diff options
author | jayaprakash Mutyala <mutyalax.jayaprakash@intel.com> | 2019-07-29 14:59:08 +0300 |
---|---|---|
committer | mutyalax.jayaprakash <mutyalax.jayaprakash@intel.com> | 2019-11-08 20:27:27 +0300 |
commit | 27c10d2ee746b85e9463efb0fc6773c209b2f5ba (patch) | |
tree | 44ff6be504b8dd4c02a8f0b5586b0faa2b84a01c | |
parent | 55e43f69db10c3320430c190853bff8a5a272965 (diff) | |
download | bmcweb-27c10d2ee746b85e9463efb0fc6773c209b2f5ba.tar.xz |
account_service: Added NoAccess role to Redfish
Issue: With IPMI command- If New user created, by defualt created with
"NO ACCESS" Channel priv Limit. But same role is not populating from
Redfish.
This test can be done only with below patch being merged.
https://gerrit.openbmc-project.xyz/#/c/openbmc/phosphor-user-manager/
+/24784/
Tested:
Added "NoAccess" Role to Redfish(if Channel privilege Limit is empty in
userlist).
Below is Snapshot from Redfish:
Get: https://<BMC IP>/redfish/v1/AccountService/Roles/NoAccess
{
"@odata.context": "/redfish/v1/$metadata#Role.Role",
"@odata.id": "/redfish/v1/AccountService/Roles/NoAccess",
"@odata.type": "#Role.v1_2_2.Role",
"AssignedPrivileges": null,
"Description": "NoAccess User Role",
"Id": "NoAccess",
"IsPredefined": true,
"Name": "User Role",
"OemPrivileges": [],
"RoleId": "NoAccess"
}
Get: https://<BMC IP>/redfish/v1/AccountService/Accounts/user6
{
"@odata.context": "/redfish/v1/$metadata#ManagerAccount.
ManagerAccount",
"@odata.id": "/redfish/v1/AccountService/Accounts/user6",
"@odata.type": "#ManagerAccount.v1_0_3.ManagerAccount",
"Description": "User Account",
"Enabled": false,
"Id": "user6",
"Links": {
"Role": {
"@odata.id": "/redfish/v1/AccountService/Roles/NoAccess"
}
},
"Locked": false,
"Locked@Redfish.AllowableValues": [
"false"
],
"Name": "User Account",
"Password": null,
"RoleId": "NoAccess",
"UserName": "user6"
}
Redfish validator test results:
Counter({'skipOptional': 31791, 'pass': 22397, 'passGet': 2293,
'metadataNamespaces': 1047, 'warningPresent': 70,
'serviceNamespaces': 68, 'invalidPropertyValue': 67,
'err.LogEntry.v1_0_0.EventSeverity': 64, 'failProp': 64,
'repeat': 14, 'reflink': 9, 'passAction': 7, 'optionalAction': 6,
'failErrorPresent': 1, 'unverifiedComplexAdditional': 1,
'warnTrailingSlashLink': 1})
Validation has failed: 65 problems found
Signed-off-by: jayaprakash Mutyala <mutyalax.jayaprakash@intel.com>
Change-Id: Ibc74e2fe4519ec6160dd516893d5e542feeabb0d
-rw-r--r-- | redfish-core/lib/account_service.hpp | 8 | ||||
-rw-r--r-- | redfish-core/lib/roles.hpp | 8 |
2 files changed, 16 insertions, 0 deletions
diff --git a/redfish-core/lib/account_service.hpp b/redfish-core/lib/account_service.hpp index 0658f3ff3b..291a207d02 100644 --- a/redfish-core/lib/account_service.hpp +++ b/redfish-core/lib/account_service.hpp @@ -90,6 +90,10 @@ inline std::string getRoleIdFromPrivilege(std::string_view role) { return "Operator"; } + else if ((role == "") || (role == "priv-noaccess")) + { + return "NoAccess"; + } return ""; } inline std::string getPrivilegeFromRoleId(std::string_view role) @@ -110,6 +114,10 @@ inline std::string getPrivilegeFromRoleId(std::string_view role) { return "priv-operator"; } + else if (role == "NoAccess") + { + return "priv-noaccess"; + } return ""; } diff --git a/redfish-core/lib/roles.hpp b/redfish-core/lib/roles.hpp index d170a5c358..58b45775d7 100644 --- a/redfish-core/lib/roles.hpp +++ b/redfish-core/lib/roles.hpp @@ -40,6 +40,10 @@ inline std::string getRoleFromPrivileges(std::string_view priv) { return "Operator"; } + else if (priv == "priv-noaccess") + { + return "NoAccess"; + } return ""; } @@ -63,6 +67,10 @@ inline bool getAssignedPrivFromRole(std::string_view role, { privArray = {"Login"}; } + else if (role == "NoAccess") + { + privArray = {}; + } else { return false; |