12b7981f6SKowalski, Kamil /* 22b7981f6SKowalski, Kamil // Copyright (c) 2018 Intel Corporation 32b7981f6SKowalski, Kamil // 42b7981f6SKowalski, Kamil // Licensed under the Apache License, Version 2.0 (the "License"); 52b7981f6SKowalski, Kamil // you may not use this file except in compliance with the License. 62b7981f6SKowalski, Kamil // You may obtain a copy of the License at 72b7981f6SKowalski, Kamil // 82b7981f6SKowalski, Kamil // http://www.apache.org/licenses/LICENSE-2.0 92b7981f6SKowalski, Kamil // 102b7981f6SKowalski, Kamil // Unless required by applicable law or agreed to in writing, software 112b7981f6SKowalski, Kamil // distributed under the License is distributed on an "AS IS" BASIS, 122b7981f6SKowalski, Kamil // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 132b7981f6SKowalski, Kamil // See the License for the specific language governing permissions and 142b7981f6SKowalski, Kamil // limitations under the License. 152b7981f6SKowalski, Kamil */ 162b7981f6SKowalski, Kamil #pragma once 1743a095abSBorawski.Lukasz 18ce22f609SPaul Fertser #include "account_service.hpp" 193ccb3adbSEd Tanous #include "app.hpp" 2029aab242SPaul Fertser #include "cookies.hpp" 21f4c4dcf4SKowalski, Kamil #include "error_messages.hpp" 223ccb3adbSEd Tanous #include "http/utility.hpp" 2352cc112dSEd Tanous #include "persistent_data.hpp" 243ccb3adbSEd Tanous #include "query.hpp" 253ccb3adbSEd Tanous #include "registries/privilege_registry.hpp" 263ccb3adbSEd Tanous #include "utils/json_utils.hpp" 277e860f15SJohn Edward Broadbent 28ef4c65b7SEd Tanous #include <boost/url/format.hpp> 29ef4c65b7SEd Tanous 30*89cda63dSEd Tanous #include <string> 31*89cda63dSEd Tanous #include <vector> 32*89cda63dSEd Tanous 331abe55efSEd Tanous namespace redfish 341abe55efSEd Tanous { 352b7981f6SKowalski, Kamil 364f48d5f6SEd Tanous inline void fillSessionObject(crow::Response& res, 37faa34ccfSEd Tanous const persistent_data::UserSession& session) 381abe55efSEd Tanous { 39faa34ccfSEd Tanous res.jsonValue["Id"] = session.uniqueId; 40faa34ccfSEd Tanous res.jsonValue["UserName"] = session.username; 41ce22f609SPaul Fertser nlohmann::json::array_t roles; 42ce22f609SPaul Fertser roles.emplace_back(redfish::getRoleIdFromPrivilege(session.userRole)); 43ce22f609SPaul Fertser res.jsonValue["Roles"] = std::move(roles); 44ef4c65b7SEd Tanous res.jsonValue["@odata.id"] = boost::urls::format( 45ef4c65b7SEd Tanous "/redfish/v1/SessionService/Sessions/{}", session.uniqueId); 46ce22f609SPaul Fertser res.jsonValue["@odata.type"] = "#Session.v1_7_0.Session"; 47faa34ccfSEd Tanous res.jsonValue["Name"] = "User Session"; 48faa34ccfSEd Tanous res.jsonValue["Description"] = "Manager User Session"; 49faa34ccfSEd Tanous res.jsonValue["ClientOriginIPAddress"] = session.clientIp; 50bb759e3aSEd Tanous if (session.clientId) 51bb759e3aSEd Tanous { 52bb759e3aSEd Tanous res.jsonValue["Context"] = *session.clientId; 53bb759e3aSEd Tanous } 542b7981f6SKowalski, Kamil } 552b7981f6SKowalski, Kamil 56724340d7SEd Tanous inline void 57a1e0871dSEd Tanous handleSessionHead(crow::App& app, const crow::Request& req, 58faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 59a1e0871dSEd Tanous const std::string& /*sessionId*/) 60724340d7SEd Tanous { 613ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 6245ca1b86SEd Tanous { 6345ca1b86SEd Tanous return; 6445ca1b86SEd Tanous } 65a1e0871dSEd Tanous asyncResp->res.addHeader( 66a1e0871dSEd Tanous boost::beast::http::field::link, 67a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby"); 68a1e0871dSEd Tanous } 69a1e0871dSEd Tanous 70a1e0871dSEd Tanous inline void 71a1e0871dSEd Tanous handleSessionGet(crow::App& app, const crow::Request& req, 72a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 73a1e0871dSEd Tanous const std::string& sessionId) 74a1e0871dSEd Tanous { 7565ffbcb3SEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 7665ffbcb3SEd Tanous { 7765ffbcb3SEd Tanous return; 7865ffbcb3SEd Tanous } 7965ffbcb3SEd Tanous asyncResp->res.addHeader( 8065ffbcb3SEd Tanous boost::beast::http::field::link, 8165ffbcb3SEd Tanous "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby"); 82a1e0871dSEd Tanous 83faa34ccfSEd Tanous // Note that control also reaches here via doPost and doDelete. 84724340d7SEd Tanous auto session = 85724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 862b7981f6SKowalski, Kamil 871abe55efSEd Tanous if (session == nullptr) 881abe55efSEd Tanous { 89724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 90faa34ccfSEd Tanous return; 91faa34ccfSEd Tanous } 92faa34ccfSEd Tanous 93faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 94724340d7SEd Tanous } 95faa34ccfSEd Tanous 96724340d7SEd Tanous inline void 9745ca1b86SEd Tanous handleSessionDelete(crow::App& app, const crow::Request& req, 98faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 99724340d7SEd Tanous const std::string& sessionId) 100724340d7SEd Tanous { 1013ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 10245ca1b86SEd Tanous { 10345ca1b86SEd Tanous return; 10445ca1b86SEd Tanous } 105724340d7SEd Tanous auto session = 106724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 107faa34ccfSEd Tanous 108faa34ccfSEd Tanous if (session == nullptr) 109faa34ccfSEd Tanous { 110724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 1112b7981f6SKowalski, Kamil return; 1122b7981f6SKowalski, Kamil } 1132b7981f6SKowalski, Kamil 114900f9497SJoseph Reynolds // Perform a proper ConfigureSelf authority check. If a 115900f9497SJoseph Reynolds // session is being used to DELETE some other user's session, 116900f9497SJoseph Reynolds // then the ConfigureSelf privilege does not apply. In that 117900f9497SJoseph Reynolds // case, perform the authority check again without the user's 118900f9497SJoseph Reynolds // ConfigureSelf privilege. 1190fd29865Swukaihua-fii-na if (req.session != nullptr && !session->username.empty() && 1200fd29865Swukaihua-fii-na session->username != req.session->username) 121900f9497SJoseph Reynolds { 1226c51eab1SEd Tanous Privileges effectiveUserPrivileges = 1233e72c202SNinad Palsule redfish::getUserPrivileges(*req.session); 1246c51eab1SEd Tanous 125724340d7SEd Tanous if (!effectiveUserPrivileges.isSupersetOf({"ConfigureUsers"})) 126900f9497SJoseph Reynolds { 1278d1b46d7Szhanghch05 messages::insufficientPrivilege(asyncResp->res); 128900f9497SJoseph Reynolds return; 129900f9497SJoseph Reynolds } 130900f9497SJoseph Reynolds } 131900f9497SJoseph Reynolds 13229aab242SPaul Fertser if (session->cookieAuth) 13329aab242SPaul Fertser { 13429aab242SPaul Fertser bmcweb::clearSessionCookies(asyncResp->res); 13529aab242SPaul Fertser } 13629aab242SPaul Fertser 137724340d7SEd Tanous persistent_data::SessionStore::getInstance().removeSession(session); 1385cc148afSEd Tanous messages::success(asyncResp->res); 139724340d7SEd Tanous } 140f4c4dcf4SKowalski, Kamil 141724340d7SEd Tanous inline nlohmann::json getSessionCollectionMembers() 142724340d7SEd Tanous { 143*89cda63dSEd Tanous std::vector<std::string> sessionIds = 144*89cda63dSEd Tanous persistent_data::SessionStore::getInstance().getAllUniqueIds(); 145724340d7SEd Tanous nlohmann::json ret = nlohmann::json::array(); 146*89cda63dSEd Tanous for (const std::string& uid : sessionIds) 1471abe55efSEd Tanous { 1481476687dSEd Tanous nlohmann::json::object_t session; 149ef4c65b7SEd Tanous session["@odata.id"] = 150*89cda63dSEd Tanous boost::urls::format("/redfish/v1/SessionService/Sessions/{}", uid); 151b2ba3072SPatrick Williams ret.emplace_back(std::move(session)); 1522b7981f6SKowalski, Kamil } 153724340d7SEd Tanous return ret; 154724340d7SEd Tanous } 155724340d7SEd Tanous 156a1e0871dSEd Tanous inline void handleSessionCollectionHead( 15745ca1b86SEd Tanous crow::App& app, const crow::Request& req, 158724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 159724340d7SEd Tanous { 1603ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 16145ca1b86SEd Tanous { 16245ca1b86SEd Tanous return; 16345ca1b86SEd Tanous } 164a1e0871dSEd Tanous asyncResp->res.addHeader( 165a1e0871dSEd Tanous boost::beast::http::field::link, 166a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby"); 167a1e0871dSEd Tanous } 168a1e0871dSEd Tanous 169a1e0871dSEd Tanous inline void handleSessionCollectionGet( 170a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 171a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 172a1e0871dSEd Tanous { 17301a89a1fSEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 17401a89a1fSEd Tanous { 17501a89a1fSEd Tanous return; 17601a89a1fSEd Tanous } 17701a89a1fSEd Tanous asyncResp->res.addHeader( 17801a89a1fSEd Tanous boost::beast::http::field::link, 17901a89a1fSEd Tanous "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby"); 18001a89a1fSEd Tanous 181724340d7SEd Tanous asyncResp->res.jsonValue["Members"] = getSessionCollectionMembers(); 182faa34ccfSEd Tanous asyncResp->res.jsonValue["Members@odata.count"] = 183724340d7SEd Tanous asyncResp->res.jsonValue["Members"].size(); 1848d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 1858d1b46d7Szhanghch05 "#SessionCollection.SessionCollection"; 1868d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.id"] = 1877a859ffeSGunnar Mills "/redfish/v1/SessionService/Sessions"; 1888d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Collection"; 1898d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Collection"; 190724340d7SEd Tanous } 1912b7981f6SKowalski, Kamil 192724340d7SEd Tanous inline void handleSessionCollectionMembersGet( 19345ca1b86SEd Tanous crow::App& app, const crow::Request& req, 194724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 195724340d7SEd Tanous { 1963ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 19745ca1b86SEd Tanous { 19845ca1b86SEd Tanous return; 19945ca1b86SEd Tanous } 200724340d7SEd Tanous asyncResp->res.jsonValue = getSessionCollectionMembers(); 201724340d7SEd Tanous } 202724340d7SEd Tanous 2034ee8e211SEd Tanous inline void handleSessionCollectionPost( 20445ca1b86SEd Tanous crow::App& app, const crow::Request& req, 205724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 206724340d7SEd Tanous { 2073ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 20845ca1b86SEd Tanous { 20945ca1b86SEd Tanous return; 21045ca1b86SEd Tanous } 2119712f8acSEd Tanous std::string username; 2129712f8acSEd Tanous std::string password; 213bb759e3aSEd Tanous std::optional<std::string> clientId; 214724340d7SEd Tanous if (!json_util::readJsonPatch(req, asyncResp->res, "UserName", username, 215d678d4fcSEd Tanous "Password", password, "Context", clientId)) 2161abe55efSEd Tanous { 2172b7981f6SKowalski, Kamil return; 2182b7981f6SKowalski, Kamil } 2192b7981f6SKowalski, Kamil 220820ce598SEd Tanous if (password.empty() || username.empty() || 2218d1b46d7Szhanghch05 asyncResp->res.result() != boost::beast::http::status::ok) 2221abe55efSEd Tanous { 2231abe55efSEd Tanous if (username.empty()) 2241abe55efSEd Tanous { 2258d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "UserName"); 226f4c4dcf4SKowalski, Kamil } 227f4c4dcf4SKowalski, Kamil 2281abe55efSEd Tanous if (password.empty()) 2291abe55efSEd Tanous { 2308d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "Password"); 231820ce598SEd Tanous } 232820ce598SEd Tanous 233820ce598SEd Tanous return; 234f4c4dcf4SKowalski, Kamil } 2352b7981f6SKowalski, Kamil 2363bf4e632SJoseph Reynolds int pamrc = pamAuthenticateUser(username, password); 2373bf4e632SJoseph Reynolds bool isConfigureSelfOnly = pamrc == PAM_NEW_AUTHTOK_REQD; 2383bf4e632SJoseph Reynolds if ((pamrc != PAM_SUCCESS) && !isConfigureSelfOnly) 2391abe55efSEd Tanous { 24039662a3bSEd Tanous messages::resourceAtUriUnauthorized(asyncResp->res, req.url(), 241f12894f8SJason M. Bills "Invalid username or password"); 242820ce598SEd Tanous return; 2432b7981f6SKowalski, Kamil } 2446f115bbbSManojkiran Eda 245820ce598SEd Tanous // User is authenticated - create session 24652cc112dSEd Tanous std::shared_ptr<persistent_data::UserSession> session = 247724340d7SEd Tanous persistent_data::SessionStore::getInstance().generateUserSession( 24841d61c82SJiaqing Zhao username, req.ipAddress, clientId, 249*89cda63dSEd Tanous persistent_data::SessionType::Session, isConfigureSelfOnly); 25002e53aefSBrad Bishop if (session == nullptr) 25102e53aefSBrad Bishop { 25202e53aefSBrad Bishop messages::internalError(asyncResp->res); 25302e53aefSBrad Bishop return; 25402e53aefSBrad Bishop } 25502e53aefSBrad Bishop 25629aab242SPaul Fertser // When session is created by webui-vue give it session cookies as a 25729aab242SPaul Fertser // non-standard Redfish extension. This is needed for authentication for 25829aab242SPaul Fertser // WebSockets-based functionality. 25929aab242SPaul Fertser if (!req.getHeaderValue("X-Requested-With").empty()) 26029aab242SPaul Fertser { 26129aab242SPaul Fertser bmcweb::setSessionCookies(asyncResp->res, *session); 26229aab242SPaul Fertser } 26329aab242SPaul Fertser else 26429aab242SPaul Fertser { 2658d1b46d7Szhanghch05 asyncResp->res.addHeader("X-Auth-Token", session->sessionToken); 26629aab242SPaul Fertser } 26729aab242SPaul Fertser 268faa34ccfSEd Tanous asyncResp->res.addHeader( 269724340d7SEd Tanous "Location", "/redfish/v1/SessionService/Sessions/" + session->uniqueId); 2708d1b46d7Szhanghch05 asyncResp->res.result(boost::beast::http::status::created); 2713bf4e632SJoseph Reynolds if (session->isConfigureSelfOnly) 2723bf4e632SJoseph Reynolds { 2733bf4e632SJoseph Reynolds messages::passwordChangeRequired( 274724340d7SEd Tanous asyncResp->res, 275ef4c65b7SEd Tanous boost::urls::format("/redfish/v1/AccountService/Accounts/{}", 276ef4c65b7SEd Tanous session->username)); 2772b7981f6SKowalski, Kamil } 2782b7981f6SKowalski, Kamil 279478c5a57SPaul Fertser crow::getUserInfo(asyncResp, username, session, [asyncResp, session]() { 280faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 281478c5a57SPaul Fertser }); 282724340d7SEd Tanous } 283a1e0871dSEd Tanous inline void handleSessionServiceHead( 284a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 285a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 286a1e0871dSEd Tanous { 287a1e0871dSEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 288a1e0871dSEd Tanous { 289a1e0871dSEd Tanous return; 290a1e0871dSEd Tanous } 291a1e0871dSEd Tanous asyncResp->res.addHeader( 292a1e0871dSEd Tanous boost::beast::http::field::link, 293a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby"); 294a1e0871dSEd Tanous } 295724340d7SEd Tanous inline void 29645ca1b86SEd Tanous handleSessionServiceGet(crow::App& app, const crow::Request& req, 297724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 2982b7981f6SKowalski, Kamil 299724340d7SEd Tanous { 30078e3900fSGunnar Mills if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 30178e3900fSGunnar Mills { 30278e3900fSGunnar Mills return; 30378e3900fSGunnar Mills } 30478e3900fSGunnar Mills asyncResp->res.addHeader( 30578e3900fSGunnar Mills boost::beast::http::field::link, 30678e3900fSGunnar Mills "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby"); 30778e3900fSGunnar Mills 3088d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 3098d1b46d7Szhanghch05 "#SessionService.v1_0_2.SessionService"; 3107a859ffeSGunnar Mills asyncResp->res.jsonValue["@odata.id"] = "/redfish/v1/SessionService"; 3118d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Service"; 3128d1b46d7Szhanghch05 asyncResp->res.jsonValue["Id"] = "SessionService"; 3138d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Service"; 3148d1b46d7Szhanghch05 asyncResp->res.jsonValue["SessionTimeout"] = 315724340d7SEd Tanous persistent_data::SessionStore::getInstance().getTimeoutInSeconds(); 3168d1b46d7Szhanghch05 asyncResp->res.jsonValue["ServiceEnabled"] = true; 3170f74e643SEd Tanous 3181476687dSEd Tanous asyncResp->res.jsonValue["Sessions"]["@odata.id"] = 3191476687dSEd Tanous "/redfish/v1/SessionService/Sessions"; 320724340d7SEd Tanous } 321f2a4a606SManojkiran Eda 322724340d7SEd Tanous inline void handleSessionServicePatch( 32345ca1b86SEd Tanous crow::App& app, const crow::Request& req, 324724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 325724340d7SEd Tanous { 3263ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 32745ca1b86SEd Tanous { 32845ca1b86SEd Tanous return; 32945ca1b86SEd Tanous } 330f2a4a606SManojkiran Eda std::optional<int64_t> sessionTimeout; 331724340d7SEd Tanous if (!json_util::readJsonPatch(req, asyncResp->res, "SessionTimeout", 332724340d7SEd Tanous sessionTimeout)) 333f2a4a606SManojkiran Eda { 334f2a4a606SManojkiran Eda return; 335f2a4a606SManojkiran Eda } 336f2a4a606SManojkiran Eda 337f2a4a606SManojkiran Eda if (sessionTimeout) 338f2a4a606SManojkiran Eda { 3398ece0e45SEd Tanous // The minimum & maximum allowed values for session timeout 340faa34ccfSEd Tanous // are 30 seconds and 86400 seconds respectively as per the 341faa34ccfSEd Tanous // session service schema mentioned at 342f2a4a606SManojkiran Eda // https://redfish.dmtf.org/schemas/v1/SessionService.v1_1_7.json 343f2a4a606SManojkiran Eda 344f2a4a606SManojkiran Eda if (*sessionTimeout <= 86400 && *sessionTimeout >= 30) 345f2a4a606SManojkiran Eda { 346724340d7SEd Tanous std::chrono::seconds sessionTimeoutInseconds(*sessionTimeout); 347724340d7SEd Tanous persistent_data::SessionStore::getInstance().updateSessionTimeout( 348724340d7SEd Tanous sessionTimeoutInseconds); 349724340d7SEd Tanous messages::propertyValueModified(asyncResp->res, "SessionTimeOut", 350f2a4a606SManojkiran Eda std::to_string(*sessionTimeout)); 351f2a4a606SManojkiran Eda } 352f2a4a606SManojkiran Eda else 353f2a4a606SManojkiran Eda { 354e2616cc5SEd Tanous messages::propertyValueNotInList(asyncResp->res, *sessionTimeout, 3558d1b46d7Szhanghch05 "SessionTimeOut"); 356f2a4a606SManojkiran Eda } 357f2a4a606SManojkiran Eda } 358724340d7SEd Tanous } 359724340d7SEd Tanous 360724340d7SEd Tanous inline void requestRoutesSession(App& app) 361724340d7SEd Tanous { 362724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 363a1e0871dSEd Tanous .privileges(redfish::privileges::headSession) 364a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 365a1e0871dSEd Tanous std::bind_front(handleSessionHead, std::ref(app))); 366a1e0871dSEd Tanous 367a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 368724340d7SEd Tanous .privileges(redfish::privileges::getSession) 36945ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 37045ca1b86SEd Tanous std::bind_front(handleSessionGet, std::ref(app))); 371724340d7SEd Tanous 372724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 373724340d7SEd Tanous .privileges(redfish::privileges::deleteSession) 37445ca1b86SEd Tanous .methods(boost::beast::http::verb::delete_)( 37545ca1b86SEd Tanous std::bind_front(handleSessionDelete, std::ref(app))); 376724340d7SEd Tanous 377724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 378a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionCollection) 379a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 380a1e0871dSEd Tanous std::bind_front(handleSessionCollectionHead, std::ref(app))); 381a1e0871dSEd Tanous 382a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 383724340d7SEd Tanous .privileges(redfish::privileges::getSessionCollection) 38445ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 38545ca1b86SEd Tanous std::bind_front(handleSessionCollectionGet, std::ref(app))); 386724340d7SEd Tanous 387e76cd868SEd Tanous // Note, the next two routes technically don't match the privilege 388724340d7SEd Tanous // registry given the way login mechanisms work. The base privilege 389724340d7SEd Tanous // registry lists this endpoint as requiring login privilege, but because 390724340d7SEd Tanous // this is the endpoint responsible for giving the login privilege, and it 391724340d7SEd Tanous // is itself its own route, it needs to not require Login 392724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 393724340d7SEd Tanous .privileges({}) 39445ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 39545ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 396724340d7SEd Tanous 397e76cd868SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/Members/") 398e76cd868SEd Tanous .privileges({}) 39945ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 40045ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 401e76cd868SEd Tanous 402724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 403a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionService) 404a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 405a1e0871dSEd Tanous std::bind_front(handleSessionServiceHead, std::ref(app))); 406a1e0871dSEd Tanous 407a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 408724340d7SEd Tanous .privileges(redfish::privileges::getSessionService) 40945ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 41045ca1b86SEd Tanous std::bind_front(handleSessionServiceGet, std::ref(app))); 411724340d7SEd Tanous 412724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 413724340d7SEd Tanous .privileges(redfish::privileges::patchSessionService) 41445ca1b86SEd Tanous .methods(boost::beast::http::verb::patch)( 41545ca1b86SEd Tanous std::bind_front(handleSessionServicePatch, std::ref(app))); 416f2a4a606SManojkiran Eda } 4175d27b854SBorawski.Lukasz 4182b7981f6SKowalski, Kamil } // namespace redfish 419