140e9b92eSEd Tanous // SPDX-License-Identifier: Apache-2.0 240e9b92eSEd Tanous // SPDX-FileCopyrightText: Copyright OpenBMC Authors 3f4c99e70SEd Tanous #pragma once 4d5c80ad9SNan Zhou #include "bmcweb_config.h" 5d5c80ad9SNan Zhou 6f4c99e70SEd Tanous #include "app.hpp" 7f4c99e70SEd Tanous #include "async_resp.hpp" 8*5d92fffcSrohitpai #include "error_code.hpp" 9f4c99e70SEd Tanous #include "error_messages.hpp" 1025991f7dSEd Tanous #include "filter_expr_executor.hpp" 11d7857201SEd Tanous #include "filter_expr_parser_ast.hpp" 1225991f7dSEd Tanous #include "filter_expr_printer.hpp" 13f4c99e70SEd Tanous #include "http_request.hpp" 1402cad96eSEd Tanous #include "http_response.hpp" 1595c6307aSEd Tanous #include "json_formatters.hpp" 16d5c80ad9SNan Zhou #include "logging.hpp" 1750ebd4afSEd Tanous #include "str_utility.hpp" 18f4c99e70SEd Tanous 19d7857201SEd Tanous #include <unistd.h> 20d5c80ad9SNan Zhou 21d5c80ad9SNan Zhou #include <boost/beast/http/status.hpp> 22d5c80ad9SNan Zhou #include <boost/beast/http/verb.hpp> 23d5c80ad9SNan Zhou #include <boost/url/params_view.hpp> 24d5c80ad9SNan Zhou #include <nlohmann/json.hpp> 25d5c80ad9SNan Zhou 26d5c80ad9SNan Zhou #include <algorithm> 27e155ab54SNan Zhou #include <array> 28e155ab54SNan Zhou #include <cctype> 297cf436c9SEd Tanous #include <charconv> 30d7857201SEd Tanous #include <cstddef> 31d5c80ad9SNan Zhou #include <cstdint> 32d5c80ad9SNan Zhou #include <functional> 33e155ab54SNan Zhou #include <iterator> 34d5c80ad9SNan Zhou #include <limits> 35d5c80ad9SNan Zhou #include <map> 36d5c80ad9SNan Zhou #include <memory> 37d5c80ad9SNan Zhou #include <optional> 383544d2a7SEd Tanous #include <ranges> 39f4c99e70SEd Tanous #include <string> 40f4c99e70SEd Tanous #include <string_view> 41d5c80ad9SNan Zhou #include <system_error> 427cf436c9SEd Tanous #include <utility> 43f4c99e70SEd Tanous #include <vector> 44f4c99e70SEd Tanous 45f4c99e70SEd Tanous namespace redfish 46f4c99e70SEd Tanous { 47f4c99e70SEd Tanous namespace query_param 48f4c99e70SEd Tanous { 49f4c99e70SEd Tanous 507cf436c9SEd Tanous enum class ExpandType : uint8_t 517cf436c9SEd Tanous { 527cf436c9SEd Tanous None, 537cf436c9SEd Tanous Links, 547cf436c9SEd Tanous NotLinks, 557cf436c9SEd Tanous Both, 567cf436c9SEd Tanous }; 577cf436c9SEd Tanous 58827c4902SNan Zhou // A simple implementation of Trie to help |recursiveSelect|. 59827c4902SNan Zhou class SelectTrieNode 60827c4902SNan Zhou { 61827c4902SNan Zhou public: 62827c4902SNan Zhou SelectTrieNode() = default; 63827c4902SNan Zhou 64827c4902SNan Zhou const SelectTrieNode* find(const std::string& jsonKey) const 65827c4902SNan Zhou { 66827c4902SNan Zhou auto it = children.find(jsonKey); 67827c4902SNan Zhou if (it == children.end()) 68827c4902SNan Zhou { 69827c4902SNan Zhou return nullptr; 70827c4902SNan Zhou } 71827c4902SNan Zhou return &it->second; 72827c4902SNan Zhou } 73827c4902SNan Zhou 74827c4902SNan Zhou // Creates a new node if the key doesn't exist, returns the reference to the 75827c4902SNan Zhou // newly created node; otherwise, return the reference to the existing node 76827c4902SNan Zhou SelectTrieNode* emplace(std::string_view jsonKey) 77827c4902SNan Zhou { 78827c4902SNan Zhou auto [it, _] = children.emplace(jsonKey, SelectTrieNode{}); 79827c4902SNan Zhou return &it->second; 80827c4902SNan Zhou } 81827c4902SNan Zhou 82827c4902SNan Zhou bool empty() const 83827c4902SNan Zhou { 84827c4902SNan Zhou return children.empty(); 85827c4902SNan Zhou } 86827c4902SNan Zhou 87827c4902SNan Zhou void clear() 88827c4902SNan Zhou { 89827c4902SNan Zhou children.clear(); 90827c4902SNan Zhou } 91827c4902SNan Zhou 92827c4902SNan Zhou void setToSelected() 93827c4902SNan Zhou { 94827c4902SNan Zhou selected = true; 95827c4902SNan Zhou } 96827c4902SNan Zhou 97827c4902SNan Zhou bool isSelected() const 98827c4902SNan Zhou { 99827c4902SNan Zhou return selected; 100827c4902SNan Zhou } 101827c4902SNan Zhou 102827c4902SNan Zhou private: 103827c4902SNan Zhou std::map<std::string, SelectTrieNode, std::less<>> children; 104827c4902SNan Zhou bool selected = false; 105827c4902SNan Zhou }; 106827c4902SNan Zhou 107827c4902SNan Zhou // Validates the property in the $select parameter. Every character is among 108827c4902SNan Zhou // [a-zA-Z0-9#@_.] (taken from Redfish spec, section 9.6 Properties) 109827c4902SNan Zhou inline bool isSelectedPropertyAllowed(std::string_view property) 110827c4902SNan Zhou { 111827c4902SNan Zhou // These a magic number, but with it it's less likely that this code 112827c4902SNan Zhou // introduces CVE; e.g., too large properties crash the service. 113827c4902SNan Zhou constexpr int maxPropertyLength = 60; 114827c4902SNan Zhou if (property.empty() || property.size() > maxPropertyLength) 115827c4902SNan Zhou { 116827c4902SNan Zhou return false; 117827c4902SNan Zhou } 118827c4902SNan Zhou for (char ch : property) 119827c4902SNan Zhou { 120827c4902SNan Zhou if (std::isalnum(static_cast<unsigned char>(ch)) == 0 && ch != '#' && 121827c4902SNan Zhou ch != '@' && ch != '.') 122827c4902SNan Zhou { 123827c4902SNan Zhou return false; 124827c4902SNan Zhou } 125827c4902SNan Zhou } 126827c4902SNan Zhou return true; 127827c4902SNan Zhou } 128827c4902SNan Zhou 129827c4902SNan Zhou struct SelectTrie 130827c4902SNan Zhou { 131827c4902SNan Zhou SelectTrie() = default; 132827c4902SNan Zhou 133827c4902SNan Zhou // Inserts a $select value; returns false if the nestedProperty is illegal. 134827c4902SNan Zhou bool insertNode(std::string_view nestedProperty) 135827c4902SNan Zhou { 136827c4902SNan Zhou if (nestedProperty.empty()) 137827c4902SNan Zhou { 138827c4902SNan Zhou return false; 139827c4902SNan Zhou } 140827c4902SNan Zhou SelectTrieNode* currNode = &root; 141827c4902SNan Zhou size_t index = nestedProperty.find_first_of('/'); 142827c4902SNan Zhou while (!nestedProperty.empty()) 143827c4902SNan Zhou { 144827c4902SNan Zhou std::string_view property = nestedProperty.substr(0, index); 145827c4902SNan Zhou if (!isSelectedPropertyAllowed(property)) 146827c4902SNan Zhou { 147827c4902SNan Zhou return false; 148827c4902SNan Zhou } 149827c4902SNan Zhou currNode = currNode->emplace(property); 150827c4902SNan Zhou if (index == std::string::npos) 151827c4902SNan Zhou { 152827c4902SNan Zhou break; 153827c4902SNan Zhou } 154827c4902SNan Zhou nestedProperty.remove_prefix(index + 1); 155827c4902SNan Zhou index = nestedProperty.find_first_of('/'); 156827c4902SNan Zhou } 157827c4902SNan Zhou currNode->setToSelected(); 158827c4902SNan Zhou return true; 159827c4902SNan Zhou } 160827c4902SNan Zhou 161827c4902SNan Zhou SelectTrieNode root; 162827c4902SNan Zhou }; 163827c4902SNan Zhou 164a6b9125fSNan Zhou // The struct stores the parsed query parameters of the default Redfish route. 165f4c99e70SEd Tanous struct Query 166f4c99e70SEd Tanous { 167a6b9125fSNan Zhou // Only 168f4c99e70SEd Tanous bool isOnly = false; 16925991f7dSEd Tanous 170a6b9125fSNan Zhou // Expand 171a6b9125fSNan Zhou uint8_t expandLevel = 0; 1727cf436c9SEd Tanous ExpandType expandType = ExpandType::None; 173c937d2bfSEd Tanous 174c937d2bfSEd Tanous // Skip 1753648c8beSEd Tanous std::optional<size_t> skip = std::nullopt; 176c937d2bfSEd Tanous 177c937d2bfSEd Tanous // Top 1785143f7a5SJiaqing Zhao static constexpr size_t maxTop = 1000; // Max entries a response contain 1793648c8beSEd Tanous std::optional<size_t> top = std::nullopt; 180e155ab54SNan Zhou 18125991f7dSEd Tanous // Filter 18225991f7dSEd Tanous std::optional<filter_ast::LogicalAnd> filter = std::nullopt; 18325991f7dSEd Tanous 184e155ab54SNan Zhou // Select 18547f2934cSEd Tanous // Unclear how to make this use structured initialization without this. 18647f2934cSEd Tanous // Might be a tidy bug? Ignore for now 18747f2934cSEd Tanous // NOLINTNEXTLINE(readability-redundant-member-init) 18847f2934cSEd Tanous SelectTrie selectTrie{}; 189f4c99e70SEd Tanous }; 190f4c99e70SEd Tanous 191a6b9125fSNan Zhou // The struct defines how resource handlers in redfish-core/lib/ can handle 192a6b9125fSNan Zhou // query parameters themselves, so that the default Redfish route will delegate 193a6b9125fSNan Zhou // the processing. 194a6b9125fSNan Zhou struct QueryCapabilities 195a6b9125fSNan Zhou { 196a6b9125fSNan Zhou bool canDelegateOnly = false; 197c937d2bfSEd Tanous bool canDelegateTop = false; 198c937d2bfSEd Tanous bool canDelegateSkip = false; 199a6b9125fSNan Zhou uint8_t canDelegateExpandLevel = 0; 200e155ab54SNan Zhou bool canDelegateSelect = false; 201a6b9125fSNan Zhou }; 202a6b9125fSNan Zhou 203a6b9125fSNan Zhou // Delegates query parameters according to the given |queryCapabilities| 204a6b9125fSNan Zhou // This function doesn't check query parameter conflicts since the parse 205a6b9125fSNan Zhou // function will take care of it. 206a6b9125fSNan Zhou // Returns a delegated query object which can be used by individual resource 207a6b9125fSNan Zhou // handlers so that handlers don't need to query again. 208a6b9125fSNan Zhou inline Query delegate(const QueryCapabilities& queryCapabilities, Query& query) 209a6b9125fSNan Zhou { 210f1a1e3dcSEd Tanous Query delegated{}; 211a6b9125fSNan Zhou // delegate only 212a6b9125fSNan Zhou if (query.isOnly && queryCapabilities.canDelegateOnly) 213a6b9125fSNan Zhou { 214a6b9125fSNan Zhou delegated.isOnly = true; 215a6b9125fSNan Zhou query.isOnly = false; 216a6b9125fSNan Zhou } 217a6b9125fSNan Zhou // delegate expand as much as we can 218a6b9125fSNan Zhou if (query.expandType != ExpandType::None) 219a6b9125fSNan Zhou { 220a6b9125fSNan Zhou delegated.expandType = query.expandType; 221a6b9125fSNan Zhou if (query.expandLevel <= queryCapabilities.canDelegateExpandLevel) 222a6b9125fSNan Zhou { 223a6b9125fSNan Zhou query.expandType = ExpandType::None; 224a6b9125fSNan Zhou delegated.expandLevel = query.expandLevel; 225a6b9125fSNan Zhou query.expandLevel = 0; 226a6b9125fSNan Zhou } 227a6b9125fSNan Zhou else 228a6b9125fSNan Zhou { 229a6b9125fSNan Zhou delegated.expandLevel = queryCapabilities.canDelegateExpandLevel; 230a6b9125fSNan Zhou } 231a6b9125fSNan Zhou } 232c937d2bfSEd Tanous 233c937d2bfSEd Tanous // delegate top 2343648c8beSEd Tanous if (query.top && queryCapabilities.canDelegateTop) 235c937d2bfSEd Tanous { 236c937d2bfSEd Tanous delegated.top = query.top; 2373648c8beSEd Tanous query.top = std::nullopt; 238c937d2bfSEd Tanous } 239c937d2bfSEd Tanous 240c937d2bfSEd Tanous // delegate skip 2413648c8beSEd Tanous if (query.skip && queryCapabilities.canDelegateSkip) 242c937d2bfSEd Tanous { 243c937d2bfSEd Tanous delegated.skip = query.skip; 244c937d2bfSEd Tanous query.skip = 0; 245c937d2bfSEd Tanous } 246e155ab54SNan Zhou 247e155ab54SNan Zhou // delegate select 248827c4902SNan Zhou if (!query.selectTrie.root.empty() && queryCapabilities.canDelegateSelect) 249e155ab54SNan Zhou { 250827c4902SNan Zhou delegated.selectTrie = std::move(query.selectTrie); 251827c4902SNan Zhou query.selectTrie.root.clear(); 252e155ab54SNan Zhou } 253a6b9125fSNan Zhou return delegated; 254a6b9125fSNan Zhou } 255a6b9125fSNan Zhou 2567cf436c9SEd Tanous inline bool getExpandType(std::string_view value, Query& query) 2577cf436c9SEd Tanous { 2587cf436c9SEd Tanous if (value.empty()) 2597cf436c9SEd Tanous { 2607cf436c9SEd Tanous return false; 2617cf436c9SEd Tanous } 2627cf436c9SEd Tanous switch (value[0]) 2637cf436c9SEd Tanous { 2647cf436c9SEd Tanous case '*': 2657cf436c9SEd Tanous query.expandType = ExpandType::Both; 2667cf436c9SEd Tanous break; 2677cf436c9SEd Tanous case '.': 2687cf436c9SEd Tanous query.expandType = ExpandType::NotLinks; 2697cf436c9SEd Tanous break; 2707cf436c9SEd Tanous case '~': 2717cf436c9SEd Tanous query.expandType = ExpandType::Links; 2727cf436c9SEd Tanous break; 2737cf436c9SEd Tanous default: 2747cf436c9SEd Tanous return false; 2757cf436c9SEd Tanous } 2767cf436c9SEd Tanous value.remove_prefix(1); 2777cf436c9SEd Tanous if (value.empty()) 2787cf436c9SEd Tanous { 2797cf436c9SEd Tanous query.expandLevel = 1; 2807cf436c9SEd Tanous return true; 2817cf436c9SEd Tanous } 2827cf436c9SEd Tanous constexpr std::string_view levels = "($levels="; 2837cf436c9SEd Tanous if (!value.starts_with(levels)) 2847cf436c9SEd Tanous { 2857cf436c9SEd Tanous return false; 2867cf436c9SEd Tanous } 2877cf436c9SEd Tanous value.remove_prefix(levels.size()); 2887cf436c9SEd Tanous 2892bd4ab43SPatrick Williams auto it = std::from_chars(value.begin(), value.end(), query.expandLevel); 2907cf436c9SEd Tanous if (it.ec != std::errc()) 2917cf436c9SEd Tanous { 2927cf436c9SEd Tanous return false; 2937cf436c9SEd Tanous } 2942bd4ab43SPatrick Williams value.remove_prefix( 2952bd4ab43SPatrick Williams static_cast<size_t>(std::distance(value.begin(), it.ptr))); 2967cf436c9SEd Tanous return value == ")"; 2977cf436c9SEd Tanous } 2987cf436c9SEd Tanous 299c937d2bfSEd Tanous enum class QueryError 300c937d2bfSEd Tanous { 301c937d2bfSEd Tanous Ok, 302c937d2bfSEd Tanous OutOfRange, 303c937d2bfSEd Tanous ValueFormat, 304c937d2bfSEd Tanous }; 305c937d2bfSEd Tanous 306c937d2bfSEd Tanous inline QueryError getNumericParam(std::string_view value, size_t& param) 307c937d2bfSEd Tanous { 308bd79bce8SPatrick Williams std::from_chars_result r = 309bd79bce8SPatrick Williams std::from_chars(value.begin(), value.end(), param); 310c937d2bfSEd Tanous 311c937d2bfSEd Tanous // If the number wasn't representable in the type, it's out of range 312c937d2bfSEd Tanous if (r.ec == std::errc::result_out_of_range) 313c937d2bfSEd Tanous { 314c937d2bfSEd Tanous return QueryError::OutOfRange; 315c937d2bfSEd Tanous } 316c937d2bfSEd Tanous // All other errors are value format 317c937d2bfSEd Tanous if (r.ec != std::errc()) 318c937d2bfSEd Tanous { 319c937d2bfSEd Tanous return QueryError::ValueFormat; 320c937d2bfSEd Tanous } 321c937d2bfSEd Tanous return QueryError::Ok; 322c937d2bfSEd Tanous } 323c937d2bfSEd Tanous 324c937d2bfSEd Tanous inline QueryError getSkipParam(std::string_view value, Query& query) 325c937d2bfSEd Tanous { 3263648c8beSEd Tanous return getNumericParam(value, query.skip.emplace()); 327c937d2bfSEd Tanous } 328c937d2bfSEd Tanous 329c937d2bfSEd Tanous inline QueryError getTopParam(std::string_view value, Query& query) 330c937d2bfSEd Tanous { 3313648c8beSEd Tanous QueryError ret = getNumericParam(value, query.top.emplace()); 332c937d2bfSEd Tanous if (ret != QueryError::Ok) 333c937d2bfSEd Tanous { 334c937d2bfSEd Tanous return ret; 335c937d2bfSEd Tanous } 336c937d2bfSEd Tanous 337c937d2bfSEd Tanous // Range check for sanity. 3385143f7a5SJiaqing Zhao if (query.top > Query::maxTop) 339c937d2bfSEd Tanous { 340c937d2bfSEd Tanous return QueryError::OutOfRange; 341c937d2bfSEd Tanous } 342c937d2bfSEd Tanous 343c937d2bfSEd Tanous return QueryError::Ok; 344c937d2bfSEd Tanous } 345c937d2bfSEd Tanous 346e155ab54SNan Zhou // Parses and validates the $select parameter. 347e155ab54SNan Zhou // As per OData URL Conventions and Redfish Spec, the $select values shall be 348e155ab54SNan Zhou // comma separated Resource Path 349e155ab54SNan Zhou // Ref: 350e155ab54SNan Zhou // 1. https://datatracker.ietf.org/doc/html/rfc3986#section-3.3 351e155ab54SNan Zhou // 2. 352e155ab54SNan Zhou // https://docs.oasis-open.org/odata/odata/v4.01/os/abnf/odata-abnf-construction-rules.txt 353e155ab54SNan Zhou inline bool getSelectParam(std::string_view value, Query& query) 354e155ab54SNan Zhou { 355e155ab54SNan Zhou std::vector<std::string> properties; 35650ebd4afSEd Tanous bmcweb::split(properties, value, ','); 357e155ab54SNan Zhou if (properties.empty()) 358e155ab54SNan Zhou { 359e155ab54SNan Zhou return false; 360e155ab54SNan Zhou } 361e155ab54SNan Zhou // These a magic number, but with it it's less likely that this code 362e155ab54SNan Zhou // introduces CVE; e.g., too large properties crash the service. 363e155ab54SNan Zhou constexpr int maxNumProperties = 10; 364e155ab54SNan Zhou if (properties.size() > maxNumProperties) 365e155ab54SNan Zhou { 366e155ab54SNan Zhou return false; 367e155ab54SNan Zhou } 368827c4902SNan Zhou for (const auto& property : properties) 369e155ab54SNan Zhou { 370827c4902SNan Zhou if (!query.selectTrie.insertNode(property)) 371e155ab54SNan Zhou { 372e155ab54SNan Zhou return false; 373e155ab54SNan Zhou } 374e155ab54SNan Zhou } 375e155ab54SNan Zhou return true; 376e155ab54SNan Zhou } 377e155ab54SNan Zhou 37825991f7dSEd Tanous // Parses and validates the $filter parameter. 37925991f7dSEd Tanous inline bool getFilterParam(std::string_view value, Query& query) 38025991f7dSEd Tanous { 38125991f7dSEd Tanous query.filter = parseFilter(value); 38225991f7dSEd Tanous return query.filter.has_value(); 38325991f7dSEd Tanous } 38425991f7dSEd Tanous 385bd79bce8SPatrick Williams inline std::optional<Query> 386bd79bce8SPatrick Williams parseParameters(boost::urls::params_view urlParams, crow::Response& res) 387f4c99e70SEd Tanous { 388f1a1e3dcSEd Tanous Query ret{}; 389f4c99e70SEd Tanous for (const boost::urls::params_view::value_type& it : urlParams) 390f4c99e70SEd Tanous { 391079360aeSEd Tanous if (it.key == "only") 392f4c99e70SEd Tanous { 393f4c99e70SEd Tanous if (!it.value.empty()) 394f4c99e70SEd Tanous { 395079360aeSEd Tanous messages::queryParameterValueFormatError(res, it.value, it.key); 396f4c99e70SEd Tanous return std::nullopt; 397f4c99e70SEd Tanous } 398f4c99e70SEd Tanous ret.isOnly = true; 399f4c99e70SEd Tanous } 40025b54dbaSEd Tanous else if (it.key == "$expand" && BMCWEB_INSECURE_ENABLE_REDFISH_QUERY) 4017cf436c9SEd Tanous { 402079360aeSEd Tanous if (!getExpandType(it.value, ret)) 4037cf436c9SEd Tanous { 404079360aeSEd Tanous messages::queryParameterValueFormatError(res, it.value, it.key); 4057cf436c9SEd Tanous return std::nullopt; 406f4c99e70SEd Tanous } 4077cf436c9SEd Tanous } 408079360aeSEd Tanous else if (it.key == "$top") 409c937d2bfSEd Tanous { 410079360aeSEd Tanous QueryError topRet = getTopParam(it.value, ret); 411c937d2bfSEd Tanous if (topRet == QueryError::ValueFormat) 412c937d2bfSEd Tanous { 413079360aeSEd Tanous messages::queryParameterValueFormatError(res, it.value, it.key); 414c937d2bfSEd Tanous return std::nullopt; 415c937d2bfSEd Tanous } 416c937d2bfSEd Tanous if (topRet == QueryError::OutOfRange) 417c937d2bfSEd Tanous { 418c937d2bfSEd Tanous messages::queryParameterOutOfRange( 419079360aeSEd Tanous res, it.value, "$top", 420079360aeSEd Tanous "0-" + std::to_string(Query::maxTop)); 421c937d2bfSEd Tanous return std::nullopt; 422c937d2bfSEd Tanous } 423c937d2bfSEd Tanous } 424079360aeSEd Tanous else if (it.key == "$skip") 425c937d2bfSEd Tanous { 426079360aeSEd Tanous QueryError topRet = getSkipParam(it.value, ret); 427c937d2bfSEd Tanous if (topRet == QueryError::ValueFormat) 428c937d2bfSEd Tanous { 429079360aeSEd Tanous messages::queryParameterValueFormatError(res, it.value, it.key); 430c937d2bfSEd Tanous return std::nullopt; 431c937d2bfSEd Tanous } 432c937d2bfSEd Tanous if (topRet == QueryError::OutOfRange) 433c937d2bfSEd Tanous { 434c937d2bfSEd Tanous messages::queryParameterOutOfRange( 435079360aeSEd Tanous res, it.value, it.key, 436a926c53eSJiaqing Zhao "0-" + std::to_string(std::numeric_limits<size_t>::max())); 437c937d2bfSEd Tanous return std::nullopt; 438c937d2bfSEd Tanous } 439c937d2bfSEd Tanous } 440079360aeSEd Tanous else if (it.key == "$select") 441e155ab54SNan Zhou { 442079360aeSEd Tanous if (!getSelectParam(it.value, ret)) 443e155ab54SNan Zhou { 444079360aeSEd Tanous messages::queryParameterValueFormatError(res, it.value, it.key); 445e155ab54SNan Zhou return std::nullopt; 446e155ab54SNan Zhou } 447e155ab54SNan Zhou } 44825991f7dSEd Tanous else if (it.key == "$filter" && BMCWEB_INSECURE_ENABLE_REDFISH_QUERY) 44925991f7dSEd Tanous { 45025991f7dSEd Tanous if (!getFilterParam(it.value, ret)) 45125991f7dSEd Tanous { 45225991f7dSEd Tanous messages::queryParameterValueFormatError(res, it.value, it.key); 45325991f7dSEd Tanous return std::nullopt; 45425991f7dSEd Tanous } 45525991f7dSEd Tanous } 4567cf436c9SEd Tanous else 4577cf436c9SEd Tanous { 4587cf436c9SEd Tanous // Intentionally ignore other errors Redfish spec, 7.3.1 459079360aeSEd Tanous if (it.key.starts_with("$")) 4607cf436c9SEd Tanous { 4617cf436c9SEd Tanous // Services shall return... The HTTP 501 Not Implemented 4627cf436c9SEd Tanous // status code for any unsupported query parameters that 4637cf436c9SEd Tanous // start with $ . 464079360aeSEd Tanous messages::queryParameterValueFormatError(res, it.value, it.key); 4657cf436c9SEd Tanous res.result(boost::beast::http::status::not_implemented); 4667cf436c9SEd Tanous return std::nullopt; 4677cf436c9SEd Tanous } 4687cf436c9SEd Tanous // "Shall ignore unknown or unsupported query parameters that do 4697cf436c9SEd Tanous // not begin with $ ." 4707cf436c9SEd Tanous } 4717cf436c9SEd Tanous } 4727cf436c9SEd Tanous 473827c4902SNan Zhou if (ret.expandType != ExpandType::None && !ret.selectTrie.root.empty()) 474e155ab54SNan Zhou { 475e155ab54SNan Zhou messages::queryCombinationInvalid(res); 476e155ab54SNan Zhou return std::nullopt; 477e155ab54SNan Zhou } 478e155ab54SNan Zhou 479f4c99e70SEd Tanous return ret; 480f4c99e70SEd Tanous } 481f4c99e70SEd Tanous 482f4c99e70SEd Tanous inline bool processOnly(crow::App& app, crow::Response& res, 483f4c99e70SEd Tanous std::function<void(crow::Response&)>& completionHandler) 484f4c99e70SEd Tanous { 48562598e31SEd Tanous BMCWEB_LOG_DEBUG("Processing only query param"); 486f4c99e70SEd Tanous auto itMembers = res.jsonValue.find("Members"); 487f4c99e70SEd Tanous if (itMembers == res.jsonValue.end()) 488f4c99e70SEd Tanous { 489f4c99e70SEd Tanous messages::queryNotSupportedOnResource(res); 490f4c99e70SEd Tanous completionHandler(res); 491f4c99e70SEd Tanous return false; 492f4c99e70SEd Tanous } 493f4c99e70SEd Tanous auto itMemBegin = itMembers->begin(); 494f4c99e70SEd Tanous if (itMemBegin == itMembers->end() || itMembers->size() != 1) 495f4c99e70SEd Tanous { 49662598e31SEd Tanous BMCWEB_LOG_DEBUG( 49762598e31SEd Tanous "Members contains {} element, returning full collection.", 49862598e31SEd Tanous itMembers->size()); 499f4c99e70SEd Tanous completionHandler(res); 500f4c99e70SEd Tanous return false; 501f4c99e70SEd Tanous } 502f4c99e70SEd Tanous 503f4c99e70SEd Tanous auto itUrl = itMemBegin->find("@odata.id"); 504f4c99e70SEd Tanous if (itUrl == itMemBegin->end()) 505f4c99e70SEd Tanous { 50662598e31SEd Tanous BMCWEB_LOG_DEBUG("No found odata.id"); 507f4c99e70SEd Tanous messages::internalError(res); 508f4c99e70SEd Tanous completionHandler(res); 509f4c99e70SEd Tanous return false; 510f4c99e70SEd Tanous } 511f4c99e70SEd Tanous const std::string* url = itUrl->get_ptr<const std::string*>(); 512f4c99e70SEd Tanous if (url == nullptr) 513f4c99e70SEd Tanous { 51462598e31SEd Tanous BMCWEB_LOG_DEBUG("@odata.id wasn't a string????"); 515f4c99e70SEd Tanous messages::internalError(res); 516f4c99e70SEd Tanous completionHandler(res); 517f4c99e70SEd Tanous return false; 518f4c99e70SEd Tanous } 519f4c99e70SEd Tanous // TODO(Ed) copy request headers? 520f4c99e70SEd Tanous // newReq.session = req.session; 521f4c99e70SEd Tanous std::error_code ec; 522102a4cdaSJonathan Doman auto newReq = std::make_shared<crow::Request>( 523102a4cdaSJonathan Doman crow::Request::Body{boost::beast::http::verb::get, *url, 11}, ec); 524f4c99e70SEd Tanous if (ec) 525f4c99e70SEd Tanous { 526f4c99e70SEd Tanous messages::internalError(res); 527f4c99e70SEd Tanous completionHandler(res); 528f4c99e70SEd Tanous return false; 529f4c99e70SEd Tanous } 530f4c99e70SEd Tanous 531f4c99e70SEd Tanous auto asyncResp = std::make_shared<bmcweb::AsyncResp>(); 53262598e31SEd Tanous BMCWEB_LOG_DEBUG("setting completion handler on {}", 53362598e31SEd Tanous logPtr(&asyncResp->res)); 534f4c99e70SEd Tanous asyncResp->res.setCompleteRequestHandler(std::move(completionHandler)); 535f4c99e70SEd Tanous app.handle(newReq, asyncResp); 536f4c99e70SEd Tanous return true; 537f4c99e70SEd Tanous } 538f4c99e70SEd Tanous 5397cf436c9SEd Tanous struct ExpandNode 5407cf436c9SEd Tanous { 5417cf436c9SEd Tanous nlohmann::json::json_pointer location; 5427cf436c9SEd Tanous std::string uri; 5437cf436c9SEd Tanous 5449de65b34SEd Tanous bool operator==(const ExpandNode& other) const 5457cf436c9SEd Tanous { 5467cf436c9SEd Tanous return location == other.location && uri == other.uri; 5477cf436c9SEd Tanous } 5487cf436c9SEd Tanous }; 5497cf436c9SEd Tanous 55087788abfSEd Tanous inline void findNavigationReferencesInArrayRecursive( 551c59e338cSEd Tanous ExpandType eType, nlohmann::json::array_t& array, 55237b1f7beSEd Tanous const nlohmann::json::json_pointer& jsonPtr, int depth, int skipDepth, 55387788abfSEd Tanous bool inLinks, std::vector<ExpandNode>& out); 55487788abfSEd Tanous 55587788abfSEd Tanous inline void findNavigationReferencesInObjectRecursive( 556c59e338cSEd Tanous ExpandType eType, nlohmann::json::object_t& obj, 55737b1f7beSEd Tanous const nlohmann::json::json_pointer& jsonPtr, int depth, int skipDepth, 55887788abfSEd Tanous bool inLinks, std::vector<ExpandNode>& out); 55987788abfSEd Tanous 5607cf436c9SEd Tanous // Walks a json object looking for Redfish NavigationReference entries that 5617cf436c9SEd Tanous // might need resolved. It recursively walks the jsonResponse object, looking 5627cf436c9SEd Tanous // for links at every level, and returns a list (out) of locations within the 5637cf436c9SEd Tanous // tree that need to be expanded. The current json pointer location p is passed 5647cf436c9SEd Tanous // in to reference the current node that's being expanded, so it can be combined 5657cf436c9SEd Tanous // with the keys from the jsonResponse object 5667cf436c9SEd Tanous inline void findNavigationReferencesRecursive( 5677cf436c9SEd Tanous ExpandType eType, nlohmann::json& jsonResponse, 56837b1f7beSEd Tanous const nlohmann::json::json_pointer& jsonPtr, int depth, int skipDepth, 56932cdb4a7SWilly Tu bool inLinks, std::vector<ExpandNode>& out) 5707cf436c9SEd Tanous { 5717cf436c9SEd Tanous // If no expand is needed, return early 5727cf436c9SEd Tanous if (eType == ExpandType::None) 5737cf436c9SEd Tanous { 5747cf436c9SEd Tanous return; 5757cf436c9SEd Tanous } 576ad595fa6SEd Tanous 5777cf436c9SEd Tanous nlohmann::json::array_t* array = 5787cf436c9SEd Tanous jsonResponse.get_ptr<nlohmann::json::array_t*>(); 5797cf436c9SEd Tanous if (array != nullptr) 5807cf436c9SEd Tanous { 58137b1f7beSEd Tanous findNavigationReferencesInArrayRecursive(eType, *array, jsonPtr, depth, 58287788abfSEd Tanous skipDepth, inLinks, out); 58387788abfSEd Tanous } 58487788abfSEd Tanous nlohmann::json::object_t* obj = 58587788abfSEd Tanous jsonResponse.get_ptr<nlohmann::json::object_t*>(); 58687788abfSEd Tanous if (obj == nullptr) 58787788abfSEd Tanous { 58887788abfSEd Tanous return; 58987788abfSEd Tanous } 59037b1f7beSEd Tanous findNavigationReferencesInObjectRecursive(eType, *obj, jsonPtr, depth, 59137b1f7beSEd Tanous skipDepth, inLinks, out); 59287788abfSEd Tanous } 59387788abfSEd Tanous 59487788abfSEd Tanous inline void findNavigationReferencesInArrayRecursive( 595c59e338cSEd Tanous ExpandType eType, nlohmann::json::array_t& array, 59637b1f7beSEd Tanous const nlohmann::json::json_pointer& jsonPtr, int depth, int skipDepth, 59787788abfSEd Tanous bool inLinks, std::vector<ExpandNode>& out) 59887788abfSEd Tanous { 5997cf436c9SEd Tanous size_t index = 0; 6007cf436c9SEd Tanous // For arrays, walk every element in the array 601c59e338cSEd Tanous for (auto& element : array) 6027cf436c9SEd Tanous { 60337b1f7beSEd Tanous nlohmann::json::json_pointer newPtr = jsonPtr / index; 60462598e31SEd Tanous BMCWEB_LOG_DEBUG("Traversing response at {}", newPtr.to_string()); 605ad595fa6SEd Tanous findNavigationReferencesRecursive(eType, element, newPtr, depth, 60632cdb4a7SWilly Tu skipDepth, inLinks, out); 6077cf436c9SEd Tanous index++; 6087cf436c9SEd Tanous } 6097cf436c9SEd Tanous } 61087788abfSEd Tanous 61187788abfSEd Tanous inline void findNavigationReferencesInObjectRecursive( 612c59e338cSEd Tanous ExpandType eType, nlohmann::json::object_t& obj, 61337b1f7beSEd Tanous const nlohmann::json::json_pointer& jsonPtr, int depth, int skipDepth, 61487788abfSEd Tanous bool inLinks, std::vector<ExpandNode>& out) 6157cf436c9SEd Tanous { 6167cf436c9SEd Tanous // Navigation References only ever have a single element 617c59e338cSEd Tanous if (obj.size() == 1) 6187cf436c9SEd Tanous { 619c59e338cSEd Tanous if (obj.begin()->first == "@odata.id") 6207cf436c9SEd Tanous { 6217cf436c9SEd Tanous const std::string* uri = 622c59e338cSEd Tanous obj.begin()->second.get_ptr<const std::string*>(); 6237cf436c9SEd Tanous if (uri != nullptr) 6247cf436c9SEd Tanous { 62562598e31SEd Tanous BMCWEB_LOG_DEBUG("Found {} at {}", *uri, jsonPtr.to_string()); 62632cdb4a7SWilly Tu if (skipDepth == 0) 62732cdb4a7SWilly Tu { 62837b1f7beSEd Tanous out.push_back({jsonPtr, *uri}); 62932cdb4a7SWilly Tu } 630ad595fa6SEd Tanous return; 6317cf436c9SEd Tanous } 6327cf436c9SEd Tanous } 6337cf436c9SEd Tanous } 634ad595fa6SEd Tanous 635ad595fa6SEd Tanous int newDepth = depth; 636c59e338cSEd Tanous auto odataId = obj.find("@odata.id"); 637c59e338cSEd Tanous if (odataId != obj.end()) 638ad595fa6SEd Tanous { 639ad595fa6SEd Tanous // The Redfish spec requires all resources to include the resource 640ad595fa6SEd Tanous // identifier. If the object has multiple elements and one of them is 641ad595fa6SEd Tanous // "@odata.id" then that means we have entered a new level / expanded 642ad595fa6SEd Tanous // resource. We need to stop traversing if we're already at the desired 643ad595fa6SEd Tanous // depth 644c59e338cSEd Tanous if (obj.size() > 1) 64532cdb4a7SWilly Tu { 64632cdb4a7SWilly Tu if (depth == 0) 647ad595fa6SEd Tanous { 648ad595fa6SEd Tanous return; 649ad595fa6SEd Tanous } 65032cdb4a7SWilly Tu if (skipDepth > 0) 65132cdb4a7SWilly Tu { 65232cdb4a7SWilly Tu skipDepth--; 65332cdb4a7SWilly Tu } 65432cdb4a7SWilly Tu } 65532cdb4a7SWilly Tu 65632cdb4a7SWilly Tu if (skipDepth == 0) 65732cdb4a7SWilly Tu { 658ad595fa6SEd Tanous newDepth--; 659ad595fa6SEd Tanous } 66032cdb4a7SWilly Tu } 661ad595fa6SEd Tanous 6627cf436c9SEd Tanous // Loop the object and look for links 663c59e338cSEd Tanous for (auto& element : obj) 6647cf436c9SEd Tanous { 665e479ad58SNan Zhou bool localInLinks = inLinks; 666e479ad58SNan Zhou if (!localInLinks) 6677cf436c9SEd Tanous { 6687cf436c9SEd Tanous // Check if this is a links node 669e479ad58SNan Zhou localInLinks = element.first == "Links"; 6707cf436c9SEd Tanous } 6717cf436c9SEd Tanous // Only traverse the parts of the tree the user asked for 6727cf436c9SEd Tanous // Per section 7.3 of the redfish specification 673e479ad58SNan Zhou if (localInLinks && eType == ExpandType::NotLinks) 6747cf436c9SEd Tanous { 6757cf436c9SEd Tanous continue; 6767cf436c9SEd Tanous } 677e479ad58SNan Zhou if (!localInLinks && eType == ExpandType::Links) 6787cf436c9SEd Tanous { 6797cf436c9SEd Tanous continue; 6807cf436c9SEd Tanous } 68137b1f7beSEd Tanous nlohmann::json::json_pointer newPtr = jsonPtr / element.first; 68262598e31SEd Tanous BMCWEB_LOG_DEBUG("Traversing response at {}", newPtr); 6837cf436c9SEd Tanous 6847cf436c9SEd Tanous findNavigationReferencesRecursive(eType, element.second, newPtr, 68532cdb4a7SWilly Tu newDepth, skipDepth, localInLinks, 68632cdb4a7SWilly Tu out); 6877cf436c9SEd Tanous } 6887cf436c9SEd Tanous } 6897cf436c9SEd Tanous 690ad595fa6SEd Tanous // TODO: When aggregation is enabled and we receive a partially expanded 691ad595fa6SEd Tanous // response we may need need additional handling when the original URI was 692ad595fa6SEd Tanous // up tree from a top level collection. 693ad595fa6SEd Tanous // Isn't a concern until https://gerrit.openbmc.org/c/openbmc/bmcweb/+/60556 694ad595fa6SEd Tanous // lands. May want to avoid forwarding query params when request is uptree from 695ad595fa6SEd Tanous // a top level collection. 696bd79bce8SPatrick Williams inline std::vector<ExpandNode> findNavigationReferences( 697bd79bce8SPatrick Williams ExpandType eType, int depth, int skipDepth, nlohmann::json& jsonResponse) 6987cf436c9SEd Tanous { 6997cf436c9SEd Tanous std::vector<ExpandNode> ret; 70072c3ae33SNan Zhou const nlohmann::json::json_pointer root = nlohmann::json::json_pointer(""); 70132cdb4a7SWilly Tu // SkipDepth +1 since we are skipping the root by default. 70232cdb4a7SWilly Tu findNavigationReferencesRecursive(eType, jsonResponse, root, depth, 70332cdb4a7SWilly Tu skipDepth + 1, false, ret); 7047cf436c9SEd Tanous return ret; 7057cf436c9SEd Tanous } 7067cf436c9SEd Tanous 70772c3ae33SNan Zhou // Formats a query parameter string for the sub-query. 708b66cf2a2SNan Zhou // Returns std::nullopt on failures. 70972c3ae33SNan Zhou // This function shall handle $select when it is added. 7108ece0e45SEd Tanous // There is no need to handle parameters that's not compatible with $expand, 71172c3ae33SNan Zhou // e.g., $only, since this function will only be called in side $expand handlers 712b66cf2a2SNan Zhou inline std::optional<std::string> formatQueryForExpand(const Query& query) 71372c3ae33SNan Zhou { 71472c3ae33SNan Zhou // query.expandLevel<=1: no need to do subqueries 71572c3ae33SNan Zhou if (query.expandLevel <= 1) 71672c3ae33SNan Zhou { 717b66cf2a2SNan Zhou return ""; 71872c3ae33SNan Zhou } 71972c3ae33SNan Zhou std::string str = "?$expand="; 72072c3ae33SNan Zhou switch (query.expandType) 72172c3ae33SNan Zhou { 72272c3ae33SNan Zhou case ExpandType::Links: 72372c3ae33SNan Zhou str += '~'; 72472c3ae33SNan Zhou break; 72572c3ae33SNan Zhou case ExpandType::NotLinks: 72672c3ae33SNan Zhou str += '.'; 72772c3ae33SNan Zhou break; 72872c3ae33SNan Zhou case ExpandType::Both: 72972c3ae33SNan Zhou str += '*'; 73072c3ae33SNan Zhou break; 731f1a1e3dcSEd Tanous case ExpandType::None: 732f1a1e3dcSEd Tanous return ""; 7334da0490bSEd Tanous default: 7344da0490bSEd Tanous return std::nullopt; 735b66cf2a2SNan Zhou } 73672c3ae33SNan Zhou str += "($levels="; 73772c3ae33SNan Zhou str += std::to_string(query.expandLevel - 1); 73872c3ae33SNan Zhou str += ')'; 73972c3ae33SNan Zhou return str; 74072c3ae33SNan Zhou } 74172c3ae33SNan Zhou 7427cf436c9SEd Tanous class MultiAsyncResp : public std::enable_shared_from_this<MultiAsyncResp> 7437cf436c9SEd Tanous { 7447cf436c9SEd Tanous public: 7457cf436c9SEd Tanous // This object takes a single asyncResp object as the "final" one, then 7467cf436c9SEd Tanous // allows callers to attach sub-responses within the json tree that need 7477cf436c9SEd Tanous // to be executed and filled into their appropriate locations. This 7487cf436c9SEd Tanous // class manages the final "merge" of the json resources. 7498a592810SEd Tanous MultiAsyncResp(crow::App& appIn, 7507cf436c9SEd Tanous std::shared_ptr<bmcweb::AsyncResp> finalResIn) : 751bd79bce8SPatrick Williams app(appIn), finalRes(std::move(finalResIn)) 7527cf436c9SEd Tanous {} 7537cf436c9SEd Tanous 7547cf436c9SEd Tanous void addAwaitingResponse( 75502cad96eSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& res, 7567cf436c9SEd Tanous const nlohmann::json::json_pointer& finalExpandLocation) 7577cf436c9SEd Tanous { 7587cf436c9SEd Tanous res->res.setCompleteRequestHandler(std::bind_front( 75972c3ae33SNan Zhou placeResultStatic, shared_from_this(), finalExpandLocation)); 7607cf436c9SEd Tanous } 7617cf436c9SEd Tanous 76272c3ae33SNan Zhou void placeResult(const nlohmann::json::json_pointer& locationToPlace, 7637cf436c9SEd Tanous crow::Response& res) 7647cf436c9SEd Tanous { 76562598e31SEd Tanous BMCWEB_LOG_DEBUG("placeResult for {}", locationToPlace); 7663590bd1dSNan Zhou propogateError(finalRes->res, res); 7673590bd1dSNan Zhou if (!res.jsonValue.is_object() || res.jsonValue.empty()) 7683590bd1dSNan Zhou { 7693590bd1dSNan Zhou return; 7703590bd1dSNan Zhou } 7717cf436c9SEd Tanous nlohmann::json& finalObj = finalRes->res.jsonValue[locationToPlace]; 7727cf436c9SEd Tanous finalObj = std::move(res.jsonValue); 7737cf436c9SEd Tanous } 7747cf436c9SEd Tanous 77572c3ae33SNan Zhou // Handles the very first level of Expand, and starts a chain of sub-queries 77672c3ae33SNan Zhou // for deeper levels. 77732cdb4a7SWilly Tu void startQuery(const Query& query, const Query& delegated) 77872c3ae33SNan Zhou { 779ad595fa6SEd Tanous std::vector<ExpandNode> nodes = findNavigationReferences( 78032cdb4a7SWilly Tu query.expandType, query.expandLevel, delegated.expandLevel, 78132cdb4a7SWilly Tu finalRes->res.jsonValue); 78262598e31SEd Tanous BMCWEB_LOG_DEBUG("{} nodes to traverse", nodes.size()); 783b66cf2a2SNan Zhou const std::optional<std::string> queryStr = formatQueryForExpand(query); 784b66cf2a2SNan Zhou if (!queryStr) 785b66cf2a2SNan Zhou { 786b66cf2a2SNan Zhou messages::internalError(finalRes->res); 787b66cf2a2SNan Zhou return; 788b66cf2a2SNan Zhou } 7897cf436c9SEd Tanous for (const ExpandNode& node : nodes) 7907cf436c9SEd Tanous { 791b66cf2a2SNan Zhou const std::string subQuery = node.uri + *queryStr; 79262598e31SEd Tanous BMCWEB_LOG_DEBUG("URL of subquery: {}", subQuery); 7937cf436c9SEd Tanous std::error_code ec; 794102a4cdaSJonathan Doman auto newReq = std::make_shared<crow::Request>( 795102a4cdaSJonathan Doman crow::Request::Body{boost::beast::http::verb::get, subQuery, 796102a4cdaSJonathan Doman 11}, 7977cf436c9SEd Tanous ec); 7987cf436c9SEd Tanous if (ec) 7997cf436c9SEd Tanous { 80072c3ae33SNan Zhou messages::internalError(finalRes->res); 8017cf436c9SEd Tanous return; 8027cf436c9SEd Tanous } 8037cf436c9SEd Tanous 8047cf436c9SEd Tanous auto asyncResp = std::make_shared<bmcweb::AsyncResp>(); 80562598e31SEd Tanous BMCWEB_LOG_DEBUG("setting completion handler on {}", 80662598e31SEd Tanous logPtr(&asyncResp->res)); 80772c3ae33SNan Zhou 80872c3ae33SNan Zhou addAwaitingResponse(asyncResp, node.location); 8097cf436c9SEd Tanous app.handle(newReq, asyncResp); 8107cf436c9SEd Tanous } 8117cf436c9SEd Tanous } 8127cf436c9SEd Tanous 8137cf436c9SEd Tanous private: 81472c3ae33SNan Zhou static void 81572c3ae33SNan Zhou placeResultStatic(const std::shared_ptr<MultiAsyncResp>& multi, 8167cf436c9SEd Tanous const nlohmann::json::json_pointer& locationToPlace, 8177cf436c9SEd Tanous crow::Response& res) 8187cf436c9SEd Tanous { 81972c3ae33SNan Zhou multi->placeResult(locationToPlace, res); 8207cf436c9SEd Tanous } 8217cf436c9SEd Tanous 8227cf436c9SEd Tanous crow::App& app; 8237cf436c9SEd Tanous std::shared_ptr<bmcweb::AsyncResp> finalRes; 8247cf436c9SEd Tanous }; 8257cf436c9SEd Tanous 8262a68dc80SEd Tanous inline void processTopAndSkip(const Query& query, crow::Response& res) 8272a68dc80SEd Tanous { 8283648c8beSEd Tanous if (!query.skip && !query.top) 8293648c8beSEd Tanous { 8303648c8beSEd Tanous // No work to do. 8313648c8beSEd Tanous return; 8323648c8beSEd Tanous } 8332a68dc80SEd Tanous nlohmann::json::object_t* obj = 8342a68dc80SEd Tanous res.jsonValue.get_ptr<nlohmann::json::object_t*>(); 8352a68dc80SEd Tanous if (obj == nullptr) 8362a68dc80SEd Tanous { 8372a68dc80SEd Tanous // Shouldn't be possible. All responses should be objects. 8382a68dc80SEd Tanous messages::internalError(res); 8392a68dc80SEd Tanous return; 8402a68dc80SEd Tanous } 8412a68dc80SEd Tanous 84262598e31SEd Tanous BMCWEB_LOG_DEBUG("Handling top/skip"); 8432a68dc80SEd Tanous nlohmann::json::object_t::iterator members = obj->find("Members"); 8442a68dc80SEd Tanous if (members == obj->end()) 8452a68dc80SEd Tanous { 8462a68dc80SEd Tanous // From the Redfish specification 7.3.1 8472a68dc80SEd Tanous // ... the HTTP 400 Bad Request status code with the 8482a68dc80SEd Tanous // QueryNotSupportedOnResource message from the Base Message Registry 8492a68dc80SEd Tanous // for any supported query parameters that apply only to resource 8502a68dc80SEd Tanous // collections but are used on singular resources. 8512a68dc80SEd Tanous messages::queryNotSupportedOnResource(res); 8522a68dc80SEd Tanous return; 8532a68dc80SEd Tanous } 8542a68dc80SEd Tanous 8552a68dc80SEd Tanous nlohmann::json::array_t* arr = 8562a68dc80SEd Tanous members->second.get_ptr<nlohmann::json::array_t*>(); 8572a68dc80SEd Tanous if (arr == nullptr) 8582a68dc80SEd Tanous { 8592a68dc80SEd Tanous messages::internalError(res); 8602a68dc80SEd Tanous return; 8612a68dc80SEd Tanous } 8622a68dc80SEd Tanous 8633648c8beSEd Tanous if (query.skip) 8643648c8beSEd Tanous { 8653648c8beSEd Tanous // Per section 7.3.1 of the Redfish specification, $skip is run before 8663648c8beSEd Tanous // $top Can only skip as many values as we have 8673648c8beSEd Tanous size_t skip = std::min(arr->size(), *query.skip); 8682a68dc80SEd Tanous arr->erase(arr->begin(), arr->begin() + static_cast<ssize_t>(skip)); 8693648c8beSEd Tanous } 8703648c8beSEd Tanous if (query.top) 8713648c8beSEd Tanous { 8723648c8beSEd Tanous size_t top = std::min(arr->size(), *query.top); 8732a68dc80SEd Tanous arr->erase(arr->begin() + static_cast<ssize_t>(top), arr->end()); 8742a68dc80SEd Tanous } 8753648c8beSEd Tanous } 8762a68dc80SEd Tanous 877827c4902SNan Zhou // Given a JSON subtree |currRoot|, this function erases leaves whose keys are 878827c4902SNan Zhou // not in the |currNode| Trie node. 879827c4902SNan Zhou inline void recursiveSelect(nlohmann::json& currRoot, 880827c4902SNan Zhou const SelectTrieNode& currNode) 881e155ab54SNan Zhou { 882e155ab54SNan Zhou nlohmann::json::object_t* object = 883e155ab54SNan Zhou currRoot.get_ptr<nlohmann::json::object_t*>(); 884e155ab54SNan Zhou if (object != nullptr) 885e155ab54SNan Zhou { 88662598e31SEd Tanous BMCWEB_LOG_DEBUG("Current JSON is an object"); 887e155ab54SNan Zhou auto it = currRoot.begin(); 888e155ab54SNan Zhou while (it != currRoot.end()) 889e155ab54SNan Zhou { 890e155ab54SNan Zhou auto nextIt = std::next(it); 89162598e31SEd Tanous BMCWEB_LOG_DEBUG("key={}", it.key()); 892827c4902SNan Zhou const SelectTrieNode* nextNode = currNode.find(it.key()); 8935c9fb2d6SNan Zhou // Per the Redfish spec section 7.3.3, the service shall select 8945c9fb2d6SNan Zhou // certain properties as if $select was omitted. This applies to 8955c9fb2d6SNan Zhou // every TrieNode that contains leaves and the root. 8965c9fb2d6SNan Zhou constexpr std::array<std::string_view, 5> reservedProperties = { 8975c9fb2d6SNan Zhou "@odata.id", "@odata.type", "@odata.context", "@odata.etag", 8985c9fb2d6SNan Zhou "error"}; 8993544d2a7SEd Tanous bool reserved = std::ranges::find(reservedProperties, it.key()) != 9003544d2a7SEd Tanous reservedProperties.end(); 9015c9fb2d6SNan Zhou if (reserved || (nextNode != nullptr && nextNode->isSelected())) 902e155ab54SNan Zhou { 903e155ab54SNan Zhou it = nextIt; 904e155ab54SNan Zhou continue; 905e155ab54SNan Zhou } 906827c4902SNan Zhou if (nextNode != nullptr) 907e155ab54SNan Zhou { 90862598e31SEd Tanous BMCWEB_LOG_DEBUG("Recursively select: {}", it.key()); 909827c4902SNan Zhou recursiveSelect(*it, *nextNode); 910e155ab54SNan Zhou it = nextIt; 911e155ab54SNan Zhou continue; 912e155ab54SNan Zhou } 91362598e31SEd Tanous BMCWEB_LOG_DEBUG("{} is getting removed!", it.key()); 914e155ab54SNan Zhou it = currRoot.erase(it); 915e155ab54SNan Zhou } 916e155ab54SNan Zhou } 9175c9fb2d6SNan Zhou nlohmann::json::array_t* array = 9185c9fb2d6SNan Zhou currRoot.get_ptr<nlohmann::json::array_t*>(); 9195c9fb2d6SNan Zhou if (array != nullptr) 9205c9fb2d6SNan Zhou { 92162598e31SEd Tanous BMCWEB_LOG_DEBUG("Current JSON is an array"); 9225c9fb2d6SNan Zhou // Array index is omitted, so reuse the same Trie node 9235c9fb2d6SNan Zhou for (nlohmann::json& nextRoot : *array) 9245c9fb2d6SNan Zhou { 9255c9fb2d6SNan Zhou recursiveSelect(nextRoot, currNode); 9265c9fb2d6SNan Zhou } 9275c9fb2d6SNan Zhou } 928e155ab54SNan Zhou } 929e155ab54SNan Zhou 930e155ab54SNan Zhou // The current implementation of $select still has the following TODOs due to 931e155ab54SNan Zhou // ambiguity and/or complexity. 9325c9fb2d6SNan Zhou // 1. combined with $expand; https://github.com/DMTF/Redfish/issues/5058 was 933e155ab54SNan Zhou // created for clarification. 9345c9fb2d6SNan Zhou // 2. respect the full odata spec; e.g., deduplication, namespace, star (*), 935e155ab54SNan Zhou // etc. 936e155ab54SNan Zhou inline void processSelect(crow::Response& intermediateResponse, 937827c4902SNan Zhou const SelectTrieNode& trieRoot) 938e155ab54SNan Zhou { 93962598e31SEd Tanous BMCWEB_LOG_DEBUG("Process $select quary parameter"); 940827c4902SNan Zhou recursiveSelect(intermediateResponse.jsonValue, trieRoot); 941e155ab54SNan Zhou } 942e155ab54SNan Zhou 9437cf436c9SEd Tanous inline void 94432cdb4a7SWilly Tu processAllParams(crow::App& app, const Query& query, const Query& delegated, 9457cf436c9SEd Tanous std::function<void(crow::Response&)>& completionHandler, 9467cf436c9SEd Tanous crow::Response& intermediateResponse) 947f4c99e70SEd Tanous { 948f4c99e70SEd Tanous if (!completionHandler) 949f4c99e70SEd Tanous { 95062598e31SEd Tanous BMCWEB_LOG_DEBUG("Function was invalid?"); 951f4c99e70SEd Tanous return; 952f4c99e70SEd Tanous } 953f4c99e70SEd Tanous 95462598e31SEd Tanous BMCWEB_LOG_DEBUG("Processing query params"); 955f4c99e70SEd Tanous // If the request failed, there's no reason to even try to run query 956f4c99e70SEd Tanous // params. 957f4c99e70SEd Tanous if (intermediateResponse.resultInt() < 200 || 958f4c99e70SEd Tanous intermediateResponse.resultInt() >= 400) 959f4c99e70SEd Tanous { 960f4c99e70SEd Tanous completionHandler(intermediateResponse); 961f4c99e70SEd Tanous return; 962f4c99e70SEd Tanous } 963f4c99e70SEd Tanous if (query.isOnly) 964f4c99e70SEd Tanous { 965f4c99e70SEd Tanous processOnly(app, intermediateResponse, completionHandler); 966f4c99e70SEd Tanous return; 967f4c99e70SEd Tanous } 9682a68dc80SEd Tanous 9693648c8beSEd Tanous if (query.top || query.skip) 9702a68dc80SEd Tanous { 9712a68dc80SEd Tanous processTopAndSkip(query, intermediateResponse); 9722a68dc80SEd Tanous } 9732a68dc80SEd Tanous 9747cf436c9SEd Tanous if (query.expandType != ExpandType::None) 9757cf436c9SEd Tanous { 97662598e31SEd Tanous BMCWEB_LOG_DEBUG("Executing expand query"); 97713548d85SEd Tanous auto asyncResp = std::make_shared<bmcweb::AsyncResp>( 97813548d85SEd Tanous std::move(intermediateResponse)); 9797cf436c9SEd Tanous 98013548d85SEd Tanous asyncResp->res.setCompleteRequestHandler(std::move(completionHandler)); 98113548d85SEd Tanous auto multi = std::make_shared<MultiAsyncResp>(app, asyncResp); 98232cdb4a7SWilly Tu multi->startQuery(query, delegated); 9837cf436c9SEd Tanous return; 9847cf436c9SEd Tanous } 985e155ab54SNan Zhou 98625991f7dSEd Tanous if (query.filter) 98725991f7dSEd Tanous { 988f80a87f2SEd Tanous applyFilterToCollection(intermediateResponse.jsonValue, *query.filter); 98925991f7dSEd Tanous } 99025991f7dSEd Tanous 991e155ab54SNan Zhou // According to Redfish Spec Section 7.3.1, $select is the last parameter to 992e155ab54SNan Zhou // to process 993827c4902SNan Zhou if (!query.selectTrie.root.empty()) 994e155ab54SNan Zhou { 995827c4902SNan Zhou processSelect(intermediateResponse, query.selectTrie.root); 996e155ab54SNan Zhou } 997e155ab54SNan Zhou 998f4c99e70SEd Tanous completionHandler(intermediateResponse); 999f4c99e70SEd Tanous } 1000f4c99e70SEd Tanous 1001f4c99e70SEd Tanous } // namespace query_param 1002f4c99e70SEd Tanous } // namespace redfish 1003