From aee27141f4c002306e9a4bf44dc4f9618a5fae62 Mon Sep 17 00:00:00 2001 From: Nikhil Ashoka Date: Thu, 27 Jan 2022 19:10:31 +0530 Subject: Security Panel add additional features Added RTAD under Network interfaces Added VirtualTPM under Network services Removed the sub-headings in Policies page Signed-off-by: Nikhil Ashoka Change-Id: I6290362cecdfe7f8cd7bfde20fcaca88b6bc2c09 --- src/locales/en-US.json | 17 +- .../modules/SecurityAndAccess/PoliciesStore.js | 63 +++++++ src/views/SecurityAndAccess/Policies/Policies.vue | 198 +++++++++++++++------ 3 files changed, 218 insertions(+), 60 deletions(-) (limited to 'src') diff --git a/src/locales/en-US.json b/src/locales/en-US.json index f29ba0e9..ddc556df 100644 --- a/src/locales/en-US.json +++ b/src/locales/en-US.json @@ -714,7 +714,8 @@ "pagePolicies": { "ipmi": "Network IPMI (out-of-band IPMI)", "ipmiDescription": "Allow remote management of the platform via IPMI. Tools such as ipmitool require this setting to be enabled.", - "networkServices": "Network services", + "rtad": "RTAD", + "rtadDescription": "This option enables or disables the Remote Trusted Attestation Daemon for host firmware", "ssh": "BMC shell (via SSH)", "sshDescription": "Allow access to shell sessions via SSH, through port 22 on the BMC.", "modal": { @@ -730,13 +731,23 @@ "toast": { "errorIpmiDisabled": "Error disabling IPMI security setting.", "errorIpmiEnabled": "Error enabling IPMI security setting.", + "errorRtadDisabled": "Error disabling RTAD security setting.", + "errorRtadEnabled": "Error enabling RTAD security setting.", "errorSshDisabled": "Error disabling SSH security setting.", "errorSshEnabled": "Error enabling SSH security setting.", + "errorVtpmDisabled": "Error disabling VitualTPM security setting.", + "errorVtpmEnabled": "Error enabling VitualTPM security setting.", "successIpmiDisabled": "Successfully disabled IPMI security setting.", "successIpmiEnabled": "Successfully enabled IPMI security setting.", + "successRtadDisabled": "Successfully disabled RTAD security setting.", + "successRtadEnabled": "Successfully enabled RTAD security setting.", "successSshDisabled": "Successfully disabled SSH security setting.", - "successSshEnabled": "Successfully enabled SSH security setting." - } + "successSshEnabled": "Successfully enabled SSH security setting.", + "successVtpmDisabled": "Successfully disabled VitualTPM security setting.", + "successVtpmEnabled": "Successfully enabled VitualTPM security setting." + }, + "vtpm": "VirtualTPM", + "vtpmDescription": "Enabling vTPM makes a TPM available to the guest operating system." }, "pagePower": { "description": "Set a power cap to keep power consumption at or below the specified value in watts", diff --git a/src/store/modules/SecurityAndAccess/PoliciesStore.js b/src/store/modules/SecurityAndAccess/PoliciesStore.js index 1e195527..64bd3369 100644 --- a/src/store/modules/SecurityAndAccess/PoliciesStore.js +++ b/src/store/modules/SecurityAndAccess/PoliciesStore.js @@ -6,16 +6,22 @@ const PoliciesStore = { state: { sshProtocolEnabled: false, ipmiProtocolEnabled: false, + rtadEnabled: 'Disabled', + vtpmEnabled: 'Disabled', }, getters: { sshProtocolEnabled: (state) => state.sshProtocolEnabled, ipmiProtocolEnabled: (state) => state.ipmiProtocolEnabled, + rtadEnabled: (state) => state.rtadEnabled, + vtpmEnabled: (state) => state.vtpmEnabled, }, mutations: { setSshProtocolEnabled: (state, sshProtocolEnabled) => (state.sshProtocolEnabled = sshProtocolEnabled), setIpmiProtocolEnabled: (state, ipmiProtocolEnabled) => (state.ipmiProtocolEnabled = ipmiProtocolEnabled), + setRtadEnabled: (state, rtadEnabled) => (state.rtadEnabled = rtadEnabled), + setVtpmEnabled: (state, vtpmEnabled) => (state.vtpmEnabled = vtpmEnabled), }, actions: { async getNetworkProtocolStatus({ commit }) { @@ -29,6 +35,15 @@ const PoliciesStore = { }) .catch((error) => console.log(error)); }, + async getBiosStatus({ commit }) { + return await api + .get('/redfish/v1/Systems/system/Bios') + .then((response) => { + commit('setRtadEnabled', response.data.Attributes.pvm_rtad); + commit('setVtpmEnabled', response.data.Attributes.pvm_vtpm); + }) + .catch((error) => console.log(error)); + }, async saveIpmiProtocolState({ commit }, protocolEnabled) { commit('setIpmiProtocolEnabled', protocolEnabled); const ipmi = { @@ -81,6 +96,54 @@ const PoliciesStore = { } }); }, + async saveRtadState({ commit }, updatedRtad) { + commit('setRtadEnabled', updatedRtad); + return await api + .patch('/redfish/v1/Systems/system/Bios/Settings', { + Attributes: { + pvm_rtad: updatedRtad, + }, + }) + .then(() => { + if (updatedRtad === 'Enabled') { + return i18n.t('pagePolicies.toast.successRtadEnabled'); + } else { + return i18n.t('pagePolicies.toast.successRtadDisabled'); + } + }) + .catch((error) => { + console.log(error); + if (updatedRtad === 'Enabled') { + throw new Error(i18n.t('pagePolicies.toast.errorRtadEnabled')); + } else { + throw new Error(i18n.t('pagePolicies.toast.errorRtadDisabled')); + } + }); + }, + async saveVtpmState({ commit }, updatedVtpm) { + commit('setVtpmEnabled', updatedVtpm); + return await api + .patch('/redfish/v1/Systems/system/Bios/Settings', { + Attributes: { + pvm_vtpm: updatedVtpm, + }, + }) + .then(() => { + if (updatedVtpm === 'Enabled') { + return i18n.t('pagePolicies.toast.successVtpmEnabled'); + } else { + return i18n.t('pagePolicies.toast.successVtpmDisabled'); + } + }) + .catch((error) => { + console.log(error); + if (updatedVtpm === 'Enabled') { + throw new Error(i18n.t('pagePolicies.toast.errorVtpmEnabled')); + } else { + throw new Error(i18n.t('pagePolicies.toast.errorVtpmDisabled')); + } + }); + }, }, }; diff --git a/src/views/SecurityAndAccess/Policies/Policies.vue b/src/views/SecurityAndAccess/Policies/Policies.vue index ebcb0025..1dc197c7 100644 --- a/src/views/SecurityAndAccess/Policies/Policies.vue +++ b/src/views/SecurityAndAccess/Policies/Policies.vue @@ -3,65 +3,112 @@ - - - -
-
{{ $t('pagePolicies.ssh') }}
-
- {{ $t('pagePolicies.sshDescription') }} -
-
- - - {{ $t('pagePolicies.ssh') }} - - - {{ $t('global.status.enabled') }} - - {{ $t('global.status.disabled') }} - - - - - -
-
{{ $t('pagePolicies.ipmi') }}
-
- {{ $t('pagePolicies.ipmiDescription') }} -
-
- - - {{ $t('pagePolicies.ipmi') }} - - - {{ $t('global.status.enabled') }} - - {{ $t('global.status.disabled') }} - - - - + + +
+
{{ $t('pagePolicies.ssh') }}
+
+ {{ $t('pagePolicies.sshDescription') }} +
+
+ + + {{ $t('pagePolicies.ssh') }} + + + {{ $t('global.status.enabled') }} + + {{ $t('global.status.disabled') }} + + + + + +
+
{{ $t('pagePolicies.ipmi') }}
+
+ {{ $t('pagePolicies.ipmiDescription') }} +
+
+ + + {{ $t('pagePolicies.ipmi') }} + + + {{ $t('global.status.enabled') }} + + {{ $t('global.status.disabled') }} + + + + + +
+
{{ $t('pagePolicies.vtpm') }}
+
+ {{ $t('pagePolicies.vtpmDescription') }} +
+
+ + + {{ $t('pagePolicies.vtpm') }} + + + {{ $t('global.status.enabled') }} + + {{ $t('global.status.disabled') }} + + + + + +
+
{{ $t('pagePolicies.rtad') }}
+
+ {{ $t('pagePolicies.rtadDescription') }} +
+
+ + + {{ $t('pagePolicies.rtad') }} + + + {{ $t('global.status.enabled') }} + + {{ $t('global.status.disabled') }} + + + -- cgit v1.2.3