12b7981f6SKowalski, Kamil /* 22b7981f6SKowalski, Kamil // Copyright (c) 2018 Intel Corporation 32b7981f6SKowalski, Kamil // 42b7981f6SKowalski, Kamil // Licensed under the Apache License, Version 2.0 (the "License"); 52b7981f6SKowalski, Kamil // you may not use this file except in compliance with the License. 62b7981f6SKowalski, Kamil // You may obtain a copy of the License at 72b7981f6SKowalski, Kamil // 82b7981f6SKowalski, Kamil // http://www.apache.org/licenses/LICENSE-2.0 92b7981f6SKowalski, Kamil // 102b7981f6SKowalski, Kamil // Unless required by applicable law or agreed to in writing, software 112b7981f6SKowalski, Kamil // distributed under the License is distributed on an "AS IS" BASIS, 122b7981f6SKowalski, Kamil // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 132b7981f6SKowalski, Kamil // See the License for the specific language governing permissions and 142b7981f6SKowalski, Kamil // limitations under the License. 152b7981f6SKowalski, Kamil */ 162b7981f6SKowalski, Kamil #pragma once 1743a095abSBorawski.Lukasz 18*3ccb3adbSEd Tanous #include "app.hpp" 19f4c4dcf4SKowalski, Kamil #include "error_messages.hpp" 20*3ccb3adbSEd Tanous #include "http/utility.hpp" 2152cc112dSEd Tanous #include "persistent_data.hpp" 22*3ccb3adbSEd Tanous #include "query.hpp" 23*3ccb3adbSEd Tanous #include "registries/privilege_registry.hpp" 24*3ccb3adbSEd Tanous #include "utils/json_utils.hpp" 257e860f15SJohn Edward Broadbent 261abe55efSEd Tanous namespace redfish 271abe55efSEd Tanous { 282b7981f6SKowalski, Kamil 294f48d5f6SEd Tanous inline void fillSessionObject(crow::Response& res, 30faa34ccfSEd Tanous const persistent_data::UserSession& session) 311abe55efSEd Tanous { 32faa34ccfSEd Tanous res.jsonValue["Id"] = session.uniqueId; 33faa34ccfSEd Tanous res.jsonValue["UserName"] = session.username; 34faa34ccfSEd Tanous res.jsonValue["@odata.id"] = 35faa34ccfSEd Tanous "/redfish/v1/SessionService/Sessions/" + session.uniqueId; 36bb759e3aSEd Tanous res.jsonValue["@odata.type"] = "#Session.v1_5_0.Session"; 37faa34ccfSEd Tanous res.jsonValue["Name"] = "User Session"; 38faa34ccfSEd Tanous res.jsonValue["Description"] = "Manager User Session"; 39faa34ccfSEd Tanous res.jsonValue["ClientOriginIPAddress"] = session.clientIp; 40bb759e3aSEd Tanous if (session.clientId) 41bb759e3aSEd Tanous { 42bb759e3aSEd Tanous res.jsonValue["Context"] = *session.clientId; 43bb759e3aSEd Tanous } 44bb759e3aSEd Tanous // The below implementation is deprecated in leiu of Session.Context 45c0ea7ae1SSunitha Harish #ifdef BMCWEB_ENABLE_IBM_MANAGEMENT_CONSOLE 46faa34ccfSEd Tanous res.jsonValue["Oem"]["OpenBMC"]["@odata.type"] = 4708bdcc71SSunitha Harish "#OemSession.v1_0_0.Session"; 48bb759e3aSEd Tanous res.jsonValue["Oem"]["OpenBMC"]["ClientID"] = session.clientId.value_or(""); 4908bdcc71SSunitha Harish #endif 502b7981f6SKowalski, Kamil } 512b7981f6SKowalski, Kamil 52724340d7SEd Tanous inline void 53a1e0871dSEd Tanous handleSessionHead(crow::App& app, const crow::Request& req, 54faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 55a1e0871dSEd Tanous const std::string& /*sessionId*/) 56724340d7SEd Tanous { 57a1e0871dSEd Tanous 583ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 5945ca1b86SEd Tanous { 6045ca1b86SEd Tanous return; 6145ca1b86SEd Tanous } 62a1e0871dSEd Tanous asyncResp->res.addHeader( 63a1e0871dSEd Tanous boost::beast::http::field::link, 64a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby"); 65a1e0871dSEd Tanous } 66a1e0871dSEd Tanous 67a1e0871dSEd Tanous inline void 68a1e0871dSEd Tanous handleSessionGet(crow::App& app, const crow::Request& req, 69a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 70a1e0871dSEd Tanous const std::string& sessionId) 71a1e0871dSEd Tanous { 72a1e0871dSEd Tanous handleSessionHead(app, req, asyncResp, sessionId); 73a1e0871dSEd Tanous 74faa34ccfSEd Tanous // Note that control also reaches here via doPost and doDelete. 75724340d7SEd Tanous auto session = 76724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 772b7981f6SKowalski, Kamil 781abe55efSEd Tanous if (session == nullptr) 791abe55efSEd Tanous { 80724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 81faa34ccfSEd Tanous return; 82faa34ccfSEd Tanous } 83faa34ccfSEd Tanous 84faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 85724340d7SEd Tanous } 86faa34ccfSEd Tanous 87724340d7SEd Tanous inline void 8845ca1b86SEd Tanous handleSessionDelete(crow::App& app, const crow::Request& req, 89faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 90724340d7SEd Tanous const std::string& sessionId) 91724340d7SEd Tanous { 923ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 9345ca1b86SEd Tanous { 9445ca1b86SEd Tanous return; 9545ca1b86SEd Tanous } 96724340d7SEd Tanous auto session = 97724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 98faa34ccfSEd Tanous 99faa34ccfSEd Tanous if (session == nullptr) 100faa34ccfSEd Tanous { 101724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 1022b7981f6SKowalski, Kamil return; 1032b7981f6SKowalski, Kamil } 1042b7981f6SKowalski, Kamil 105900f9497SJoseph Reynolds // Perform a proper ConfigureSelf authority check. If a 106900f9497SJoseph Reynolds // session is being used to DELETE some other user's session, 107900f9497SJoseph Reynolds // then the ConfigureSelf privilege does not apply. In that 108900f9497SJoseph Reynolds // case, perform the authority check again without the user's 109900f9497SJoseph Reynolds // ConfigureSelf privilege. 1100fd29865Swukaihua-fii-na if (req.session != nullptr && !session->username.empty() && 1110fd29865Swukaihua-fii-na session->username != req.session->username) 112900f9497SJoseph Reynolds { 1136c51eab1SEd Tanous Privileges effectiveUserPrivileges = 1146c51eab1SEd Tanous redfish::getUserPrivileges(req.userRole); 1156c51eab1SEd Tanous 116724340d7SEd Tanous if (!effectiveUserPrivileges.isSupersetOf({"ConfigureUsers"})) 117900f9497SJoseph Reynolds { 1188d1b46d7Szhanghch05 messages::insufficientPrivilege(asyncResp->res); 119900f9497SJoseph Reynolds return; 120900f9497SJoseph Reynolds } 121900f9497SJoseph Reynolds } 122900f9497SJoseph Reynolds 123724340d7SEd Tanous persistent_data::SessionStore::getInstance().removeSession(session); 1245cc148afSEd Tanous messages::success(asyncResp->res); 125724340d7SEd Tanous } 126f4c4dcf4SKowalski, Kamil 127724340d7SEd Tanous inline nlohmann::json getSessionCollectionMembers() 128724340d7SEd Tanous { 12955c7b7a2SEd Tanous std::vector<const std::string*> sessionIds = 13052cc112dSEd Tanous persistent_data::SessionStore::getInstance().getUniqueIds( 13152cc112dSEd Tanous false, persistent_data::PersistenceType::TIMEOUT); 132724340d7SEd Tanous nlohmann::json ret = nlohmann::json::array(); 1331abe55efSEd Tanous for (const std::string* uid : sessionIds) 1341abe55efSEd Tanous { 1351476687dSEd Tanous nlohmann::json::object_t session; 1361476687dSEd Tanous session["@odata.id"] = "/redfish/v1/SessionService/Sessions/" + *uid; 1371476687dSEd Tanous ret.push_back(std::move(session)); 1382b7981f6SKowalski, Kamil } 139724340d7SEd Tanous return ret; 140724340d7SEd Tanous } 141724340d7SEd Tanous 142a1e0871dSEd Tanous inline void handleSessionCollectionHead( 14345ca1b86SEd Tanous crow::App& app, const crow::Request& req, 144724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 145724340d7SEd Tanous { 146a1e0871dSEd Tanous 1473ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 14845ca1b86SEd Tanous { 14945ca1b86SEd Tanous return; 15045ca1b86SEd Tanous } 151a1e0871dSEd Tanous asyncResp->res.addHeader( 152a1e0871dSEd Tanous boost::beast::http::field::link, 153a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby"); 154a1e0871dSEd Tanous } 155a1e0871dSEd Tanous 156a1e0871dSEd Tanous inline void handleSessionCollectionGet( 157a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 158a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 159a1e0871dSEd Tanous { 160a1e0871dSEd Tanous handleSessionCollectionHead(app, req, asyncResp); 161724340d7SEd Tanous asyncResp->res.jsonValue["Members"] = getSessionCollectionMembers(); 162faa34ccfSEd Tanous asyncResp->res.jsonValue["Members@odata.count"] = 163724340d7SEd Tanous asyncResp->res.jsonValue["Members"].size(); 1648d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 1658d1b46d7Szhanghch05 "#SessionCollection.SessionCollection"; 1668d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.id"] = 1678d1b46d7Szhanghch05 "/redfish/v1/SessionService/Sessions/"; 1688d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Collection"; 1698d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Collection"; 170724340d7SEd Tanous } 1712b7981f6SKowalski, Kamil 172724340d7SEd Tanous inline void handleSessionCollectionMembersGet( 17345ca1b86SEd Tanous crow::App& app, const crow::Request& req, 174724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 175724340d7SEd Tanous { 1763ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 17745ca1b86SEd Tanous { 17845ca1b86SEd Tanous return; 17945ca1b86SEd Tanous } 180724340d7SEd Tanous asyncResp->res.jsonValue = getSessionCollectionMembers(); 181724340d7SEd Tanous } 182724340d7SEd Tanous 1834ee8e211SEd Tanous inline void handleSessionCollectionPost( 18445ca1b86SEd Tanous crow::App& app, const crow::Request& req, 185724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 186724340d7SEd Tanous { 1873ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 18845ca1b86SEd Tanous { 18945ca1b86SEd Tanous return; 19045ca1b86SEd Tanous } 1919712f8acSEd Tanous std::string username; 1929712f8acSEd Tanous std::string password; 19308bdcc71SSunitha Harish std::optional<nlohmann::json> oemObject; 194bb759e3aSEd Tanous std::optional<std::string> clientId; 195724340d7SEd Tanous if (!json_util::readJsonPatch(req, asyncResp->res, "UserName", username, 196bb759e3aSEd Tanous "Password", password, "Context", clientId, 197bb759e3aSEd Tanous "Oem", oemObject)) 1981abe55efSEd Tanous { 1992b7981f6SKowalski, Kamil return; 2002b7981f6SKowalski, Kamil } 2012b7981f6SKowalski, Kamil 202820ce598SEd Tanous if (password.empty() || username.empty() || 2038d1b46d7Szhanghch05 asyncResp->res.result() != boost::beast::http::status::ok) 2041abe55efSEd Tanous { 2051abe55efSEd Tanous if (username.empty()) 2061abe55efSEd Tanous { 2078d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "UserName"); 208f4c4dcf4SKowalski, Kamil } 209f4c4dcf4SKowalski, Kamil 2101abe55efSEd Tanous if (password.empty()) 2111abe55efSEd Tanous { 2128d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "Password"); 213820ce598SEd Tanous } 214820ce598SEd Tanous 215820ce598SEd Tanous return; 216f4c4dcf4SKowalski, Kamil } 2172b7981f6SKowalski, Kamil 2183bf4e632SJoseph Reynolds int pamrc = pamAuthenticateUser(username, password); 2193bf4e632SJoseph Reynolds bool isConfigureSelfOnly = pamrc == PAM_NEW_AUTHTOK_REQD; 2203bf4e632SJoseph Reynolds if ((pamrc != PAM_SUCCESS) && !isConfigureSelfOnly) 2211abe55efSEd Tanous { 222724340d7SEd Tanous messages::resourceAtUriUnauthorized(asyncResp->res, req.urlView, 223f12894f8SJason M. Bills "Invalid username or password"); 224820ce598SEd Tanous return; 2252b7981f6SKowalski, Kamil } 22608bdcc71SSunitha Harish #ifdef BMCWEB_ENABLE_IBM_MANAGEMENT_CONSOLE 22708bdcc71SSunitha Harish if (oemObject) 22808bdcc71SSunitha Harish { 22908bdcc71SSunitha Harish std::optional<nlohmann::json> bmcOem; 230724340d7SEd Tanous if (!json_util::readJson(*oemObject, asyncResp->res, "OpenBMC", bmcOem)) 23108bdcc71SSunitha Harish { 23208bdcc71SSunitha Harish return; 23308bdcc71SSunitha Harish } 234bb759e3aSEd Tanous 235bb759e3aSEd Tanous std::optional<std::string> oemClientId; 236bb759e3aSEd Tanous if (!json_util::readJson(*bmcOem, asyncResp->res, "ClientID", 237bb759e3aSEd Tanous oemClientId)) 23808bdcc71SSunitha Harish { 23908bdcc71SSunitha Harish BMCWEB_LOG_ERROR << "Could not read ClientId"; 24008bdcc71SSunitha Harish return; 24108bdcc71SSunitha Harish } 242bb759e3aSEd Tanous if (oemClientId) 243bb759e3aSEd Tanous { 244bb759e3aSEd Tanous if (clientId) 245bb759e3aSEd Tanous { 246bb759e3aSEd Tanous messages::propertyValueConflict(*oemClientId, *clientId); 247bb759e3aSEd Tanous return; 248bb759e3aSEd Tanous } 249bb759e3aSEd Tanous clientId = *oemClientId; 250bb759e3aSEd Tanous } 25108bdcc71SSunitha Harish } 25208bdcc71SSunitha Harish #endif 2536f115bbbSManojkiran Eda 254820ce598SEd Tanous // User is authenticated - create session 25552cc112dSEd Tanous std::shared_ptr<persistent_data::UserSession> session = 256724340d7SEd Tanous persistent_data::SessionStore::getInstance().generateUserSession( 25741d61c82SJiaqing Zhao username, req.ipAddress, clientId, 258724340d7SEd Tanous persistent_data::PersistenceType::TIMEOUT, isConfigureSelfOnly); 25902e53aefSBrad Bishop if (session == nullptr) 26002e53aefSBrad Bishop { 26102e53aefSBrad Bishop messages::internalError(asyncResp->res); 26202e53aefSBrad Bishop return; 26302e53aefSBrad Bishop } 26402e53aefSBrad Bishop 2658d1b46d7Szhanghch05 asyncResp->res.addHeader("X-Auth-Token", session->sessionToken); 266faa34ccfSEd Tanous asyncResp->res.addHeader( 267724340d7SEd Tanous "Location", "/redfish/v1/SessionService/Sessions/" + session->uniqueId); 2688d1b46d7Szhanghch05 asyncResp->res.result(boost::beast::http::status::created); 2693bf4e632SJoseph Reynolds if (session->isConfigureSelfOnly) 2703bf4e632SJoseph Reynolds { 2713bf4e632SJoseph Reynolds messages::passwordChangeRequired( 272724340d7SEd Tanous asyncResp->res, 273724340d7SEd Tanous crow::utility::urlFromPieces("redfish", "v1", "AccountService", 27485e6471bSBrad Bishop "Accounts", session->username)); 2752b7981f6SKowalski, Kamil } 2762b7981f6SKowalski, Kamil 277faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 278724340d7SEd Tanous } 279a1e0871dSEd Tanous inline void handleSessionServiceHead( 280a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 281a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 282a1e0871dSEd Tanous { 283a1e0871dSEd Tanous 284a1e0871dSEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 285a1e0871dSEd Tanous { 286a1e0871dSEd Tanous return; 287a1e0871dSEd Tanous } 288a1e0871dSEd Tanous asyncResp->res.addHeader( 289a1e0871dSEd Tanous boost::beast::http::field::link, 290a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby"); 291a1e0871dSEd Tanous } 292724340d7SEd Tanous inline void 29345ca1b86SEd Tanous handleSessionServiceGet(crow::App& app, const crow::Request& req, 294724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 2952b7981f6SKowalski, Kamil 296724340d7SEd Tanous { 297a1e0871dSEd Tanous handleSessionServiceHead(app, req, asyncResp); 2988d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 2998d1b46d7Szhanghch05 "#SessionService.v1_0_2.SessionService"; 300724340d7SEd Tanous asyncResp->res.jsonValue["@odata.id"] = "/redfish/v1/SessionService/"; 3018d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Service"; 3028d1b46d7Szhanghch05 asyncResp->res.jsonValue["Id"] = "SessionService"; 3038d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Service"; 3048d1b46d7Szhanghch05 asyncResp->res.jsonValue["SessionTimeout"] = 305724340d7SEd Tanous persistent_data::SessionStore::getInstance().getTimeoutInSeconds(); 3068d1b46d7Szhanghch05 asyncResp->res.jsonValue["ServiceEnabled"] = true; 3070f74e643SEd Tanous 3081476687dSEd Tanous asyncResp->res.jsonValue["Sessions"]["@odata.id"] = 3091476687dSEd Tanous "/redfish/v1/SessionService/Sessions"; 310724340d7SEd Tanous } 311f2a4a606SManojkiran Eda 312724340d7SEd Tanous inline void handleSessionServicePatch( 31345ca1b86SEd Tanous crow::App& app, const crow::Request& req, 314724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 315724340d7SEd Tanous { 3163ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 31745ca1b86SEd Tanous { 31845ca1b86SEd Tanous return; 31945ca1b86SEd Tanous } 320f2a4a606SManojkiran Eda std::optional<int64_t> sessionTimeout; 321724340d7SEd Tanous if (!json_util::readJsonPatch(req, asyncResp->res, "SessionTimeout", 322724340d7SEd Tanous sessionTimeout)) 323f2a4a606SManojkiran Eda { 324f2a4a606SManojkiran Eda return; 325f2a4a606SManojkiran Eda } 326f2a4a606SManojkiran Eda 327f2a4a606SManojkiran Eda if (sessionTimeout) 328f2a4a606SManojkiran Eda { 329faa34ccfSEd Tanous // The mininum & maximum allowed values for session timeout 330faa34ccfSEd Tanous // are 30 seconds and 86400 seconds respectively as per the 331faa34ccfSEd Tanous // session service schema mentioned at 332f2a4a606SManojkiran Eda // https://redfish.dmtf.org/schemas/v1/SessionService.v1_1_7.json 333f2a4a606SManojkiran Eda 334f2a4a606SManojkiran Eda if (*sessionTimeout <= 86400 && *sessionTimeout >= 30) 335f2a4a606SManojkiran Eda { 336724340d7SEd Tanous std::chrono::seconds sessionTimeoutInseconds(*sessionTimeout); 337724340d7SEd Tanous persistent_data::SessionStore::getInstance().updateSessionTimeout( 338724340d7SEd Tanous sessionTimeoutInseconds); 339724340d7SEd Tanous messages::propertyValueModified(asyncResp->res, "SessionTimeOut", 340f2a4a606SManojkiran Eda std::to_string(*sessionTimeout)); 341f2a4a606SManojkiran Eda } 342f2a4a606SManojkiran Eda else 343f2a4a606SManojkiran Eda { 344724340d7SEd Tanous messages::propertyValueNotInList(asyncResp->res, 345724340d7SEd Tanous std::to_string(*sessionTimeout), 3468d1b46d7Szhanghch05 "SessionTimeOut"); 347f2a4a606SManojkiran Eda } 348f2a4a606SManojkiran Eda } 349724340d7SEd Tanous } 350724340d7SEd Tanous 351724340d7SEd Tanous inline void requestRoutesSession(App& app) 352724340d7SEd Tanous { 353724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 354a1e0871dSEd Tanous .privileges(redfish::privileges::headSession) 355a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 356a1e0871dSEd Tanous std::bind_front(handleSessionHead, std::ref(app))); 357a1e0871dSEd Tanous 358a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 359724340d7SEd Tanous .privileges(redfish::privileges::getSession) 36045ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 36145ca1b86SEd Tanous std::bind_front(handleSessionGet, std::ref(app))); 362724340d7SEd Tanous 363724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 364724340d7SEd Tanous .privileges(redfish::privileges::deleteSession) 36545ca1b86SEd Tanous .methods(boost::beast::http::verb::delete_)( 36645ca1b86SEd Tanous std::bind_front(handleSessionDelete, std::ref(app))); 367724340d7SEd Tanous 368724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 369a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionCollection) 370a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 371a1e0871dSEd Tanous std::bind_front(handleSessionCollectionHead, std::ref(app))); 372a1e0871dSEd Tanous 373a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 374724340d7SEd Tanous .privileges(redfish::privileges::getSessionCollection) 37545ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 37645ca1b86SEd Tanous std::bind_front(handleSessionCollectionGet, std::ref(app))); 377724340d7SEd Tanous 378e76cd868SEd Tanous // Note, the next two routes technically don't match the privilege 379724340d7SEd Tanous // registry given the way login mechanisms work. The base privilege 380724340d7SEd Tanous // registry lists this endpoint as requiring login privilege, but because 381724340d7SEd Tanous // this is the endpoint responsible for giving the login privilege, and it 382724340d7SEd Tanous // is itself its own route, it needs to not require Login 383724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 384724340d7SEd Tanous .privileges({}) 38545ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 38645ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 387724340d7SEd Tanous 388e76cd868SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/Members/") 389e76cd868SEd Tanous .privileges({}) 39045ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 39145ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 392e76cd868SEd Tanous 393724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 394a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionService) 395a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 396a1e0871dSEd Tanous std::bind_front(handleSessionServiceHead, std::ref(app))); 397a1e0871dSEd Tanous 398a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 399724340d7SEd Tanous .privileges(redfish::privileges::getSessionService) 40045ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 40145ca1b86SEd Tanous std::bind_front(handleSessionServiceGet, std::ref(app))); 402724340d7SEd Tanous 403724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 404724340d7SEd Tanous .privileges(redfish::privileges::patchSessionService) 40545ca1b86SEd Tanous .methods(boost::beast::http::verb::patch)( 40645ca1b86SEd Tanous std::bind_front(handleSessionServicePatch, std::ref(app))); 407f2a4a606SManojkiran Eda } 4085d27b854SBorawski.Lukasz 4092b7981f6SKowalski, Kamil } // namespace redfish 410