diff options
author | Ed Tanous <edtanous@google.com> | 2023-03-10 20:21:58 +0300 |
---|---|---|
committer | Ed Tanous <ed@tanous.net> | 2023-03-15 00:23:02 +0300 |
commit | 3d1832037ed42ffdbb1dfea4a440d5d7233c6b55 (patch) | |
tree | adfaad622303264a4ec6560f8e4b921f86241846 /http/routing.hpp | |
parent | e1f5c168145744f044311478266f945e761d7a95 (diff) | |
download | bmcweb-3d1832037ed42ffdbb1dfea4a440d5d7233c6b55.tar.xz |
Move validation code to unpackPropertiesNoThrow
Tested: Tested in 46991
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ia714c7de02d714e636d5624ea884dbb6633baee5
Diffstat (limited to 'http/routing.hpp')
-rw-r--r-- | http/routing.hpp | 60 |
1 files changed, 28 insertions, 32 deletions
diff --git a/http/routing.hpp b/http/routing.hpp index b3dbc63c96..d35e4b45a9 100644 --- a/http/routing.hpp +++ b/http/routing.hpp @@ -10,11 +10,13 @@ #include "privileges.hpp" #include "sessions.hpp" #include "utility.hpp" +#include "utils/dbus_utils.hpp" #include "verb.hpp" #include "websocket.hpp" #include <boost/beast/ssl/ssl_stream.hpp> #include <boost/container/flat_map.hpp> +#include <sdbusplus/unpack_properties.hpp> #include <cerrno> #include <cstdint> @@ -1254,38 +1256,29 @@ class Router boost::beast::http::status::internal_server_error); return; } + std::string userRole{}; + const std::string* userRolePtr = nullptr; const bool* remoteUser = nullptr; - std::optional<bool> passwordExpired; + const bool* passwordExpired = nullptr; + + const bool success = sdbusplus::unpackPropertiesNoThrow( + redfish::dbus_utils::UnpackErrorPrinter(), userInfoMap, + "UserPrivilege", userRolePtr, "RemoteUser", remoteUser, + "UserPasswordExpired", passwordExpired); - for (const auto& userInfo : userInfoMap) + if (!success) { - if (userInfo.first == "UserPrivilege") - { - const std::string* userRolePtr = - std::get_if<std::string>(&userInfo.second); - if (userRolePtr == nullptr) - { - continue; - } - userRole = *userRolePtr; - BMCWEB_LOG_DEBUG << "userName = " << req.session->username - << " userRole = " << *userRolePtr; - } - else if (userInfo.first == "RemoteUser") - { - remoteUser = std::get_if<bool>(&userInfo.second); - } - else if (userInfo.first == "UserPasswordExpired") - { - const bool* passwordExpiredPtr = - std::get_if<bool>(&userInfo.second); - if (passwordExpiredPtr == nullptr) - { - continue; - } - passwordExpired = *passwordExpiredPtr; - } + asyncResp->res.result( + boost::beast::http::status::internal_server_error); + return; + } + + if (userRolePtr != nullptr) + { + userRole = *userRolePtr; + BMCWEB_LOG_DEBUG << "userName = " << req.session->username + << " userRole = " << *userRolePtr; } if (remoteUser == nullptr) @@ -1295,8 +1288,8 @@ class Router boost::beast::http::status::internal_server_error); return; } - - if (passwordExpired == std::nullopt) + bool expired = false; + if (passwordExpired == nullptr) { if (!*remoteUser) { @@ -1307,7 +1300,10 @@ class Router boost::beast::http::status::internal_server_error); return; } - passwordExpired = false; + } + else + { + expired = *passwordExpired; } // Get the user's privileges from the role @@ -1317,7 +1313,7 @@ class Router // Set isConfigureSelfOnly based on D-Bus results. This // ignores the results from both pamAuthenticateUser and the // value from any previous use of this session. - req.session->isConfigureSelfOnly = *passwordExpired; + req.session->isConfigureSelfOnly = expired; // Modify privileges if isConfigureSelfOnly. if (req.session->isConfigureSelfOnly) |