From ede8454491b554c2494a61f42993fa2e39b4d865 Mon Sep 17 00:00:00 2001
From: Kuiying Wang <kuiying.wang@intel.com>
Date: Wed, 23 Dec 2020 14:41:23 +0800
Subject: [PATCH] Add support to ChangePassword action

Tested:

Passed Redfish validator.
Bios change password:
root@intel-obmc:~# cat /var/lib/bios-settings-manager/seedData
{
"UserPwdHash": "08D91157785366CDC3AA64D87E5E3C621EDAB13E26B6E484397EBA5E459E54C567BF5B1FFB36A43B6142B18F8D642E9D",
"AdminPwdHash": "08D91157785366CDC3AA64D87E5E3C621EDAB13E26B6E484397EBA5E459E54C567BF5B1FFB36A43B6142B18F8D642E9D",
"Seed": "123456",
"HashAlgo": "SHA384"
}
POST https://IP_ADDR/redfish/v1/Systems/system/Bios/Actions/Bios.ChangePassword
{
    "NewPassword": "12345678",
    "OldPassword": "1234567890",
    "PasswordName": "Administrator"
}
root@intel-obmc:~# cat /var/lib/bios-settings-manager/passwordData
{
    "CurrentPassword": "1234567890",
    "IsAdminPwdChanged": 1,
    "IsUserPwdChanged": 0,
    "NewPassword": "2DD65D57EB60B1D92C5F3D2DC84724FCEE7BC02E57AA75E834712266ED94CAC704047B2FF7CEC1C36BED280B36BB5AC6",
    "UserName": "Administrator"
}

Change-Id: I90319a68da0b0a7f9c5cd65a8cb8cf52269a5f52
Signed-off-by: Kuiying Wang <kuiying.wang@intel.com>
---
 redfish-core/include/redfish.hpp |  1 +
 redfish-core/lib/bios.hpp        | 70 ++++++++++++++++++++++++++++++++
 2 files changed, 71 insertions(+)

diff --git a/redfish-core/include/redfish.hpp b/redfish-core/include/redfish.hpp
index a8e5cf2..dabf78e 100644
--- a/redfish-core/include/redfish.hpp
+++ b/redfish-core/include/redfish.hpp
@@ -160,6 +160,7 @@ class RedfishService
         nodes.emplace_back(std::make_unique<BiosSettings>(app));
         nodes.emplace_back(std::make_unique<BiosAttributeRegistry>(app));
         nodes.emplace_back(std::make_unique<BiosReset>(app));
+        nodes.emplace_back(std::make_unique<BiosChangePassword>(app));
 #ifdef BMCWEB_ENABLE_VM_NBDPROXY
         nodes.emplace_back(std::make_unique<VirtualMedia>(app));
         nodes.emplace_back(std::make_unique<VirtualMediaCollection>(app));
diff --git a/redfish-core/lib/bios.hpp b/redfish-core/lib/bios.hpp
index 7b6fc3d..61b396b 100644
--- a/redfish-core/lib/bios.hpp
+++ b/redfish-core/lib/bios.hpp
@@ -186,6 +186,9 @@ class BiosService : public Node
         asyncResp->res.jsonValue["Actions"]["#Bios.ResetBios"] = {
             {"target",
              "/redfish/v1/Systems/system/Bios/Actions/Bios.ResetBios"}};
+        asyncResp->res.jsonValue["Actions"]["#Bios.ChangePassword"] = {
+            {"target",
+             "/redfish/v1/Systems/system/Bios/Actions/Bios.ChangePassword"}};
 
         // Get the ActiveSoftwareImage and SoftwareImages
         fw_util::populateFirmwareInformation(asyncResp, fw_util::biosPurpose,
@@ -674,4 +677,71 @@ class BiosReset : public Node
             std::variant<std::string>(resetFlag));
     }
 };
+
+/**
+ * BiosChangePassword class supports handle POST method for change bios
+ * password. The class retrieves and sends data directly to D-Bus.
+ */
+class BiosChangePassword : public Node
+{
+  public:
+    BiosChangePassword(App& app) :
+        Node(app,
+             "/redfish/v1/Systems/system/Bios/Actions/Bios.ChangePassword/")
+    {
+        entityPrivileges = {
+            {boost::beast::http::verb::post, {{"ConfigureComponents"}}}};
+    }
+
+  private:
+    /**
+     * Function handles POST method request.
+     * Analyzes POST body message before sends Reset request data to D-Bus.
+     */
+    void doPost(crow::Response& res, const crow::Request& req,
+                const std::vector<std::string>&) override
+    {
+        auto asyncResp = std::make_shared<AsyncResp>(res);
+        std::string currentPassword, newPassword, userName;
+        if (!json_util::readJson(req, res, "NewPassword", newPassword,
+                                 "OldPassword", currentPassword, "PasswordName",
+                                 userName))
+        {
+            return;
+        }
+        if (currentPassword.empty())
+        {
+            messages::actionParameterUnknown(asyncResp->res, "ChangePassword",
+                                             "OldPassword");
+            return;
+        }
+        if (newPassword.empty())
+        {
+            messages::actionParameterUnknown(asyncResp->res, "ChangePassword",
+                                             "NewPassword");
+            return;
+        }
+        if (userName.empty())
+        {
+            messages::actionParameterUnknown(asyncResp->res, "ChangePassword",
+                                             "PasswordName");
+            return;
+        }
+        crow::connections::systemBus->async_method_call(
+            [asyncResp](const boost::system::error_code ec) {
+                if (ec)
+                {
+                    BMCWEB_LOG_CRITICAL << "Failed in doPost(BiosChangePassword) "
+                                        << ec;
+                    messages::internalError(asyncResp->res);
+                    return;
+                }
+            },
+            "xyz.openbmc_project.BIOSConfigPassword",
+            "/xyz/openbmc_project/bios_config/password",
+            "xyz.openbmc_project.BIOSConfig.Password", "ChangePassword",
+            userName, currentPassword, newPassword);
+    }
+};
+
 } // namespace redfish
-- 
2.17.1