Add trace when unknown user error

Have seen this internalError a few times. A trace would help debug why
User Manager is returning an error.

In line with
https://github.com/openbmc/bmcweb/blob/mast

Add trace when unknown user error

Have seen this internalError a few times. A trace would help debug why
User Manager is returning an error.

In line with
https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#logging-levels.

IBM has bmcweb-logging=error enabled.

Tested: None. Visual only.

Change-Id: I16f56c3170fb92dcfb52e57c9a420cefabc4c763
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>

show more ...

Refactor getCollectionMembers

This commit refactors the getCollectionMembers function into smaller
functions. Additionally, the 'subtree' parameter is no longer a
default parameter but is explicitl

Refactor getCollectionMembers

This commit refactors the getCollectionMembers function into smaller
functions. Additionally, the 'subtree' parameter is no longer a
default parameter but is explicitly required in the function. All
calls to getCollectionMembers have been updated to pass the 'subtree'
parameter.

Tested: Validator passed

'''
curl -k https://$bmc/redfish/v1/Systems/system/Storage
{
"@odata.id": "/redfish/v1/Systems/system/Storage",
"@odata.type": "#StorageCollection.StorageCollection",
"Members": [
{
"@odata.id": "/redfish/v1/Systems/system/Storage/1"
}
],
"Members@odata.count": 1,
"Name": "Storage Collection"
}

curl -k https://$bmc/redfish/v1/Cables
{
"@odata.id": "/redfish/v1/Cables",
"@odata.type": "#CableCollection.CableCollection",
"Description": "Collection of Cable Entries",
"Members": [
{
"@odata.id": "/redfish/v1/Cables/dp0_cable0"
},
{
"@odata.id": "/redfish/v1/Cables/dp0_cable1"
},
{
"@odata.id": "/redfish/v1/Cables/dp0_cable2"
},
{
"@odata.id": "/redfish/v1/Cables/dp0_cable3"
}
],
"Members@odata.count": 4,
"Name": "Cable Collection"
}

curl -k https://$bmc/redfish/v1/Chassis

{
"@odata.id": "/redfish/v1/Chassis",
"@odata.type": "#ChassisCollection.ChassisCollection",
"Members": [
{
"@odata.id": "/redfish/v1/Chassis/chassis"
}
],
"Members@odata.count": 1,
"Name": "Chassis Collection"
}

curl -k https://$bmc/redfish/v1/Systems/system/Memory
{
"@odata.id": "/redfish/v1/Systems/system/Memory",
"@odata.type": "#MemoryCollection.MemoryCollection",
"Members": [
{
"@odata.id": "/redfish/v1/Systems/system/Memory/dimm0"
},
{
"@odata.id": "/redfish/v1/Systems/system/Memory/dimm1"
},
......
{
"@odata.id": "/redfish/v1/Systems/system/Memory/dimm31"
}
],
"Members@odata.count": 32,
"Name": "Memory Module Collection"
}
'''

Change-Id: If5091431b548f371bff03b2897fd0aaf8b0ef203
Signed-off-by: Lakshmi Yadlapati <lakshmiy@us.ibm.com>

show more ...

Clean up vm CredentialPipe

This code is needlessly complicated for what it does. Even with the
intent, which is secure buffer cleanup, it's trivial to encase all this
into a single class that accep

Clean up vm CredentialPipe

This code is needlessly complicated for what it does. Even with the
intent, which is secure buffer cleanup, it's trivial to encase all this
into a single class that accepts the strings by rvalue reference, then
cleans them up afterward.

Doing this also cleans up a potential lifetime problem, where if the
unix socket returned immediately, it would've invalidated the buffers
that were being sent. It also moves to async_write, instead of
async_write_some. The former could in theory fail if the socket blocks
(unlikely in this scenario) but it's good to handle anyway.

Tested: Need some help here. There's no backend for this, so we might
just have to rely on inspection.

Change-Id: I9032d458f8eb7a0689bee575aae611641bacee26
Signed-off-by: Ed Tanous <edtanous@google.com>

show more ...

Adjust #LogService schema version to same for all routes

Both the #LogService.v1_1_0.LogService and #LogService.v1_2_0.LogService
schemas were being used. Follow what OpenBMC has done in the past
an

Adjust #LogService schema version to same for all routes

Both the #LogService.v1_1_0.LogService and #LogService.v1_2_0.LogService
schemas were being used. Follow what OpenBMC has done in the past
and use the same version across all resources of that type.

I've moved them all to use #LogService.v1_2_0.LogService.

The original addition of #LogService.v1_2_0.LogService was here:
https://gerrit.openbmc.org/c/openbmc/bmcweb/+/36638

Tested:
Ran Redfish Validator with and without the change. No new failures seen.
No failures in the #LogService routes.

Change-Id: Ie9eaeca32d190d627b439e511e25dfeee4b7e4eb
Signed-off-by: Janet Adkins <janeta@us.ibm.com>

show more ...

Fix regression in ip address delete

9c5e585c3faa73941cedcc70cdff680f403c17bc flipped around two parameters
as part of a bug fix. This fixes #263.

Tested: Inspection only.

Change-Id: I2c8dea2e947f

Fix regression in ip address delete

9c5e585c3faa73941cedcc70cdff680f403c17bc flipped around two parameters
as part of a bug fix. This fixes #263.

Tested: Inspection only.

Change-Id: I2c8dea2e947fd34784475c0eb0144baa3b68dcb5
Signed-off-by: Ed Tanous <edtanous@google.com>

show more ...

certificate_service: Fix garbled display caused by dangling reference

Post:
```
/redfish/v1/CertificateService/Actions/CertificateService.ReplaceCertificate
```
The "@odata.id" field in the response

certificate_service: Fix garbled display caused by dangling reference

Post:
```
/redfish/v1/CertificateService/Actions/CertificateService.ReplaceCertificate
```
The "@odata.id" field in the response will appear garbled. This is
caused by boost::urls::url_view outlives its original char sequence.
Fix this issue.

Tested:
```
1.Get token
2.curl -k -H "X-Auth-Token: $token" -X POST https://${bmc}/redfish/v1/CertificateService/Actions/CertificateService.ReplaceCertificate -d '{"CertificateUri": {"@odata.id":"/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1"}, "CertificateString":"...", "CertificateType": "PEM"}'
{
"@odata.id": "/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1",
...
}
```

Change-Id: I6b16cbfaf22f835488a54097c83cee8a1b9e9f6a
Signed-off-by: Xinnan Xie <xiexinnan@bytedance.com>

show more ...

Fix mounting in legacy mode in virtual media

Mounting in legacy mode doesn't provide "TransferProtocolType" in json,
the protocol is specified in the uri instead which means
paramTransferProtocolTyp

Fix mounting in legacy mode in virtual media

Mounting in legacy mode doesn't provide "TransferProtocolType" in json,
the protocol is specified in the uri instead which means
paramTransferProtocolType was empty and always failing the new check
[1], that was added because of a clang-tidy warning (sounds like a
clang-tidy bug). Restored original behavior and added checking
paramTransferProtocolType explicitly.

[1]: https://github.com/openbmc/bmcweb/commit/e01d0c36af115ed46d54b5dbbacfe3ad92226bd3#diff-3d181e155cfa7f397eface92af17130f3db87773ce4219d9c7e24e00b76b94acR767

Change-Id: I9bbebad262356933a9482f73b78597c838777f65
Signed-off-by: Boleslaw Ogonczyk Makowski <boleslawx.ogonczyk-makowski@intel.com>

show more ...

Don't return failed password in Redfish error response

Even though the password failed, it's not great to return it in plain
text in the Redfish error response (which is also displayed in a toast
po

Don't return failed password in Redfish error response

Even though the password failed, it's not great to return it in plain
text in the Redfish error response (which is also displayed in a toast
pop-up in webui-vue). This replaces the password text with null in the
Redfish response to protect the password content.

Tested:
Set a bad password for a new user and an existing user and confirmed
that the provided password text is no longer included in the error
response.

Change-Id: I1882667396006861c2211dbe27b554dd5a32c122
Signed-off-by: Jason M. Bills <jason.m.bills@intel.com>

show more ...

System: Error log level when internalError

In line with
https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#logging-levels.
When there is an InternalError, set the logging level to Error.

A

System: Error log level when internalError

In line with
https://github.com/openbmc/bmcweb/blob/master/DEVELOPING.md#logging-levels.
When there is an InternalError, set the logging level to Error.

Added some additional traces to get the EC. Having the EC is really
helpful when debugging.

IBM has bmcweb-logging=error enabled.

Tested: None. Visual only.

Change-Id: I4ba2fb6be52696dc115c5f2ac54ec123926778af
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>

show more ...

Change authority D-Bus names

Changing authority service references in code from 'ldap' to more
generic name, to comply with change in phosphor-certificate-manager.

Related change:
https://gerrit.op

Change authority D-Bus names

Changing authority service references in code from 'ldap' to more
generic name, to comply with change in phosphor-certificate-manager.

Related change:
https://gerrit.openbmc.org/c/openbmc/phosphor-certificate-manager/+/65458

Tested:
Adding, reading and removal of CA Certificate works without any
noticeable regression.

Change-Id: Ia3e7a13bf7093bb7a9964769847d769475ed3e61
Signed-off-by: Michal Orzel <michalx.orzel@intel.com>

show more ...

Ignore Non-software-related events during Update

During code update, if another application (e.g. pldm[1]) logs an error
unrelated to code update, this triggers an error event notification
and cause

Ignore Non-software-related events during Update

During code update, if another application (e.g. pldm[1]) logs an error
unrelated to code update, this triggers an error event notification
and causes the code update failure.

```
$ uri=$(curl -k https://${bmc}/redfish/v1/UpdateService | jq -r ' .HttpPushUri'); echo $uri
$ curl -k -H "Content-Type: application/octet-stream" -X POST -T ${image} https://${bmc}${uri}
{
"error": {
...
"code": "Base.1.13.0.InternalError",
"message": "The request failed due to an internal service error. The service is still operational."
}
}
```

This commit is to filter out those non-update-related error events
from concluding the code update as failure.

The valid update-related errors are defined in
- https://github.com/openbmc/phosphor-dbus-interfaces/blob/master/yaml/xyz/openbmc_project/Software/Version.errors.yaml
- https://github.com/openbmc/phosphor-bmc-code-mgmt/blob/master/xyz/openbmc_project/Software/Image.errors.yaml

Tested:

1) Redfish validator passed

2) Error injection during Update.

- Start the code update and wait for completion of update (e.g. using journalctl -f)

```
$ uri=$(curl -k https://${bmc}/redfish/v1/UpdateService | jq -r ' .HttpPushUri'); echo $uri
$ curl -k -H "Content-Type: application/octet-stream" -X POST -T ${image} https://${bmc}${uri}
```
- As soon as the image is untarring, and issue busctl cmd to inject a non-update error

```
busctl call xyz.openbmc_project.Logging /xyz/openbmc_project/logging \
xyz.openbmc_project.Logging.Create Create ssa{ss} \
xyz.openbmc_project.Host.Error.Event \
xyz.openbmc_project.Logging.Entry.Level.Error 1 RAWPEL \
/tmp/FILE_NBMC_UNRECOVERABLE
```

[1] https://github.com/openbmc/pldm/blob/master/oem/ibm/libpldmresponder/file_io_type_pel.cpp#L268

Change-Id: Ice54c403efacffa6a388e182bd04d97c3e2b97fc
Signed-off-by: Myung Bae <myungbae@us.ibm.com>

show more ...

Fix empty response when do the clearLog

It won't show anything when do the POST
/redfish/v1/Systems/<str>/LogServices/PostCodes/Actions/LogService.ClearLog

Give a response which same as
/redfish/v1

Fix empty response when do the clearLog

It won't show anything when do the POST
/redfish/v1/Systems/<str>/LogServices/PostCodes/Actions/LogService.ClearLog

Give a response which same as
/redfish/v1/Systems/<str>/LogServices/EventLog/Actions/LogService.ClearLog

Tested:
curl -k -X POST http://${bmc}/redfish/v1/Systems/system/LogServices/PostCodes/Actions/LogService.ClearLog
{
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The request completed successfully.",
"MessageArgs": [],
"MessageId": "Base.1.13.0.Success",
"MessageSeverity": "OK",
"Resolution": "None"
}
]
}

Change-Id: I35f41a82bba750397bd8d9af657036d4f03a61c8
Signed-off-by: Tony Lee <tony.lee@quantatw.com>

show more ...

Fix typo `DBusInteracesMap` -> `DBusInterfacesMap`

Change-Id: I9a851076eccee9d79ad7bb036e58b717e06ad5d1
Signed-off-by: Michael Shen <gpgpgp@google.com>

Move http client to URL

Type safety is a good thing. In:
https://gerrit.openbmc.org/c/openbmc/bmcweb/+/65606

It was found that splitting out the URI into encoded pieces in the early
phase removed

Move http client to URL

Type safety is a good thing. In:
https://gerrit.openbmc.org/c/openbmc/bmcweb/+/65606

It was found that splitting out the URI into encoded pieces in the early
phase removed some information we needed, namely whether or not a URI
was ipv6. This commit changes http client such that it passes all the
information through, with the correct type, rather than passing in
hostname, port, path, and ssl separately.

Opportunistically, because a number of log lines are changing, this uses
the opportunity to remove a number of calls to std::to_string, and rely
on std::format instead.

Now that we no longer use custom URI splitting code, the
ValidateAndSplitUrl() method can be removed, given that our validation
now happens in the URI class.

Tested: Aggregation works properly when satellite URIs are queried.

Change-Id: I9f605863179af54c5af2719bc5ce9d29cbfffab7
Signed-off-by: Ed Tanous <edtanous@google.com>

show more ...

Use ranges

C++20 brought us std::ranges for a lot of algorithms. Most of these
conversions were done using comby, similar to:

```
comby -verbose 'std::lower_bound(:[a].begin(),:[b].end(),:[c])' 's

Use ranges

C++20 brought us std::ranges for a lot of algorithms. Most of these
conversions were done using comby, similar to:

```
comby -verbose 'std::lower_bound(:[a].begin(),:[b].end(),:[c])' 'std::ranges::lower_bound(:[a], :[c])' $(git ls-files | grep "\.[hc]\(pp\)\?$") -in-place
```

Change-Id: I0c99c04e9368312555c08147d474ca93a5959e8d
Signed-off-by: Ed Tanous <edtanous@google.com>

show more ...

Refactor Update monitorForSoftwareAvailable function

The scope of this code refactor is to limit the function of
monitorForSoftwareAvailable() for the coming future code modifications
in the area.

Refactor Update monitorForSoftwareAvailable function

The scope of this code refactor is to limit the function of
monitorForSoftwareAvailable() for the coming future code modifications
in the area.

Tested:
- Compiles successfully.
- Code update works as before (for success and failure cases)

Change-Id: I90fd41caa6b88c97c2a0c47fcf4553d48905b886
Signed-off-by: Myung Bae <myungbae@us.ibm.com>

show more ...

Update event_service and account_service URI

Use boost::urls::format. Boost::urls::format allows escaping URLs
properly, and has been deployed in most places. This now includes
users in that set.

Update event_service and account_service URI

Use boost::urls::format. Boost::urls::format allows escaping URLs
properly, and has been deployed in most places. This now includes
users in that set.

Tested: Inspection only.

Change-Id: Ib16c8fceb7c58f4074f65df7634ac91af0633e2b
Signed-off-by: Willy Tu <wltu@google.com>
Signed-off-by: Ed Tanous <edtanous@google.com>

show more ...

Reduce some Error log severities

There are instances of ERROR logs that would work better as WARNING or
DEBUG since they do not actually result in bailing early and returning
an error response.

Sig

Reduce some Error log severities

There are instances of ERROR logs that would work better as WARNING or
DEBUG since they do not actually result in bailing early and returning
an error response.

Signed-off-by: Carson Labrado <clabrado@google.com>
Change-Id: I1e7bca0bb38487b26a4642ab72ce475170bb53c6

show more ...

Add negation to logic

As the value of the PowerInputWatts and PowerOutputWatts
are getting exchanged,so I added negation in the logic.This
will correct the values.

Tested:
I have tested it and now

Add negation to logic

As the value of the PowerInputWatts and PowerOutputWatts
are getting exchanged,so I added negation in the logic.This
will correct the values.

Tested:
I have tested it and now the values are coming correct.

Change-Id: I67bf6c5050ceb05c13419b370105d80f913b0c17
Signed-off-by: Anjaliintel-21 <anjali.ray@intel.com>

show more ...

Fix bugprone-unchecked-optional-access findings

Clang-tidy has the aforementioned check, which shows a few places in the
core where we ignored the required optional checks. Fix all uses.
Note, we c

Fix bugprone-unchecked-optional-access findings

Clang-tidy has the aforementioned check, which shows a few places in the
core where we ignored the required optional checks. Fix all uses.
Note, we cannot enable the check that this time because of some weird
code in health.hpp that crashes tidy[1]. That will need to be a future
improvement.

There are tests that call something like
ASSERT(optional)
EXPECT(optional->foo())

While this isn't an actual violation, clang-tidy doesn't seem to be
smart enough to deal with it, so add some explicit checks.

[1] https://github.com/llvm/llvm-project/issues/55530

Tested: Redfish service validator passes.

Change-Id: Ied579cd0b957efc81aff5d5d1091a740a7a2d7e3
Signed-off-by: Ed Tanous <edtanous@google.com>

show more ...

Show Update error type on logs if unknown

Update is failing due to unknown update dbus error type
but the cause can not be determined as its value is not showing.

This change is to add the error ca

Show Update error type on logs if unknown

Update is failing due to unknown update dbus error type
but the cause can not be determined as its value is not showing.

This change is to add the error cause to journal in addition to
CRITICAL internalError.

```
Aug 02 09:00:16 bmcweb[2476]: (2023-08-02 09:00:14) [ERROR
"update_service.hpp":396] Unknown Software Image Error type = <XXX>
Aug 02 09:00:16 bmcweb[2476]: (2023-08-02 09:00:14) [CRITICAL
"error_messages.cpp":284] Internal Error ....`
```

Not tested but successfully compiled.

Change-Id: I20833d24042bf8d2f7e2d8a8e4359e3d80af702a
Signed-off-by: Myung Bae <myungbae@us.ibm.com>

show more ...

Add PATCH for MetricReportDefinition

Support for PATCH method is added to Metric Report Definition,
now selected read/write Report properties can be modified by PATCH method

Tested:
- Added Report

Add PATCH for MetricReportDefinition

Support for PATCH method is added to Metric Report Definition,
now selected read/write Report properties can be modified by PATCH method

Tested:
- Added Report via POST, overwrite editable properties via PATCH and
fetched Report via GET checking if received data is properly modified

Signed-off-by: Lukasz Kazmierczak <lukasz.kazmierczak@intel.com>
Signed-off-by: Krzysztof Grobelny <krzysztof.grobelny@intel.com>
Change-Id: If75110a92c55c9e4f2415f0ed4471baa802643ff

show more ...

Fix RestorePolicy map

Before this code looked like:

{"xyz.openbmc_project.Control.Power.RestorePolicy.Policy.Restore",
"LastState"},
and that matches the PDI:
https://github.com/openbmc/phosphor-db

Fix RestorePolicy map

Before this code looked like:

{"xyz.openbmc_project.Control.Power.RestorePolicy.Policy.Restore",
"LastState"},
and that matches the PDI:
https://github.com/openbmc/phosphor-dbus-interfaces/blob/d1484a1499bc241316853934e6e8b735166deee2/yaml/xyz/openbmc_project/Control/Power/RestorePolicy.interface.yaml#L33

https://gerrit.openbmc.org/c/openbmc/bmcweb/+/64334/2/redfish-core/lib/systems.hpp#1350
changed this to RestorePolicy.Policy.AlwaysRestore, I think just a copy
mistake.

Pointed out by Patrick Rudolph.

Tested: None. Searching the enum now matches PDI and what was there
before.

Change-Id: I90e41d352dd1d1de3e465b4f2d5c9f78e0de5b3b
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>

show more ...

chassis: Change intrusion sensor look up method

This commit changes to using the interface
"xyz.openbmc_project.Chassis.Intrusion" to look up for the chassis
intrusion sensor's DBus object path unde

chassis: Change intrusion sensor look up method

This commit changes to using the interface
"xyz.openbmc_project.Chassis.Intrusion" to look up for the chassis
intrusion sensor's DBus object path under "/xyz/openbmc_project" path,
instead of specifying the complete object path. This helps remove the
dependence on the object path and relies on the interface name instead.

Change-Id: I046d1d2825f65f49b225c29239647c423b67242e
Signed-off-by: Chau Ly <chaul@amperecomputing.com>

show more ...

Add error code check for snmp

When SNMP isn't present, and the name is not activatable, (becuase snmp
isn't installed) it returns a 113 error code. We should handle this
silently, rather than retur

Add error code check for snmp

When SNMP isn't present, and the name is not activatable, (becuase snmp
isn't installed) it returns a 113 error code. We should handle this
silently, rather than returning an internal error, because snmp is
optional.

Tested: Ran redfish service validator on a system without phosphor-snmp
installed, and observed no more error on
/redfish/v1/EventService/Subscriptions.

Change-Id: I2254d763de6c55c678a95765e1bc87fb9aaa9564
Signed-off-by: Ed Tanous <edtanous@google.com>

show more ...