12b7981f6SKowalski, Kamil /* 22b7981f6SKowalski, Kamil // Copyright (c) 2018 Intel Corporation 32b7981f6SKowalski, Kamil // 42b7981f6SKowalski, Kamil // Licensed under the Apache License, Version 2.0 (the "License"); 52b7981f6SKowalski, Kamil // you may not use this file except in compliance with the License. 62b7981f6SKowalski, Kamil // You may obtain a copy of the License at 72b7981f6SKowalski, Kamil // 82b7981f6SKowalski, Kamil // http://www.apache.org/licenses/LICENSE-2.0 92b7981f6SKowalski, Kamil // 102b7981f6SKowalski, Kamil // Unless required by applicable law or agreed to in writing, software 112b7981f6SKowalski, Kamil // distributed under the License is distributed on an "AS IS" BASIS, 122b7981f6SKowalski, Kamil // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 132b7981f6SKowalski, Kamil // See the License for the specific language governing permissions and 142b7981f6SKowalski, Kamil // limitations under the License. 152b7981f6SKowalski, Kamil */ 162b7981f6SKowalski, Kamil #pragma once 1743a095abSBorawski.Lukasz 18f4c4dcf4SKowalski, Kamil #include "error_messages.hpp" 1952cc112dSEd Tanous #include "persistent_data.hpp" 202b7981f6SKowalski, Kamil 217e860f15SJohn Edward Broadbent #include <app.hpp> 22ace85d60SEd Tanous #include <http/utility.hpp> 2345ca1b86SEd Tanous #include <query.hpp> 24ed398213SEd Tanous #include <registries/privilege_registry.hpp> 25840098bfSEd Tanous #include <utils/json_utils.hpp> 267e860f15SJohn Edward Broadbent 271abe55efSEd Tanous namespace redfish 281abe55efSEd Tanous { 292b7981f6SKowalski, Kamil 304f48d5f6SEd Tanous inline void fillSessionObject(crow::Response& res, 31faa34ccfSEd Tanous const persistent_data::UserSession& session) 321abe55efSEd Tanous { 33faa34ccfSEd Tanous res.jsonValue["Id"] = session.uniqueId; 34faa34ccfSEd Tanous res.jsonValue["UserName"] = session.username; 35faa34ccfSEd Tanous res.jsonValue["@odata.id"] = 36faa34ccfSEd Tanous "/redfish/v1/SessionService/Sessions/" + session.uniqueId; 37faa34ccfSEd Tanous res.jsonValue["@odata.type"] = "#Session.v1_3_0.Session"; 38faa34ccfSEd Tanous res.jsonValue["Name"] = "User Session"; 39faa34ccfSEd Tanous res.jsonValue["Description"] = "Manager User Session"; 40faa34ccfSEd Tanous res.jsonValue["ClientOriginIPAddress"] = session.clientIp; 41c0ea7ae1SSunitha Harish #ifdef BMCWEB_ENABLE_IBM_MANAGEMENT_CONSOLE 42faa34ccfSEd Tanous res.jsonValue["Oem"]["OpenBMC"]["@odata.type"] = 4308bdcc71SSunitha Harish "#OemSession.v1_0_0.Session"; 44faa34ccfSEd Tanous res.jsonValue["Oem"]["OpenBMC"]["ClientID"] = session.clientId; 4508bdcc71SSunitha Harish #endif 462b7981f6SKowalski, Kamil } 472b7981f6SKowalski, Kamil 48724340d7SEd Tanous inline void 49*a1e0871dSEd Tanous handleSessionHead(crow::App& app, const crow::Request& req, 50faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 51*a1e0871dSEd Tanous const std::string& /*sessionId*/) 52724340d7SEd Tanous { 53*a1e0871dSEd Tanous 543ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 5545ca1b86SEd Tanous { 5645ca1b86SEd Tanous return; 5745ca1b86SEd Tanous } 58*a1e0871dSEd Tanous asyncResp->res.addHeader( 59*a1e0871dSEd Tanous boost::beast::http::field::link, 60*a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby"); 61*a1e0871dSEd Tanous } 62*a1e0871dSEd Tanous 63*a1e0871dSEd Tanous inline void 64*a1e0871dSEd Tanous handleSessionGet(crow::App& app, const crow::Request& req, 65*a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 66*a1e0871dSEd Tanous const std::string& sessionId) 67*a1e0871dSEd Tanous { 68*a1e0871dSEd Tanous handleSessionHead(app, req, asyncResp, sessionId); 69*a1e0871dSEd Tanous 70faa34ccfSEd Tanous // Note that control also reaches here via doPost and doDelete. 71724340d7SEd Tanous auto session = 72724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 732b7981f6SKowalski, Kamil 741abe55efSEd Tanous if (session == nullptr) 751abe55efSEd Tanous { 76724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 77faa34ccfSEd Tanous return; 78faa34ccfSEd Tanous } 79faa34ccfSEd Tanous 80faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 81724340d7SEd Tanous } 82faa34ccfSEd Tanous 83724340d7SEd Tanous inline void 8445ca1b86SEd Tanous handleSessionDelete(crow::App& app, const crow::Request& req, 85faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 86724340d7SEd Tanous const std::string& sessionId) 87724340d7SEd Tanous { 883ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 8945ca1b86SEd Tanous { 9045ca1b86SEd Tanous return; 9145ca1b86SEd Tanous } 92724340d7SEd Tanous auto session = 93724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 94faa34ccfSEd Tanous 95faa34ccfSEd Tanous if (session == nullptr) 96faa34ccfSEd Tanous { 97724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 982b7981f6SKowalski, Kamil return; 992b7981f6SKowalski, Kamil } 1002b7981f6SKowalski, Kamil 101900f9497SJoseph Reynolds // Perform a proper ConfigureSelf authority check. If a 102900f9497SJoseph Reynolds // session is being used to DELETE some other user's session, 103900f9497SJoseph Reynolds // then the ConfigureSelf privilege does not apply. In that 104900f9497SJoseph Reynolds // case, perform the authority check again without the user's 105900f9497SJoseph Reynolds // ConfigureSelf privilege. 1060fd29865Swukaihua-fii-na if (req.session != nullptr && !session->username.empty() && 1070fd29865Swukaihua-fii-na session->username != req.session->username) 108900f9497SJoseph Reynolds { 1096c51eab1SEd Tanous Privileges effectiveUserPrivileges = 1106c51eab1SEd Tanous redfish::getUserPrivileges(req.userRole); 1116c51eab1SEd Tanous 112724340d7SEd Tanous if (!effectiveUserPrivileges.isSupersetOf({"ConfigureUsers"})) 113900f9497SJoseph Reynolds { 1148d1b46d7Szhanghch05 messages::insufficientPrivilege(asyncResp->res); 115900f9497SJoseph Reynolds return; 116900f9497SJoseph Reynolds } 117900f9497SJoseph Reynolds } 118900f9497SJoseph Reynolds 119724340d7SEd Tanous persistent_data::SessionStore::getInstance().removeSession(session); 1205cc148afSEd Tanous messages::success(asyncResp->res); 121724340d7SEd Tanous } 122f4c4dcf4SKowalski, Kamil 123724340d7SEd Tanous inline nlohmann::json getSessionCollectionMembers() 124724340d7SEd Tanous { 12555c7b7a2SEd Tanous std::vector<const std::string*> sessionIds = 12652cc112dSEd Tanous persistent_data::SessionStore::getInstance().getUniqueIds( 12752cc112dSEd Tanous false, persistent_data::PersistenceType::TIMEOUT); 128724340d7SEd Tanous nlohmann::json ret = nlohmann::json::array(); 1291abe55efSEd Tanous for (const std::string* uid : sessionIds) 1301abe55efSEd Tanous { 1311476687dSEd Tanous nlohmann::json::object_t session; 1321476687dSEd Tanous session["@odata.id"] = "/redfish/v1/SessionService/Sessions/" + *uid; 1331476687dSEd Tanous ret.push_back(std::move(session)); 1342b7981f6SKowalski, Kamil } 135724340d7SEd Tanous return ret; 136724340d7SEd Tanous } 137724340d7SEd Tanous 138*a1e0871dSEd Tanous inline void handleSessionCollectionHead( 13945ca1b86SEd Tanous crow::App& app, const crow::Request& req, 140724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 141724340d7SEd Tanous { 142*a1e0871dSEd Tanous 1433ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 14445ca1b86SEd Tanous { 14545ca1b86SEd Tanous return; 14645ca1b86SEd Tanous } 147*a1e0871dSEd Tanous asyncResp->res.addHeader( 148*a1e0871dSEd Tanous boost::beast::http::field::link, 149*a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby"); 150*a1e0871dSEd Tanous } 151*a1e0871dSEd Tanous 152*a1e0871dSEd Tanous inline void handleSessionCollectionGet( 153*a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 154*a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 155*a1e0871dSEd Tanous { 156*a1e0871dSEd Tanous handleSessionCollectionHead(app, req, asyncResp); 157724340d7SEd Tanous asyncResp->res.jsonValue["Members"] = getSessionCollectionMembers(); 158faa34ccfSEd Tanous asyncResp->res.jsonValue["Members@odata.count"] = 159724340d7SEd Tanous asyncResp->res.jsonValue["Members"].size(); 1608d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 1618d1b46d7Szhanghch05 "#SessionCollection.SessionCollection"; 1628d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.id"] = 1638d1b46d7Szhanghch05 "/redfish/v1/SessionService/Sessions/"; 1648d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Collection"; 1658d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Collection"; 166724340d7SEd Tanous } 1672b7981f6SKowalski, Kamil 168724340d7SEd Tanous inline void handleSessionCollectionMembersGet( 16945ca1b86SEd Tanous crow::App& app, const crow::Request& req, 170724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 171724340d7SEd Tanous { 1723ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 17345ca1b86SEd Tanous { 17445ca1b86SEd Tanous return; 17545ca1b86SEd Tanous } 176724340d7SEd Tanous asyncResp->res.jsonValue = getSessionCollectionMembers(); 177724340d7SEd Tanous } 178724340d7SEd Tanous 1794ee8e211SEd Tanous inline void handleSessionCollectionPost( 18045ca1b86SEd Tanous crow::App& app, const crow::Request& req, 181724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 182724340d7SEd Tanous { 1833ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 18445ca1b86SEd Tanous { 18545ca1b86SEd Tanous return; 18645ca1b86SEd Tanous } 1879712f8acSEd Tanous std::string username; 1889712f8acSEd Tanous std::string password; 18908bdcc71SSunitha Harish std::optional<nlohmann::json> oemObject; 19008bdcc71SSunitha Harish std::string clientId; 191724340d7SEd Tanous if (!json_util::readJsonPatch(req, asyncResp->res, "UserName", username, 192724340d7SEd Tanous "Password", password, "Oem", oemObject)) 1931abe55efSEd Tanous { 1942b7981f6SKowalski, Kamil return; 1952b7981f6SKowalski, Kamil } 1962b7981f6SKowalski, Kamil 197820ce598SEd Tanous if (password.empty() || username.empty() || 1988d1b46d7Szhanghch05 asyncResp->res.result() != boost::beast::http::status::ok) 1991abe55efSEd Tanous { 2001abe55efSEd Tanous if (username.empty()) 2011abe55efSEd Tanous { 2028d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "UserName"); 203f4c4dcf4SKowalski, Kamil } 204f4c4dcf4SKowalski, Kamil 2051abe55efSEd Tanous if (password.empty()) 2061abe55efSEd Tanous { 2078d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "Password"); 208820ce598SEd Tanous } 209820ce598SEd Tanous 210820ce598SEd Tanous return; 211f4c4dcf4SKowalski, Kamil } 2122b7981f6SKowalski, Kamil 2133bf4e632SJoseph Reynolds int pamrc = pamAuthenticateUser(username, password); 2143bf4e632SJoseph Reynolds bool isConfigureSelfOnly = pamrc == PAM_NEW_AUTHTOK_REQD; 2153bf4e632SJoseph Reynolds if ((pamrc != PAM_SUCCESS) && !isConfigureSelfOnly) 2161abe55efSEd Tanous { 217724340d7SEd Tanous messages::resourceAtUriUnauthorized(asyncResp->res, req.urlView, 218f12894f8SJason M. Bills "Invalid username or password"); 219820ce598SEd Tanous return; 2202b7981f6SKowalski, Kamil } 22108bdcc71SSunitha Harish #ifdef BMCWEB_ENABLE_IBM_MANAGEMENT_CONSOLE 22208bdcc71SSunitha Harish if (oemObject) 22308bdcc71SSunitha Harish { 22408bdcc71SSunitha Harish std::optional<nlohmann::json> bmcOem; 225724340d7SEd Tanous if (!json_util::readJson(*oemObject, asyncResp->res, "OpenBMC", bmcOem)) 22608bdcc71SSunitha Harish { 22708bdcc71SSunitha Harish return; 22808bdcc71SSunitha Harish } 229724340d7SEd Tanous if (!json_util::readJson(*bmcOem, asyncResp->res, "ClientID", clientId)) 23008bdcc71SSunitha Harish { 23108bdcc71SSunitha Harish BMCWEB_LOG_ERROR << "Could not read ClientId"; 23208bdcc71SSunitha Harish return; 23308bdcc71SSunitha Harish } 23408bdcc71SSunitha Harish } 23508bdcc71SSunitha Harish #endif 2366f115bbbSManojkiran Eda 237820ce598SEd Tanous // User is authenticated - create session 23852cc112dSEd Tanous std::shared_ptr<persistent_data::UserSession> session = 239724340d7SEd Tanous persistent_data::SessionStore::getInstance().generateUserSession( 24041d61c82SJiaqing Zhao username, req.ipAddress, clientId, 241724340d7SEd Tanous persistent_data::PersistenceType::TIMEOUT, isConfigureSelfOnly); 24202e53aefSBrad Bishop if (session == nullptr) 24302e53aefSBrad Bishop { 24402e53aefSBrad Bishop messages::internalError(asyncResp->res); 24502e53aefSBrad Bishop return; 24602e53aefSBrad Bishop } 24702e53aefSBrad Bishop 2488d1b46d7Szhanghch05 asyncResp->res.addHeader("X-Auth-Token", session->sessionToken); 249faa34ccfSEd Tanous asyncResp->res.addHeader( 250724340d7SEd Tanous "Location", "/redfish/v1/SessionService/Sessions/" + session->uniqueId); 2518d1b46d7Szhanghch05 asyncResp->res.result(boost::beast::http::status::created); 2523bf4e632SJoseph Reynolds if (session->isConfigureSelfOnly) 2533bf4e632SJoseph Reynolds { 2543bf4e632SJoseph Reynolds messages::passwordChangeRequired( 255724340d7SEd Tanous asyncResp->res, 256724340d7SEd Tanous crow::utility::urlFromPieces("redfish", "v1", "AccountService", 25785e6471bSBrad Bishop "Accounts", session->username)); 2582b7981f6SKowalski, Kamil } 2592b7981f6SKowalski, Kamil 260faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 261724340d7SEd Tanous } 262*a1e0871dSEd Tanous inline void handleSessionServiceHead( 263*a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 264*a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 265*a1e0871dSEd Tanous { 266*a1e0871dSEd Tanous 267*a1e0871dSEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 268*a1e0871dSEd Tanous { 269*a1e0871dSEd Tanous return; 270*a1e0871dSEd Tanous } 271*a1e0871dSEd Tanous asyncResp->res.addHeader( 272*a1e0871dSEd Tanous boost::beast::http::field::link, 273*a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby"); 274*a1e0871dSEd Tanous } 275724340d7SEd Tanous inline void 27645ca1b86SEd Tanous handleSessionServiceGet(crow::App& app, const crow::Request& req, 277724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 2782b7981f6SKowalski, Kamil 279724340d7SEd Tanous { 280*a1e0871dSEd Tanous handleSessionServiceHead(app, req, asyncResp); 2818d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 2828d1b46d7Szhanghch05 "#SessionService.v1_0_2.SessionService"; 283724340d7SEd Tanous asyncResp->res.jsonValue["@odata.id"] = "/redfish/v1/SessionService/"; 2848d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Service"; 2858d1b46d7Szhanghch05 asyncResp->res.jsonValue["Id"] = "SessionService"; 2868d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Service"; 2878d1b46d7Szhanghch05 asyncResp->res.jsonValue["SessionTimeout"] = 288724340d7SEd Tanous persistent_data::SessionStore::getInstance().getTimeoutInSeconds(); 2898d1b46d7Szhanghch05 asyncResp->res.jsonValue["ServiceEnabled"] = true; 2900f74e643SEd Tanous 2911476687dSEd Tanous asyncResp->res.jsonValue["Sessions"]["@odata.id"] = 2921476687dSEd Tanous "/redfish/v1/SessionService/Sessions"; 293724340d7SEd Tanous } 294f2a4a606SManojkiran Eda 295724340d7SEd Tanous inline void handleSessionServicePatch( 29645ca1b86SEd Tanous crow::App& app, const crow::Request& req, 297724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 298724340d7SEd Tanous { 2993ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 30045ca1b86SEd Tanous { 30145ca1b86SEd Tanous return; 30245ca1b86SEd Tanous } 303f2a4a606SManojkiran Eda std::optional<int64_t> sessionTimeout; 304724340d7SEd Tanous if (!json_util::readJsonPatch(req, asyncResp->res, "SessionTimeout", 305724340d7SEd Tanous sessionTimeout)) 306f2a4a606SManojkiran Eda { 307f2a4a606SManojkiran Eda return; 308f2a4a606SManojkiran Eda } 309f2a4a606SManojkiran Eda 310f2a4a606SManojkiran Eda if (sessionTimeout) 311f2a4a606SManojkiran Eda { 312faa34ccfSEd Tanous // The mininum & maximum allowed values for session timeout 313faa34ccfSEd Tanous // are 30 seconds and 86400 seconds respectively as per the 314faa34ccfSEd Tanous // session service schema mentioned at 315f2a4a606SManojkiran Eda // https://redfish.dmtf.org/schemas/v1/SessionService.v1_1_7.json 316f2a4a606SManojkiran Eda 317f2a4a606SManojkiran Eda if (*sessionTimeout <= 86400 && *sessionTimeout >= 30) 318f2a4a606SManojkiran Eda { 319724340d7SEd Tanous std::chrono::seconds sessionTimeoutInseconds(*sessionTimeout); 320724340d7SEd Tanous persistent_data::SessionStore::getInstance().updateSessionTimeout( 321724340d7SEd Tanous sessionTimeoutInseconds); 322724340d7SEd Tanous messages::propertyValueModified(asyncResp->res, "SessionTimeOut", 323f2a4a606SManojkiran Eda std::to_string(*sessionTimeout)); 324f2a4a606SManojkiran Eda } 325f2a4a606SManojkiran Eda else 326f2a4a606SManojkiran Eda { 327724340d7SEd Tanous messages::propertyValueNotInList(asyncResp->res, 328724340d7SEd Tanous std::to_string(*sessionTimeout), 3298d1b46d7Szhanghch05 "SessionTimeOut"); 330f2a4a606SManojkiran Eda } 331f2a4a606SManojkiran Eda } 332724340d7SEd Tanous } 333724340d7SEd Tanous 334724340d7SEd Tanous inline void requestRoutesSession(App& app) 335724340d7SEd Tanous { 336724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 337*a1e0871dSEd Tanous .privileges(redfish::privileges::headSession) 338*a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 339*a1e0871dSEd Tanous std::bind_front(handleSessionHead, std::ref(app))); 340*a1e0871dSEd Tanous 341*a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 342724340d7SEd Tanous .privileges(redfish::privileges::getSession) 34345ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 34445ca1b86SEd Tanous std::bind_front(handleSessionGet, std::ref(app))); 345724340d7SEd Tanous 346724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 347724340d7SEd Tanous .privileges(redfish::privileges::deleteSession) 34845ca1b86SEd Tanous .methods(boost::beast::http::verb::delete_)( 34945ca1b86SEd Tanous std::bind_front(handleSessionDelete, std::ref(app))); 350724340d7SEd Tanous 351724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 352*a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionCollection) 353*a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 354*a1e0871dSEd Tanous std::bind_front(handleSessionCollectionHead, std::ref(app))); 355*a1e0871dSEd Tanous 356*a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 357724340d7SEd Tanous .privileges(redfish::privileges::getSessionCollection) 35845ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 35945ca1b86SEd Tanous std::bind_front(handleSessionCollectionGet, std::ref(app))); 360724340d7SEd Tanous 361e76cd868SEd Tanous // Note, the next two routes technically don't match the privilege 362724340d7SEd Tanous // registry given the way login mechanisms work. The base privilege 363724340d7SEd Tanous // registry lists this endpoint as requiring login privilege, but because 364724340d7SEd Tanous // this is the endpoint responsible for giving the login privilege, and it 365724340d7SEd Tanous // is itself its own route, it needs to not require Login 366724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 367724340d7SEd Tanous .privileges({}) 36845ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 36945ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 370724340d7SEd Tanous 371e76cd868SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/Members/") 372e76cd868SEd Tanous .privileges({}) 37345ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 37445ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 375e76cd868SEd Tanous 376724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 377*a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionService) 378*a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 379*a1e0871dSEd Tanous std::bind_front(handleSessionServiceHead, std::ref(app))); 380*a1e0871dSEd Tanous 381*a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 382724340d7SEd Tanous .privileges(redfish::privileges::getSessionService) 38345ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 38445ca1b86SEd Tanous std::bind_front(handleSessionServiceGet, std::ref(app))); 385724340d7SEd Tanous 386724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 387724340d7SEd Tanous .privileges(redfish::privileges::patchSessionService) 38845ca1b86SEd Tanous .methods(boost::beast::http::verb::patch)( 38945ca1b86SEd Tanous std::bind_front(handleSessionServicePatch, std::ref(app))); 390f2a4a606SManojkiran Eda } 3915d27b854SBorawski.Lukasz 3922b7981f6SKowalski, Kamil } // namespace redfish 393