diff options
author | Ed Tanous <edtanous@google.com> | 2021-06-15 01:28:56 +0300 |
---|---|---|
committer | Ed Tanous <edtanous@google.com> | 2021-06-16 01:18:05 +0300 |
commit | 432a890cfca335e565b770b1604ed4e547c5a732 (patch) | |
tree | b6e3cb5fbacce2b0c58944a8428366e5eec5594c /redfish-core/lib/log_services.hpp | |
parent | f9a6708c4c6490257e2eb6a8c04458f500902476 (diff) | |
download | bmcweb-432a890cfca335e565b770b1604ed4e547c5a732.tar.xz |
Remove ambiguous privileges constructor
There are a number of endpoints that assume that a given routes
privileges are governed by a single set of privileges, instead of
multiple sets ORed together. To handle this, there were two overloads
of the privileges() method, one that took a vector of Privileges, and
one that took an initializer_list of const char*. Unfortunately, this
leads some code in AccountService to pick the wrong overload when it's
called like this
.privileges( {{"ConfigureUsers"}, {"ConfigureManager"},
{"ConfigureSelf"}})
This is supposed to be "User must have ConfigureUsers, or
ConfigureManager, or ConfigureSelf". Currently, because it selects the
wrong overload, it computes to "User must have ConfigureUsers AND
ConfigureManager AND ConfigureSelf.
The double braces are supposed to cause this to form a vector of
Privileges, but it appears that the initializer list gets consumed, and
the single invocation of initializer list is called. Interestingly,
trying to put in a privileges overload of
intializer_list<initializer_list<const char*>> causes the compilation to
fail with an ambiguous call error, which is what I would've expected to
see previously in this case, but alas, I'm only a novice when it comes
to how the C++ standard works in these edge cases. This is likely due
in part to the fact that they were templates of an unused template param
(seemingly copied from the previous method) and SFINAE rules around
templates.
This commit functionally removes one of the privileges overloads, and
adds a second set of braces to every privileges call that previously had
a single set of braces. Previous code will not compile now, which is
IMO a good thing.
This likely popped up in the Node class removal, because the Node class
explicitly constructs a vector of Privilege objects, ensuing it can hit
the right overload
Tested:
Ran Redfish service validator
Tested the specific use case outlined on discord with:
Creating a new user with operator privilege:
```
redfishtool -S Always -u root -p 0penBmc -vvvvvvvvv -r 192.168.7.2
AccountService adduser foo mysuperPass1 Operator
```
Then attempting to list accounts:
```
curl -vvvv --insecure --user foo:mysuperPass1
https://192.168.7.2/redfish/v1/AccountService/Accounts/foo
```
Which succeeded and returned the account in question.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I83e62b70e97f56dc57d43b9081f333a02fe85495
Diffstat (limited to 'redfish-core/lib/log_services.hpp')
-rw-r--r-- | redfish-core/lib/log_services.hpp | 74 |
1 files changed, 37 insertions, 37 deletions
diff --git a/redfish-core/lib/log_services.hpp b/redfish-core/lib/log_services.hpp index d3a5f6f9a5..e0806342e9 100644 --- a/redfish-core/lib/log_services.hpp +++ b/redfish-core/lib/log_services.hpp @@ -908,7 +908,7 @@ inline void requestRoutesSystemLogServiceCollection(App& app) * Functions triggers appropriate requests on DBus */ BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) @@ -979,7 +979,7 @@ inline void requestRoutesSystemLogServiceCollection(App& app) inline void requestRoutesEventLogService(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/EventLog/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods( boost::beast::http::verb:: get)([](const crow::Request&, @@ -1007,7 +1007,7 @@ inline void requestRoutesJournalEventLogClear(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/EventLog/Actions/" "LogService.ClearLog/") - .privileges({"ConfigureComponents"}) + .privileges({{"ConfigureComponents"}}) .methods(boost::beast::http::verb::post)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -1142,7 +1142,7 @@ inline void requestRoutesJournalEventLogEntryCollection(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request& req, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -1236,7 +1236,7 @@ inline void requestRoutesJournalEventLogEntry(App& app) { BMCWEB_ROUTE( app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/<str>/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -1297,7 +1297,7 @@ inline void requestRoutesDBusEventLogEntryCollection(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods( boost::beast::http::verb:: get)([](const crow::Request&, @@ -1470,7 +1470,7 @@ inline void requestRoutesDBusEventLogEntry(App& app) { BMCWEB_ROUTE( app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/<str>/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -1601,7 +1601,7 @@ inline void requestRoutesDBusEventLogEntry(App& app) BMCWEB_ROUTE( app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/<str>/") - .privileges({"ConfigureManager"}) + .privileges({{"ConfigureManager"}}) .methods(boost::beast::http::verb::patch)( [](const crow::Request& req, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -1634,7 +1634,7 @@ inline void requestRoutesDBusEventLogEntry(App& app) BMCWEB_ROUTE( app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/<str>/") - .privileges({"ConfigureManager"}) + .privileges({{"ConfigureManager"}}) .methods(boost::beast::http::verb::delete_)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -1684,7 +1684,7 @@ inline void requestRoutesDBusEventLogEntryDownload(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/" "<str>/attachment") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request& req, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -1794,7 +1794,7 @@ inline void requestRoutesDBusEventLogEntryDownload(App& app) inline void requestRoutesBMCLogServiceCollection(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -1829,7 +1829,7 @@ inline void requestRoutesBMCLogServiceCollection(App& app) inline void requestRoutesBMCJournalLogService(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Journal/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) @@ -1915,7 +1915,7 @@ static int fillBMCJournalLogEntryJson(const std::string& bmcJournalLogEntryID, inline void requestRoutesBMCJournalLogEntryCollection(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Journal/Entries/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request& req, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -2005,7 +2005,7 @@ inline void requestRoutesBMCJournalLogEntry(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Journal/Entries/<str>/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -2074,7 +2074,7 @@ inline void requestRoutesBMCJournalLogEntry(App& app) inline void requestRoutesBMCDumpService(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Dump/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -2106,7 +2106,7 @@ inline void requestRoutesBMCDumpEntryCollection(App& app) * Functions triggers appropriate requests on DBus */ BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Dump/Entries/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -2126,7 +2126,7 @@ inline void requestRoutesBMCDumpEntry(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Dump/Entries/<str>/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -2135,7 +2135,7 @@ inline void requestRoutesBMCDumpEntry(App& app) }); BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Dump/Entries/<str>/") - .privileges({"ConfigureManager"}) + .privileges({{"ConfigureManager"}}) .methods(boost::beast::http::verb::delete_)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -2150,7 +2150,7 @@ inline void requestRoutesBMCDumpCreate(App& app) BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Dump/" "Actions/" "LogService.CollectDiagnosticData/") - .privileges({"ConfigureManager"}) + .privileges({{"ConfigureManager"}}) .methods(boost::beast::http::verb::post)( [](const crow::Request& req, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -2163,7 +2163,7 @@ inline void requestRoutesBMCDumpClear(App& app) BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Dump/" "Actions/" "LogService.ClearLog/") - .privileges({"ConfigureManager"}) + .privileges({{"ConfigureManager"}}) .methods(boost::beast::http::verb::post)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -2174,7 +2174,7 @@ inline void requestRoutesBMCDumpClear(App& app) inline void requestRoutesSystemDumpService(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Dump/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) @@ -2211,7 +2211,7 @@ inline void requestRoutesSystemDumpEntryCollection(App& app) * Functions triggers appropriate requests on DBus */ BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Dump/Entries/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -2231,7 +2231,7 @@ inline void requestRoutesSystemDumpEntry(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Dump/Entries/<str>/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -2241,7 +2241,7 @@ inline void requestRoutesSystemDumpEntry(App& app) BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Dump/Entries/<str>/") - .privileges({"ConfigureManager"}) + .privileges({{"ConfigureManager"}}) .methods(boost::beast::http::verb::delete_)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -2255,7 +2255,7 @@ inline void requestRoutesSystemDumpCreate(App& app) BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Dump/" "Actions/" "LogService.CollectDiagnosticData/") - .privileges({"ConfigureManager"}) + .privileges({{"ConfigureManager"}}) .methods(boost::beast::http::verb::post)( [](const crow::Request& req, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) @@ -2268,7 +2268,7 @@ inline void requestRoutesSystemDumpClear(App& app) BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Dump/" "Actions/" "LogService.ClearLog/") - .privileges({"ConfigureManager"}) + .privileges({{"ConfigureManager"}}) .methods(boost::beast::http::verb::post)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) @@ -2284,7 +2284,7 @@ inline void requestRoutesCrashdumpService(App& app) * Functions triggers appropriate requests on DBus */ BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Crashdump/") - .privileges({"ConfigureManager"}) + .privileges({{"ConfigureManager"}}) .methods( boost::beast::http::verb:: get)([](const crow::Request&, @@ -2318,7 +2318,7 @@ void inline requestRoutesCrashdumpClear(App& app) BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Crashdump/Actions/" "LogService.ClearLog/") - .privileges({"ConfigureComponents"}) + .privileges({{"ConfigureComponents"}}) .methods(boost::beast::http::verb::post)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -2402,7 +2402,7 @@ inline void requestRoutesCrashdumpEntryCollection(App& app) */ BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Crashdump/Entries/") - .privileges({"ConfigureComponents"}) + .privileges({{"ConfigureComponents"}}) .methods( boost::beast::http::verb:: get)([](const crow::Request&, @@ -2476,7 +2476,7 @@ inline void requestRoutesCrashdumpEntry(App& app) BMCWEB_ROUTE( app, "/redfish/v1/Systems/system/LogServices/Crashdump/Entries/<str>/") - .privileges({"ConfigureComponents"}) + .privileges({{"ConfigureComponents"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -2493,7 +2493,7 @@ inline void requestRoutesCrashdumpFile(App& app) BMCWEB_ROUTE( app, "/redfish/v1/Systems/system/LogServices/Crashdump/Entries/<str>/<str>/") - .privileges({"ConfigureComponents"}) + .privileges({{"ConfigureComponents"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -2580,7 +2580,7 @@ inline void requestRoutesCrashdumpCollect(App& app) // method for security reasons. BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Crashdump/" "Actions/LogService.CollectDiagnosticData/") - .privileges({"ConfigureComponents"}) + .privileges({{"ConfigureComponents"}}) .methods( boost::beast::http::verb:: post)([](const crow::Request& req, @@ -2690,7 +2690,7 @@ inline void requestRoutesDBusLogServiceActionsClear(App& app) BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/EventLog/Actions/" "LogService.ClearLog/") - .privileges({"ConfigureManager"}) + .privileges({{"ConfigureManager"}}) .methods(boost::beast::http::verb::post)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -2730,7 +2730,7 @@ inline void requestRoutesDBusLogServiceActionsClear(App& app) inline void requestRoutesPostCodesLogService(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/PostCodes/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -2757,7 +2757,7 @@ inline void requestRoutesPostCodesClear(App& app) BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/PostCodes/Actions/" "LogService.ClearLog/") - .privileges({"ConfigureComponents"}) + .privileges({{"ConfigureComponents"}}) .methods(boost::beast::http::verb::post)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -3029,7 +3029,7 @@ inline void requestRoutesPostCodesEntryCollection(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/PostCodes/Entries/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request& req, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -3061,7 +3061,7 @@ inline void requestRoutesPostCodesEntry(App& app) { BMCWEB_ROUTE( app, "/redfish/v1/Systems/system/LogServices/PostCodes/Entries/<str>/") - .privileges({"Login"}) + .privileges({{"Login"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, |