Fix remove callback user privilege access to login

Callback privilege user must not be allowed to login,similar to IPMI. This user is used for callback purpose from IPMI point of it, and must be maintained in bmcweb to be consistent with IPMI, Hence removing the access to login for callback user Tested: 1.Create a user with username 'test1' and privilege - "Callback" via Redfish. 2.Using that Callback level credentials, try to do "Get" at this URI https://<ip-addr>/redfish/v1/Systems/system 3.output: Forbidden 4.use same URL to login from webUI with callback privilege https://<ip-addr>/redfish/v1/Systems/system 5.output: Forbidden Signed-off-by: anil kumar appana <anil.kumarx.appana@intel.com> Change-Id: I86dac565fc874e5d0fe033640ffc3de576a1f693
author: anil kumar appana <anil.kumarx.appana@intel.com> 2019-08-26 15:49:15 +0300
committer: Ed Tanous <ed.tanous@intel.com> 2019-09-16 17:41:46 +0300
commit: 8e69d148249f6a45cea10e988ec03430a5932784 (patch)
tree: 9cd99e10acd64bca089f5181a13c7fe3185a0954 /redfish-core/lib/roles.hpp
parent: 017848263e97e6eb9f7d486071a616626fec0591 (diff)
download: bmcweb-8e69d148249f6a45cea10e988ec03430a5932784.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/redfish-core/lib/roles.hpp b/redfish-core/lib/roles.hpp
index fbe8653f77..956f566485 100644
--- a/redfish-core/lib/roles.hpp
+++ b/redfish-core/lib/roles.hpp
@@ -61,7 +61,7 @@ inline bool getAssignedPrivFromRole(std::string_view role,
     }
     else if (role == "Callback")
     {
-        privArray = {"Login"};
+        privArray = {};
     }
     else
     {
author	anil kumar appana <anil.kumarx.appana@intel.com>	2019-08-26 15:49:15 +0300
committer	Ed Tanous <ed.tanous@intel.com>	2019-09-16 17:41:46 +0300
commit	8e69d148249f6a45cea10e988ec03430a5932784 (patch)
tree	9cd99e10acd64bca089f5181a13c7fe3185a0954 /redfish-core/lib/roles.hpp
parent	017848263e97e6eb9f7d486071a616626fec0591 (diff)
download	bmcweb-8e69d148249f6a45cea10e988ec03430a5932784.tar.xz