diff options
author | Ed Tanous <edtanous@google.com> | 2021-06-10 03:05:54 +0300 |
---|---|---|
committer | Ed Tanous <ed@tanous.net> | 2021-07-08 01:25:09 +0300 |
commit | ed3982131dcef2b499da36e674d2d21b2289ef29 (patch) | |
tree | f6e83bfbf48b44d814b0b52514bb65c663ecea11 /redfish-core/lib/log_services.hpp | |
parent | 3a2d042432168ad1b555e4fc9f13c2ae0d35e0c7 (diff) | |
download | bmcweb-ed3982131dcef2b499da36e674d2d21b2289ef29.tar.xz |
Automate PrivilegeRegistry to code
This commit attempts to automate the creation of our privileges
structures from the redfish privilege registry. It accomplishes this by
updating parse_registries.py to also pull down the privilege registry
from DMTF.
The script then generates privilege_registry.hpp, which include const
defines for all the privilege registry entries in the same format that
the Privileges struct accepts. This allows new clients to simply
reference the variable to these privilege structures, instead of having
to manually (ie error pronely) put the privileges in themselves.
This commit updates all the routes.
For the moment, override and OEM schemas are not considered. Today we
don't have any OEM-specific Redfish routes, so the existing ones inherit
their parents schema. Overrides have other issues, and are already
incorrect as Redfish defines them.
Binary size remains unchanged after this patchset.
Tested:
Ran redfish service validator
Ran test case from f9a6708c4c6490257e2eb6a8c04458f500902476 to ensure
that the new privileges constructor didn't cause us to regress the brace
construction initializer.
Checked binary size with:
gzip -c
$BBPATH/tmp/work/s7106-openbmc-linux-gnueabi/obmc-phosphor-image/1.0-r0/rootfs/usr/bin/bmcweb
| wc -c
1244048
(tested on previous patchset)
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ideede3d5b39d50bffe7fe78a0848bdbc22ac387f
Diffstat (limited to 'redfish-core/lib/log_services.hpp')
-rw-r--r-- | redfish-core/lib/log_services.hpp | 77 |
1 files changed, 46 insertions, 31 deletions
diff --git a/redfish-core/lib/log_services.hpp b/redfish-core/lib/log_services.hpp index 31f046e1d7..b5fb066076 100644 --- a/redfish-core/lib/log_services.hpp +++ b/redfish-core/lib/log_services.hpp @@ -31,6 +31,7 @@ #include <boost/container/flat_map.hpp> #include <boost/system/linux_error.hpp> #include <error_messages.hpp> +#include <registries/privilege_registry.hpp> #include <filesystem> #include <optional> @@ -908,7 +909,7 @@ inline void requestRoutesSystemLogServiceCollection(App& app) * Functions triggers appropriate requests on DBus */ BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogServiceCollection) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) @@ -979,7 +980,7 @@ inline void requestRoutesSystemLogServiceCollection(App& app) inline void requestRoutesEventLogService(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/EventLog/") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogService) .methods( boost::beast::http::verb:: get)([](const crow::Request&, @@ -1150,7 +1151,7 @@ inline void requestRoutesJournalEventLogEntryCollection(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogEntry) .methods(boost::beast::http::verb::get)( [](const crow::Request& req, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -1244,7 +1245,7 @@ inline void requestRoutesJournalEventLogEntry(App& app) { BMCWEB_ROUTE( app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/<str>/") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogEntry) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -1305,7 +1306,7 @@ inline void requestRoutesDBusEventLogEntryCollection(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogEntryCollection) .methods( boost::beast::http::verb:: get)([](const crow::Request&, @@ -1478,7 +1479,7 @@ inline void requestRoutesDBusEventLogEntry(App& app) { BMCWEB_ROUTE( app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/<str>/") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogEntry) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -1609,7 +1610,7 @@ inline void requestRoutesDBusEventLogEntry(App& app) BMCWEB_ROUTE( app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/<str>/") - .privileges({{"ConfigureManager"}}) + .privileges(redfish::privileges::patchLogEntry) .methods(boost::beast::http::verb::patch)( [](const crow::Request& req, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -1642,7 +1643,8 @@ inline void requestRoutesDBusEventLogEntry(App& app) BMCWEB_ROUTE( app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/<str>/") - .privileges({{"ConfigureManager"}}) + .privileges(redfish::privileges::deleteLogEntry) + .methods(boost::beast::http::verb::delete_)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -1692,7 +1694,7 @@ inline void requestRoutesDBusEventLogEntryDownload(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/EventLog/Entries/" "<str>/attachment") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogEntry) .methods(boost::beast::http::verb::get)( [](const crow::Request& req, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -1802,7 +1804,7 @@ inline void requestRoutesDBusEventLogEntryDownload(App& app) inline void requestRoutesBMCLogServiceCollection(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogService) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -1837,7 +1839,7 @@ inline void requestRoutesBMCLogServiceCollection(App& app) inline void requestRoutesBMCJournalLogService(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Journal/") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogService) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) @@ -1931,7 +1933,7 @@ static int fillBMCJournalLogEntryJson(const std::string& bmcJournalLogEntryID, inline void requestRoutesBMCJournalLogEntryCollection(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Journal/Entries/") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogEntryCollection) .methods(boost::beast::http::verb::get)( [](const crow::Request& req, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -2021,7 +2023,7 @@ inline void requestRoutesBMCJournalLogEntry(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Journal/Entries/<str>/") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogEntry) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -2090,7 +2092,7 @@ inline void requestRoutesBMCJournalLogEntry(App& app) inline void requestRoutesBMCDumpService(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Dump/") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogService) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -2130,7 +2132,7 @@ inline void requestRoutesBMCDumpEntryCollection(App& app) * Functions triggers appropriate requests on DBus */ BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Dump/Entries/") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogEntryCollection) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -2150,7 +2152,7 @@ inline void requestRoutesBMCDumpEntry(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Dump/Entries/<str>/") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogEntry) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -2159,7 +2161,7 @@ inline void requestRoutesBMCDumpEntry(App& app) }); BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Dump/Entries/<str>/") - .privileges({{"ConfigureManager"}}) + .privileges(redfish::privileges::deleteLogEntry) .methods(boost::beast::http::verb::delete_)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -2174,7 +2176,7 @@ inline void requestRoutesBMCDumpCreate(App& app) BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Dump/" "Actions/" "LogService.CollectDiagnosticData/") - .privileges({{"ConfigureManager"}}) + .privileges(redfish::privileges::postLogService) .methods(boost::beast::http::verb::post)( [](const crow::Request& req, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -2187,7 +2189,7 @@ inline void requestRoutesBMCDumpClear(App& app) BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Dump/" "Actions/" "LogService.ClearLog/") - .privileges({{"ConfigureManager"}}) + .privileges(redfish::privileges::postLogService) .methods(boost::beast::http::verb::post)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -2198,7 +2200,7 @@ inline void requestRoutesBMCDumpClear(App& app) inline void requestRoutesSystemDumpService(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Dump/") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogService) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) @@ -2242,8 +2244,8 @@ inline void requestRoutesSystemDumpEntryCollection(App& app) /** * Functions triggers appropriate requests on DBus */ - BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Dump/Entries/") - .privileges({{"Login"}}) + BMCWEB_ROUTE(app, "/redfish/v1/Managers/bmc/LogServices/Dump/Entries/") + .privileges(redfish::privileges::getLogEntryCollection) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -2263,7 +2265,8 @@ inline void requestRoutesSystemDumpEntry(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Dump/Entries/<str>/") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogEntry) + .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -2273,7 +2276,7 @@ inline void requestRoutesSystemDumpEntry(App& app) BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Dump/Entries/<str>/") - .privileges({{"ConfigureManager"}}) + .privileges(redfish::privileges::deleteLogEntry) .methods(boost::beast::http::verb::delete_)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -2287,7 +2290,7 @@ inline void requestRoutesSystemDumpCreate(App& app) BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Dump/" "Actions/" "LogService.CollectDiagnosticData/") - .privileges({{"ConfigureManager"}}) + .privileges(redfish::privileges::postLogService) .methods(boost::beast::http::verb::post)( [](const crow::Request& req, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) @@ -2300,7 +2303,7 @@ inline void requestRoutesSystemDumpClear(App& app) BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Dump/" "Actions/" "LogService.ClearLog/") - .privileges({{"ConfigureManager"}}) + .privileges(redfish::privileges::postLogService) .methods(boost::beast::http::verb::post)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) @@ -2316,6 +2319,8 @@ inline void requestRoutesCrashdumpService(App& app) * Functions triggers appropriate requests on DBus */ BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Crashdump/") + // This is incorrect, should be: + //.privileges(redfish::privileges::getLogService) .privileges({{"ConfigureManager"}}) .methods( boost::beast::http::verb:: @@ -2357,6 +2362,8 @@ void inline requestRoutesCrashdumpClear(App& app) BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Crashdump/Actions/" "LogService.ClearLog/") + // This is incorrect, should be: + //.privileges(redfish::privileges::postLogService) .privileges({{"ConfigureComponents"}}) .methods(boost::beast::http::verb::post)( [](const crow::Request&, @@ -2441,6 +2448,8 @@ inline void requestRoutesCrashdumpEntryCollection(App& app) */ BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Crashdump/Entries/") + // This is incorrect, should be. + //.privileges(redfish::privileges::postLogEntryCollection) .privileges({{"ConfigureComponents"}}) .methods( boost::beast::http::verb:: @@ -2515,6 +2524,8 @@ inline void requestRoutesCrashdumpEntry(App& app) BMCWEB_ROUTE( app, "/redfish/v1/Systems/system/LogServices/Crashdump/Entries/<str>/") + // this is incorrect, should be + // .privileges(redfish::privileges::getLogEntry) .privileges({{"ConfigureComponents"}}) .methods(boost::beast::http::verb::get)( [](const crow::Request&, @@ -2532,7 +2543,7 @@ inline void requestRoutesCrashdumpFile(App& app) BMCWEB_ROUTE( app, "/redfish/v1/Systems/system/LogServices/Crashdump/Entries/<str>/<str>/") - .privileges({{"ConfigureComponents"}}) + .privileges(redfish::privileges::getLogEntry) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, @@ -2619,6 +2630,8 @@ inline void requestRoutesCrashdumpCollect(App& app) // method for security reasons. BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/Crashdump/" "Actions/LogService.CollectDiagnosticData/") + // The below is incorrect; Should be ConfigureManager + //.privileges(redfish::privileges::postLogService) .privileges({{"ConfigureComponents"}}) .methods( boost::beast::http::verb:: @@ -2729,7 +2742,7 @@ inline void requestRoutesDBusLogServiceActionsClear(App& app) BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/EventLog/Actions/" "LogService.ClearLog/") - .privileges({{"ConfigureManager"}}) + .privileges(redfish::privileges::postLogService) .methods(boost::beast::http::verb::post)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -2769,7 +2782,7 @@ inline void requestRoutesDBusLogServiceActionsClear(App& app) inline void requestRoutesPostCodesLogService(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/PostCodes/") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogService) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -2804,6 +2817,8 @@ inline void requestRoutesPostCodesClear(App& app) BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/PostCodes/Actions/" "LogService.ClearLog/") + // The following privilege is incorrect; It should be ConfigureManager + //.privileges(redfish::privileges::postLogService) .privileges({{"ConfigureComponents"}}) .methods(boost::beast::http::verb::post)( [](const crow::Request&, @@ -3076,7 +3091,7 @@ inline void requestRoutesPostCodesEntryCollection(App& app) { BMCWEB_ROUTE(app, "/redfish/v1/Systems/system/LogServices/PostCodes/Entries/") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogEntryCollection) .methods(boost::beast::http::verb::get)( [](const crow::Request& req, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { @@ -3108,7 +3123,7 @@ inline void requestRoutesPostCodesEntry(App& app) { BMCWEB_ROUTE( app, "/redfish/v1/Systems/system/LogServices/PostCodes/Entries/<str>/") - .privileges({{"Login"}}) + .privileges(redfish::privileges::getLogEntry) .methods(boost::beast::http::verb::get)( [](const crow::Request&, const std::shared_ptr<bmcweb::AsyncResp>& asyncResp, |