12b7981f6SKowalski, Kamil /* 22b7981f6SKowalski, Kamil // Copyright (c) 2018 Intel Corporation 32b7981f6SKowalski, Kamil // 42b7981f6SKowalski, Kamil // Licensed under the Apache License, Version 2.0 (the "License"); 52b7981f6SKowalski, Kamil // you may not use this file except in compliance with the License. 62b7981f6SKowalski, Kamil // You may obtain a copy of the License at 72b7981f6SKowalski, Kamil // 82b7981f6SKowalski, Kamil // http://www.apache.org/licenses/LICENSE-2.0 92b7981f6SKowalski, Kamil // 102b7981f6SKowalski, Kamil // Unless required by applicable law or agreed to in writing, software 112b7981f6SKowalski, Kamil // distributed under the License is distributed on an "AS IS" BASIS, 122b7981f6SKowalski, Kamil // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 132b7981f6SKowalski, Kamil // See the License for the specific language governing permissions and 142b7981f6SKowalski, Kamil // limitations under the License. 152b7981f6SKowalski, Kamil */ 162b7981f6SKowalski, Kamil #pragma once 1743a095abSBorawski.Lukasz 183ccb3adbSEd Tanous #include "app.hpp" 19f4c4dcf4SKowalski, Kamil #include "error_messages.hpp" 203ccb3adbSEd Tanous #include "http/utility.hpp" 2152cc112dSEd Tanous #include "persistent_data.hpp" 223ccb3adbSEd Tanous #include "query.hpp" 233ccb3adbSEd Tanous #include "registries/privilege_registry.hpp" 243ccb3adbSEd Tanous #include "utils/json_utils.hpp" 257e860f15SJohn Edward Broadbent 261abe55efSEd Tanous namespace redfish 271abe55efSEd Tanous { 282b7981f6SKowalski, Kamil 294f48d5f6SEd Tanous inline void fillSessionObject(crow::Response& res, 30faa34ccfSEd Tanous const persistent_data::UserSession& session) 311abe55efSEd Tanous { 32faa34ccfSEd Tanous res.jsonValue["Id"] = session.uniqueId; 33faa34ccfSEd Tanous res.jsonValue["UserName"] = session.username; 34eddfc437SWilly Tu res.jsonValue["@odata.id"] = crow::utility::urlFromPieces( 3503457a9cSGunnar Mills "redfish", "v1", "SessionService", "Sessions", session.uniqueId); 36bb759e3aSEd Tanous res.jsonValue["@odata.type"] = "#Session.v1_5_0.Session"; 37faa34ccfSEd Tanous res.jsonValue["Name"] = "User Session"; 38faa34ccfSEd Tanous res.jsonValue["Description"] = "Manager User Session"; 39faa34ccfSEd Tanous res.jsonValue["ClientOriginIPAddress"] = session.clientIp; 40bb759e3aSEd Tanous if (session.clientId) 41bb759e3aSEd Tanous { 42bb759e3aSEd Tanous res.jsonValue["Context"] = *session.clientId; 43bb759e3aSEd Tanous } 442b7981f6SKowalski, Kamil } 452b7981f6SKowalski, Kamil 46724340d7SEd Tanous inline void 47a1e0871dSEd Tanous handleSessionHead(crow::App& app, const crow::Request& req, 48faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 49a1e0871dSEd Tanous const std::string& /*sessionId*/) 50724340d7SEd Tanous { 51a1e0871dSEd Tanous 523ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 5345ca1b86SEd Tanous { 5445ca1b86SEd Tanous return; 5545ca1b86SEd Tanous } 56a1e0871dSEd Tanous asyncResp->res.addHeader( 57a1e0871dSEd Tanous boost::beast::http::field::link, 58a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby"); 59a1e0871dSEd Tanous } 60a1e0871dSEd Tanous 61a1e0871dSEd Tanous inline void 62a1e0871dSEd Tanous handleSessionGet(crow::App& app, const crow::Request& req, 63a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 64a1e0871dSEd Tanous const std::string& sessionId) 65a1e0871dSEd Tanous { 66a1e0871dSEd Tanous handleSessionHead(app, req, asyncResp, sessionId); 67a1e0871dSEd Tanous 68faa34ccfSEd Tanous // Note that control also reaches here via doPost and doDelete. 69724340d7SEd Tanous auto session = 70724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 712b7981f6SKowalski, Kamil 721abe55efSEd Tanous if (session == nullptr) 731abe55efSEd Tanous { 74724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 75faa34ccfSEd Tanous return; 76faa34ccfSEd Tanous } 77faa34ccfSEd Tanous 78faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 79724340d7SEd Tanous } 80faa34ccfSEd Tanous 81724340d7SEd Tanous inline void 8245ca1b86SEd Tanous handleSessionDelete(crow::App& app, const crow::Request& req, 83faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 84724340d7SEd Tanous const std::string& sessionId) 85724340d7SEd Tanous { 863ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 8745ca1b86SEd Tanous { 8845ca1b86SEd Tanous return; 8945ca1b86SEd Tanous } 90724340d7SEd Tanous auto session = 91724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 92faa34ccfSEd Tanous 93faa34ccfSEd Tanous if (session == nullptr) 94faa34ccfSEd Tanous { 95724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 962b7981f6SKowalski, Kamil return; 972b7981f6SKowalski, Kamil } 982b7981f6SKowalski, Kamil 99900f9497SJoseph Reynolds // Perform a proper ConfigureSelf authority check. If a 100900f9497SJoseph Reynolds // session is being used to DELETE some other user's session, 101900f9497SJoseph Reynolds // then the ConfigureSelf privilege does not apply. In that 102900f9497SJoseph Reynolds // case, perform the authority check again without the user's 103900f9497SJoseph Reynolds // ConfigureSelf privilege. 1040fd29865Swukaihua-fii-na if (req.session != nullptr && !session->username.empty() && 1050fd29865Swukaihua-fii-na session->username != req.session->username) 106900f9497SJoseph Reynolds { 1076c51eab1SEd Tanous Privileges effectiveUserPrivileges = 1086c51eab1SEd Tanous redfish::getUserPrivileges(req.userRole); 1096c51eab1SEd Tanous 110724340d7SEd Tanous if (!effectiveUserPrivileges.isSupersetOf({"ConfigureUsers"})) 111900f9497SJoseph Reynolds { 1128d1b46d7Szhanghch05 messages::insufficientPrivilege(asyncResp->res); 113900f9497SJoseph Reynolds return; 114900f9497SJoseph Reynolds } 115900f9497SJoseph Reynolds } 116900f9497SJoseph Reynolds 117724340d7SEd Tanous persistent_data::SessionStore::getInstance().removeSession(session); 1185cc148afSEd Tanous messages::success(asyncResp->res); 119724340d7SEd Tanous } 120f4c4dcf4SKowalski, Kamil 121724340d7SEd Tanous inline nlohmann::json getSessionCollectionMembers() 122724340d7SEd Tanous { 12355c7b7a2SEd Tanous std::vector<const std::string*> sessionIds = 12452cc112dSEd Tanous persistent_data::SessionStore::getInstance().getUniqueIds( 12552cc112dSEd Tanous false, persistent_data::PersistenceType::TIMEOUT); 126724340d7SEd Tanous nlohmann::json ret = nlohmann::json::array(); 1271abe55efSEd Tanous for (const std::string* uid : sessionIds) 1281abe55efSEd Tanous { 1291476687dSEd Tanous nlohmann::json::object_t session; 130eddfc437SWilly Tu session["@odata.id"] = crow::utility::urlFromPieces( 13103457a9cSGunnar Mills "redfish", "v1", "SessionService", "Sessions", *uid); 1321476687dSEd Tanous ret.push_back(std::move(session)); 1332b7981f6SKowalski, Kamil } 134724340d7SEd Tanous return ret; 135724340d7SEd Tanous } 136724340d7SEd Tanous 137a1e0871dSEd Tanous inline void handleSessionCollectionHead( 13845ca1b86SEd Tanous crow::App& app, const crow::Request& req, 139724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 140724340d7SEd Tanous { 141a1e0871dSEd Tanous 1423ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 14345ca1b86SEd Tanous { 14445ca1b86SEd Tanous return; 14545ca1b86SEd Tanous } 146a1e0871dSEd Tanous asyncResp->res.addHeader( 147a1e0871dSEd Tanous boost::beast::http::field::link, 148a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby"); 149a1e0871dSEd Tanous } 150a1e0871dSEd Tanous 151a1e0871dSEd Tanous inline void handleSessionCollectionGet( 152a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 153a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 154a1e0871dSEd Tanous { 155a1e0871dSEd Tanous handleSessionCollectionHead(app, req, asyncResp); 156724340d7SEd Tanous asyncResp->res.jsonValue["Members"] = getSessionCollectionMembers(); 157faa34ccfSEd Tanous asyncResp->res.jsonValue["Members@odata.count"] = 158724340d7SEd Tanous asyncResp->res.jsonValue["Members"].size(); 1598d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 1608d1b46d7Szhanghch05 "#SessionCollection.SessionCollection"; 1618d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.id"] = 1628d1b46d7Szhanghch05 "/redfish/v1/SessionService/Sessions/"; 1638d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Collection"; 1648d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Collection"; 165724340d7SEd Tanous } 1662b7981f6SKowalski, Kamil 167724340d7SEd Tanous inline void handleSessionCollectionMembersGet( 16845ca1b86SEd Tanous crow::App& app, const crow::Request& req, 169724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 170724340d7SEd Tanous { 1713ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 17245ca1b86SEd Tanous { 17345ca1b86SEd Tanous return; 17445ca1b86SEd Tanous } 175724340d7SEd Tanous asyncResp->res.jsonValue = getSessionCollectionMembers(); 176724340d7SEd Tanous } 177724340d7SEd Tanous 1784ee8e211SEd Tanous inline void handleSessionCollectionPost( 17945ca1b86SEd Tanous crow::App& app, const crow::Request& req, 180724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 181724340d7SEd Tanous { 1823ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 18345ca1b86SEd Tanous { 18445ca1b86SEd Tanous return; 18545ca1b86SEd Tanous } 1869712f8acSEd Tanous std::string username; 1879712f8acSEd Tanous std::string password; 188bb759e3aSEd Tanous std::optional<std::string> clientId; 189724340d7SEd Tanous if (!json_util::readJsonPatch(req, asyncResp->res, "UserName", username, 190d678d4fcSEd Tanous "Password", password, "Context", clientId)) 1911abe55efSEd Tanous { 1922b7981f6SKowalski, Kamil return; 1932b7981f6SKowalski, Kamil } 1942b7981f6SKowalski, Kamil 195820ce598SEd Tanous if (password.empty() || username.empty() || 1968d1b46d7Szhanghch05 asyncResp->res.result() != boost::beast::http::status::ok) 1971abe55efSEd Tanous { 1981abe55efSEd Tanous if (username.empty()) 1991abe55efSEd Tanous { 2008d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "UserName"); 201f4c4dcf4SKowalski, Kamil } 202f4c4dcf4SKowalski, Kamil 2031abe55efSEd Tanous if (password.empty()) 2041abe55efSEd Tanous { 2058d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "Password"); 206820ce598SEd Tanous } 207820ce598SEd Tanous 208820ce598SEd Tanous return; 209f4c4dcf4SKowalski, Kamil } 2102b7981f6SKowalski, Kamil 2113bf4e632SJoseph Reynolds int pamrc = pamAuthenticateUser(username, password); 2123bf4e632SJoseph Reynolds bool isConfigureSelfOnly = pamrc == PAM_NEW_AUTHTOK_REQD; 2133bf4e632SJoseph Reynolds if ((pamrc != PAM_SUCCESS) && !isConfigureSelfOnly) 2141abe55efSEd Tanous { 215*39662a3bSEd Tanous messages::resourceAtUriUnauthorized(asyncResp->res, req.url(), 216f12894f8SJason M. Bills "Invalid username or password"); 217820ce598SEd Tanous return; 2182b7981f6SKowalski, Kamil } 2196f115bbbSManojkiran Eda 220820ce598SEd Tanous // User is authenticated - create session 22152cc112dSEd Tanous std::shared_ptr<persistent_data::UserSession> session = 222724340d7SEd Tanous persistent_data::SessionStore::getInstance().generateUserSession( 22341d61c82SJiaqing Zhao username, req.ipAddress, clientId, 224724340d7SEd Tanous persistent_data::PersistenceType::TIMEOUT, isConfigureSelfOnly); 22502e53aefSBrad Bishop if (session == nullptr) 22602e53aefSBrad Bishop { 22702e53aefSBrad Bishop messages::internalError(asyncResp->res); 22802e53aefSBrad Bishop return; 22902e53aefSBrad Bishop } 23002e53aefSBrad Bishop 2318d1b46d7Szhanghch05 asyncResp->res.addHeader("X-Auth-Token", session->sessionToken); 232faa34ccfSEd Tanous asyncResp->res.addHeader( 233724340d7SEd Tanous "Location", "/redfish/v1/SessionService/Sessions/" + session->uniqueId); 2348d1b46d7Szhanghch05 asyncResp->res.result(boost::beast::http::status::created); 2353bf4e632SJoseph Reynolds if (session->isConfigureSelfOnly) 2363bf4e632SJoseph Reynolds { 2373bf4e632SJoseph Reynolds messages::passwordChangeRequired( 238724340d7SEd Tanous asyncResp->res, 239724340d7SEd Tanous crow::utility::urlFromPieces("redfish", "v1", "AccountService", 24085e6471bSBrad Bishop "Accounts", session->username)); 2412b7981f6SKowalski, Kamil } 2422b7981f6SKowalski, Kamil 243faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 244724340d7SEd Tanous } 245a1e0871dSEd Tanous inline void handleSessionServiceHead( 246a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 247a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 248a1e0871dSEd Tanous { 249a1e0871dSEd Tanous 250a1e0871dSEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 251a1e0871dSEd Tanous { 252a1e0871dSEd Tanous return; 253a1e0871dSEd Tanous } 254a1e0871dSEd Tanous asyncResp->res.addHeader( 255a1e0871dSEd Tanous boost::beast::http::field::link, 256a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby"); 257a1e0871dSEd Tanous } 258724340d7SEd Tanous inline void 25945ca1b86SEd Tanous handleSessionServiceGet(crow::App& app, const crow::Request& req, 260724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 2612b7981f6SKowalski, Kamil 262724340d7SEd Tanous { 263a1e0871dSEd Tanous handleSessionServiceHead(app, req, asyncResp); 2648d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 2658d1b46d7Szhanghch05 "#SessionService.v1_0_2.SessionService"; 266724340d7SEd Tanous asyncResp->res.jsonValue["@odata.id"] = "/redfish/v1/SessionService/"; 2678d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Service"; 2688d1b46d7Szhanghch05 asyncResp->res.jsonValue["Id"] = "SessionService"; 2698d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Service"; 2708d1b46d7Szhanghch05 asyncResp->res.jsonValue["SessionTimeout"] = 271724340d7SEd Tanous persistent_data::SessionStore::getInstance().getTimeoutInSeconds(); 2728d1b46d7Szhanghch05 asyncResp->res.jsonValue["ServiceEnabled"] = true; 2730f74e643SEd Tanous 2741476687dSEd Tanous asyncResp->res.jsonValue["Sessions"]["@odata.id"] = 2751476687dSEd Tanous "/redfish/v1/SessionService/Sessions"; 276724340d7SEd Tanous } 277f2a4a606SManojkiran Eda 278724340d7SEd Tanous inline void handleSessionServicePatch( 27945ca1b86SEd Tanous crow::App& app, const crow::Request& req, 280724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 281724340d7SEd Tanous { 2823ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 28345ca1b86SEd Tanous { 28445ca1b86SEd Tanous return; 28545ca1b86SEd Tanous } 286f2a4a606SManojkiran Eda std::optional<int64_t> sessionTimeout; 287724340d7SEd Tanous if (!json_util::readJsonPatch(req, asyncResp->res, "SessionTimeout", 288724340d7SEd Tanous sessionTimeout)) 289f2a4a606SManojkiran Eda { 290f2a4a606SManojkiran Eda return; 291f2a4a606SManojkiran Eda } 292f2a4a606SManojkiran Eda 293f2a4a606SManojkiran Eda if (sessionTimeout) 294f2a4a606SManojkiran Eda { 295faa34ccfSEd Tanous // The mininum & maximum allowed values for session timeout 296faa34ccfSEd Tanous // are 30 seconds and 86400 seconds respectively as per the 297faa34ccfSEd Tanous // session service schema mentioned at 298f2a4a606SManojkiran Eda // https://redfish.dmtf.org/schemas/v1/SessionService.v1_1_7.json 299f2a4a606SManojkiran Eda 300f2a4a606SManojkiran Eda if (*sessionTimeout <= 86400 && *sessionTimeout >= 30) 301f2a4a606SManojkiran Eda { 302724340d7SEd Tanous std::chrono::seconds sessionTimeoutInseconds(*sessionTimeout); 303724340d7SEd Tanous persistent_data::SessionStore::getInstance().updateSessionTimeout( 304724340d7SEd Tanous sessionTimeoutInseconds); 305724340d7SEd Tanous messages::propertyValueModified(asyncResp->res, "SessionTimeOut", 306f2a4a606SManojkiran Eda std::to_string(*sessionTimeout)); 307f2a4a606SManojkiran Eda } 308f2a4a606SManojkiran Eda else 309f2a4a606SManojkiran Eda { 310724340d7SEd Tanous messages::propertyValueNotInList(asyncResp->res, 311724340d7SEd Tanous std::to_string(*sessionTimeout), 3128d1b46d7Szhanghch05 "SessionTimeOut"); 313f2a4a606SManojkiran Eda } 314f2a4a606SManojkiran Eda } 315724340d7SEd Tanous } 316724340d7SEd Tanous 317724340d7SEd Tanous inline void requestRoutesSession(App& app) 318724340d7SEd Tanous { 319724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 320a1e0871dSEd Tanous .privileges(redfish::privileges::headSession) 321a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 322a1e0871dSEd Tanous std::bind_front(handleSessionHead, std::ref(app))); 323a1e0871dSEd Tanous 324a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 325724340d7SEd Tanous .privileges(redfish::privileges::getSession) 32645ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 32745ca1b86SEd Tanous std::bind_front(handleSessionGet, std::ref(app))); 328724340d7SEd Tanous 329724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 330724340d7SEd Tanous .privileges(redfish::privileges::deleteSession) 33145ca1b86SEd Tanous .methods(boost::beast::http::verb::delete_)( 33245ca1b86SEd Tanous std::bind_front(handleSessionDelete, std::ref(app))); 333724340d7SEd Tanous 334724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 335a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionCollection) 336a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 337a1e0871dSEd Tanous std::bind_front(handleSessionCollectionHead, std::ref(app))); 338a1e0871dSEd Tanous 339a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 340724340d7SEd Tanous .privileges(redfish::privileges::getSessionCollection) 34145ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 34245ca1b86SEd Tanous std::bind_front(handleSessionCollectionGet, std::ref(app))); 343724340d7SEd Tanous 344e76cd868SEd Tanous // Note, the next two routes technically don't match the privilege 345724340d7SEd Tanous // registry given the way login mechanisms work. The base privilege 346724340d7SEd Tanous // registry lists this endpoint as requiring login privilege, but because 347724340d7SEd Tanous // this is the endpoint responsible for giving the login privilege, and it 348724340d7SEd Tanous // is itself its own route, it needs to not require Login 349724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 350724340d7SEd Tanous .privileges({}) 35145ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 35245ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 353724340d7SEd Tanous 354e76cd868SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/Members/") 355e76cd868SEd Tanous .privileges({}) 35645ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 35745ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 358e76cd868SEd Tanous 359724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 360a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionService) 361a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 362a1e0871dSEd Tanous std::bind_front(handleSessionServiceHead, std::ref(app))); 363a1e0871dSEd Tanous 364a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 365724340d7SEd Tanous .privileges(redfish::privileges::getSessionService) 36645ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 36745ca1b86SEd Tanous std::bind_front(handleSessionServiceGet, std::ref(app))); 368724340d7SEd Tanous 369724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 370724340d7SEd Tanous .privileges(redfish::privileges::patchSessionService) 37145ca1b86SEd Tanous .methods(boost::beast::http::verb::patch)( 37245ca1b86SEd Tanous std::bind_front(handleSessionServicePatch, std::ref(app))); 373f2a4a606SManojkiran Eda } 3745d27b854SBorawski.Lukasz 3752b7981f6SKowalski, Kamil } // namespace redfish 376