12b7981f6SKowalski, Kamil /* 26be832e2SEd Tanous Copyright (c) 2018 Intel Corporation 36be832e2SEd Tanous 46be832e2SEd Tanous Licensed under the Apache License, Version 2.0 (the "License"); 56be832e2SEd Tanous you may not use this file except in compliance with the License. 66be832e2SEd Tanous You may obtain a copy of the License at 76be832e2SEd Tanous 86be832e2SEd Tanous http://www.apache.org/licenses/LICENSE-2.0 96be832e2SEd Tanous 106be832e2SEd Tanous Unless required by applicable law or agreed to in writing, software 116be832e2SEd Tanous distributed under the License is distributed on an "AS IS" BASIS, 126be832e2SEd Tanous WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 136be832e2SEd Tanous See the License for the specific language governing permissions and 146be832e2SEd Tanous limitations under the License. 152b7981f6SKowalski, Kamil */ 162b7981f6SKowalski, Kamil #pragma once 1743a095abSBorawski.Lukasz 18ce22f609SPaul Fertser #include "account_service.hpp" 193ccb3adbSEd Tanous #include "app.hpp" 2029aab242SPaul Fertser #include "cookies.hpp" 21f4c4dcf4SKowalski, Kamil #include "error_messages.hpp" 223ccb3adbSEd Tanous #include "http/utility.hpp" 2352cc112dSEd Tanous #include "persistent_data.hpp" 243ccb3adbSEd Tanous #include "query.hpp" 253ccb3adbSEd Tanous #include "registries/privilege_registry.hpp" 263ccb3adbSEd Tanous #include "utils/json_utils.hpp" 277e860f15SJohn Edward Broadbent 28ef4c65b7SEd Tanous #include <boost/url/format.hpp> 29ef4c65b7SEd Tanous 3089cda63dSEd Tanous #include <string> 3189cda63dSEd Tanous #include <vector> 3289cda63dSEd Tanous 331abe55efSEd Tanous namespace redfish 341abe55efSEd Tanous { 352b7981f6SKowalski, Kamil 364f48d5f6SEd Tanous inline void fillSessionObject(crow::Response& res, 37faa34ccfSEd Tanous const persistent_data::UserSession& session) 381abe55efSEd Tanous { 39faa34ccfSEd Tanous res.jsonValue["Id"] = session.uniqueId; 40faa34ccfSEd Tanous res.jsonValue["UserName"] = session.username; 41ce22f609SPaul Fertser nlohmann::json::array_t roles; 42ce22f609SPaul Fertser roles.emplace_back(redfish::getRoleIdFromPrivilege(session.userRole)); 43ce22f609SPaul Fertser res.jsonValue["Roles"] = std::move(roles); 44ef4c65b7SEd Tanous res.jsonValue["@odata.id"] = boost::urls::format( 45ef4c65b7SEd Tanous "/redfish/v1/SessionService/Sessions/{}", session.uniqueId); 46ce22f609SPaul Fertser res.jsonValue["@odata.type"] = "#Session.v1_7_0.Session"; 47faa34ccfSEd Tanous res.jsonValue["Name"] = "User Session"; 48faa34ccfSEd Tanous res.jsonValue["Description"] = "Manager User Session"; 49faa34ccfSEd Tanous res.jsonValue["ClientOriginIPAddress"] = session.clientIp; 50bb759e3aSEd Tanous if (session.clientId) 51bb759e3aSEd Tanous { 52bb759e3aSEd Tanous res.jsonValue["Context"] = *session.clientId; 53bb759e3aSEd Tanous } 542b7981f6SKowalski, Kamil } 552b7981f6SKowalski, Kamil 56724340d7SEd Tanous inline void 57a1e0871dSEd Tanous handleSessionHead(crow::App& app, const crow::Request& req, 58faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 59a1e0871dSEd Tanous const std::string& /*sessionId*/) 60724340d7SEd Tanous { 613ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 6245ca1b86SEd Tanous { 6345ca1b86SEd Tanous return; 6445ca1b86SEd Tanous } 65a1e0871dSEd Tanous asyncResp->res.addHeader( 66a1e0871dSEd Tanous boost::beast::http::field::link, 67a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby"); 68a1e0871dSEd Tanous } 69a1e0871dSEd Tanous 70a1e0871dSEd Tanous inline void 71a1e0871dSEd Tanous handleSessionGet(crow::App& app, const crow::Request& req, 72a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 73a1e0871dSEd Tanous const std::string& sessionId) 74a1e0871dSEd Tanous { 7565ffbcb3SEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 7665ffbcb3SEd Tanous { 7765ffbcb3SEd Tanous return; 7865ffbcb3SEd Tanous } 7965ffbcb3SEd Tanous asyncResp->res.addHeader( 8065ffbcb3SEd Tanous boost::beast::http::field::link, 8165ffbcb3SEd Tanous "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby"); 82a1e0871dSEd Tanous 83faa34ccfSEd Tanous // Note that control also reaches here via doPost and doDelete. 84724340d7SEd Tanous auto session = 85724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 862b7981f6SKowalski, Kamil 871abe55efSEd Tanous if (session == nullptr) 881abe55efSEd Tanous { 89724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 90faa34ccfSEd Tanous return; 91faa34ccfSEd Tanous } 92faa34ccfSEd Tanous 93faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 94724340d7SEd Tanous } 95faa34ccfSEd Tanous 96724340d7SEd Tanous inline void 9745ca1b86SEd Tanous handleSessionDelete(crow::App& app, const crow::Request& req, 98faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 99724340d7SEd Tanous const std::string& sessionId) 100724340d7SEd Tanous { 1013ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 10245ca1b86SEd Tanous { 10345ca1b86SEd Tanous return; 10445ca1b86SEd Tanous } 105724340d7SEd Tanous auto session = 106724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 107faa34ccfSEd Tanous 108faa34ccfSEd Tanous if (session == nullptr) 109faa34ccfSEd Tanous { 110724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 1112b7981f6SKowalski, Kamil return; 1122b7981f6SKowalski, Kamil } 1132b7981f6SKowalski, Kamil 114900f9497SJoseph Reynolds // Perform a proper ConfigureSelf authority check. If a 115900f9497SJoseph Reynolds // session is being used to DELETE some other user's session, 116900f9497SJoseph Reynolds // then the ConfigureSelf privilege does not apply. In that 117900f9497SJoseph Reynolds // case, perform the authority check again without the user's 118900f9497SJoseph Reynolds // ConfigureSelf privilege. 1190fd29865Swukaihua-fii-na if (req.session != nullptr && !session->username.empty() && 1200fd29865Swukaihua-fii-na session->username != req.session->username) 121900f9497SJoseph Reynolds { 1226c51eab1SEd Tanous Privileges effectiveUserPrivileges = 1233e72c202SNinad Palsule redfish::getUserPrivileges(*req.session); 1246c51eab1SEd Tanous 125724340d7SEd Tanous if (!effectiveUserPrivileges.isSupersetOf({"ConfigureUsers"})) 126900f9497SJoseph Reynolds { 1278d1b46d7Szhanghch05 messages::insufficientPrivilege(asyncResp->res); 128900f9497SJoseph Reynolds return; 129900f9497SJoseph Reynolds } 130900f9497SJoseph Reynolds } 131900f9497SJoseph Reynolds 132*8812e8beSPaul Fertser if (req.session != nullptr && req.session->uniqueId == sessionId && 133*8812e8beSPaul Fertser session->cookieAuth) 13429aab242SPaul Fertser { 13529aab242SPaul Fertser bmcweb::clearSessionCookies(asyncResp->res); 13629aab242SPaul Fertser } 13729aab242SPaul Fertser 138724340d7SEd Tanous persistent_data::SessionStore::getInstance().removeSession(session); 1395cc148afSEd Tanous messages::success(asyncResp->res); 140724340d7SEd Tanous } 141f4c4dcf4SKowalski, Kamil 142724340d7SEd Tanous inline nlohmann::json getSessionCollectionMembers() 143724340d7SEd Tanous { 14489cda63dSEd Tanous std::vector<std::string> sessionIds = 14589cda63dSEd Tanous persistent_data::SessionStore::getInstance().getAllUniqueIds(); 146724340d7SEd Tanous nlohmann::json ret = nlohmann::json::array(); 14789cda63dSEd Tanous for (const std::string& uid : sessionIds) 1481abe55efSEd Tanous { 1491476687dSEd Tanous nlohmann::json::object_t session; 150ef4c65b7SEd Tanous session["@odata.id"] = 15189cda63dSEd Tanous boost::urls::format("/redfish/v1/SessionService/Sessions/{}", uid); 152b2ba3072SPatrick Williams ret.emplace_back(std::move(session)); 1532b7981f6SKowalski, Kamil } 154724340d7SEd Tanous return ret; 155724340d7SEd Tanous } 156724340d7SEd Tanous 157a1e0871dSEd Tanous inline void handleSessionCollectionHead( 15845ca1b86SEd Tanous crow::App& app, const crow::Request& req, 159724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 160724340d7SEd Tanous { 1613ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 16245ca1b86SEd Tanous { 16345ca1b86SEd Tanous return; 16445ca1b86SEd Tanous } 165a1e0871dSEd Tanous asyncResp->res.addHeader( 166a1e0871dSEd Tanous boost::beast::http::field::link, 167a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby"); 168a1e0871dSEd Tanous } 169a1e0871dSEd Tanous 170a1e0871dSEd Tanous inline void handleSessionCollectionGet( 171a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 172a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 173a1e0871dSEd Tanous { 17401a89a1fSEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 17501a89a1fSEd Tanous { 17601a89a1fSEd Tanous return; 17701a89a1fSEd Tanous } 17801a89a1fSEd Tanous asyncResp->res.addHeader( 17901a89a1fSEd Tanous boost::beast::http::field::link, 18001a89a1fSEd Tanous "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby"); 18101a89a1fSEd Tanous 182724340d7SEd Tanous asyncResp->res.jsonValue["Members"] = getSessionCollectionMembers(); 183faa34ccfSEd Tanous asyncResp->res.jsonValue["Members@odata.count"] = 184724340d7SEd Tanous asyncResp->res.jsonValue["Members"].size(); 1858d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 1868d1b46d7Szhanghch05 "#SessionCollection.SessionCollection"; 1878d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.id"] = 1887a859ffeSGunnar Mills "/redfish/v1/SessionService/Sessions"; 1898d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Collection"; 1908d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Collection"; 191724340d7SEd Tanous } 1922b7981f6SKowalski, Kamil 193724340d7SEd Tanous inline void handleSessionCollectionMembersGet( 19445ca1b86SEd Tanous crow::App& app, const crow::Request& req, 195724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 196724340d7SEd Tanous { 1973ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 19845ca1b86SEd Tanous { 19945ca1b86SEd Tanous return; 20045ca1b86SEd Tanous } 201724340d7SEd Tanous asyncResp->res.jsonValue = getSessionCollectionMembers(); 202724340d7SEd Tanous } 203724340d7SEd Tanous 2044ee8e211SEd Tanous inline void handleSessionCollectionPost( 20545ca1b86SEd Tanous crow::App& app, const crow::Request& req, 206724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 207724340d7SEd Tanous { 2083ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 20945ca1b86SEd Tanous { 21045ca1b86SEd Tanous return; 21145ca1b86SEd Tanous } 2129712f8acSEd Tanous std::string username; 2139712f8acSEd Tanous std::string password; 214bb759e3aSEd Tanous std::optional<std::string> clientId; 2152ccce1f3SRavi Teja std::optional<std::string> token; 216724340d7SEd Tanous if (!json_util::readJsonPatch(req, asyncResp->res, "UserName", username, 2172ccce1f3SRavi Teja "Password", password, "Token", token, 2182ccce1f3SRavi Teja "Context", clientId)) 2191abe55efSEd Tanous { 2202b7981f6SKowalski, Kamil return; 2212b7981f6SKowalski, Kamil } 222820ce598SEd Tanous if (password.empty() || username.empty() || 2238d1b46d7Szhanghch05 asyncResp->res.result() != boost::beast::http::status::ok) 2241abe55efSEd Tanous { 2251abe55efSEd Tanous if (username.empty()) 2261abe55efSEd Tanous { 2278d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "UserName"); 228f4c4dcf4SKowalski, Kamil } 229f4c4dcf4SKowalski, Kamil 2301abe55efSEd Tanous if (password.empty()) 2311abe55efSEd Tanous { 2328d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "Password"); 233820ce598SEd Tanous } 234820ce598SEd Tanous 235820ce598SEd Tanous return; 236f4c4dcf4SKowalski, Kamil } 2372b7981f6SKowalski, Kamil 2382ccce1f3SRavi Teja int pamrc = pamAuthenticateUser(username, password, token); 2393bf4e632SJoseph Reynolds bool isConfigureSelfOnly = pamrc == PAM_NEW_AUTHTOK_REQD; 2403bf4e632SJoseph Reynolds if ((pamrc != PAM_SUCCESS) && !isConfigureSelfOnly) 2411abe55efSEd Tanous { 24239662a3bSEd Tanous messages::resourceAtUriUnauthorized(asyncResp->res, req.url(), 243f12894f8SJason M. Bills "Invalid username or password"); 244820ce598SEd Tanous return; 2452b7981f6SKowalski, Kamil } 2466f115bbbSManojkiran Eda 247820ce598SEd Tanous // User is authenticated - create session 24852cc112dSEd Tanous std::shared_ptr<persistent_data::UserSession> session = 249724340d7SEd Tanous persistent_data::SessionStore::getInstance().generateUserSession( 25041d61c82SJiaqing Zhao username, req.ipAddress, clientId, 25189cda63dSEd Tanous persistent_data::SessionType::Session, isConfigureSelfOnly); 25202e53aefSBrad Bishop if (session == nullptr) 25302e53aefSBrad Bishop { 25402e53aefSBrad Bishop messages::internalError(asyncResp->res); 25502e53aefSBrad Bishop return; 25602e53aefSBrad Bishop } 25702e53aefSBrad Bishop 25829aab242SPaul Fertser // When session is created by webui-vue give it session cookies as a 25929aab242SPaul Fertser // non-standard Redfish extension. This is needed for authentication for 26029aab242SPaul Fertser // WebSockets-based functionality. 26129aab242SPaul Fertser if (!req.getHeaderValue("X-Requested-With").empty()) 26229aab242SPaul Fertser { 26329aab242SPaul Fertser bmcweb::setSessionCookies(asyncResp->res, *session); 26429aab242SPaul Fertser } 26529aab242SPaul Fertser else 26629aab242SPaul Fertser { 2678d1b46d7Szhanghch05 asyncResp->res.addHeader("X-Auth-Token", session->sessionToken); 26829aab242SPaul Fertser } 26929aab242SPaul Fertser 270faa34ccfSEd Tanous asyncResp->res.addHeader( 271724340d7SEd Tanous "Location", "/redfish/v1/SessionService/Sessions/" + session->uniqueId); 2728d1b46d7Szhanghch05 asyncResp->res.result(boost::beast::http::status::created); 2733bf4e632SJoseph Reynolds if (session->isConfigureSelfOnly) 2743bf4e632SJoseph Reynolds { 2753bf4e632SJoseph Reynolds messages::passwordChangeRequired( 276724340d7SEd Tanous asyncResp->res, 277ef4c65b7SEd Tanous boost::urls::format("/redfish/v1/AccountService/Accounts/{}", 278ef4c65b7SEd Tanous session->username)); 2792b7981f6SKowalski, Kamil } 2802b7981f6SKowalski, Kamil 281478c5a57SPaul Fertser crow::getUserInfo(asyncResp, username, session, [asyncResp, session]() { 282faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 283478c5a57SPaul Fertser }); 284724340d7SEd Tanous } 285a1e0871dSEd Tanous inline void handleSessionServiceHead( 286a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 287a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 288a1e0871dSEd Tanous { 289a1e0871dSEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 290a1e0871dSEd Tanous { 291a1e0871dSEd Tanous return; 292a1e0871dSEd Tanous } 293a1e0871dSEd Tanous asyncResp->res.addHeader( 294a1e0871dSEd Tanous boost::beast::http::field::link, 295a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby"); 296a1e0871dSEd Tanous } 297724340d7SEd Tanous inline void 29845ca1b86SEd Tanous handleSessionServiceGet(crow::App& app, const crow::Request& req, 299724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 3002b7981f6SKowalski, Kamil 301724340d7SEd Tanous { 30278e3900fSGunnar Mills if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 30378e3900fSGunnar Mills { 30478e3900fSGunnar Mills return; 30578e3900fSGunnar Mills } 30678e3900fSGunnar Mills asyncResp->res.addHeader( 30778e3900fSGunnar Mills boost::beast::http::field::link, 30878e3900fSGunnar Mills "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby"); 30978e3900fSGunnar Mills 3108d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 3118d1b46d7Szhanghch05 "#SessionService.v1_0_2.SessionService"; 3127a859ffeSGunnar Mills asyncResp->res.jsonValue["@odata.id"] = "/redfish/v1/SessionService"; 3138d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Service"; 3148d1b46d7Szhanghch05 asyncResp->res.jsonValue["Id"] = "SessionService"; 3158d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Service"; 3168d1b46d7Szhanghch05 asyncResp->res.jsonValue["SessionTimeout"] = 317724340d7SEd Tanous persistent_data::SessionStore::getInstance().getTimeoutInSeconds(); 3188d1b46d7Szhanghch05 asyncResp->res.jsonValue["ServiceEnabled"] = true; 3190f74e643SEd Tanous 3201476687dSEd Tanous asyncResp->res.jsonValue["Sessions"]["@odata.id"] = 3211476687dSEd Tanous "/redfish/v1/SessionService/Sessions"; 322724340d7SEd Tanous } 323f2a4a606SManojkiran Eda 324724340d7SEd Tanous inline void handleSessionServicePatch( 32545ca1b86SEd Tanous crow::App& app, const crow::Request& req, 326724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 327724340d7SEd Tanous { 3283ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 32945ca1b86SEd Tanous { 33045ca1b86SEd Tanous return; 33145ca1b86SEd Tanous } 332f2a4a606SManojkiran Eda std::optional<int64_t> sessionTimeout; 333724340d7SEd Tanous if (!json_util::readJsonPatch(req, asyncResp->res, "SessionTimeout", 334724340d7SEd Tanous sessionTimeout)) 335f2a4a606SManojkiran Eda { 336f2a4a606SManojkiran Eda return; 337f2a4a606SManojkiran Eda } 338f2a4a606SManojkiran Eda 339f2a4a606SManojkiran Eda if (sessionTimeout) 340f2a4a606SManojkiran Eda { 3418ece0e45SEd Tanous // The minimum & maximum allowed values for session timeout 342faa34ccfSEd Tanous // are 30 seconds and 86400 seconds respectively as per the 343faa34ccfSEd Tanous // session service schema mentioned at 344f2a4a606SManojkiran Eda // https://redfish.dmtf.org/schemas/v1/SessionService.v1_1_7.json 345f2a4a606SManojkiran Eda 346f2a4a606SManojkiran Eda if (*sessionTimeout <= 86400 && *sessionTimeout >= 30) 347f2a4a606SManojkiran Eda { 348724340d7SEd Tanous std::chrono::seconds sessionTimeoutInseconds(*sessionTimeout); 349724340d7SEd Tanous persistent_data::SessionStore::getInstance().updateSessionTimeout( 350724340d7SEd Tanous sessionTimeoutInseconds); 351724340d7SEd Tanous messages::propertyValueModified(asyncResp->res, "SessionTimeOut", 352f2a4a606SManojkiran Eda std::to_string(*sessionTimeout)); 353f2a4a606SManojkiran Eda } 354f2a4a606SManojkiran Eda else 355f2a4a606SManojkiran Eda { 356e2616cc5SEd Tanous messages::propertyValueNotInList(asyncResp->res, *sessionTimeout, 3578d1b46d7Szhanghch05 "SessionTimeOut"); 358f2a4a606SManojkiran Eda } 359f2a4a606SManojkiran Eda } 360724340d7SEd Tanous } 361724340d7SEd Tanous 362724340d7SEd Tanous inline void requestRoutesSession(App& app) 363724340d7SEd Tanous { 364724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 365a1e0871dSEd Tanous .privileges(redfish::privileges::headSession) 366a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 367a1e0871dSEd Tanous std::bind_front(handleSessionHead, std::ref(app))); 368a1e0871dSEd Tanous 369a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 370724340d7SEd Tanous .privileges(redfish::privileges::getSession) 37145ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 37245ca1b86SEd Tanous std::bind_front(handleSessionGet, std::ref(app))); 373724340d7SEd Tanous 374724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 375724340d7SEd Tanous .privileges(redfish::privileges::deleteSession) 37645ca1b86SEd Tanous .methods(boost::beast::http::verb::delete_)( 37745ca1b86SEd Tanous std::bind_front(handleSessionDelete, std::ref(app))); 378724340d7SEd Tanous 379724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 380a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionCollection) 381a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 382a1e0871dSEd Tanous std::bind_front(handleSessionCollectionHead, std::ref(app))); 383a1e0871dSEd Tanous 384a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 385724340d7SEd Tanous .privileges(redfish::privileges::getSessionCollection) 38645ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 38745ca1b86SEd Tanous std::bind_front(handleSessionCollectionGet, std::ref(app))); 388724340d7SEd Tanous 389e76cd868SEd Tanous // Note, the next two routes technically don't match the privilege 390724340d7SEd Tanous // registry given the way login mechanisms work. The base privilege 391724340d7SEd Tanous // registry lists this endpoint as requiring login privilege, but because 392724340d7SEd Tanous // this is the endpoint responsible for giving the login privilege, and it 393724340d7SEd Tanous // is itself its own route, it needs to not require Login 394724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 395724340d7SEd Tanous .privileges({}) 39645ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 39745ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 398724340d7SEd Tanous 399e76cd868SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/Members/") 400e76cd868SEd Tanous .privileges({}) 40145ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 40245ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 403e76cd868SEd Tanous 404724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 405a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionService) 406a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 407a1e0871dSEd Tanous std::bind_front(handleSessionServiceHead, std::ref(app))); 408a1e0871dSEd Tanous 409a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 410724340d7SEd Tanous .privileges(redfish::privileges::getSessionService) 41145ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 41245ca1b86SEd Tanous std::bind_front(handleSessionServiceGet, std::ref(app))); 413724340d7SEd Tanous 414724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 415724340d7SEd Tanous .privileges(redfish::privileges::patchSessionService) 41645ca1b86SEd Tanous .methods(boost::beast::http::verb::patch)( 41745ca1b86SEd Tanous std::bind_front(handleSessionServicePatch, std::ref(app))); 418f2a4a606SManojkiran Eda } 4195d27b854SBorawski.Lukasz 4202b7981f6SKowalski, Kamil } // namespace redfish 421