Sensor override allow only by Admin priv user

Issue: As per https://redfish.dmtf.org/registries/
       Redfish_1.0.4_PrivilegeRegistry.json patch method for
       Thermal & Power must be allowed for ConfigureManager only

Fix: So restrict only Admin privilege user can override sensor values
     from Redfish.

Tested:
1. Redfish validator - passed for this new change
2. Patch sensor values from Redfish for Thermal using Admin privilege
user
Redfish URI:
PATCH https://<BMC-IP>/redfish/v1/Chassis/WC_Baseboard/Thermal
Body:
{
    "Temperatures": [
    {
        "MemberId": "SSB_Temp",
        "ReadingCelsius":112
    }
]
}

Response:
{
  "@odata.id": "/redfish/v1/Chassis/WC_Baseboard/Thermal",
  "@odata.type": "#Thermal.v1_4_0.Thermal",
  "Fans": [],
  "Id": "Thermal",
  "Name": "Thermal",
  "Temperatures": []
}

3. Sensor value Overridden successfully when Authorized by admin privilege user
4. Verified by operator privilege user. Not successful.
Response : Forbidden.
5. Verified for Power sensor values and allowed only by admin privilege user.
6. Verified for manufacturing mode, Validation unsecure mode and
non-manufacturing mode.

Signed-off-by: jayaprakash Mutyala <mutyalax.jayaprakash@intel.com>
Change-Id: I9a089a9341d12beac9625f1877e1ab047f5d6f46

1 files changed, 1 insertions, 1 deletions

diff --git a/redfish-core/lib/thermal.hpp b/redfish-core/lib/thermal.hpp
index 28b11a5d26..2126f85bbc 100644
--- a/redfish-core/lib/thermal.hpp
+++ b/redfish-core/lib/thermal.hpp
@@ -30,7 +30,7 @@ class Thermal : public Node
         entityPrivileges = {
             {boost::beast::http::verb::get, {{"Login"}}},
             {boost::beast::http::verb::head, {{"Login"}}},
-            {boost::beast::http::verb::patch, {{"ConfigureComponents"}}},
+            {boost::beast::http::verb::patch, {{"ConfigureManager"}}},
             {boost::beast::http::verb::put, {{"ConfigureManager"}}},
             {boost::beast::http::verb::delete_, {{"ConfigureManager"}}},
             {boost::beast::http::verb::post, {{"ConfigureManager"}}}};