| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
SPDX identifiers are simpler, and reduce the amount of cruft we have in
code files. They are recommended by linux foundation, and therefore we
should do as they allow.
This patchset does not intend to modify any intent on any existing
copyrights or licenses, only to standardize their inclusion.
[1] https://www.linuxfoundation.org/blog/blog/copyright-notices-in-open-source-software-projects
Change-Id: I935c7c0156caa78fc368c929cebd0f068031e830
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
Static analysis flags that these two comments are redundant[1], which
seem to be duplicated a lot in copyright headers. Although there is a
larger discussion that can likely be had.
[1] https://sonarcloud.io/project/issues?issueStatuses=OPEN%2CCONFIRMED&id=edtanous_bmcweb&open=AY9_HYjgKXKyw1ZFwgVP
Tested: Comment change only. Code compiles.
Change-Id: Ia960317761f558a87842347ca0b5f3da63f8e730
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
nlohmann::json::items() throws an exception if the object in question is
not a json object. This has the potential to cause problems, and isn't
in line with the standard that we code against.
Replace all uses of items with iterating the nlohmann::json::object_t.
This adds a new error check for pulling the object_t out of the
nlohmann::json object before each iteration, to ensure that we're
handling errors.
Tested: Redfish service validator passes.
Change-Id: I2934c9450ec296c76544c2a7c5855c9b519eae7f
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
And fix the includes that are wrong.
Note, there is a very large ignore list included in the .clang-tidy
configcfile. These are things that clang-tidy doesn't yet handle
well, like knowing about a details include.
Change-Id: Ie3744f2c8cba68a8700b406449d6c2018a736952
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
Add a utility function which estimates the size of the JSON tree.
It is used in the children change to limit the reponse size of expand
query.
Tested:
1. unit test passed;
2. tested on hardware, the following are real sizes and estimation
```
Real payload size, Estimation, query
15.69 KB, 10.21 KB, redfish/v1?$expand=.($levels=1)
95.76 KB, 62.11 KB, redfish/v1?$expand=.($levels=2)
117.14 KB, 72.71 KB, redfish/v1?$expand=.($levels=3)
127.65 KB, 77.64 KB, redfish/v1?$expand=.($levels=4)
```
Signed-off-by: Nan Zhou <nanzhoumails@gmail.com>
Change-Id: Iae26d6732a6ec63ecc59eacf657b4bf33c07c046
|
|
Per cpp core guidelines, these should be methods.
Tested: on last patchset of the series.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Ib16479db9d2b68da68e7ad6e825c7e205c64f1de
|
|
For systems implementing to the OWASP security guidelines[1] (of which all
should ideally) we should be checking the content-type header all times
that we parse a request as JSON.
This commit adds an option for parsing content-type, and sets a default
of "must get content-type". Ideally this would not be a breaking
change, but given the number of guides and scripts that omit the content
type, it seems worthwhile to add a trapdoor, such that people can opt
into their own model on how they would like to see this checking work.
Tested:
```
curl --insecure -H "Content-Type: application/json" -X POST -D headers.txt https://${bmc}/redfish/v1/SessionService/Sessions -d '{"UserName":"root", "Password":"0penBmc"}'
```
Succeeds.
Removing Content-Type argument causes bmc to return
Base.1.13.0.UnrecognizedRequestBody.
[1] cheatsheetseries.owasp.org/cheatsheets/REST_Security_Cheat_Sheet.html
Change-Id: Iaa47dd563b40036ff2fc2cacb70d941fd8853038
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Makes the Redfish error reporting interface automatically handle
setting the http status and JSON content in the response object.
When using an AsyncResp object, this allows for simply calling
the Redfish error and returning.
Change-Id: Icfdce2de763225f070e8dd61e591f296703f46bb
Signed-off-by: Jason M. Bills <jason.m.bills@linux.intel.com>
|
|
The existing way of decoding json structures, while fast has some disadvantages.
1. it's very verbose to write.
2. It requires in depth knowlege of redfish error messages to get
correct.
3. It _can_ lead to undesired behavior, like half of a patch being
applied, if only some of the values have bad types.
This commit implements a new interface for decoding redfish json
named.... readJson. It is a templated function, that lets you decode
json values based on type easily, while still handling all the correct
error codes that were handled previously. Use is done similar to the
example below:
std::string required;
boost::optional<std::string> optional;
if (!json_util::readJson(req, res, "OptionalParam", optional,
"RequiredParam", required))
{
return;
}
if (optional){
// optional param was given, take action.
}
As part of this patchset, the systems schema is moved to the new
interface, which deletes some of the code involved and shows the
improvement in clarity.
Change-Id: I041a97c84d294df8cd4de4c2702e5ee22c0bc120
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|
|
This commit moves the codebase to the lastest clang-format file from
upstream, as well as clang-format-6.0.
Change-Id: Ice8313468097c0c42317fbb9e10ddf036e8cff4c
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|
|
This patchset moves bmcweb over to the upstream style naming
conventions for variables, classes, and functions, as well as imposes
the latest clang-format file.
This changeset was mostly built automatically by the included
.clang-tidy file, which has the ability to autoformat and auto rename
variables. At some point in the future I would like to see this in
greater use, but for now, we will impose it on bmcweb, and see how it
goes.
Tested: Code still compiles, and appears to run, although other issues
are possible and likely.
Change-Id: If422a2e36df924e897736b3feffa89f411d9dac1
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
|
|
This commit is the beginings of attempting to transition away from
crow, and toward boost::beast. Unit tests are passing, and
implementation appears to be slightly faster than crow.
Change-Id: Ic8d946dc7a04f514c67b1098f181eee1ced69171
|
|
These functions are not yet used, but will be required by at least two upcoming
patchsets. This functionality has been cut out from Configuration patchset for
easier merge without having to wait for that commit.
Change-Id: Ibe5d5cefd874d4a2d896b42a2b7cfc17480f3c5a
Signed-off-by: Kowalski, Kamil <kamil.kowalski@intel.com>
|
