diff options
| author | jayaprakash Mutyala <mutyalax.jayaprakash@intel.com> | 2019-07-29 14:59:08 +0300 |
|---|---|---|
| committer | Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> | 2019-11-12 04:08:41 +0300 |
| commit | e9e6d240ab85e515f8d264e39b47a75043b73374 (patch) | |
| tree | 285cafebe08fd448fb4afddc0056bc34aed5782c /redfish-core | |
| parent | 173d18179732f9aa08f54a1229e3ba29d5bec2db (diff) | |
| download | bmcweb-e9e6d240ab85e515f8d264e39b47a75043b73374.tar.xz | |
account_service: Added NoAccess role to Redfish
Added NoAccess role to the Redfish, to properly show
users created using IPMI with NoAccess privilege.
This patch will add NoAccess role & will use the same
when the user privilege is empty.
Note: This code was reverted due to redfish validator failure
and the same has been fixed in this patch, by creating
proper json array empty object.
Tested:
1. Verified redfish validator passed and the earlier issue of
failNullCollection for the NoAccess role is resolved.
2. Verified NoAccess role is listed properly
Get: https://<BMC IP>/redfish/v1/AccountService/Roles/NoAccess
{
"@odata.context": "/redfish/v1/$metadata#Role.Role",
"@odata.id": "/redfish/v1/AccountService/Roles/NoAccess",
"@odata.type": "#Role.v1_2_2.Role",
"AssignedPrivileges": [],
"Description": "NoAccess User Role",
"Id": "NoAccess",
"IsPredefined": true,
"Name": "User Role",
"OemPrivileges": [],
"RoleId": "NoAccess"
}
3. Verified user with No Privilege is listed without any error.
Get: https://<BMC IP>/redfish/v1/AccountService/Accounts/user6
{
"@odata.context": "/redfish/v1/$metadata#ManagerAccount.
ManagerAccount",
"@odata.id": "/redfish/v1/AccountService/Accounts/user6",
"@odata.type": "#ManagerAccount.v1_0_3.ManagerAccount",
"Description": "User Account",
"Enabled": false,
"Id": "user6",
"Links": {
"Role": {
"@odata.id": "/redfish/v1/AccountService/Roles/NoAccess"
}
},
"Locked": false,
"Locked@Redfish.AllowableValues": [
"false"
],
"Name": "User Account",
"Password": null,
"RoleId": "NoAccess",
"UserName": "user6"
}
Change-Id: If9577598e0a6215cf76f5db031ad5f8bcf2387a7
Signed-off-by: jayaprakash Mutyala <mutyalax.jayaprakash@intel.com>
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Diffstat (limited to 'redfish-core')
| -rw-r--r-- | redfish-core/lib/account_service.hpp | 8 | ||||
| -rw-r--r-- | redfish-core/lib/roles.hpp | 8 |
2 files changed, 16 insertions, 0 deletions
diff --git a/redfish-core/lib/account_service.hpp b/redfish-core/lib/account_service.hpp index fa10c04dd3..8f28ea49f9 100644 --- a/redfish-core/lib/account_service.hpp +++ b/redfish-core/lib/account_service.hpp @@ -86,6 +86,10 @@ inline std::string getRoleIdFromPrivilege(std::string_view role) { return "Operator"; } + else if ((role == "") || (role == "priv-noaccess")) + { + return "NoAccess"; + } return ""; } inline std::string getPrivilegeFromRoleId(std::string_view role) @@ -102,6 +106,10 @@ inline std::string getPrivilegeFromRoleId(std::string_view role) { return "priv-operator"; } + else if (role == "NoAccess") + { + return "priv-noaccess"; + } return ""; } diff --git a/redfish-core/lib/roles.hpp b/redfish-core/lib/roles.hpp index 4256c7ec47..d2071a5cf1 100644 --- a/redfish-core/lib/roles.hpp +++ b/redfish-core/lib/roles.hpp @@ -36,6 +36,10 @@ inline std::string getRoleFromPrivileges(std::string_view priv) { return "Operator"; } + else if (priv == "priv-noaccess") + { + return "NoAccess"; + } return ""; } @@ -55,6 +59,10 @@ inline bool getAssignedPrivFromRole(std::string_view role, { privArray = {"Login", "ConfigureSelf"}; } + else if (role == "NoAccess") + { + privArray = nlohmann::json::array(); + } else { return false; |