diff options
author | Ed Tanous <edtanous@google.com> | 2022-03-25 23:07:27 +0300 |
---|---|---|
committer | Ed Tanous <ed@tanous.net> | 2022-04-06 00:20:56 +0300 |
commit | 45ca1b868e47978a4d2e8ebb680cb384e804c97e (patch) | |
tree | 985a905fd8ac9bff693933ff98e3f4206f6aee4b /redfish-core/lib/account_service.hpp | |
parent | e7b1b62b39ba31ba368c42cb6f4fa7af43c65961 (diff) | |
download | bmcweb-45ca1b868e47978a4d2e8ebb680cb384e804c97e.tar.xz |
Add setUpRedfishRoute to all nodes in redfish
For better or worse, the series ahead of this is making use of
setUpRedfishRoute to do the common "redfish specified" things that need
to be done for a connection, like header checking, filtering, and other
things. In the current model, where BMCWEB_ROUTE is a common function
for all HTTP routes, this means we need to propagate this injection call
into the whole tree ahead of the requests being handled.
In a perfect world, we would invent something like a REDFISH_ROUTE
macro, but because macros are discouraged, the routes take a variadic
template of parameters, and each call to the route has a .privileges()
call in the middle, there's no good way to effect this change in a less
costly manner. This was messaged both in the prior reviews, and on
discord sourcing improvements on this pattern, to which none arose.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Id29cc799e214edad41e48fc7ce6eed0521f90ecb
Diffstat (limited to 'redfish-core/lib/account_service.hpp')
-rw-r--r-- | redfish-core/lib/account_service.hpp | 75 |
1 files changed, 53 insertions, 22 deletions
diff --git a/redfish-core/lib/account_service.hpp b/redfish-core/lib/account_service.hpp index 6e7cf288be..435d8906b1 100644 --- a/redfish-core/lib/account_service.hpp +++ b/redfish-core/lib/account_service.hpp @@ -20,6 +20,7 @@ #include <error_messages.hpp> #include <openbmc_dbus_rest.hpp> #include <persistent_data.hpp> +#include <query.hpp> #include <registries/privilege_registry.hpp> #include <sdbusplus/asio/property.hpp> #include <utils/json_utils.hpp> @@ -1261,11 +1262,14 @@ inline void requestAccountServiceRoutes(App& app) BMCWEB_ROUTE(app, "/redfish/v1/AccountService/") .privileges(redfish::privileges::getAccountService) - .methods( - boost::beast::http::verb::get)([](const crow::Request& req, - const std::shared_ptr< - bmcweb::AsyncResp>& asyncResp) - -> void { + .methods(boost::beast::http::verb::get)([&app](const crow::Request& req, + const std::shared_ptr< + bmcweb::AsyncResp>& + asyncResp) -> void { + if (!redfish::setUpRedfishRoute(app, req, asyncResp->res)) + { + return; + } const persistent_data::AuthConfigMethods& authMethodsConfig = persistent_data::SessionStore::getInstance() .getAuthMethodsConfig(); @@ -1378,8 +1382,13 @@ inline void requestAccountServiceRoutes(App& app) BMCWEB_ROUTE(app, "/redfish/v1/AccountService/") .privileges(redfish::privileges::patchAccountService) .methods(boost::beast::http::verb::patch)( - [](const crow::Request& req, - const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) -> void { + [&app]( + const crow::Request& req, + const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) -> void { + if (!redfish::setUpRedfishRoute(app, req, asyncResp->res)) + { + return; + } std::optional<uint32_t> unlockTimeout; std::optional<uint16_t> lockoutThreshold; std::optional<uint8_t> minPasswordLength; @@ -1495,8 +1504,13 @@ inline void requestAccountServiceRoutes(App& app) BMCWEB_ROUTE(app, "/redfish/v1/AccountService/Accounts/") .privileges(redfish::privileges::getManagerAccountCollection) .methods(boost::beast::http::verb::get)( - [](const crow::Request& req, - const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) -> void { + [&app]( + const crow::Request& req, + const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) -> void { + if (!redfish::setUpRedfishRoute(app, req, asyncResp->res)) + { + return; + } asyncResp->res.jsonValue = { {"@odata.id", "/redfish/v1/AccountService/Accounts"}, {"@odata.type", "#ManagerAccountCollection." @@ -1569,10 +1583,15 @@ inline void requestAccountServiceRoutes(App& app) BMCWEB_ROUTE(app, "/redfish/v1/AccountService/Accounts/") .privileges(redfish::privileges::postManagerAccountCollection) - .methods(boost::beast::http::verb::post)([](const crow::Request& req, - const std::shared_ptr< - bmcweb::AsyncResp>& - asyncResp) -> void { + .methods( + boost::beast::http::verb::post)([&app](const crow::Request& req, + const std::shared_ptr< + bmcweb::AsyncResp>& + asyncResp) -> void { + if (!redfish::setUpRedfishRoute(app, req, asyncResp->res)) + { + return; + } std::string username; std::string password; std::optional<std::string> roleId("User"); @@ -1689,9 +1708,13 @@ inline void requestAccountServiceRoutes(App& app) .privileges(redfish::privileges::getManagerAccount) .methods( boost::beast::http::verb:: - get)([](const crow::Request& req, - const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, - const std::string& accountName) -> void { + get)([&app](const crow::Request& req, + const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, + const std::string& accountName) -> void { + if (!redfish::setUpRedfishRoute(app, req, asyncResp->res)) + { + return; + } if (req.session->username != accountName) { // At this point we've determined that the user is trying to @@ -1847,9 +1870,13 @@ inline void requestAccountServiceRoutes(App& app) // yet .privileges({{"ConfigureUsers"}, {"ConfigureSelf"}}) .methods(boost::beast::http::verb::patch)( - [](const crow::Request& req, - const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, - const std::string& username) -> void { + [&app](const crow::Request& req, + const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, + const std::string& username) -> void { + if (!redfish::setUpRedfishRoute(app, req, asyncResp->res)) + { + return; + } std::optional<std::string> newUserName; std::optional<std::string> password; std::optional<bool> enabled; @@ -1924,9 +1951,13 @@ inline void requestAccountServiceRoutes(App& app) BMCWEB_ROUTE(app, "/redfish/v1/AccountService/Accounts/<str>/") .privileges(redfish::privileges::deleteManagerAccount) .methods(boost::beast::http::verb::delete_)( - [](const crow::Request& /*req*/, - const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, - const std::string& username) -> void { + [&app](const crow::Request& req, + const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, + const std::string& username) -> void { + if (!redfish::setUpRedfishRoute(app, req, asyncResp->res)) + { + return; + } sdbusplus::message::object_path tempObjPath(rootUserDbusPath); tempObjPath /= username; const std::string userPath(tempObjPath); |