1*40e9b92eSEd Tanous // SPDX-License-Identifier: Apache-2.0 2*40e9b92eSEd Tanous // SPDX-FileCopyrightText: Copyright OpenBMC Authors 3*40e9b92eSEd Tanous // SPDX-FileCopyrightText: Copyright 2018 Intel Corporation 42b7981f6SKowalski, Kamil #pragma once 543a095abSBorawski.Lukasz 6ce22f609SPaul Fertser #include "account_service.hpp" 73ccb3adbSEd Tanous #include "app.hpp" 829aab242SPaul Fertser #include "cookies.hpp" 9f4c4dcf4SKowalski, Kamil #include "error_messages.hpp" 103ccb3adbSEd Tanous #include "http/utility.hpp" 1152cc112dSEd Tanous #include "persistent_data.hpp" 123ccb3adbSEd Tanous #include "query.hpp" 133ccb3adbSEd Tanous #include "registries/privilege_registry.hpp" 143ccb3adbSEd Tanous #include "utils/json_utils.hpp" 157e860f15SJohn Edward Broadbent 16ef4c65b7SEd Tanous #include <boost/url/format.hpp> 17ef4c65b7SEd Tanous 1889cda63dSEd Tanous #include <string> 1989cda63dSEd Tanous #include <vector> 2089cda63dSEd Tanous 211abe55efSEd Tanous namespace redfish 221abe55efSEd Tanous { 232b7981f6SKowalski, Kamil 244f48d5f6SEd Tanous inline void fillSessionObject(crow::Response& res, 25faa34ccfSEd Tanous const persistent_data::UserSession& session) 261abe55efSEd Tanous { 27faa34ccfSEd Tanous res.jsonValue["Id"] = session.uniqueId; 28faa34ccfSEd Tanous res.jsonValue["UserName"] = session.username; 29ce22f609SPaul Fertser nlohmann::json::array_t roles; 30ce22f609SPaul Fertser roles.emplace_back(redfish::getRoleIdFromPrivilege(session.userRole)); 31ce22f609SPaul Fertser res.jsonValue["Roles"] = std::move(roles); 32ef4c65b7SEd Tanous res.jsonValue["@odata.id"] = boost::urls::format( 33ef4c65b7SEd Tanous "/redfish/v1/SessionService/Sessions/{}", session.uniqueId); 34ce22f609SPaul Fertser res.jsonValue["@odata.type"] = "#Session.v1_7_0.Session"; 35faa34ccfSEd Tanous res.jsonValue["Name"] = "User Session"; 36faa34ccfSEd Tanous res.jsonValue["Description"] = "Manager User Session"; 37faa34ccfSEd Tanous res.jsonValue["ClientOriginIPAddress"] = session.clientIp; 38bb759e3aSEd Tanous if (session.clientId) 39bb759e3aSEd Tanous { 40bb759e3aSEd Tanous res.jsonValue["Context"] = *session.clientId; 41bb759e3aSEd Tanous } 422b7981f6SKowalski, Kamil } 432b7981f6SKowalski, Kamil 44724340d7SEd Tanous inline void 45a1e0871dSEd Tanous handleSessionHead(crow::App& app, const crow::Request& req, 46faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 47a1e0871dSEd Tanous const std::string& /*sessionId*/) 48724340d7SEd Tanous { 493ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 5045ca1b86SEd Tanous { 5145ca1b86SEd Tanous return; 5245ca1b86SEd Tanous } 53a1e0871dSEd Tanous asyncResp->res.addHeader( 54a1e0871dSEd Tanous boost::beast::http::field::link, 55a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby"); 56a1e0871dSEd Tanous } 57a1e0871dSEd Tanous 58a1e0871dSEd Tanous inline void 59a1e0871dSEd Tanous handleSessionGet(crow::App& app, const crow::Request& req, 60a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 61a1e0871dSEd Tanous const std::string& sessionId) 62a1e0871dSEd Tanous { 6365ffbcb3SEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 6465ffbcb3SEd Tanous { 6565ffbcb3SEd Tanous return; 6665ffbcb3SEd Tanous } 6765ffbcb3SEd Tanous asyncResp->res.addHeader( 6865ffbcb3SEd Tanous boost::beast::http::field::link, 6965ffbcb3SEd Tanous "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby"); 70a1e0871dSEd Tanous 71faa34ccfSEd Tanous // Note that control also reaches here via doPost and doDelete. 72724340d7SEd Tanous auto session = 73724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 742b7981f6SKowalski, Kamil 751abe55efSEd Tanous if (session == nullptr) 761abe55efSEd Tanous { 77724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 78faa34ccfSEd Tanous return; 79faa34ccfSEd Tanous } 80faa34ccfSEd Tanous 81faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 82724340d7SEd Tanous } 83faa34ccfSEd Tanous 84724340d7SEd Tanous inline void 8545ca1b86SEd Tanous handleSessionDelete(crow::App& app, const crow::Request& req, 86faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 87724340d7SEd Tanous const std::string& sessionId) 88724340d7SEd Tanous { 893ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 9045ca1b86SEd Tanous { 9145ca1b86SEd Tanous return; 9245ca1b86SEd Tanous } 93724340d7SEd Tanous auto session = 94724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 95faa34ccfSEd Tanous 96faa34ccfSEd Tanous if (session == nullptr) 97faa34ccfSEd Tanous { 98724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 992b7981f6SKowalski, Kamil return; 1002b7981f6SKowalski, Kamil } 1012b7981f6SKowalski, Kamil 102900f9497SJoseph Reynolds // Perform a proper ConfigureSelf authority check. If a 103900f9497SJoseph Reynolds // session is being used to DELETE some other user's session, 104900f9497SJoseph Reynolds // then the ConfigureSelf privilege does not apply. In that 105900f9497SJoseph Reynolds // case, perform the authority check again without the user's 106900f9497SJoseph Reynolds // ConfigureSelf privilege. 1070fd29865Swukaihua-fii-na if (req.session != nullptr && !session->username.empty() && 1080fd29865Swukaihua-fii-na session->username != req.session->username) 109900f9497SJoseph Reynolds { 1106c51eab1SEd Tanous Privileges effectiveUserPrivileges = 1113e72c202SNinad Palsule redfish::getUserPrivileges(*req.session); 1126c51eab1SEd Tanous 113724340d7SEd Tanous if (!effectiveUserPrivileges.isSupersetOf({"ConfigureUsers"})) 114900f9497SJoseph Reynolds { 1158d1b46d7Szhanghch05 messages::insufficientPrivilege(asyncResp->res); 116900f9497SJoseph Reynolds return; 117900f9497SJoseph Reynolds } 118900f9497SJoseph Reynolds } 119900f9497SJoseph Reynolds 1208812e8beSPaul Fertser if (req.session != nullptr && req.session->uniqueId == sessionId && 1218812e8beSPaul Fertser session->cookieAuth) 12229aab242SPaul Fertser { 12329aab242SPaul Fertser bmcweb::clearSessionCookies(asyncResp->res); 12429aab242SPaul Fertser } 12529aab242SPaul Fertser 126724340d7SEd Tanous persistent_data::SessionStore::getInstance().removeSession(session); 1275cc148afSEd Tanous messages::success(asyncResp->res); 128724340d7SEd Tanous } 129f4c4dcf4SKowalski, Kamil 130724340d7SEd Tanous inline nlohmann::json getSessionCollectionMembers() 131724340d7SEd Tanous { 13289cda63dSEd Tanous std::vector<std::string> sessionIds = 13389cda63dSEd Tanous persistent_data::SessionStore::getInstance().getAllUniqueIds(); 134724340d7SEd Tanous nlohmann::json ret = nlohmann::json::array(); 13589cda63dSEd Tanous for (const std::string& uid : sessionIds) 1361abe55efSEd Tanous { 1371476687dSEd Tanous nlohmann::json::object_t session; 138ef4c65b7SEd Tanous session["@odata.id"] = 13989cda63dSEd Tanous boost::urls::format("/redfish/v1/SessionService/Sessions/{}", uid); 140b2ba3072SPatrick Williams ret.emplace_back(std::move(session)); 1412b7981f6SKowalski, Kamil } 142724340d7SEd Tanous return ret; 143724340d7SEd Tanous } 144724340d7SEd Tanous 145a1e0871dSEd Tanous inline void handleSessionCollectionHead( 14645ca1b86SEd Tanous crow::App& app, const crow::Request& req, 147724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 148724340d7SEd Tanous { 1493ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 15045ca1b86SEd Tanous { 15145ca1b86SEd Tanous return; 15245ca1b86SEd Tanous } 153a1e0871dSEd Tanous asyncResp->res.addHeader( 154a1e0871dSEd Tanous boost::beast::http::field::link, 155a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby"); 156a1e0871dSEd Tanous } 157a1e0871dSEd Tanous 158a1e0871dSEd Tanous inline void handleSessionCollectionGet( 159a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 160a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 161a1e0871dSEd Tanous { 16201a89a1fSEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 16301a89a1fSEd Tanous { 16401a89a1fSEd Tanous return; 16501a89a1fSEd Tanous } 16601a89a1fSEd Tanous asyncResp->res.addHeader( 16701a89a1fSEd Tanous boost::beast::http::field::link, 16801a89a1fSEd Tanous "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby"); 16901a89a1fSEd Tanous 170724340d7SEd Tanous asyncResp->res.jsonValue["Members"] = getSessionCollectionMembers(); 171faa34ccfSEd Tanous asyncResp->res.jsonValue["Members@odata.count"] = 172724340d7SEd Tanous asyncResp->res.jsonValue["Members"].size(); 1738d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 1748d1b46d7Szhanghch05 "#SessionCollection.SessionCollection"; 1758d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.id"] = 1767a859ffeSGunnar Mills "/redfish/v1/SessionService/Sessions"; 1778d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Collection"; 1788d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Collection"; 179724340d7SEd Tanous } 1802b7981f6SKowalski, Kamil 181724340d7SEd Tanous inline void handleSessionCollectionMembersGet( 18245ca1b86SEd Tanous crow::App& app, const crow::Request& req, 183724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 184724340d7SEd Tanous { 1853ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 18645ca1b86SEd Tanous { 18745ca1b86SEd Tanous return; 18845ca1b86SEd Tanous } 189724340d7SEd Tanous asyncResp->res.jsonValue = getSessionCollectionMembers(); 190724340d7SEd Tanous } 191724340d7SEd Tanous 192be2f124cSJishnu CM inline void processAfterSessionCreation( 193be2f124cSJishnu CM const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 194be2f124cSJishnu CM const crow::Request& req, const std::string& username, 195be2f124cSJishnu CM std::shared_ptr<persistent_data::UserSession>& session) 196be2f124cSJishnu CM { 197be2f124cSJishnu CM // When session is created by webui-vue give it session cookies as a 198be2f124cSJishnu CM // non-standard Redfish extension. This is needed for authentication for 199be2f124cSJishnu CM // WebSockets-based functionality. 200be2f124cSJishnu CM if (!req.getHeaderValue("X-Requested-With").empty()) 201be2f124cSJishnu CM { 202be2f124cSJishnu CM bmcweb::setSessionCookies(asyncResp->res, *session); 203be2f124cSJishnu CM } 204be2f124cSJishnu CM else 205be2f124cSJishnu CM { 206be2f124cSJishnu CM asyncResp->res.addHeader("X-Auth-Token", session->sessionToken); 207be2f124cSJishnu CM } 208be2f124cSJishnu CM 209be2f124cSJishnu CM asyncResp->res.addHeader( 210be2f124cSJishnu CM "Location", "/redfish/v1/SessionService/Sessions/" + session->uniqueId); 211be2f124cSJishnu CM asyncResp->res.result(boost::beast::http::status::created); 212be2f124cSJishnu CM if (session->isConfigureSelfOnly) 213be2f124cSJishnu CM { 214be2f124cSJishnu CM messages::passwordChangeRequired( 215be2f124cSJishnu CM asyncResp->res, 216be2f124cSJishnu CM boost::urls::format("/redfish/v1/AccountService/Accounts/{}", 217be2f124cSJishnu CM session->username)); 218be2f124cSJishnu CM } 219be2f124cSJishnu CM 220be2f124cSJishnu CM crow::getUserInfo(asyncResp, username, session, [asyncResp, session]() { 221be2f124cSJishnu CM fillSessionObject(asyncResp->res, *session); 222be2f124cSJishnu CM }); 223be2f124cSJishnu CM } 224be2f124cSJishnu CM 2254ee8e211SEd Tanous inline void handleSessionCollectionPost( 22645ca1b86SEd Tanous crow::App& app, const crow::Request& req, 227724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 228724340d7SEd Tanous { 2293ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 23045ca1b86SEd Tanous { 23145ca1b86SEd Tanous return; 23245ca1b86SEd Tanous } 2339712f8acSEd Tanous std::string username; 2349712f8acSEd Tanous std::string password; 235bb759e3aSEd Tanous std::optional<std::string> clientId; 2362ccce1f3SRavi Teja std::optional<std::string> token; 237afc474aeSMyung Bae if (!json_util::readJsonPatch( // 238afc474aeSMyung Bae req, asyncResp->res, // 239afc474aeSMyung Bae "Context", clientId, // 240afc474aeSMyung Bae "Password", password, // 241afc474aeSMyung Bae "Token", token, // 242afc474aeSMyung Bae "UserName", username // 243afc474aeSMyung Bae )) 2441abe55efSEd Tanous { 2452b7981f6SKowalski, Kamil return; 2462b7981f6SKowalski, Kamil } 247820ce598SEd Tanous if (password.empty() || username.empty() || 2488d1b46d7Szhanghch05 asyncResp->res.result() != boost::beast::http::status::ok) 2491abe55efSEd Tanous { 2501abe55efSEd Tanous if (username.empty()) 2511abe55efSEd Tanous { 2528d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "UserName"); 253f4c4dcf4SKowalski, Kamil } 254f4c4dcf4SKowalski, Kamil 2551abe55efSEd Tanous if (password.empty()) 2561abe55efSEd Tanous { 2578d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "Password"); 258820ce598SEd Tanous } 259820ce598SEd Tanous 260820ce598SEd Tanous return; 261f4c4dcf4SKowalski, Kamil } 2622b7981f6SKowalski, Kamil 2632ccce1f3SRavi Teja int pamrc = pamAuthenticateUser(username, password, token); 2643bf4e632SJoseph Reynolds bool isConfigureSelfOnly = pamrc == PAM_NEW_AUTHTOK_REQD; 2653bf4e632SJoseph Reynolds if ((pamrc != PAM_SUCCESS) && !isConfigureSelfOnly) 2661abe55efSEd Tanous { 26739662a3bSEd Tanous messages::resourceAtUriUnauthorized(asyncResp->res, req.url(), 268f12894f8SJason M. Bills "Invalid username or password"); 269820ce598SEd Tanous return; 2702b7981f6SKowalski, Kamil } 2716f115bbbSManojkiran Eda 272820ce598SEd Tanous // User is authenticated - create session 27352cc112dSEd Tanous std::shared_ptr<persistent_data::UserSession> session = 274724340d7SEd Tanous persistent_data::SessionStore::getInstance().generateUserSession( 27541d61c82SJiaqing Zhao username, req.ipAddress, clientId, 27689cda63dSEd Tanous persistent_data::SessionType::Session, isConfigureSelfOnly); 27702e53aefSBrad Bishop if (session == nullptr) 27802e53aefSBrad Bishop { 27902e53aefSBrad Bishop messages::internalError(asyncResp->res); 28002e53aefSBrad Bishop return; 28102e53aefSBrad Bishop } 282be2f124cSJishnu CM processAfterSessionCreation(asyncResp, req, username, session); 28329aab242SPaul Fertser } 28429aab242SPaul Fertser 285a1e0871dSEd Tanous inline void handleSessionServiceHead( 286a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 287a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 288a1e0871dSEd Tanous { 289a1e0871dSEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 290a1e0871dSEd Tanous { 291a1e0871dSEd Tanous return; 292a1e0871dSEd Tanous } 293a1e0871dSEd Tanous asyncResp->res.addHeader( 294a1e0871dSEd Tanous boost::beast::http::field::link, 295a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby"); 296a1e0871dSEd Tanous } 297724340d7SEd Tanous inline void 29845ca1b86SEd Tanous handleSessionServiceGet(crow::App& app, const crow::Request& req, 299724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 3002b7981f6SKowalski, Kamil 301724340d7SEd Tanous { 30278e3900fSGunnar Mills if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 30378e3900fSGunnar Mills { 30478e3900fSGunnar Mills return; 30578e3900fSGunnar Mills } 30678e3900fSGunnar Mills asyncResp->res.addHeader( 30778e3900fSGunnar Mills boost::beast::http::field::link, 30878e3900fSGunnar Mills "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby"); 30978e3900fSGunnar Mills 3108d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 3118d1b46d7Szhanghch05 "#SessionService.v1_0_2.SessionService"; 3127a859ffeSGunnar Mills asyncResp->res.jsonValue["@odata.id"] = "/redfish/v1/SessionService"; 3138d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Service"; 3148d1b46d7Szhanghch05 asyncResp->res.jsonValue["Id"] = "SessionService"; 3158d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Service"; 3168d1b46d7Szhanghch05 asyncResp->res.jsonValue["SessionTimeout"] = 317724340d7SEd Tanous persistent_data::SessionStore::getInstance().getTimeoutInSeconds(); 3188d1b46d7Szhanghch05 asyncResp->res.jsonValue["ServiceEnabled"] = true; 3190f74e643SEd Tanous 3201476687dSEd Tanous asyncResp->res.jsonValue["Sessions"]["@odata.id"] = 3211476687dSEd Tanous "/redfish/v1/SessionService/Sessions"; 322724340d7SEd Tanous } 323f2a4a606SManojkiran Eda 324724340d7SEd Tanous inline void handleSessionServicePatch( 32545ca1b86SEd Tanous crow::App& app, const crow::Request& req, 326724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 327724340d7SEd Tanous { 3283ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 32945ca1b86SEd Tanous { 33045ca1b86SEd Tanous return; 33145ca1b86SEd Tanous } 332f2a4a606SManojkiran Eda std::optional<int64_t> sessionTimeout; 333afc474aeSMyung Bae if (!json_util::readJsonPatch( // 334afc474aeSMyung Bae req, asyncResp->res, // 335afc474aeSMyung Bae "SessionTimeout", sessionTimeout // 336afc474aeSMyung Bae )) 337f2a4a606SManojkiran Eda { 338f2a4a606SManojkiran Eda return; 339f2a4a606SManojkiran Eda } 340f2a4a606SManojkiran Eda 341f2a4a606SManojkiran Eda if (sessionTimeout) 342f2a4a606SManojkiran Eda { 3438ece0e45SEd Tanous // The minimum & maximum allowed values for session timeout 344faa34ccfSEd Tanous // are 30 seconds and 86400 seconds respectively as per the 345faa34ccfSEd Tanous // session service schema mentioned at 346f2a4a606SManojkiran Eda // https://redfish.dmtf.org/schemas/v1/SessionService.v1_1_7.json 347f2a4a606SManojkiran Eda 348f2a4a606SManojkiran Eda if (*sessionTimeout <= 86400 && *sessionTimeout >= 30) 349f2a4a606SManojkiran Eda { 350724340d7SEd Tanous std::chrono::seconds sessionTimeoutInseconds(*sessionTimeout); 351724340d7SEd Tanous persistent_data::SessionStore::getInstance().updateSessionTimeout( 352724340d7SEd Tanous sessionTimeoutInseconds); 353724340d7SEd Tanous messages::propertyValueModified(asyncResp->res, "SessionTimeOut", 354f2a4a606SManojkiran Eda std::to_string(*sessionTimeout)); 355f2a4a606SManojkiran Eda } 356f2a4a606SManojkiran Eda else 357f2a4a606SManojkiran Eda { 358e2616cc5SEd Tanous messages::propertyValueNotInList(asyncResp->res, *sessionTimeout, 3598d1b46d7Szhanghch05 "SessionTimeOut"); 360f2a4a606SManojkiran Eda } 361f2a4a606SManojkiran Eda } 362724340d7SEd Tanous } 363724340d7SEd Tanous 364724340d7SEd Tanous inline void requestRoutesSession(App& app) 365724340d7SEd Tanous { 366724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 367a1e0871dSEd Tanous .privileges(redfish::privileges::headSession) 368a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 369a1e0871dSEd Tanous std::bind_front(handleSessionHead, std::ref(app))); 370a1e0871dSEd Tanous 371a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 372724340d7SEd Tanous .privileges(redfish::privileges::getSession) 37345ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 37445ca1b86SEd Tanous std::bind_front(handleSessionGet, std::ref(app))); 375724340d7SEd Tanous 376724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 377724340d7SEd Tanous .privileges(redfish::privileges::deleteSession) 37845ca1b86SEd Tanous .methods(boost::beast::http::verb::delete_)( 37945ca1b86SEd Tanous std::bind_front(handleSessionDelete, std::ref(app))); 380724340d7SEd Tanous 381724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 382a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionCollection) 383a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 384a1e0871dSEd Tanous std::bind_front(handleSessionCollectionHead, std::ref(app))); 385a1e0871dSEd Tanous 386a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 387724340d7SEd Tanous .privileges(redfish::privileges::getSessionCollection) 38845ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 38945ca1b86SEd Tanous std::bind_front(handleSessionCollectionGet, std::ref(app))); 390724340d7SEd Tanous 391e76cd868SEd Tanous // Note, the next two routes technically don't match the privilege 392724340d7SEd Tanous // registry given the way login mechanisms work. The base privilege 393724340d7SEd Tanous // registry lists this endpoint as requiring login privilege, but because 394724340d7SEd Tanous // this is the endpoint responsible for giving the login privilege, and it 395724340d7SEd Tanous // is itself its own route, it needs to not require Login 396724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 397724340d7SEd Tanous .privileges({}) 39845ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 39945ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 400724340d7SEd Tanous 401e76cd868SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/Members/") 402e76cd868SEd Tanous .privileges({}) 40345ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 40445ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 405e76cd868SEd Tanous 406724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 407a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionService) 408a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 409a1e0871dSEd Tanous std::bind_front(handleSessionServiceHead, std::ref(app))); 410a1e0871dSEd Tanous 411a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 412724340d7SEd Tanous .privileges(redfish::privileges::getSessionService) 41345ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 41445ca1b86SEd Tanous std::bind_front(handleSessionServiceGet, std::ref(app))); 415724340d7SEd Tanous 416724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 417724340d7SEd Tanous .privileges(redfish::privileges::patchSessionService) 41845ca1b86SEd Tanous .methods(boost::beast::http::verb::patch)( 41945ca1b86SEd Tanous std::bind_front(handleSessionServicePatch, std::ref(app))); 420f2a4a606SManojkiran Eda } 4215d27b854SBorawski.Lukasz 4222b7981f6SKowalski, Kamil } // namespace redfish 423