diff options
author | anil kumar appana <anil.kumarx.appana@intel.com> | 2019-08-26 15:49:15 +0300 |
---|---|---|
committer | Ed Tanous <ed.tanous@intel.com> | 2019-09-16 17:41:46 +0300 |
commit | 8e69d148249f6a45cea10e988ec03430a5932784 (patch) | |
tree | 9cd99e10acd64bca089f5181a13c7fe3185a0954 /redfish-core/lib/roles.hpp | |
parent | 017848263e97e6eb9f7d486071a616626fec0591 (diff) | |
download | bmcweb-8e69d148249f6a45cea10e988ec03430a5932784.tar.xz |
Fix remove callback user privilege access to login
Callback privilege user must not be allowed to login,similar to IPMI.
This user is used for callback purpose from IPMI point of it, and
must be maintained in bmcweb to be consistent with IPMI, Hence
removing the access to login for callback user
Tested:
1.Create a user with username 'test1' and privilege -
"Callback" via Redfish.
2.Using that Callback level credentials, try to do
"Get" at this URI https://<ip-addr>/redfish/v1/Systems/system
3.output: Forbidden
4.use same URL to login from webUI with callback privilege
https://<ip-addr>/redfish/v1/Systems/system
5.output: Forbidden
Signed-off-by: anil kumar appana <anil.kumarx.appana@intel.com>
Change-Id: I86dac565fc874e5d0fe033640ffc3de576a1f693
Diffstat (limited to 'redfish-core/lib/roles.hpp')
-rw-r--r-- | redfish-core/lib/roles.hpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/redfish-core/lib/roles.hpp b/redfish-core/lib/roles.hpp index fbe8653f77..956f566485 100644 --- a/redfish-core/lib/roles.hpp +++ b/redfish-core/lib/roles.hpp @@ -61,7 +61,7 @@ inline bool getAssignedPrivFromRole(std::string_view role, } else if (role == "Callback") { - privArray = {"Login"}; + privArray = {}; } else { |