diff options
author | Ed Tanous <ed.tanous@intel.com> | 2018-04-12 22:17:20 +0300 |
---|---|---|
committer | Ed Tanous <ed.tanous@intel.com> | 2018-06-29 21:11:20 +0300 |
commit | aa2e59c10280ca4819926905e77a076bdb72a03f (patch) | |
tree | da6549670170adddb92459cea40ce4c05fe8d213 /include/token_authorization_middleware.hpp | |
parent | 274fad5ad0e7634d9ed3e174695136e674688e0c (diff) | |
download | bmcweb-aa2e59c10280ca4819926905e77a076bdb72a03f.tar.xz |
Move bmcweb over to sdbusplus
This patchset moves bmcweb from using boost-dbus over entirely to
sdbusplus. This has some nice improvements in performance (about 30%
of CPU cycles saved in dbus transactions), as well as makes this
project manuver closer to the upstream way of thinking.
Changes to bmcweb are largely ceremonial, and fall into a few
categories:
1. Moves async_method_call instances to the new format, and deletes any
use of the "endpoint" object in leiu of the sdbusplus style interface
2. sdbus object_path object doesn't allow access to the string
directly, so code that uses it moves to explicit casts.
3. The mapbox variant, while attempting to recreate boost::variant,
misses a T* get<T*>() method implementation, which allows using variant
without exceptions. Currently, there is an overload for
mapbox::get_ptr implementation which replecates the functionality.
Tested by: Booting the bmcweb on a target, iterating through redfish
basic phosphor-webui usage, and websockets usage
Change-Id: I2d95882908d6eb6dba00b9219a221dd96449ca7b
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Diffstat (limited to 'include/token_authorization_middleware.hpp')
-rw-r--r-- | include/token_authorization_middleware.hpp | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/include/token_authorization_middleware.hpp b/include/token_authorization_middleware.hpp index 59e9ccab50..07540d42b0 100644 --- a/include/token_authorization_middleware.hpp +++ b/include/token_authorization_middleware.hpp @@ -173,7 +173,8 @@ class Middleware { bool is_on_whitelist(const crow::request& req) const { // it's allowed to GET root node without authentication if ("GET"_method == req.method) { - if (req.url == "/redfish/v1") { + CROW_LOG_DEBUG << "TESTING ROUTE " << req.url; + if (req.url == "/redfish/v1" || req.url == "/redfish/v1/") { return true; } else if (crow::webassets::routes.find(req.url) != crow::webassets::routes.end()) { @@ -183,7 +184,8 @@ class Middleware { // it's allowed to POST on session collection & login without authentication if ("POST"_method == req.method) { - if ((req.url == "/redfish/v1/SessionService/Sessions") || + if ((req.url == "/redfish/v1/SessionService/Sessions" || + req.url == "/redfish/v1/SessionService/Sessions/") || (req.url == "/login") || (req.url == "/logout")) { return true; } |