12b7981f6SKowalski, Kamil /* 22b7981f6SKowalski, Kamil // Copyright (c) 2018 Intel Corporation 32b7981f6SKowalski, Kamil // 42b7981f6SKowalski, Kamil // Licensed under the Apache License, Version 2.0 (the "License"); 52b7981f6SKowalski, Kamil // you may not use this file except in compliance with the License. 62b7981f6SKowalski, Kamil // You may obtain a copy of the License at 72b7981f6SKowalski, Kamil // 82b7981f6SKowalski, Kamil // http://www.apache.org/licenses/LICENSE-2.0 92b7981f6SKowalski, Kamil // 102b7981f6SKowalski, Kamil // Unless required by applicable law or agreed to in writing, software 112b7981f6SKowalski, Kamil // distributed under the License is distributed on an "AS IS" BASIS, 122b7981f6SKowalski, Kamil // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 132b7981f6SKowalski, Kamil // See the License for the specific language governing permissions and 142b7981f6SKowalski, Kamil // limitations under the License. 152b7981f6SKowalski, Kamil */ 162b7981f6SKowalski, Kamil #pragma once 1743a095abSBorawski.Lukasz 183ccb3adbSEd Tanous #include "app.hpp" 19f4c4dcf4SKowalski, Kamil #include "error_messages.hpp" 203ccb3adbSEd Tanous #include "http/utility.hpp" 2152cc112dSEd Tanous #include "persistent_data.hpp" 223ccb3adbSEd Tanous #include "query.hpp" 233ccb3adbSEd Tanous #include "registries/privilege_registry.hpp" 243ccb3adbSEd Tanous #include "utils/json_utils.hpp" 257e860f15SJohn Edward Broadbent 26ef4c65b7SEd Tanous #include <boost/url/format.hpp> 27ef4c65b7SEd Tanous 281abe55efSEd Tanous namespace redfish 291abe55efSEd Tanous { 302b7981f6SKowalski, Kamil 314f48d5f6SEd Tanous inline void fillSessionObject(crow::Response& res, 32faa34ccfSEd Tanous const persistent_data::UserSession& session) 331abe55efSEd Tanous { 34faa34ccfSEd Tanous res.jsonValue["Id"] = session.uniqueId; 35faa34ccfSEd Tanous res.jsonValue["UserName"] = session.username; 36ef4c65b7SEd Tanous res.jsonValue["@odata.id"] = boost::urls::format( 37ef4c65b7SEd Tanous "/redfish/v1/SessionService/Sessions/{}", session.uniqueId); 38bb759e3aSEd Tanous res.jsonValue["@odata.type"] = "#Session.v1_5_0.Session"; 39faa34ccfSEd Tanous res.jsonValue["Name"] = "User Session"; 40faa34ccfSEd Tanous res.jsonValue["Description"] = "Manager User Session"; 41faa34ccfSEd Tanous res.jsonValue["ClientOriginIPAddress"] = session.clientIp; 42bb759e3aSEd Tanous if (session.clientId) 43bb759e3aSEd Tanous { 44bb759e3aSEd Tanous res.jsonValue["Context"] = *session.clientId; 45bb759e3aSEd Tanous } 462b7981f6SKowalski, Kamil } 472b7981f6SKowalski, Kamil 48724340d7SEd Tanous inline void 49a1e0871dSEd Tanous handleSessionHead(crow::App& app, const crow::Request& req, 50faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 51a1e0871dSEd Tanous const std::string& /*sessionId*/) 52724340d7SEd Tanous { 533ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 5445ca1b86SEd Tanous { 5545ca1b86SEd Tanous return; 5645ca1b86SEd Tanous } 57a1e0871dSEd Tanous asyncResp->res.addHeader( 58a1e0871dSEd Tanous boost::beast::http::field::link, 59a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby"); 60a1e0871dSEd Tanous } 61a1e0871dSEd Tanous 62a1e0871dSEd Tanous inline void 63a1e0871dSEd Tanous handleSessionGet(crow::App& app, const crow::Request& req, 64a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 65a1e0871dSEd Tanous const std::string& sessionId) 66a1e0871dSEd Tanous { 6765ffbcb3SEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 6865ffbcb3SEd Tanous { 6965ffbcb3SEd Tanous return; 7065ffbcb3SEd Tanous } 7165ffbcb3SEd Tanous asyncResp->res.addHeader( 7265ffbcb3SEd Tanous boost::beast::http::field::link, 7365ffbcb3SEd Tanous "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby"); 74a1e0871dSEd Tanous 75faa34ccfSEd Tanous // Note that control also reaches here via doPost and doDelete. 76724340d7SEd Tanous auto session = 77724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 782b7981f6SKowalski, Kamil 791abe55efSEd Tanous if (session == nullptr) 801abe55efSEd Tanous { 81724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 82faa34ccfSEd Tanous return; 83faa34ccfSEd Tanous } 84faa34ccfSEd Tanous 85faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 86724340d7SEd Tanous } 87faa34ccfSEd Tanous 88724340d7SEd Tanous inline void 8945ca1b86SEd Tanous handleSessionDelete(crow::App& app, const crow::Request& req, 90faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 91724340d7SEd Tanous const std::string& sessionId) 92724340d7SEd Tanous { 933ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 9445ca1b86SEd Tanous { 9545ca1b86SEd Tanous return; 9645ca1b86SEd Tanous } 97724340d7SEd Tanous auto session = 98724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 99faa34ccfSEd Tanous 100faa34ccfSEd Tanous if (session == nullptr) 101faa34ccfSEd Tanous { 102724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 1032b7981f6SKowalski, Kamil return; 1042b7981f6SKowalski, Kamil } 1052b7981f6SKowalski, Kamil 106900f9497SJoseph Reynolds // Perform a proper ConfigureSelf authority check. If a 107900f9497SJoseph Reynolds // session is being used to DELETE some other user's session, 108900f9497SJoseph Reynolds // then the ConfigureSelf privilege does not apply. In that 109900f9497SJoseph Reynolds // case, perform the authority check again without the user's 110900f9497SJoseph Reynolds // ConfigureSelf privilege. 1110fd29865Swukaihua-fii-na if (req.session != nullptr && !session->username.empty() && 1120fd29865Swukaihua-fii-na session->username != req.session->username) 113900f9497SJoseph Reynolds { 1146c51eab1SEd Tanous Privileges effectiveUserPrivileges = 1153e72c202SNinad Palsule redfish::getUserPrivileges(*req.session); 1166c51eab1SEd Tanous 117724340d7SEd Tanous if (!effectiveUserPrivileges.isSupersetOf({"ConfigureUsers"})) 118900f9497SJoseph Reynolds { 1198d1b46d7Szhanghch05 messages::insufficientPrivilege(asyncResp->res); 120900f9497SJoseph Reynolds return; 121900f9497SJoseph Reynolds } 122900f9497SJoseph Reynolds } 123900f9497SJoseph Reynolds 124724340d7SEd Tanous persistent_data::SessionStore::getInstance().removeSession(session); 1255cc148afSEd Tanous messages::success(asyncResp->res); 126724340d7SEd Tanous } 127f4c4dcf4SKowalski, Kamil 128724340d7SEd Tanous inline nlohmann::json getSessionCollectionMembers() 129724340d7SEd Tanous { 13055c7b7a2SEd Tanous std::vector<const std::string*> sessionIds = 13152cc112dSEd Tanous persistent_data::SessionStore::getInstance().getUniqueIds( 13252cc112dSEd Tanous false, persistent_data::PersistenceType::TIMEOUT); 133724340d7SEd Tanous nlohmann::json ret = nlohmann::json::array(); 1341abe55efSEd Tanous for (const std::string* uid : sessionIds) 1351abe55efSEd Tanous { 1361476687dSEd Tanous nlohmann::json::object_t session; 137ef4c65b7SEd Tanous session["@odata.id"] = 138ef4c65b7SEd Tanous boost::urls::format("/redfish/v1/SessionService/Sessions/{}", *uid); 139b2ba3072SPatrick Williams ret.emplace_back(std::move(session)); 1402b7981f6SKowalski, Kamil } 141724340d7SEd Tanous return ret; 142724340d7SEd Tanous } 143724340d7SEd Tanous 144a1e0871dSEd Tanous inline void handleSessionCollectionHead( 14545ca1b86SEd Tanous crow::App& app, const crow::Request& req, 146724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 147724340d7SEd Tanous { 1483ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 14945ca1b86SEd Tanous { 15045ca1b86SEd Tanous return; 15145ca1b86SEd Tanous } 152a1e0871dSEd Tanous asyncResp->res.addHeader( 153a1e0871dSEd Tanous boost::beast::http::field::link, 154a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby"); 155a1e0871dSEd Tanous } 156a1e0871dSEd Tanous 157a1e0871dSEd Tanous inline void handleSessionCollectionGet( 158a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 159a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 160a1e0871dSEd Tanous { 16101a89a1fSEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 16201a89a1fSEd Tanous { 16301a89a1fSEd Tanous return; 16401a89a1fSEd Tanous } 16501a89a1fSEd Tanous asyncResp->res.addHeader( 16601a89a1fSEd Tanous boost::beast::http::field::link, 16701a89a1fSEd Tanous "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby"); 16801a89a1fSEd Tanous 169724340d7SEd Tanous asyncResp->res.jsonValue["Members"] = getSessionCollectionMembers(); 170faa34ccfSEd Tanous asyncResp->res.jsonValue["Members@odata.count"] = 171724340d7SEd Tanous asyncResp->res.jsonValue["Members"].size(); 1728d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 1738d1b46d7Szhanghch05 "#SessionCollection.SessionCollection"; 1748d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.id"] = 1758d1b46d7Szhanghch05 "/redfish/v1/SessionService/Sessions/"; 1768d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Collection"; 1778d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Collection"; 178724340d7SEd Tanous } 1792b7981f6SKowalski, Kamil 180724340d7SEd Tanous inline void handleSessionCollectionMembersGet( 18145ca1b86SEd Tanous crow::App& app, const crow::Request& req, 182724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 183724340d7SEd Tanous { 1843ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 18545ca1b86SEd Tanous { 18645ca1b86SEd Tanous return; 18745ca1b86SEd Tanous } 188724340d7SEd Tanous asyncResp->res.jsonValue = getSessionCollectionMembers(); 189724340d7SEd Tanous } 190724340d7SEd Tanous 1914ee8e211SEd Tanous inline void handleSessionCollectionPost( 19245ca1b86SEd Tanous crow::App& app, const crow::Request& req, 193724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 194724340d7SEd Tanous { 1953ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 19645ca1b86SEd Tanous { 19745ca1b86SEd Tanous return; 19845ca1b86SEd Tanous } 1999712f8acSEd Tanous std::string username; 2009712f8acSEd Tanous std::string password; 201bb759e3aSEd Tanous std::optional<std::string> clientId; 202724340d7SEd Tanous if (!json_util::readJsonPatch(req, asyncResp->res, "UserName", username, 203d678d4fcSEd Tanous "Password", password, "Context", clientId)) 2041abe55efSEd Tanous { 2052b7981f6SKowalski, Kamil return; 2062b7981f6SKowalski, Kamil } 2072b7981f6SKowalski, Kamil 208820ce598SEd Tanous if (password.empty() || username.empty() || 2098d1b46d7Szhanghch05 asyncResp->res.result() != boost::beast::http::status::ok) 2101abe55efSEd Tanous { 2111abe55efSEd Tanous if (username.empty()) 2121abe55efSEd Tanous { 2138d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "UserName"); 214f4c4dcf4SKowalski, Kamil } 215f4c4dcf4SKowalski, Kamil 2161abe55efSEd Tanous if (password.empty()) 2171abe55efSEd Tanous { 2188d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "Password"); 219820ce598SEd Tanous } 220820ce598SEd Tanous 221820ce598SEd Tanous return; 222f4c4dcf4SKowalski, Kamil } 2232b7981f6SKowalski, Kamil 2243bf4e632SJoseph Reynolds int pamrc = pamAuthenticateUser(username, password); 2253bf4e632SJoseph Reynolds bool isConfigureSelfOnly = pamrc == PAM_NEW_AUTHTOK_REQD; 2263bf4e632SJoseph Reynolds if ((pamrc != PAM_SUCCESS) && !isConfigureSelfOnly) 2271abe55efSEd Tanous { 22839662a3bSEd Tanous messages::resourceAtUriUnauthorized(asyncResp->res, req.url(), 229f12894f8SJason M. Bills "Invalid username or password"); 230820ce598SEd Tanous return; 2312b7981f6SKowalski, Kamil } 2326f115bbbSManojkiran Eda 233820ce598SEd Tanous // User is authenticated - create session 23452cc112dSEd Tanous std::shared_ptr<persistent_data::UserSession> session = 235724340d7SEd Tanous persistent_data::SessionStore::getInstance().generateUserSession( 23641d61c82SJiaqing Zhao username, req.ipAddress, clientId, 237724340d7SEd Tanous persistent_data::PersistenceType::TIMEOUT, isConfigureSelfOnly); 23802e53aefSBrad Bishop if (session == nullptr) 23902e53aefSBrad Bishop { 24002e53aefSBrad Bishop messages::internalError(asyncResp->res); 24102e53aefSBrad Bishop return; 24202e53aefSBrad Bishop } 24302e53aefSBrad Bishop 2448d1b46d7Szhanghch05 asyncResp->res.addHeader("X-Auth-Token", session->sessionToken); 245faa34ccfSEd Tanous asyncResp->res.addHeader( 246724340d7SEd Tanous "Location", "/redfish/v1/SessionService/Sessions/" + session->uniqueId); 2478d1b46d7Szhanghch05 asyncResp->res.result(boost::beast::http::status::created); 2483bf4e632SJoseph Reynolds if (session->isConfigureSelfOnly) 2493bf4e632SJoseph Reynolds { 2503bf4e632SJoseph Reynolds messages::passwordChangeRequired( 251724340d7SEd Tanous asyncResp->res, 252ef4c65b7SEd Tanous boost::urls::format("/redfish/v1/AccountService/Accounts/{}", 253ef4c65b7SEd Tanous session->username)); 2542b7981f6SKowalski, Kamil } 2552b7981f6SKowalski, Kamil 256faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 257724340d7SEd Tanous } 258a1e0871dSEd Tanous inline void handleSessionServiceHead( 259a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 260a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 261a1e0871dSEd Tanous { 262a1e0871dSEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 263a1e0871dSEd Tanous { 264a1e0871dSEd Tanous return; 265a1e0871dSEd Tanous } 266a1e0871dSEd Tanous asyncResp->res.addHeader( 267a1e0871dSEd Tanous boost::beast::http::field::link, 268a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby"); 269a1e0871dSEd Tanous } 270724340d7SEd Tanous inline void 27145ca1b86SEd Tanous handleSessionServiceGet(crow::App& app, const crow::Request& req, 272724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 2732b7981f6SKowalski, Kamil 274724340d7SEd Tanous { 27578e3900fSGunnar Mills if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 27678e3900fSGunnar Mills { 27778e3900fSGunnar Mills return; 27878e3900fSGunnar Mills } 27978e3900fSGunnar Mills asyncResp->res.addHeader( 28078e3900fSGunnar Mills boost::beast::http::field::link, 28178e3900fSGunnar Mills "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby"); 28278e3900fSGunnar Mills 2838d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 2848d1b46d7Szhanghch05 "#SessionService.v1_0_2.SessionService"; 285724340d7SEd Tanous asyncResp->res.jsonValue["@odata.id"] = "/redfish/v1/SessionService/"; 2868d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Service"; 2878d1b46d7Szhanghch05 asyncResp->res.jsonValue["Id"] = "SessionService"; 2888d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Service"; 2898d1b46d7Szhanghch05 asyncResp->res.jsonValue["SessionTimeout"] = 290724340d7SEd Tanous persistent_data::SessionStore::getInstance().getTimeoutInSeconds(); 2918d1b46d7Szhanghch05 asyncResp->res.jsonValue["ServiceEnabled"] = true; 2920f74e643SEd Tanous 2931476687dSEd Tanous asyncResp->res.jsonValue["Sessions"]["@odata.id"] = 2941476687dSEd Tanous "/redfish/v1/SessionService/Sessions"; 295724340d7SEd Tanous } 296f2a4a606SManojkiran Eda 297724340d7SEd Tanous inline void handleSessionServicePatch( 29845ca1b86SEd Tanous crow::App& app, const crow::Request& req, 299724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 300724340d7SEd Tanous { 3013ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 30245ca1b86SEd Tanous { 30345ca1b86SEd Tanous return; 30445ca1b86SEd Tanous } 305f2a4a606SManojkiran Eda std::optional<int64_t> sessionTimeout; 306724340d7SEd Tanous if (!json_util::readJsonPatch(req, asyncResp->res, "SessionTimeout", 307724340d7SEd Tanous sessionTimeout)) 308f2a4a606SManojkiran Eda { 309f2a4a606SManojkiran Eda return; 310f2a4a606SManojkiran Eda } 311f2a4a606SManojkiran Eda 312f2a4a606SManojkiran Eda if (sessionTimeout) 313f2a4a606SManojkiran Eda { 314*8ece0e45SEd Tanous // The minimum & maximum allowed values for session timeout 315faa34ccfSEd Tanous // are 30 seconds and 86400 seconds respectively as per the 316faa34ccfSEd Tanous // session service schema mentioned at 317f2a4a606SManojkiran Eda // https://redfish.dmtf.org/schemas/v1/SessionService.v1_1_7.json 318f2a4a606SManojkiran Eda 319f2a4a606SManojkiran Eda if (*sessionTimeout <= 86400 && *sessionTimeout >= 30) 320f2a4a606SManojkiran Eda { 321724340d7SEd Tanous std::chrono::seconds sessionTimeoutInseconds(*sessionTimeout); 322724340d7SEd Tanous persistent_data::SessionStore::getInstance().updateSessionTimeout( 323724340d7SEd Tanous sessionTimeoutInseconds); 324724340d7SEd Tanous messages::propertyValueModified(asyncResp->res, "SessionTimeOut", 325f2a4a606SManojkiran Eda std::to_string(*sessionTimeout)); 326f2a4a606SManojkiran Eda } 327f2a4a606SManojkiran Eda else 328f2a4a606SManojkiran Eda { 329e2616cc5SEd Tanous messages::propertyValueNotInList(asyncResp->res, *sessionTimeout, 3308d1b46d7Szhanghch05 "SessionTimeOut"); 331f2a4a606SManojkiran Eda } 332f2a4a606SManojkiran Eda } 333724340d7SEd Tanous } 334724340d7SEd Tanous 335724340d7SEd Tanous inline void requestRoutesSession(App& app) 336724340d7SEd Tanous { 337724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 338a1e0871dSEd Tanous .privileges(redfish::privileges::headSession) 339a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 340a1e0871dSEd Tanous std::bind_front(handleSessionHead, std::ref(app))); 341a1e0871dSEd Tanous 342a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 343724340d7SEd Tanous .privileges(redfish::privileges::getSession) 34445ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 34545ca1b86SEd Tanous std::bind_front(handleSessionGet, std::ref(app))); 346724340d7SEd Tanous 347724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 348724340d7SEd Tanous .privileges(redfish::privileges::deleteSession) 34945ca1b86SEd Tanous .methods(boost::beast::http::verb::delete_)( 35045ca1b86SEd Tanous std::bind_front(handleSessionDelete, std::ref(app))); 351724340d7SEd Tanous 352724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 353a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionCollection) 354a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 355a1e0871dSEd Tanous std::bind_front(handleSessionCollectionHead, std::ref(app))); 356a1e0871dSEd Tanous 357a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 358724340d7SEd Tanous .privileges(redfish::privileges::getSessionCollection) 35945ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 36045ca1b86SEd Tanous std::bind_front(handleSessionCollectionGet, std::ref(app))); 361724340d7SEd Tanous 362e76cd868SEd Tanous // Note, the next two routes technically don't match the privilege 363724340d7SEd Tanous // registry given the way login mechanisms work. The base privilege 364724340d7SEd Tanous // registry lists this endpoint as requiring login privilege, but because 365724340d7SEd Tanous // this is the endpoint responsible for giving the login privilege, and it 366724340d7SEd Tanous // is itself its own route, it needs to not require Login 367724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 368724340d7SEd Tanous .privileges({}) 36945ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 37045ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 371724340d7SEd Tanous 372e76cd868SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/Members/") 373e76cd868SEd Tanous .privileges({}) 37445ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 37545ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 376e76cd868SEd Tanous 377724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 378a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionService) 379a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 380a1e0871dSEd Tanous std::bind_front(handleSessionServiceHead, std::ref(app))); 381a1e0871dSEd Tanous 382a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 383724340d7SEd Tanous .privileges(redfish::privileges::getSessionService) 38445ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 38545ca1b86SEd Tanous std::bind_front(handleSessionServiceGet, std::ref(app))); 386724340d7SEd Tanous 387724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 388724340d7SEd Tanous .privileges(redfish::privileges::patchSessionService) 38945ca1b86SEd Tanous .methods(boost::beast::http::verb::patch)( 39045ca1b86SEd Tanous std::bind_front(handleSessionServicePatch, std::ref(app))); 391f2a4a606SManojkiran Eda } 3925d27b854SBorawski.Lukasz 3932b7981f6SKowalski, Kamil } // namespace redfish 394