetLogin)( in requestRoutesRedfish() 264 .privileges(redfish::privileges::privilegeSetLogin)( in requestRoutesRedfish()`
H A D	certificate_service.hpp	17 #include "privileges.hpp" 465 Privileges effectiveUserPrivileges = in handleCertificateServiceGet() 923 .privileges(redfish::privileges::getCertificateService) in requestRoutesCertificateService() 928 .privileges(redfish::privileges::getCertificateLocations) in requestRoutesCertificateService() 935 .privileges(redfish::privileges::postCertificateService) in requestRoutesCertificateService() 942 .privileges(redfish::privileges::postCertificateService) in requestRoutesCertificateService() 1065 .privileges(redfish::privileges::getCertificateCollection) in requestRoutesHTTPSCertificate() 1071 .privileges(redfish::privileges::postCertificateCollection) in requestRoutesHTTPSCertificate() 1078 .privileges(redfish::privileges::getCertificate) in requestRoutesHTTPSCertificate() 1186 .privileges(redfish::privileges::getCertificateCollection) in requestRoutesLDAPCertificate() [all …]
H A D	event_service.hpp	66 .privileges(redfish::privileges::getEventService) in requestRoutesEventService() 121 .privileges(redfish::privileges::patchEventService) in requestRoutesEventService() 191 .privileges(redfish::privileges::postEventService) in requestRoutesSubmitTestEvent() 270 .privileges(redfish::privileges::getEventDestinationCollection) in requestRoutesEventDestinationCollection() 312 .privileges(redfish::privileges::postEventDestinationCollection) in requestRoutesEventDestinationCollection() 755 .privileges(redfish::privileges::getEventDestination) in requestRoutesEventDestination() 820 //.privileges(redfish::privileges::patchEventDestination) in requestRoutesEventDestination() 821 .privileges({{"ConfigureManager"}}) in requestRoutesEventDestination() 935 //.privileges(redfish::privileges::deleteEventDestination) in requestRoutesEventDestination() 936 .privileges({{"ConfigureManager"}}) in requestRoutesEventDestination()
H A D	thermal.hpp	`31 .privileges(redfish::privileges::getThermal) in requestRoutesThermal() 51 .privileges(redfish::privileges::patchThermal) in requestRoutesThermal()`
H A D	environment_metrics.hpp	`89 .privileges(redfish::privileges::headEnvironmentMetrics) in requestRoutesEnvironmentMetrics() 94 .privileges(redfish::privileges::getEnvironmentMetrics) in requestRoutesEnvironmentMetrics()`
H A D	message_registries.hpp	`69 .privileges(redfish::privileges::getMessageRegistryFileCollection) in requestRoutesMessageRegistryFileCollection() 132 .privileges(redfish::privileges::getMessageRegistryFile) in requestRoutesMessageRegistryFile() 212 .privileges(redfish::privileges::getMessageRegistryFile) in requestRoutesMessageRegistry()`
H A D	bios.hpp	`69 .privileges(redfish::privileges::getBios) in requestRoutesBiosService() 122 .privileges(redfish::privileges::postBios) in requestRoutesBiosReset()`
/openbmc/bmcweb/redfish-core/schema/dmtf/json-schema/
H A D	PrivilegeRegistry.v1_1_5.json	37 …"description": "The mapping between a resource type and the relevant privileges that accesses the … 38 …type shall describe a mapping between a resource type and the relevant privileges that accesses th… 78 … privilege overrides of resource URIs. The target lists the resource URI and the new privileges.", 115 "description": "The specific privileges required to complete a set of HTTP operations.", 116 …"longDescription": "This type shall describe the specific privileges required to complete a set of… 185 "description": "The privileges for a specific HTTP operation.", 186 …"longDescription": "This type shall describe the privileges required to complete a specific HTTP o… 203 …"description": "An array of privileges that are required to complete a specific HTTP operation on … 207 …"longDescription": "This array shall contain an array of privileges that are required to complete … 258 …"description": "The mappings between entities and the relevant privileges that access those entiti… [all …]
H A D	Role.v1_3_3.json	101 "description": "The Redfish privileges for this role.", 103 … "$ref": "http://redfish.dmtf.org/schemas/v1/Privileges.json#/definitions/PrivilegeType" 105 …"longDescription": "This property shall contain the Redfish privileges for this role. For predefi… 140 "description": "The OEM privileges for this role.", 144 …"longDescription": "This property shall contain the OEM privileges for this role. For predefined … 150 …ricted by a service as defined by the 'Restricted roles and restricted privileges' clause of the R…
/openbmc/bmcweb/http/routing/
H A D	baserule.hpp	`7 #include "privileges.hpp" 69 bool checkPrivileges(const redfish::Privileges& userPrivileges) in checkPrivileges() 71 // If there are no privileges assigned, assume no privileges in checkPrivileges() 78 for (const redfish::Privileges& requiredPrivileges : privilegesSet) in checkPrivileges() 97 std::vector<redfish::Privileges> privilegesSet;`
H A D	ruleparametertraits.hpp	`5 #include "privileges.hpp" 85 self_t& privileges( in privileges() function 97 self_t& privileges(const std::array<redfish::Privileges, N>& p) in privileges() function 100 for (const redfish::Privileges& privilege : p) in privileges()`
/openbmc/linux/Documentation/admin-guide/LSM/
H A D	SafeSetID.rst	7 from obtaining auxiliary privileges associated with CAP_SET{U/G}ID, such as 14 to switch to a different user must be spawned with CAP_SETUID privileges. 19 privileges opens up possible security holes since any user with access to the 20 file can exec() that program to gain the elevated privileges. 27 especially since programs often only call setuid() to drop privileges to a 28 lesser-privileged user -- not elevate privileges. Unfortunately, there is no 107 privileges, such as allowing a user to set up user namespace UID/GID mappings. 111 In v5.9 we are adding support for limiting CAP_SETGID privileges as was done
/openbmc/bmcweb/include/
H A D	dbus_privileges.hpp	`12 #include "privileges.hpp" 83 // Get the user's privileges from the role in isUserPrivileged() 84 redfish::Privileges userPrivileges = in isUserPrivileged() 87 // Modify privileges if isConfigureSelfOnly. in isUserPrivileged() 90 // Remove all privileges except ConfigureSelf in isUserPrivileged() 92 userPrivileges.intersection(redfish::Privileges{"ConfigureSelf"}); in isUserPrivileged()`
/openbmc/linux/Documentation/userspace-api/
H A D	no_new_privs.rst	`2 No New Privileges Flag 5 The execve system call can grant a newly-started program privileges that 8 gaining these privileges as well, the kernel and user code must be 55 escalate its privileges by directly attacking setuid, setgid, and`
/openbmc/bmcweb/redfish-core/schema/dmtf/json-schema-installed/
H A D	Role.v1_3_3.json	101 "description": "The Redfish privileges for this role.", 103 … "$ref": "http://redfish.dmtf.org/schemas/v1/Privileges.json#/definitions/PrivilegeType" 105 …"longDescription": "This property shall contain the Redfish privileges for this role. For predefi… 140 "description": "The OEM privileges for this role.", 144 …"longDescription": "This property shall contain the OEM privileges for this role. For predefined … 150 …ricted by a service as defined by the 'Restricted roles and restricted privileges' clause of the R…
/openbmc/openbmc-test-automation/redfish/account_service/
H A D	test_redfish_privilege_registry.robot	`99 # \| ROLE NAME \| ASSIGNED PRIVILEGES 125 Verify Admin User Privileges Via Redfish 126 [Documentation] Verify Admin user privileges via Redfish. 143 Verify Operator User Privileges Via Redfish 144 [Documentation] Verify Operator user privileges via Redfish. 164 Verify ReadOnly User Privileges Via Redfish 165 [Documentation] Verify ReadOnly user privileges via Redfish.`

12 3 4 5 6 7 8 9 10 >>...16

Project(s)

Full Search
Definition
Symbol
File Path
History
Type