diff options
author | Abhishek Patel <Abhishek.Patel@ibm.com> | 2021-07-28 18:59:16 +0300 |
---|---|---|
committer | Ed Tanous <ed@tanous.net> | 2021-08-06 00:33:43 +0300 |
commit | 7eeafa76c8241552bbcb1edf9a5303e6706a9c61 (patch) | |
tree | d936ba8f366215a1c5b324e4d3105d71875065d9 /redfish-core/lib/event_service.hpp | |
parent | ff3f835ad47f7a4f61d5fe9345dccdd3e496c47c (diff) | |
download | bmcweb-7eeafa76c8241552bbcb1edf9a5303e6706a9c61.tar.xz |
Fix event_service privileges
Post method:
1) redfish/v1/EventService/Subscriptions/
ConfigureManager -> [ConfigureManager or ConfigureComponents]
This change allows Admin and Operator both users to subscribe to the
particular event, where only admin user has the ability before this
change.
Tested: manually tested on Witherspoon system. Only ConfigureManager or
ConfigureComponents privilege users can subscribe to an event.
TestURL:
curl -k -H "X-Auth-Token: $bmc_token" -X POST -d
'{"Context": "9.3.147.232",
"DeliveryRetryPolicy": "TerminateAfterRetries",
"Destination": "https://9.3.147.232:17443/redfish/events",
"EventFormatType": "Event",
"MessageIds": [],
"MetricReportDefinitions": [],
"Protocol": "Redfish",
"RegistryPrefixes": [],
"ResourceTypes": [],
"SubscriptionType": "RedfishEvent"}'
https://${BMC_IP}/redfish/v1/EventService/Subscriptions
Signed-off-by: Abhishek Patel <Abhishek.Patel@ibm.com>
Change-Id: I4d3bcfaab7f5a00ada99a30fdb8f17d85531a2a8
Diffstat (limited to 'redfish-core/lib/event_service.hpp')
-rw-r--r-- | redfish-core/lib/event_service.hpp | 10 |
1 files changed, 3 insertions, 7 deletions
diff --git a/redfish-core/lib/event_service.hpp b/redfish-core/lib/event_service.hpp index f1d6f5007d..67ad014690 100644 --- a/redfish-core/lib/event_service.hpp +++ b/redfish-core/lib/event_service.hpp @@ -194,10 +194,7 @@ inline void requestRoutesEventDestinationCollection(App& app) } }); BMCWEB_ROUTE(app, "/redfish/v1/EventService/Subscriptions/") - // The below privilege is wrong, it should be ConfigureManager OR - // ConfigureComponents - //.privileges(redfish::privileges::postEventDestinationCollection) - .privileges({{"ConfigureManager"}}) + .privileges(redfish::privileges::postEventDestinationCollection) .methods(boost::beast::http::verb::post)( [](const crow::Request& req, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -542,12 +539,10 @@ inline void requestRoutesEventDestination(App& app) asyncResp->res.jsonValue["MetricReportDefinitions"] = mrdJsonArray; }); - /////redfish/v1/EventService/Subscriptions/ - // ConfigureManager BMCWEB_ROUTE(app, "/redfish/v1/EventService/Subscriptions/<str>/") // The below privilege is wrong, it should be ConfigureManager OR // ConfigureSelf - // TODO(ed) follow up with DMTF spec and understand ConfigureSelf + // https://github.com/openbmc/bmcweb/issues/220 //.privileges(redfish::privileges::patchEventDestination) .privileges({{"ConfigureManager"}}) .methods(boost::beast::http::verb::patch)( @@ -604,6 +599,7 @@ inline void requestRoutesEventDestination(App& app) BMCWEB_ROUTE(app, "/redfish/v1/EventService/Subscriptions/<str>/") // The below privilege is wrong, it should be ConfigureManager OR // ConfigureSelf + // https://github.com/openbmc/bmcweb/issues/220 //.privileges(redfish::privileges::deleteEventDestination) .privileges({{"ConfigureManager"}}) .methods(boost::beast::http::verb::delete_)( |