12b7981f6SKowalski, Kamil /* 22b7981f6SKowalski, Kamil // Copyright (c) 2018 Intel Corporation 32b7981f6SKowalski, Kamil // 42b7981f6SKowalski, Kamil // Licensed under the Apache License, Version 2.0 (the "License"); 52b7981f6SKowalski, Kamil // you may not use this file except in compliance with the License. 62b7981f6SKowalski, Kamil // You may obtain a copy of the License at 72b7981f6SKowalski, Kamil // 82b7981f6SKowalski, Kamil // http://www.apache.org/licenses/LICENSE-2.0 92b7981f6SKowalski, Kamil // 102b7981f6SKowalski, Kamil // Unless required by applicable law or agreed to in writing, software 112b7981f6SKowalski, Kamil // distributed under the License is distributed on an "AS IS" BASIS, 122b7981f6SKowalski, Kamil // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 132b7981f6SKowalski, Kamil // See the License for the specific language governing permissions and 142b7981f6SKowalski, Kamil // limitations under the License. 152b7981f6SKowalski, Kamil */ 162b7981f6SKowalski, Kamil #pragma once 1743a095abSBorawski.Lukasz 18ce22f609SPaul Fertser #include "account_service.hpp" 193ccb3adbSEd Tanous #include "app.hpp" 20*29aab242SPaul Fertser #include "cookies.hpp" 21f4c4dcf4SKowalski, Kamil #include "error_messages.hpp" 223ccb3adbSEd Tanous #include "http/utility.hpp" 2352cc112dSEd Tanous #include "persistent_data.hpp" 243ccb3adbSEd Tanous #include "query.hpp" 253ccb3adbSEd Tanous #include "registries/privilege_registry.hpp" 263ccb3adbSEd Tanous #include "utils/json_utils.hpp" 277e860f15SJohn Edward Broadbent 28ef4c65b7SEd Tanous #include <boost/url/format.hpp> 29ef4c65b7SEd Tanous 301abe55efSEd Tanous namespace redfish 311abe55efSEd Tanous { 322b7981f6SKowalski, Kamil 334f48d5f6SEd Tanous inline void fillSessionObject(crow::Response& res, 34faa34ccfSEd Tanous const persistent_data::UserSession& session) 351abe55efSEd Tanous { 36faa34ccfSEd Tanous res.jsonValue["Id"] = session.uniqueId; 37faa34ccfSEd Tanous res.jsonValue["UserName"] = session.username; 38ce22f609SPaul Fertser nlohmann::json::array_t roles; 39ce22f609SPaul Fertser roles.emplace_back(redfish::getRoleIdFromPrivilege(session.userRole)); 40ce22f609SPaul Fertser res.jsonValue["Roles"] = std::move(roles); 41ef4c65b7SEd Tanous res.jsonValue["@odata.id"] = boost::urls::format( 42ef4c65b7SEd Tanous "/redfish/v1/SessionService/Sessions/{}", session.uniqueId); 43ce22f609SPaul Fertser res.jsonValue["@odata.type"] = "#Session.v1_7_0.Session"; 44faa34ccfSEd Tanous res.jsonValue["Name"] = "User Session"; 45faa34ccfSEd Tanous res.jsonValue["Description"] = "Manager User Session"; 46faa34ccfSEd Tanous res.jsonValue["ClientOriginIPAddress"] = session.clientIp; 47bb759e3aSEd Tanous if (session.clientId) 48bb759e3aSEd Tanous { 49bb759e3aSEd Tanous res.jsonValue["Context"] = *session.clientId; 50bb759e3aSEd Tanous } 512b7981f6SKowalski, Kamil } 522b7981f6SKowalski, Kamil 53724340d7SEd Tanous inline void 54a1e0871dSEd Tanous handleSessionHead(crow::App& app, const crow::Request& req, 55faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 56a1e0871dSEd Tanous const std::string& /*sessionId*/) 57724340d7SEd Tanous { 583ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 5945ca1b86SEd Tanous { 6045ca1b86SEd Tanous return; 6145ca1b86SEd Tanous } 62a1e0871dSEd Tanous asyncResp->res.addHeader( 63a1e0871dSEd Tanous boost::beast::http::field::link, 64a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby"); 65a1e0871dSEd Tanous } 66a1e0871dSEd Tanous 67a1e0871dSEd Tanous inline void 68a1e0871dSEd Tanous handleSessionGet(crow::App& app, const crow::Request& req, 69a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 70a1e0871dSEd Tanous const std::string& sessionId) 71a1e0871dSEd Tanous { 7265ffbcb3SEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 7365ffbcb3SEd Tanous { 7465ffbcb3SEd Tanous return; 7565ffbcb3SEd Tanous } 7665ffbcb3SEd Tanous asyncResp->res.addHeader( 7765ffbcb3SEd Tanous boost::beast::http::field::link, 7865ffbcb3SEd Tanous "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby"); 79a1e0871dSEd Tanous 80faa34ccfSEd Tanous // Note that control also reaches here via doPost and doDelete. 81724340d7SEd Tanous auto session = 82724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 832b7981f6SKowalski, Kamil 841abe55efSEd Tanous if (session == nullptr) 851abe55efSEd Tanous { 86724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 87faa34ccfSEd Tanous return; 88faa34ccfSEd Tanous } 89faa34ccfSEd Tanous 90faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 91724340d7SEd Tanous } 92faa34ccfSEd Tanous 93724340d7SEd Tanous inline void 9445ca1b86SEd Tanous handleSessionDelete(crow::App& app, const crow::Request& req, 95faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 96724340d7SEd Tanous const std::string& sessionId) 97724340d7SEd Tanous { 983ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 9945ca1b86SEd Tanous { 10045ca1b86SEd Tanous return; 10145ca1b86SEd Tanous } 102724340d7SEd Tanous auto session = 103724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 104faa34ccfSEd Tanous 105faa34ccfSEd Tanous if (session == nullptr) 106faa34ccfSEd Tanous { 107724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 1082b7981f6SKowalski, Kamil return; 1092b7981f6SKowalski, Kamil } 1102b7981f6SKowalski, Kamil 111900f9497SJoseph Reynolds // Perform a proper ConfigureSelf authority check. If a 112900f9497SJoseph Reynolds // session is being used to DELETE some other user's session, 113900f9497SJoseph Reynolds // then the ConfigureSelf privilege does not apply. In that 114900f9497SJoseph Reynolds // case, perform the authority check again without the user's 115900f9497SJoseph Reynolds // ConfigureSelf privilege. 1160fd29865Swukaihua-fii-na if (req.session != nullptr && !session->username.empty() && 1170fd29865Swukaihua-fii-na session->username != req.session->username) 118900f9497SJoseph Reynolds { 1196c51eab1SEd Tanous Privileges effectiveUserPrivileges = 1203e72c202SNinad Palsule redfish::getUserPrivileges(*req.session); 1216c51eab1SEd Tanous 122724340d7SEd Tanous if (!effectiveUserPrivileges.isSupersetOf({"ConfigureUsers"})) 123900f9497SJoseph Reynolds { 1248d1b46d7Szhanghch05 messages::insufficientPrivilege(asyncResp->res); 125900f9497SJoseph Reynolds return; 126900f9497SJoseph Reynolds } 127900f9497SJoseph Reynolds } 128900f9497SJoseph Reynolds 129*29aab242SPaul Fertser if (session->cookieAuth) 130*29aab242SPaul Fertser { 131*29aab242SPaul Fertser bmcweb::clearSessionCookies(asyncResp->res); 132*29aab242SPaul Fertser } 133*29aab242SPaul Fertser 134724340d7SEd Tanous persistent_data::SessionStore::getInstance().removeSession(session); 1355cc148afSEd Tanous messages::success(asyncResp->res); 136724340d7SEd Tanous } 137f4c4dcf4SKowalski, Kamil 138724340d7SEd Tanous inline nlohmann::json getSessionCollectionMembers() 139724340d7SEd Tanous { 14055c7b7a2SEd Tanous std::vector<const std::string*> sessionIds = 14152cc112dSEd Tanous persistent_data::SessionStore::getInstance().getUniqueIds( 14252cc112dSEd Tanous false, persistent_data::PersistenceType::TIMEOUT); 143724340d7SEd Tanous nlohmann::json ret = nlohmann::json::array(); 1441abe55efSEd Tanous for (const std::string* uid : sessionIds) 1451abe55efSEd Tanous { 1461476687dSEd Tanous nlohmann::json::object_t session; 147ef4c65b7SEd Tanous session["@odata.id"] = 148ef4c65b7SEd Tanous boost::urls::format("/redfish/v1/SessionService/Sessions/{}", *uid); 149b2ba3072SPatrick Williams ret.emplace_back(std::move(session)); 1502b7981f6SKowalski, Kamil } 151724340d7SEd Tanous return ret; 152724340d7SEd Tanous } 153724340d7SEd Tanous 154a1e0871dSEd Tanous inline void handleSessionCollectionHead( 15545ca1b86SEd Tanous crow::App& app, const crow::Request& req, 156724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 157724340d7SEd Tanous { 1583ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 15945ca1b86SEd Tanous { 16045ca1b86SEd Tanous return; 16145ca1b86SEd Tanous } 162a1e0871dSEd Tanous asyncResp->res.addHeader( 163a1e0871dSEd Tanous boost::beast::http::field::link, 164a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby"); 165a1e0871dSEd Tanous } 166a1e0871dSEd Tanous 167a1e0871dSEd Tanous inline void handleSessionCollectionGet( 168a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 169a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 170a1e0871dSEd Tanous { 17101a89a1fSEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 17201a89a1fSEd Tanous { 17301a89a1fSEd Tanous return; 17401a89a1fSEd Tanous } 17501a89a1fSEd Tanous asyncResp->res.addHeader( 17601a89a1fSEd Tanous boost::beast::http::field::link, 17701a89a1fSEd Tanous "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby"); 17801a89a1fSEd Tanous 179724340d7SEd Tanous asyncResp->res.jsonValue["Members"] = getSessionCollectionMembers(); 180faa34ccfSEd Tanous asyncResp->res.jsonValue["Members@odata.count"] = 181724340d7SEd Tanous asyncResp->res.jsonValue["Members"].size(); 1828d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 1838d1b46d7Szhanghch05 "#SessionCollection.SessionCollection"; 1848d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.id"] = 1857a859ffeSGunnar Mills "/redfish/v1/SessionService/Sessions"; 1868d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Collection"; 1878d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Collection"; 188724340d7SEd Tanous } 1892b7981f6SKowalski, Kamil 190724340d7SEd Tanous inline void handleSessionCollectionMembersGet( 19145ca1b86SEd Tanous crow::App& app, const crow::Request& req, 192724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 193724340d7SEd Tanous { 1943ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 19545ca1b86SEd Tanous { 19645ca1b86SEd Tanous return; 19745ca1b86SEd Tanous } 198724340d7SEd Tanous asyncResp->res.jsonValue = getSessionCollectionMembers(); 199724340d7SEd Tanous } 200724340d7SEd Tanous 2014ee8e211SEd Tanous inline void handleSessionCollectionPost( 20245ca1b86SEd Tanous crow::App& app, const crow::Request& req, 203724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 204724340d7SEd Tanous { 2053ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 20645ca1b86SEd Tanous { 20745ca1b86SEd Tanous return; 20845ca1b86SEd Tanous } 2099712f8acSEd Tanous std::string username; 2109712f8acSEd Tanous std::string password; 211bb759e3aSEd Tanous std::optional<std::string> clientId; 212724340d7SEd Tanous if (!json_util::readJsonPatch(req, asyncResp->res, "UserName", username, 213d678d4fcSEd Tanous "Password", password, "Context", clientId)) 2141abe55efSEd Tanous { 2152b7981f6SKowalski, Kamil return; 2162b7981f6SKowalski, Kamil } 2172b7981f6SKowalski, Kamil 218820ce598SEd Tanous if (password.empty() || username.empty() || 2198d1b46d7Szhanghch05 asyncResp->res.result() != boost::beast::http::status::ok) 2201abe55efSEd Tanous { 2211abe55efSEd Tanous if (username.empty()) 2221abe55efSEd Tanous { 2238d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "UserName"); 224f4c4dcf4SKowalski, Kamil } 225f4c4dcf4SKowalski, Kamil 2261abe55efSEd Tanous if (password.empty()) 2271abe55efSEd Tanous { 2288d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "Password"); 229820ce598SEd Tanous } 230820ce598SEd Tanous 231820ce598SEd Tanous return; 232f4c4dcf4SKowalski, Kamil } 2332b7981f6SKowalski, Kamil 2343bf4e632SJoseph Reynolds int pamrc = pamAuthenticateUser(username, password); 2353bf4e632SJoseph Reynolds bool isConfigureSelfOnly = pamrc == PAM_NEW_AUTHTOK_REQD; 2363bf4e632SJoseph Reynolds if ((pamrc != PAM_SUCCESS) && !isConfigureSelfOnly) 2371abe55efSEd Tanous { 23839662a3bSEd Tanous messages::resourceAtUriUnauthorized(asyncResp->res, req.url(), 239f12894f8SJason M. Bills "Invalid username or password"); 240820ce598SEd Tanous return; 2412b7981f6SKowalski, Kamil } 2426f115bbbSManojkiran Eda 243820ce598SEd Tanous // User is authenticated - create session 24452cc112dSEd Tanous std::shared_ptr<persistent_data::UserSession> session = 245724340d7SEd Tanous persistent_data::SessionStore::getInstance().generateUserSession( 24641d61c82SJiaqing Zhao username, req.ipAddress, clientId, 247724340d7SEd Tanous persistent_data::PersistenceType::TIMEOUT, isConfigureSelfOnly); 24802e53aefSBrad Bishop if (session == nullptr) 24902e53aefSBrad Bishop { 25002e53aefSBrad Bishop messages::internalError(asyncResp->res); 25102e53aefSBrad Bishop return; 25202e53aefSBrad Bishop } 25302e53aefSBrad Bishop 254*29aab242SPaul Fertser // When session is created by webui-vue give it session cookies as a 255*29aab242SPaul Fertser // non-standard Redfish extension. This is needed for authentication for 256*29aab242SPaul Fertser // WebSockets-based functionality. 257*29aab242SPaul Fertser if (!req.getHeaderValue("X-Requested-With").empty()) 258*29aab242SPaul Fertser { 259*29aab242SPaul Fertser bmcweb::setSessionCookies(asyncResp->res, *session); 260*29aab242SPaul Fertser } 261*29aab242SPaul Fertser else 262*29aab242SPaul Fertser { 2638d1b46d7Szhanghch05 asyncResp->res.addHeader("X-Auth-Token", session->sessionToken); 264*29aab242SPaul Fertser } 265*29aab242SPaul Fertser 266faa34ccfSEd Tanous asyncResp->res.addHeader( 267724340d7SEd Tanous "Location", "/redfish/v1/SessionService/Sessions/" + session->uniqueId); 2688d1b46d7Szhanghch05 asyncResp->res.result(boost::beast::http::status::created); 2693bf4e632SJoseph Reynolds if (session->isConfigureSelfOnly) 2703bf4e632SJoseph Reynolds { 2713bf4e632SJoseph Reynolds messages::passwordChangeRequired( 272724340d7SEd Tanous asyncResp->res, 273ef4c65b7SEd Tanous boost::urls::format("/redfish/v1/AccountService/Accounts/{}", 274ef4c65b7SEd Tanous session->username)); 2752b7981f6SKowalski, Kamil } 2762b7981f6SKowalski, Kamil 277478c5a57SPaul Fertser crow::getUserInfo(asyncResp, username, session, [asyncResp, session]() { 278faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 279478c5a57SPaul Fertser }); 280724340d7SEd Tanous } 281a1e0871dSEd Tanous inline void handleSessionServiceHead( 282a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 283a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 284a1e0871dSEd Tanous { 285a1e0871dSEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 286a1e0871dSEd Tanous { 287a1e0871dSEd Tanous return; 288a1e0871dSEd Tanous } 289a1e0871dSEd Tanous asyncResp->res.addHeader( 290a1e0871dSEd Tanous boost::beast::http::field::link, 291a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby"); 292a1e0871dSEd Tanous } 293724340d7SEd Tanous inline void 29445ca1b86SEd Tanous handleSessionServiceGet(crow::App& app, const crow::Request& req, 295724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 2962b7981f6SKowalski, Kamil 297724340d7SEd Tanous { 29878e3900fSGunnar Mills if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 29978e3900fSGunnar Mills { 30078e3900fSGunnar Mills return; 30178e3900fSGunnar Mills } 30278e3900fSGunnar Mills asyncResp->res.addHeader( 30378e3900fSGunnar Mills boost::beast::http::field::link, 30478e3900fSGunnar Mills "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby"); 30578e3900fSGunnar Mills 3068d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 3078d1b46d7Szhanghch05 "#SessionService.v1_0_2.SessionService"; 3087a859ffeSGunnar Mills asyncResp->res.jsonValue["@odata.id"] = "/redfish/v1/SessionService"; 3098d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Service"; 3108d1b46d7Szhanghch05 asyncResp->res.jsonValue["Id"] = "SessionService"; 3118d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Service"; 3128d1b46d7Szhanghch05 asyncResp->res.jsonValue["SessionTimeout"] = 313724340d7SEd Tanous persistent_data::SessionStore::getInstance().getTimeoutInSeconds(); 3148d1b46d7Szhanghch05 asyncResp->res.jsonValue["ServiceEnabled"] = true; 3150f74e643SEd Tanous 3161476687dSEd Tanous asyncResp->res.jsonValue["Sessions"]["@odata.id"] = 3171476687dSEd Tanous "/redfish/v1/SessionService/Sessions"; 318724340d7SEd Tanous } 319f2a4a606SManojkiran Eda 320724340d7SEd Tanous inline void handleSessionServicePatch( 32145ca1b86SEd Tanous crow::App& app, const crow::Request& req, 322724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 323724340d7SEd Tanous { 3243ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 32545ca1b86SEd Tanous { 32645ca1b86SEd Tanous return; 32745ca1b86SEd Tanous } 328f2a4a606SManojkiran Eda std::optional<int64_t> sessionTimeout; 329724340d7SEd Tanous if (!json_util::readJsonPatch(req, asyncResp->res, "SessionTimeout", 330724340d7SEd Tanous sessionTimeout)) 331f2a4a606SManojkiran Eda { 332f2a4a606SManojkiran Eda return; 333f2a4a606SManojkiran Eda } 334f2a4a606SManojkiran Eda 335f2a4a606SManojkiran Eda if (sessionTimeout) 336f2a4a606SManojkiran Eda { 3378ece0e45SEd Tanous // The minimum & maximum allowed values for session timeout 338faa34ccfSEd Tanous // are 30 seconds and 86400 seconds respectively as per the 339faa34ccfSEd Tanous // session service schema mentioned at 340f2a4a606SManojkiran Eda // https://redfish.dmtf.org/schemas/v1/SessionService.v1_1_7.json 341f2a4a606SManojkiran Eda 342f2a4a606SManojkiran Eda if (*sessionTimeout <= 86400 && *sessionTimeout >= 30) 343f2a4a606SManojkiran Eda { 344724340d7SEd Tanous std::chrono::seconds sessionTimeoutInseconds(*sessionTimeout); 345724340d7SEd Tanous persistent_data::SessionStore::getInstance().updateSessionTimeout( 346724340d7SEd Tanous sessionTimeoutInseconds); 347724340d7SEd Tanous messages::propertyValueModified(asyncResp->res, "SessionTimeOut", 348f2a4a606SManojkiran Eda std::to_string(*sessionTimeout)); 349f2a4a606SManojkiran Eda } 350f2a4a606SManojkiran Eda else 351f2a4a606SManojkiran Eda { 352e2616cc5SEd Tanous messages::propertyValueNotInList(asyncResp->res, *sessionTimeout, 3538d1b46d7Szhanghch05 "SessionTimeOut"); 354f2a4a606SManojkiran Eda } 355f2a4a606SManojkiran Eda } 356724340d7SEd Tanous } 357724340d7SEd Tanous 358724340d7SEd Tanous inline void requestRoutesSession(App& app) 359724340d7SEd Tanous { 360724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 361a1e0871dSEd Tanous .privileges(redfish::privileges::headSession) 362a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 363a1e0871dSEd Tanous std::bind_front(handleSessionHead, std::ref(app))); 364a1e0871dSEd Tanous 365a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 366724340d7SEd Tanous .privileges(redfish::privileges::getSession) 36745ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 36845ca1b86SEd Tanous std::bind_front(handleSessionGet, std::ref(app))); 369724340d7SEd Tanous 370724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 371724340d7SEd Tanous .privileges(redfish::privileges::deleteSession) 37245ca1b86SEd Tanous .methods(boost::beast::http::verb::delete_)( 37345ca1b86SEd Tanous std::bind_front(handleSessionDelete, std::ref(app))); 374724340d7SEd Tanous 375724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 376a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionCollection) 377a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 378a1e0871dSEd Tanous std::bind_front(handleSessionCollectionHead, std::ref(app))); 379a1e0871dSEd Tanous 380a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 381724340d7SEd Tanous .privileges(redfish::privileges::getSessionCollection) 38245ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 38345ca1b86SEd Tanous std::bind_front(handleSessionCollectionGet, std::ref(app))); 384724340d7SEd Tanous 385e76cd868SEd Tanous // Note, the next two routes technically don't match the privilege 386724340d7SEd Tanous // registry given the way login mechanisms work. The base privilege 387724340d7SEd Tanous // registry lists this endpoint as requiring login privilege, but because 388724340d7SEd Tanous // this is the endpoint responsible for giving the login privilege, and it 389724340d7SEd Tanous // is itself its own route, it needs to not require Login 390724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 391724340d7SEd Tanous .privileges({}) 39245ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 39345ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 394724340d7SEd Tanous 395e76cd868SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/Members/") 396e76cd868SEd Tanous .privileges({}) 39745ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 39845ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 399e76cd868SEd Tanous 400724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 401a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionService) 402a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 403a1e0871dSEd Tanous std::bind_front(handleSessionServiceHead, std::ref(app))); 404a1e0871dSEd Tanous 405a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 406724340d7SEd Tanous .privileges(redfish::privileges::getSessionService) 40745ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 40845ca1b86SEd Tanous std::bind_front(handleSessionServiceGet, std::ref(app))); 409724340d7SEd Tanous 410724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 411724340d7SEd Tanous .privileges(redfish::privileges::patchSessionService) 41245ca1b86SEd Tanous .methods(boost::beast::http::verb::patch)( 41345ca1b86SEd Tanous std::bind_front(handleSessionServicePatch, std::ref(app))); 414f2a4a606SManojkiran Eda } 4155d27b854SBorawski.Lukasz 4162b7981f6SKowalski, Kamil } // namespace redfish 417