12b7981f6SKowalski, Kamil /* 26be832e2SEd Tanous Copyright (c) 2018 Intel Corporation 36be832e2SEd Tanous 46be832e2SEd Tanous Licensed under the Apache License, Version 2.0 (the "License"); 56be832e2SEd Tanous you may not use this file except in compliance with the License. 66be832e2SEd Tanous You may obtain a copy of the License at 76be832e2SEd Tanous 86be832e2SEd Tanous http://www.apache.org/licenses/LICENSE-2.0 96be832e2SEd Tanous 106be832e2SEd Tanous Unless required by applicable law or agreed to in writing, software 116be832e2SEd Tanous distributed under the License is distributed on an "AS IS" BASIS, 126be832e2SEd Tanous WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 136be832e2SEd Tanous See the License for the specific language governing permissions and 146be832e2SEd Tanous limitations under the License. 152b7981f6SKowalski, Kamil */ 162b7981f6SKowalski, Kamil #pragma once 1743a095abSBorawski.Lukasz 18ce22f609SPaul Fertser #include "account_service.hpp" 193ccb3adbSEd Tanous #include "app.hpp" 2029aab242SPaul Fertser #include "cookies.hpp" 21f4c4dcf4SKowalski, Kamil #include "error_messages.hpp" 223ccb3adbSEd Tanous #include "http/utility.hpp" 2352cc112dSEd Tanous #include "persistent_data.hpp" 243ccb3adbSEd Tanous #include "query.hpp" 253ccb3adbSEd Tanous #include "registries/privilege_registry.hpp" 263ccb3adbSEd Tanous #include "utils/json_utils.hpp" 277e860f15SJohn Edward Broadbent 28ef4c65b7SEd Tanous #include <boost/url/format.hpp> 29ef4c65b7SEd Tanous 3089cda63dSEd Tanous #include <string> 3189cda63dSEd Tanous #include <vector> 3289cda63dSEd Tanous 331abe55efSEd Tanous namespace redfish 341abe55efSEd Tanous { 352b7981f6SKowalski, Kamil 364f48d5f6SEd Tanous inline void fillSessionObject(crow::Response& res, 37faa34ccfSEd Tanous const persistent_data::UserSession& session) 381abe55efSEd Tanous { 39faa34ccfSEd Tanous res.jsonValue["Id"] = session.uniqueId; 40faa34ccfSEd Tanous res.jsonValue["UserName"] = session.username; 41ce22f609SPaul Fertser nlohmann::json::array_t roles; 42ce22f609SPaul Fertser roles.emplace_back(redfish::getRoleIdFromPrivilege(session.userRole)); 43ce22f609SPaul Fertser res.jsonValue["Roles"] = std::move(roles); 44ef4c65b7SEd Tanous res.jsonValue["@odata.id"] = boost::urls::format( 45ef4c65b7SEd Tanous "/redfish/v1/SessionService/Sessions/{}", session.uniqueId); 46ce22f609SPaul Fertser res.jsonValue["@odata.type"] = "#Session.v1_7_0.Session"; 47faa34ccfSEd Tanous res.jsonValue["Name"] = "User Session"; 48faa34ccfSEd Tanous res.jsonValue["Description"] = "Manager User Session"; 49faa34ccfSEd Tanous res.jsonValue["ClientOriginIPAddress"] = session.clientIp; 50bb759e3aSEd Tanous if (session.clientId) 51bb759e3aSEd Tanous { 52bb759e3aSEd Tanous res.jsonValue["Context"] = *session.clientId; 53bb759e3aSEd Tanous } 542b7981f6SKowalski, Kamil } 552b7981f6SKowalski, Kamil 56724340d7SEd Tanous inline void 57a1e0871dSEd Tanous handleSessionHead(crow::App& app, const crow::Request& req, 58faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 59a1e0871dSEd Tanous const std::string& /*sessionId*/) 60724340d7SEd Tanous { 613ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 6245ca1b86SEd Tanous { 6345ca1b86SEd Tanous return; 6445ca1b86SEd Tanous } 65a1e0871dSEd Tanous asyncResp->res.addHeader( 66a1e0871dSEd Tanous boost::beast::http::field::link, 67a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby"); 68a1e0871dSEd Tanous } 69a1e0871dSEd Tanous 70a1e0871dSEd Tanous inline void 71a1e0871dSEd Tanous handleSessionGet(crow::App& app, const crow::Request& req, 72a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 73a1e0871dSEd Tanous const std::string& sessionId) 74a1e0871dSEd Tanous { 7565ffbcb3SEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 7665ffbcb3SEd Tanous { 7765ffbcb3SEd Tanous return; 7865ffbcb3SEd Tanous } 7965ffbcb3SEd Tanous asyncResp->res.addHeader( 8065ffbcb3SEd Tanous boost::beast::http::field::link, 8165ffbcb3SEd Tanous "</redfish/v1/JsonSchemas/Session/Session.json>; rel=describedby"); 82a1e0871dSEd Tanous 83faa34ccfSEd Tanous // Note that control also reaches here via doPost and doDelete. 84724340d7SEd Tanous auto session = 85724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 862b7981f6SKowalski, Kamil 871abe55efSEd Tanous if (session == nullptr) 881abe55efSEd Tanous { 89724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 90faa34ccfSEd Tanous return; 91faa34ccfSEd Tanous } 92faa34ccfSEd Tanous 93faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 94724340d7SEd Tanous } 95faa34ccfSEd Tanous 96724340d7SEd Tanous inline void 9745ca1b86SEd Tanous handleSessionDelete(crow::App& app, const crow::Request& req, 98faa34ccfSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, 99724340d7SEd Tanous const std::string& sessionId) 100724340d7SEd Tanous { 1013ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 10245ca1b86SEd Tanous { 10345ca1b86SEd Tanous return; 10445ca1b86SEd Tanous } 105724340d7SEd Tanous auto session = 106724340d7SEd Tanous persistent_data::SessionStore::getInstance().getSessionByUid(sessionId); 107faa34ccfSEd Tanous 108faa34ccfSEd Tanous if (session == nullptr) 109faa34ccfSEd Tanous { 110724340d7SEd Tanous messages::resourceNotFound(asyncResp->res, "Session", sessionId); 1112b7981f6SKowalski, Kamil return; 1122b7981f6SKowalski, Kamil } 1132b7981f6SKowalski, Kamil 114900f9497SJoseph Reynolds // Perform a proper ConfigureSelf authority check. If a 115900f9497SJoseph Reynolds // session is being used to DELETE some other user's session, 116900f9497SJoseph Reynolds // then the ConfigureSelf privilege does not apply. In that 117900f9497SJoseph Reynolds // case, perform the authority check again without the user's 118900f9497SJoseph Reynolds // ConfigureSelf privilege. 1190fd29865Swukaihua-fii-na if (req.session != nullptr && !session->username.empty() && 1200fd29865Swukaihua-fii-na session->username != req.session->username) 121900f9497SJoseph Reynolds { 1226c51eab1SEd Tanous Privileges effectiveUserPrivileges = 1233e72c202SNinad Palsule redfish::getUserPrivileges(*req.session); 1246c51eab1SEd Tanous 125724340d7SEd Tanous if (!effectiveUserPrivileges.isSupersetOf({"ConfigureUsers"})) 126900f9497SJoseph Reynolds { 1278d1b46d7Szhanghch05 messages::insufficientPrivilege(asyncResp->res); 128900f9497SJoseph Reynolds return; 129900f9497SJoseph Reynolds } 130900f9497SJoseph Reynolds } 131900f9497SJoseph Reynolds 1328812e8beSPaul Fertser if (req.session != nullptr && req.session->uniqueId == sessionId && 1338812e8beSPaul Fertser session->cookieAuth) 13429aab242SPaul Fertser { 13529aab242SPaul Fertser bmcweb::clearSessionCookies(asyncResp->res); 13629aab242SPaul Fertser } 13729aab242SPaul Fertser 138724340d7SEd Tanous persistent_data::SessionStore::getInstance().removeSession(session); 1395cc148afSEd Tanous messages::success(asyncResp->res); 140724340d7SEd Tanous } 141f4c4dcf4SKowalski, Kamil 142724340d7SEd Tanous inline nlohmann::json getSessionCollectionMembers() 143724340d7SEd Tanous { 14489cda63dSEd Tanous std::vector<std::string> sessionIds = 14589cda63dSEd Tanous persistent_data::SessionStore::getInstance().getAllUniqueIds(); 146724340d7SEd Tanous nlohmann::json ret = nlohmann::json::array(); 14789cda63dSEd Tanous for (const std::string& uid : sessionIds) 1481abe55efSEd Tanous { 1491476687dSEd Tanous nlohmann::json::object_t session; 150ef4c65b7SEd Tanous session["@odata.id"] = 15189cda63dSEd Tanous boost::urls::format("/redfish/v1/SessionService/Sessions/{}", uid); 152b2ba3072SPatrick Williams ret.emplace_back(std::move(session)); 1532b7981f6SKowalski, Kamil } 154724340d7SEd Tanous return ret; 155724340d7SEd Tanous } 156724340d7SEd Tanous 157a1e0871dSEd Tanous inline void handleSessionCollectionHead( 15845ca1b86SEd Tanous crow::App& app, const crow::Request& req, 159724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 160724340d7SEd Tanous { 1613ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 16245ca1b86SEd Tanous { 16345ca1b86SEd Tanous return; 16445ca1b86SEd Tanous } 165a1e0871dSEd Tanous asyncResp->res.addHeader( 166a1e0871dSEd Tanous boost::beast::http::field::link, 167a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby"); 168a1e0871dSEd Tanous } 169a1e0871dSEd Tanous 170a1e0871dSEd Tanous inline void handleSessionCollectionGet( 171a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 172a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 173a1e0871dSEd Tanous { 17401a89a1fSEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 17501a89a1fSEd Tanous { 17601a89a1fSEd Tanous return; 17701a89a1fSEd Tanous } 17801a89a1fSEd Tanous asyncResp->res.addHeader( 17901a89a1fSEd Tanous boost::beast::http::field::link, 18001a89a1fSEd Tanous "</redfish/v1/JsonSchemas/SessionCollection.json>; rel=describedby"); 18101a89a1fSEd Tanous 182724340d7SEd Tanous asyncResp->res.jsonValue["Members"] = getSessionCollectionMembers(); 183faa34ccfSEd Tanous asyncResp->res.jsonValue["Members@odata.count"] = 184724340d7SEd Tanous asyncResp->res.jsonValue["Members"].size(); 1858d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 1868d1b46d7Szhanghch05 "#SessionCollection.SessionCollection"; 1878d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.id"] = 1887a859ffeSGunnar Mills "/redfish/v1/SessionService/Sessions"; 1898d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Collection"; 1908d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Collection"; 191724340d7SEd Tanous } 1922b7981f6SKowalski, Kamil 193724340d7SEd Tanous inline void handleSessionCollectionMembersGet( 19445ca1b86SEd Tanous crow::App& app, const crow::Request& req, 195724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 196724340d7SEd Tanous { 1973ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 19845ca1b86SEd Tanous { 19945ca1b86SEd Tanous return; 20045ca1b86SEd Tanous } 201724340d7SEd Tanous asyncResp->res.jsonValue = getSessionCollectionMembers(); 202724340d7SEd Tanous } 203724340d7SEd Tanous 2044ee8e211SEd Tanous inline void handleSessionCollectionPost( 20545ca1b86SEd Tanous crow::App& app, const crow::Request& req, 206724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 207724340d7SEd Tanous { 2083ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 20945ca1b86SEd Tanous { 21045ca1b86SEd Tanous return; 21145ca1b86SEd Tanous } 2129712f8acSEd Tanous std::string username; 2139712f8acSEd Tanous std::string password; 214bb759e3aSEd Tanous std::optional<std::string> clientId; 2152ccce1f3SRavi Teja std::optional<std::string> token; 216*afc474aeSMyung Bae if (!json_util::readJsonPatch( // 217*afc474aeSMyung Bae req, asyncResp->res, // 218*afc474aeSMyung Bae "Context", clientId, // 219*afc474aeSMyung Bae "Password", password, // 220*afc474aeSMyung Bae "Token", token, // 221*afc474aeSMyung Bae "UserName", username // 222*afc474aeSMyung Bae )) 2231abe55efSEd Tanous { 2242b7981f6SKowalski, Kamil return; 2252b7981f6SKowalski, Kamil } 226820ce598SEd Tanous if (password.empty() || username.empty() || 2278d1b46d7Szhanghch05 asyncResp->res.result() != boost::beast::http::status::ok) 2281abe55efSEd Tanous { 2291abe55efSEd Tanous if (username.empty()) 2301abe55efSEd Tanous { 2318d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "UserName"); 232f4c4dcf4SKowalski, Kamil } 233f4c4dcf4SKowalski, Kamil 2341abe55efSEd Tanous if (password.empty()) 2351abe55efSEd Tanous { 2368d1b46d7Szhanghch05 messages::propertyMissing(asyncResp->res, "Password"); 237820ce598SEd Tanous } 238820ce598SEd Tanous 239820ce598SEd Tanous return; 240f4c4dcf4SKowalski, Kamil } 2412b7981f6SKowalski, Kamil 2422ccce1f3SRavi Teja int pamrc = pamAuthenticateUser(username, password, token); 2433bf4e632SJoseph Reynolds bool isConfigureSelfOnly = pamrc == PAM_NEW_AUTHTOK_REQD; 2443bf4e632SJoseph Reynolds if ((pamrc != PAM_SUCCESS) && !isConfigureSelfOnly) 2451abe55efSEd Tanous { 24639662a3bSEd Tanous messages::resourceAtUriUnauthorized(asyncResp->res, req.url(), 247f12894f8SJason M. Bills "Invalid username or password"); 248820ce598SEd Tanous return; 2492b7981f6SKowalski, Kamil } 2506f115bbbSManojkiran Eda 251820ce598SEd Tanous // User is authenticated - create session 25252cc112dSEd Tanous std::shared_ptr<persistent_data::UserSession> session = 253724340d7SEd Tanous persistent_data::SessionStore::getInstance().generateUserSession( 25441d61c82SJiaqing Zhao username, req.ipAddress, clientId, 25589cda63dSEd Tanous persistent_data::SessionType::Session, isConfigureSelfOnly); 25602e53aefSBrad Bishop if (session == nullptr) 25702e53aefSBrad Bishop { 25802e53aefSBrad Bishop messages::internalError(asyncResp->res); 25902e53aefSBrad Bishop return; 26002e53aefSBrad Bishop } 26102e53aefSBrad Bishop 26229aab242SPaul Fertser // When session is created by webui-vue give it session cookies as a 26329aab242SPaul Fertser // non-standard Redfish extension. This is needed for authentication for 26429aab242SPaul Fertser // WebSockets-based functionality. 26529aab242SPaul Fertser if (!req.getHeaderValue("X-Requested-With").empty()) 26629aab242SPaul Fertser { 26729aab242SPaul Fertser bmcweb::setSessionCookies(asyncResp->res, *session); 26829aab242SPaul Fertser } 26929aab242SPaul Fertser else 27029aab242SPaul Fertser { 2718d1b46d7Szhanghch05 asyncResp->res.addHeader("X-Auth-Token", session->sessionToken); 27229aab242SPaul Fertser } 27329aab242SPaul Fertser 274faa34ccfSEd Tanous asyncResp->res.addHeader( 275724340d7SEd Tanous "Location", "/redfish/v1/SessionService/Sessions/" + session->uniqueId); 2768d1b46d7Szhanghch05 asyncResp->res.result(boost::beast::http::status::created); 2773bf4e632SJoseph Reynolds if (session->isConfigureSelfOnly) 2783bf4e632SJoseph Reynolds { 2793bf4e632SJoseph Reynolds messages::passwordChangeRequired( 280724340d7SEd Tanous asyncResp->res, 281ef4c65b7SEd Tanous boost::urls::format("/redfish/v1/AccountService/Accounts/{}", 282ef4c65b7SEd Tanous session->username)); 2832b7981f6SKowalski, Kamil } 2842b7981f6SKowalski, Kamil 285478c5a57SPaul Fertser crow::getUserInfo(asyncResp, username, session, [asyncResp, session]() { 286faa34ccfSEd Tanous fillSessionObject(asyncResp->res, *session); 287478c5a57SPaul Fertser }); 288724340d7SEd Tanous } 289a1e0871dSEd Tanous inline void handleSessionServiceHead( 290a1e0871dSEd Tanous crow::App& app, const crow::Request& req, 291a1e0871dSEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 292a1e0871dSEd Tanous { 293a1e0871dSEd Tanous if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 294a1e0871dSEd Tanous { 295a1e0871dSEd Tanous return; 296a1e0871dSEd Tanous } 297a1e0871dSEd Tanous asyncResp->res.addHeader( 298a1e0871dSEd Tanous boost::beast::http::field::link, 299a1e0871dSEd Tanous "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby"); 300a1e0871dSEd Tanous } 301724340d7SEd Tanous inline void 30245ca1b86SEd Tanous handleSessionServiceGet(crow::App& app, const crow::Request& req, 303724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 3042b7981f6SKowalski, Kamil 305724340d7SEd Tanous { 30678e3900fSGunnar Mills if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 30778e3900fSGunnar Mills { 30878e3900fSGunnar Mills return; 30978e3900fSGunnar Mills } 31078e3900fSGunnar Mills asyncResp->res.addHeader( 31178e3900fSGunnar Mills boost::beast::http::field::link, 31278e3900fSGunnar Mills "</redfish/v1/JsonSchemas/SessionService/SessionService.json>; rel=describedby"); 31378e3900fSGunnar Mills 3148d1b46d7Szhanghch05 asyncResp->res.jsonValue["@odata.type"] = 3158d1b46d7Szhanghch05 "#SessionService.v1_0_2.SessionService"; 3167a859ffeSGunnar Mills asyncResp->res.jsonValue["@odata.id"] = "/redfish/v1/SessionService"; 3178d1b46d7Szhanghch05 asyncResp->res.jsonValue["Name"] = "Session Service"; 3188d1b46d7Szhanghch05 asyncResp->res.jsonValue["Id"] = "SessionService"; 3198d1b46d7Szhanghch05 asyncResp->res.jsonValue["Description"] = "Session Service"; 3208d1b46d7Szhanghch05 asyncResp->res.jsonValue["SessionTimeout"] = 321724340d7SEd Tanous persistent_data::SessionStore::getInstance().getTimeoutInSeconds(); 3228d1b46d7Szhanghch05 asyncResp->res.jsonValue["ServiceEnabled"] = true; 3230f74e643SEd Tanous 3241476687dSEd Tanous asyncResp->res.jsonValue["Sessions"]["@odata.id"] = 3251476687dSEd Tanous "/redfish/v1/SessionService/Sessions"; 326724340d7SEd Tanous } 327f2a4a606SManojkiran Eda 328724340d7SEd Tanous inline void handleSessionServicePatch( 32945ca1b86SEd Tanous crow::App& app, const crow::Request& req, 330724340d7SEd Tanous const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 331724340d7SEd Tanous { 3323ba00073SCarson Labrado if (!redfish::setUpRedfishRoute(app, req, asyncResp)) 33345ca1b86SEd Tanous { 33445ca1b86SEd Tanous return; 33545ca1b86SEd Tanous } 336f2a4a606SManojkiran Eda std::optional<int64_t> sessionTimeout; 337*afc474aeSMyung Bae if (!json_util::readJsonPatch( // 338*afc474aeSMyung Bae req, asyncResp->res, // 339*afc474aeSMyung Bae "SessionTimeout", sessionTimeout // 340*afc474aeSMyung Bae )) 341f2a4a606SManojkiran Eda { 342f2a4a606SManojkiran Eda return; 343f2a4a606SManojkiran Eda } 344f2a4a606SManojkiran Eda 345f2a4a606SManojkiran Eda if (sessionTimeout) 346f2a4a606SManojkiran Eda { 3478ece0e45SEd Tanous // The minimum & maximum allowed values for session timeout 348faa34ccfSEd Tanous // are 30 seconds and 86400 seconds respectively as per the 349faa34ccfSEd Tanous // session service schema mentioned at 350f2a4a606SManojkiran Eda // https://redfish.dmtf.org/schemas/v1/SessionService.v1_1_7.json 351f2a4a606SManojkiran Eda 352f2a4a606SManojkiran Eda if (*sessionTimeout <= 86400 && *sessionTimeout >= 30) 353f2a4a606SManojkiran Eda { 354724340d7SEd Tanous std::chrono::seconds sessionTimeoutInseconds(*sessionTimeout); 355724340d7SEd Tanous persistent_data::SessionStore::getInstance().updateSessionTimeout( 356724340d7SEd Tanous sessionTimeoutInseconds); 357724340d7SEd Tanous messages::propertyValueModified(asyncResp->res, "SessionTimeOut", 358f2a4a606SManojkiran Eda std::to_string(*sessionTimeout)); 359f2a4a606SManojkiran Eda } 360f2a4a606SManojkiran Eda else 361f2a4a606SManojkiran Eda { 362e2616cc5SEd Tanous messages::propertyValueNotInList(asyncResp->res, *sessionTimeout, 3638d1b46d7Szhanghch05 "SessionTimeOut"); 364f2a4a606SManojkiran Eda } 365f2a4a606SManojkiran Eda } 366724340d7SEd Tanous } 367724340d7SEd Tanous 368724340d7SEd Tanous inline void requestRoutesSession(App& app) 369724340d7SEd Tanous { 370724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 371a1e0871dSEd Tanous .privileges(redfish::privileges::headSession) 372a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 373a1e0871dSEd Tanous std::bind_front(handleSessionHead, std::ref(app))); 374a1e0871dSEd Tanous 375a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 376724340d7SEd Tanous .privileges(redfish::privileges::getSession) 37745ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 37845ca1b86SEd Tanous std::bind_front(handleSessionGet, std::ref(app))); 379724340d7SEd Tanous 380724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/<str>/") 381724340d7SEd Tanous .privileges(redfish::privileges::deleteSession) 38245ca1b86SEd Tanous .methods(boost::beast::http::verb::delete_)( 38345ca1b86SEd Tanous std::bind_front(handleSessionDelete, std::ref(app))); 384724340d7SEd Tanous 385724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 386a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionCollection) 387a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 388a1e0871dSEd Tanous std::bind_front(handleSessionCollectionHead, std::ref(app))); 389a1e0871dSEd Tanous 390a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 391724340d7SEd Tanous .privileges(redfish::privileges::getSessionCollection) 39245ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 39345ca1b86SEd Tanous std::bind_front(handleSessionCollectionGet, std::ref(app))); 394724340d7SEd Tanous 395e76cd868SEd Tanous // Note, the next two routes technically don't match the privilege 396724340d7SEd Tanous // registry given the way login mechanisms work. The base privilege 397724340d7SEd Tanous // registry lists this endpoint as requiring login privilege, but because 398724340d7SEd Tanous // this is the endpoint responsible for giving the login privilege, and it 399724340d7SEd Tanous // is itself its own route, it needs to not require Login 400724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/") 401724340d7SEd Tanous .privileges({}) 40245ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 40345ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 404724340d7SEd Tanous 405e76cd868SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/Sessions/Members/") 406e76cd868SEd Tanous .privileges({}) 40745ca1b86SEd Tanous .methods(boost::beast::http::verb::post)( 40845ca1b86SEd Tanous std::bind_front(handleSessionCollectionPost, std::ref(app))); 409e76cd868SEd Tanous 410724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 411a1e0871dSEd Tanous .privileges(redfish::privileges::headSessionService) 412a1e0871dSEd Tanous .methods(boost::beast::http::verb::head)( 413a1e0871dSEd Tanous std::bind_front(handleSessionServiceHead, std::ref(app))); 414a1e0871dSEd Tanous 415a1e0871dSEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 416724340d7SEd Tanous .privileges(redfish::privileges::getSessionService) 41745ca1b86SEd Tanous .methods(boost::beast::http::verb::get)( 41845ca1b86SEd Tanous std::bind_front(handleSessionServiceGet, std::ref(app))); 419724340d7SEd Tanous 420724340d7SEd Tanous BMCWEB_ROUTE(app, "/redfish/v1/SessionService/") 421724340d7SEd Tanous .privileges(redfish::privileges::patchSessionService) 42245ca1b86SEd Tanous .methods(boost::beast::http::verb::patch)( 42345ca1b86SEd Tanous std::bind_front(handleSessionServicePatch, std::ref(app))); 424f2a4a606SManojkiran Eda } 4255d27b854SBorawski.Lukasz 4262b7981f6SKowalski, Kamil } // namespace redfish 427