12b7981f6SKowalski, Kamil /* 2*6be832e2SEd Tanous Copyright (c) 2018 Intel Corporation 3*6be832e2SEd Tanous 4*6be832e2SEd Tanous Licensed under the Apache License, Version 2.0 (the "License"); 5*6be832e2SEd Tanous you may not use this file except in compliance with the License. 6*6be832e2SEd Tanous You may obtain a copy of the License at 7*6be832e2SEd Tanous 8*6be832e2SEd Tanous http://www.apache.org/licenses/LICENSE-2.0 9*6be832e2SEd Tanous 10*6be832e2SEd Tanous Unless required by applicable law or agreed to in writing, software 11*6be832e2SEd Tanous distributed under the License is distributed on an "AS IS" BASIS, 12*6be832e2SEd Tanous WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13*6be832e2SEd Tanous See the License for the specific language governing permissions and 14*6be832e2SEd Tanous limitations under the License. 152b7981f6SKowalski, Kamil */ 162b7981f6SKowalski, Kamil #pragma once 1743a095abSBorawski.Lukasz 18ce22f609SPaul Fertser #include "account_service.hpp" 193ccb3adbSEd Tanous #include "app.hpp" 2029aab242SPaul Fertser #include "cookies.hpp" 21f4c4dcf4SKowalski, Kamil #include "error_messages.hpp" 223ccb3adbSEd Tanous #include "http/utility.hpp" 2352cc112dSEd Tanous #include "persistent_data.hpp" 243ccb3adbSEd Tanous #include "query.hpp" 253ccb3adbSEd Tanous #include "registries/privilege_registry.hpp" 263ccb3adbSEd Tanous #include "utils/json_utils.hpp" 277e860f15SJohn Edward Broadbent 28ef4c65b7SEd Tanous #include <boost/url/format.hpp> 29ef4c65b7SEd Tanous 3089cda63dSEd Tanous #include <string> 3189cda63dSEd Tanous #include <vector> 3289cda63dSEd Tanous 331abe55efSEd Tanous namespace redfish 341abe55efSEd Tanous { 352b7981f6SKowalski, Kamil 364f48d5f6SEd Tanous inline void fillSessionObject(crow::Response& res, 37faa34ccfSEd Tanous const persistent_data::UserSession& session) 381abe55efSEd Tanous { 39faa34ccfSEd Tanous res.jsonValue["Id"] = session.uniqueId; 40faa34ccfSEd Tanous res.jsonValue["UserName"] = session.username; 41ce22f609SPaul Fertser nlohmann::json::array_t roles; 42ce22f609SPaul Fertser roles.emplace_back(redfish::getRoleIdFromPrivilege(session.userRole)); 43ce22f609SPaul Fertser res.jsonValue["Roles"] = std::move(roles); 44ef4c65b7SEd Tanous res.jsonValue["@odata.id"] = boost::urls::format( 45ef4c65b7SEd Tanous "/redfish/v1/SessionService/Sessions/{}", session.uniqueId); 46ce22f609SPaul Fertser res.jsonValue["@odata.type"] = "#Session.v1_7_0.Session"; 47faa34ccfSEd Tanous res.jsonValue["Name"] = "User Session"; 48faa34ccfSEd Tanous res.jsonValue["Description"] = "Manager User Session"; 49faa34ccfSEd Tanous res.jsonValue["ClientOriginIPAddress"] = session.clientIp; 50bb759e3aSEd Tanous if (session.clientId) 51bb759e3aSEd Tanous { 52bb759e3aSEd Tanous res.jsonValue["Context"] = *session.clientId; 53bb759e3aSEd Tanous } 542b7981f6SKowalski, Kamil } 552b7981f6SKowalski, Kamil 56724340d7SEd Tanous inline void 57a1e0871dSEd Tanous handleSessionHead(crow::App& app, const crow::Request& req, 58faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 59a1e0871dSEd Tanous const std::string& /*sessionId*/) 60724340d7SEd Tanous { 613ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 6245ca1b86SEd Tanous { 6345ca1b86SEd Tanous return; 6445ca1b86SEd Tanous } 65a1e0871dSEd Tanous asyncResp->res.addHeader( 66a1e0871dSEd Tanous boost::beast::http::field::link, 67a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby"); 68a1e0871dSEd Tanous } 69a1e0871dSEd Tanous 70a1e0871dSEd Tanous inline void 71a1e0871dSEd Tanous handleSessionGet(crow::App& app, const crow::Request& req, 72a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 73a1e0871dSEd Tanous const std::string& sessionId) 74a1e0871dSEd Tanous { 7565ffbcb3SEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 7665ffbcb3SEd Tanous { 7765ffbcb3SEd Tanous return; 7865ffbcb3SEd Tanous } 7965ffbcb3SEd Tanous asyncResp->res.addHeader( 8065ffbcb3SEd Tanous boost::beast::http::field::link, 8165ffbcb3SEd Tanous "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby"); 82a1e0871dSEd Tanous 83faa34ccfSEd Tanous // Note that control also reaches here via doPost and doDelete. 84724340d7SEd Tanous auto session = 85724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 862b7981f6SKowalski, Kamil 871abe55efSEd Tanous if (session == nullptr) 881abe55efSEd Tanous { 89724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 90faa34ccfSEd Tanous return; 91faa34ccfSEd Tanous } 92faa34ccfSEd Tanous 93faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 94724340d7SEd Tanous } 95faa34ccfSEd Tanous 96724340d7SEd Tanous inline void 9745ca1b86SEd Tanous handleSessionDelete(crow::App& app, const crow::Request& req, 98faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 99724340d7SEd Tanous const std::string& sessionId) 100724340d7SEd Tanous { 1013ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 10245ca1b86SEd Tanous { 10345ca1b86SEd Tanous return; 10445ca1b86SEd Tanous } 105724340d7SEd Tanous auto session = 106724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 107faa34ccfSEd Tanous 108faa34ccfSEd Tanous if (session == nullptr) 109faa34ccfSEd Tanous { 110724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 1112b7981f6SKowalski, Kamil return; 1122b7981f6SKowalski, Kamil } 1132b7981f6SKowalski, Kamil 114900f9497SJoseph Reynolds // Perform a proper ConfigureSelf authority check. If a 115900f9497SJoseph Reynolds // session is being used to DELETE some other user's session, 116900f9497SJoseph Reynolds // then the ConfigureSelf privilege does not apply. In that 117900f9497SJoseph Reynolds // case, perform the authority check again without the user's 118900f9497SJoseph Reynolds // ConfigureSelf privilege. 1190fd29865Swukaihua-fii-na if (req.session != nullptr && !session->username.empty() && 1200fd29865Swukaihua-fii-na session->username != req.session->username) 121900f9497SJoseph Reynolds { 1226c51eab1SEd Tanous Privileges effectiveUserPrivileges = 1233e72c202SNinad Palsule redfish::getUserPrivileges(*req.session); 1246c51eab1SEd Tanous 125724340d7SEd Tanous if (!effectiveUserPrivileges.isSupersetOf({"ConfigureUsers"})) 126900f9497SJoseph Reynolds { 1278d1b46d7Szhanghch05 messages::insufficientPrivilege(asyncResp->res); 128900f9497SJoseph Reynolds return; 129900f9497SJoseph Reynolds } 130900f9497SJoseph Reynolds } 131900f9497SJoseph Reynolds 13229aab242SPaul Fertser if (session->cookieAuth) 13329aab242SPaul Fertser { 13429aab242SPaul Fertser bmcweb::clearSessionCookies(asyncResp->res); 13529aab242SPaul Fertser } 13629aab242SPaul Fertser 137724340d7SEd Tanous persistent_data::SessionStore::getInstance().removeSession(session); 1385cc148afSEd Tanous messages::success(asyncResp->res); 139724340d7SEd Tanous } 140f4c4dcf4SKowalski, Kamil 141724340d7SEd Tanous inline nlohmann::json getSessionCollectionMembers() 142724340d7SEd Tanous { 14389cda63dSEd Tanous std::vector<std::string> sessionIds = 14489cda63dSEd Tanous persistent_data::SessionStore::getInstance().getAllUniqueIds(); 145724340d7SEd Tanous nlohmann::json ret = nlohmann::json::array(); 14689cda63dSEd Tanous for (const std::string& uid : sessionIds) 1471abe55efSEd Tanous { 1481476687dSEd Tanous nlohmann::json::object_t session; 149ef4c65b7SEd Tanous session["@odata.id"] = 15089cda63dSEd Tanous boost::urls::format("/redfish/v1/SessionService/Sessions/{}", uid); 151b2ba3072SPatrick Williams ret.emplace_back(std::move(session)); 1522b7981f6SKowalski, Kamil } 153724340d7SEd Tanous return ret; 154724340d7SEd Tanous } 155724340d7SEd Tanous 156a1e0871dSEd Tanous inline void handleSessionCollectionHead( 15745ca1b86SEd Tanous crow::App& app, const crow::Request& req, 158724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 159724340d7SEd Tanous { 1603ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 16145ca1b86SEd Tanous { 16245ca1b86SEd Tanous return; 16345ca1b86SEd Tanous } 164a1e0871dSEd Tanous asyncResp->res.addHeader( 165a1e0871dSEd Tanous boost::beast::http::field::link, 166a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby"); 167a1e0871dSEd Tanous } 168a1e0871dSEd Tanous 169a1e0871dSEd Tanous inline void handleSessionCollectionGet( 170a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 171a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 172a1e0871dSEd Tanous { 17301a89a1fSEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 17401a89a1fSEd Tanous { 17501a89a1fSEd Tanous return; 17601a89a1fSEd Tanous } 17701a89a1fSEd Tanous asyncResp->res.addHeader( 17801a89a1fSEd Tanous boost::beast::http::field::link, 17901a89a1fSEd Tanous "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby"); 18001a89a1fSEd Tanous 181724340d7SEd Tanous asyncResp->res.jsonValue["Members"] = getSessionCollectionMembers(); 182faa34ccfSEd Tanous asyncResp->res.jsonValue["Members@odata.count"] = 183724340d7SEd Tanous asyncResp->res.jsonValue["Members"].size(); 1848d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 1858d1b46d7Szhanghch05 "#SessionCollection.SessionCollection"; 1868d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.id"] = 1877a859ffeSGunnar Mills "/redfish/v1/SessionService/Sessions"; 1888d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Collection"; 1898d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Collection"; 190724340d7SEd Tanous } 1912b7981f6SKowalski, Kamil 192724340d7SEd Tanous inline void handleSessionCollectionMembersGet( 19345ca1b86SEd Tanous crow::App& app, const crow::Request& req, 194724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 195724340d7SEd Tanous { 1963ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 19745ca1b86SEd Tanous { 19845ca1b86SEd Tanous return; 19945ca1b86SEd Tanous } 200724340d7SEd Tanous asyncResp->res.jsonValue = getSessionCollectionMembers(); 201724340d7SEd Tanous } 202724340d7SEd Tanous 2034ee8e211SEd Tanous inline void handleSessionCollectionPost( 20445ca1b86SEd Tanous crow::App& app, const crow::Request& req, 205724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 206724340d7SEd Tanous { 2073ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 20845ca1b86SEd Tanous { 20945ca1b86SEd Tanous return; 21045ca1b86SEd Tanous } 2119712f8acSEd Tanous std::string username; 2129712f8acSEd Tanous std::string password; 213bb759e3aSEd Tanous std::optional<std::string> clientId; 2142ccce1f3SRavi Teja std::optional<std::string> token; 215724340d7SEd Tanous if (!json_util::readJsonPatch(req, asyncResp->res, "UserName", username, 2162ccce1f3SRavi Teja "Password", password, "Token", token, 2172ccce1f3SRavi Teja "Context", clientId)) 2181abe55efSEd Tanous { 2192b7981f6SKowalski, Kamil return; 2202b7981f6SKowalski, Kamil } 221820ce598SEd Tanous if (password.empty() || username.empty() || 2228d1b46d7Szhanghch05 asyncResp->res.result() != boost::beast::http::status::ok) 2231abe55efSEd Tanous { 2241abe55efSEd Tanous if (username.empty()) 2251abe55efSEd Tanous { 2268d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "UserName"); 227f4c4dcf4SKowalski, Kamil } 228f4c4dcf4SKowalski, Kamil 2291abe55efSEd Tanous if (password.empty()) 2301abe55efSEd Tanous { 2318d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "Password"); 232820ce598SEd Tanous } 233820ce598SEd Tanous 234820ce598SEd Tanous return; 235f4c4dcf4SKowalski, Kamil } 2362b7981f6SKowalski, Kamil 2372ccce1f3SRavi Teja int pamrc = pamAuthenticateUser(username, password, token); 2383bf4e632SJoseph Reynolds bool isConfigureSelfOnly = pamrc == PAM_NEW_AUTHTOK_REQD; 2393bf4e632SJoseph Reynolds if ((pamrc != PAM_SUCCESS) && !isConfigureSelfOnly) 2401abe55efSEd Tanous { 24139662a3bSEd Tanous messages::resourceAtUriUnauthorized(asyncResp->res, req.url(), 242f12894f8SJason M. Bills "Invalid username or password"); 243820ce598SEd Tanous return; 2442b7981f6SKowalski, Kamil } 2456f115bbbSManojkiran Eda 246820ce598SEd Tanous // User is authenticated - create session 24752cc112dSEd Tanous std::shared_ptr<persistent_data::UserSession> session = 248724340d7SEd Tanous persistent_data::SessionStore::getInstance().generateUserSession( 24941d61c82SJiaqing Zhao username, req.ipAddress, clientId, 25089cda63dSEd Tanous persistent_data::SessionType::Session, isConfigureSelfOnly); 25102e53aefSBrad Bishop if (session == nullptr) 25202e53aefSBrad Bishop { 25302e53aefSBrad Bishop messages::internalError(asyncResp->res); 25402e53aefSBrad Bishop return; 25502e53aefSBrad Bishop } 25602e53aefSBrad Bishop 25729aab242SPaul Fertser // When session is created by webui-vue give it session cookies as a 25829aab242SPaul Fertser // non-standard Redfish extension. This is needed for authentication for 25929aab242SPaul Fertser // WebSockets-based functionality. 26029aab242SPaul Fertser if (!req.getHeaderValue("X-Requested-With").empty()) 26129aab242SPaul Fertser { 26229aab242SPaul Fertser bmcweb::setSessionCookies(asyncResp->res, *session); 26329aab242SPaul Fertser } 26429aab242SPaul Fertser else 26529aab242SPaul Fertser { 2668d1b46d7Szhanghch05 asyncResp->res.addHeader("X-Auth-Token", session->sessionToken); 26729aab242SPaul Fertser } 26829aab242SPaul Fertser 269faa34ccfSEd Tanous asyncResp->res.addHeader( 270724340d7SEd Tanous "Location", "/redfish/v1/SessionService/Sessions/" + session->uniqueId); 2718d1b46d7Szhanghch05 asyncResp->res.result(boost::beast::http::status::created); 2723bf4e632SJoseph Reynolds if (session->isConfigureSelfOnly) 2733bf4e632SJoseph Reynolds { 2743bf4e632SJoseph Reynolds messages::passwordChangeRequired( 275724340d7SEd Tanous asyncResp->res, 276ef4c65b7SEd Tanous boost::urls::format("/redfish/v1/AccountService/Accounts/{}", 277ef4c65b7SEd Tanous session->username)); 2782b7981f6SKowalski, Kamil } 2792b7981f6SKowalski, Kamil 280478c5a57SPaul Fertser crow::getUserInfo(asyncResp, username, session, [asyncResp, session]() { 281faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 282478c5a57SPaul Fertser }); 283724340d7SEd Tanous } 284a1e0871dSEd Tanous inline void handleSessionServiceHead( 285a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 286a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 287a1e0871dSEd Tanous { 288a1e0871dSEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 289a1e0871dSEd Tanous { 290a1e0871dSEd Tanous return; 291a1e0871dSEd Tanous } 292a1e0871dSEd Tanous asyncResp->res.addHeader( 293a1e0871dSEd Tanous boost::beast::http::field::link, 294a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby"); 295a1e0871dSEd Tanous } 296724340d7SEd Tanous inline void 29745ca1b86SEd Tanous handleSessionServiceGet(crow::App& app, const crow::Request& req, 298724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 2992b7981f6SKowalski, Kamil 300724340d7SEd Tanous { 30178e3900fSGunnar Mills if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 30278e3900fSGunnar Mills { 30378e3900fSGunnar Mills return; 30478e3900fSGunnar Mills } 30578e3900fSGunnar Mills asyncResp->res.addHeader( 30678e3900fSGunnar Mills boost::beast::http::field::link, 30778e3900fSGunnar Mills "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby"); 30878e3900fSGunnar Mills 3098d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 3108d1b46d7Szhanghch05 "#SessionService.v1_0_2.SessionService"; 3117a859ffeSGunnar Mills asyncResp->res.jsonValue["@odata.id"] = "/redfish/v1/SessionService"; 3128d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Service"; 3138d1b46d7Szhanghch05 asyncResp->res.jsonValue["Id"] = "SessionService"; 3148d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Service"; 3158d1b46d7Szhanghch05 asyncResp->res.jsonValue["SessionTimeout"] = 316724340d7SEd Tanous persistent_data::SessionStore::getInstance().getTimeoutInSeconds(); 3178d1b46d7Szhanghch05 asyncResp->res.jsonValue["ServiceEnabled"] = true; 3180f74e643SEd Tanous 3191476687dSEd Tanous asyncResp->res.jsonValue["Sessions"]["@odata.id"] = 3201476687dSEd Tanous "/redfish/v1/SessionService/Sessions"; 321724340d7SEd Tanous } 322f2a4a606SManojkiran Eda 323724340d7SEd Tanous inline void handleSessionServicePatch( 32445ca1b86SEd Tanous crow::App& app, const crow::Request& req, 325724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 326724340d7SEd Tanous { 3273ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 32845ca1b86SEd Tanous { 32945ca1b86SEd Tanous return; 33045ca1b86SEd Tanous } 331f2a4a606SManojkiran Eda std::optional<int64_t> sessionTimeout; 332724340d7SEd Tanous if (!json_util::readJsonPatch(req, asyncResp->res, "SessionTimeout", 333724340d7SEd Tanous sessionTimeout)) 334f2a4a606SManojkiran Eda { 335f2a4a606SManojkiran Eda return; 336f2a4a606SManojkiran Eda } 337f2a4a606SManojkiran Eda 338f2a4a606SManojkiran Eda if (sessionTimeout) 339f2a4a606SManojkiran Eda { 3408ece0e45SEd Tanous // The minimum & maximum allowed values for session timeout 341faa34ccfSEd Tanous // are 30 seconds and 86400 seconds respectively as per the 342faa34ccfSEd Tanous // session service schema mentioned at 343f2a4a606SManojkiran Eda // https://redfish.dmtf.org/schemas/v1/SessionService.v1_1_7.json 344f2a4a606SManojkiran Eda 345f2a4a606SManojkiran Eda if (*sessionTimeout <= 86400 && *sessionTimeout >= 30) 346f2a4a606SManojkiran Eda { 347724340d7SEd Tanous std::chrono::seconds sessionTimeoutInseconds(*sessionTimeout); 348724340d7SEd Tanous persistent_data::SessionStore::getInstance().updateSessionTimeout( 349724340d7SEd Tanous sessionTimeoutInseconds); 350724340d7SEd Tanous messages::propertyValueModified(asyncResp->res, "SessionTimeOut", 351f2a4a606SManojkiran Eda std::to_string(*sessionTimeout)); 352f2a4a606SManojkiran Eda } 353f2a4a606SManojkiran Eda else 354f2a4a606SManojkiran Eda { 355e2616cc5SEd Tanous messages::propertyValueNotInList(asyncResp->res, *sessionTimeout, 3568d1b46d7Szhanghch05 "SessionTimeOut"); 357f2a4a606SManojkiran Eda } 358f2a4a606SManojkiran Eda } 359724340d7SEd Tanous } 360724340d7SEd Tanous 361724340d7SEd Tanous inline void requestRoutesSession(App& app) 362724340d7SEd Tanous { 363724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 364a1e0871dSEd Tanous .privileges(redfish::privileges::headSession) 365a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 366a1e0871dSEd Tanous std::bind_front(handleSessionHead, std::ref(app))); 367a1e0871dSEd Tanous 368a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 369724340d7SEd Tanous .privileges(redfish::privileges::getSession) 37045ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 37145ca1b86SEd Tanous std::bind_front(handleSessionGet, std::ref(app))); 372724340d7SEd Tanous 373724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 374724340d7SEd Tanous .privileges(redfish::privileges::deleteSession) 37545ca1b86SEd Tanous .methods(boost::beast::http::verb::delete_)( 37645ca1b86SEd Tanous std::bind_front(handleSessionDelete, std::ref(app))); 377724340d7SEd Tanous 378724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 379a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionCollection) 380a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 381a1e0871dSEd Tanous std::bind_front(handleSessionCollectionHead, std::ref(app))); 382a1e0871dSEd Tanous 383a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 384724340d7SEd Tanous .privileges(redfish::privileges::getSessionCollection) 38545ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 38645ca1b86SEd Tanous std::bind_front(handleSessionCollectionGet, std::ref(app))); 387724340d7SEd Tanous 388e76cd868SEd Tanous // Note, the next two routes technically don't match the privilege 389724340d7SEd Tanous // registry given the way login mechanisms work. The base privilege 390724340d7SEd Tanous // registry lists this endpoint as requiring login privilege, but because 391724340d7SEd Tanous // this is the endpoint responsible for giving the login privilege, and it 392724340d7SEd Tanous // is itself its own route, it needs to not require Login 393724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 394724340d7SEd Tanous .privileges({}) 39545ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 39645ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 397724340d7SEd Tanous 398e76cd868SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/Members/") 399e76cd868SEd Tanous .privileges({}) 40045ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 40145ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 402e76cd868SEd Tanous 403724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 404a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionService) 405a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 406a1e0871dSEd Tanous std::bind_front(handleSessionServiceHead, std::ref(app))); 407a1e0871dSEd Tanous 408a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 409724340d7SEd Tanous .privileges(redfish::privileges::getSessionService) 41045ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 41145ca1b86SEd Tanous std::bind_front(handleSessionServiceGet, std::ref(app))); 412724340d7SEd Tanous 413724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 414724340d7SEd Tanous .privileges(redfish::privileges::patchSessionService) 41545ca1b86SEd Tanous .methods(boost::beast::http::verb::patch)( 41645ca1b86SEd Tanous std::bind_front(handleSessionServicePatch, std::ref(app))); 417f2a4a606SManojkiran Eda } 4185d27b854SBorawski.Lukasz 4192b7981f6SKowalski, Kamil } // namespace redfish 420