yumapro
23.10T-12
YumaPro SDK
|
The ACM manager allows NACM or a vendor-specific ACM to be installed. More...
Functions | |
status_t | agt_acm_init (void) |
Initialize the NETCONF Server access control module. More... | |
status_t | agt_acm_init2 (void) |
Phase 2 : Initialize the nacm.yang configuration data structures. More... | |
void | agt_acm_cleanup (void) |
Cleanup the NETCONF Server access control module. More... | |
boolean | agt_acm_rpc_allowed (xml_msg_hdr_t *msg, const xmlChar *user, const obj_template_t *rpcobj) |
Check if the specified user is allowed to invoke an RPC. More... | |
boolean | agt_acm_notif_allowed (const xmlChar *user, const obj_template_t *notifobj) |
Check if the specified user is allowed to receive a notification event. More... | |
boolean | agt_acm_val_write_allowed (xml_msg_hdr_t *msg, const xmlChar *user, val_value_t *newval, val_value_t *curval, op_editop_t editop) |
Check if the specified user is allowed to access a value node. More... | |
boolean | agt_acm_val_read_allowed (xml_msg_hdr_t *msg, const xmlChar *user, val_value_t *val) |
Check if the specified user is allowed to read a value node. More... | |
status_t | agt_acm_init_msg_cache (ses_cb_t *scb, xml_msg_hdr_t *msg) |
Malloc and initialize an agt_acm_cache_t struct and attach it to the incoming message. More... | |
void | agt_acm_clear_msg_cache (xml_msg_hdr_t *msg) |
Clear an agt_acm_cache_t struct attached to the specified message. More... | |
void | agt_acm_clear_session_cache (ses_cb_t *scb) |
Clear an agt_acm_cache_t struct in a session control block. More... | |
void | agt_acm_invalidate_session_cache (ses_cb_t *scb) |
Mark an agt_acm_cache_t struct in a session control block as invalid so it will be refreshed next use. More... | |
boolean | agt_acm_session_cache_valid (const ses_cb_t *scb) |
Check if the specified session NACM cache is valid. More... | |
boolean | agt_acm_session_is_superuser (const ses_cb_t *scb) |
Check if the specified session is the superuser. More... | |
agt_acmode_t | agt_acm_get_acmode (void) |
Get the –access-control mode. More... | |
void | agt_acm_set_acmode (agt_acmode_t newmode) |
Set the –access-control mode. More... | |
boolean | agt_acm_get_log_writes (void) |
Get the log_writes flag. More... | |
boolean | agt_acm_get_log_reads (void) |
Get the log_reads flag. More... | |
boolean | agt_acm_is_superuser (const xmlChar *username) |
Check if the specified user name is the superuser Low-level access; no scb available. More... | |
uint32 | agt_acm_get_deniedRpcs (void) |
Get the deniedRpcs counter. More... | |
uint32 | agt_acm_get_deniedDataWrites (void) |
Get the deniedDataWrites counter. More... | |
uint32 | agt_acm_get_deniedNotifications (void) |
Get the deniedNotification counter. More... | |
void | agt_acm_clean_xpath_cache (void) |
Clean any cached XPath results because the data rule results may not be valid anymore. More... | |
void | agt_acm_set_datarules (val_value_t *val, uint32 msgid) |
Check the dataruleQ in the object and all child nodes. More... | |
void | agt_acm_clean_obj_datarule_cache (ncx_module_t *mod) |
Check all the rule list entry and its OBJ datarule cache and clean if the modules is getting unloaded for this objects. More... | |
The ACM manager allows NACM or a vendor-specific ACM to be installed.
The server will access the specific model used through this module.
void agt_acm_clean_obj_datarule_cache | ( | ncx_module_t * | mod | ) |
Check all the rule list entry and its OBJ datarule cache and clean if the modules is getting unloaded for this objects.
mod | mod to check for unload |
void agt_acm_clean_xpath_cache | ( | void | ) |
Clean any cached XPath results because the data rule results may not be valid anymore.
Used internally by server
void agt_acm_cleanup | ( | void | ) |
Cleanup the NETCONF Server access control module.
Must be called for NACM to properly clean up rulelist data
void agt_acm_clear_msg_cache | ( | xml_msg_hdr_t * | msg | ) |
Clear an agt_acm_cache_t struct attached to the specified message.
[in,out] | msg | message to use; msg->acm_cache pointer is freed and set to NULL |
void agt_acm_clear_session_cache | ( | ses_cb_t * | scb | ) |
Clear an agt_acm_cache_t struct in a session control block.
[in,out] | scb | session control block to use; scb->acm_cache pointer is freed and set to NULL |
agt_acmode_t agt_acm_get_acmode | ( | void | ) |
Get the –access-control mode.
uint32 agt_acm_get_deniedDataWrites | ( | void | ) |
Get the deniedDataWrites counter.
uint32 agt_acm_get_deniedNotifications | ( | void | ) |
Get the deniedNotification counter.
uint32 agt_acm_get_deniedRpcs | ( | void | ) |
Get the deniedRpcs counter.
boolean agt_acm_get_log_reads | ( | void | ) |
Get the log_reads flag.
boolean agt_acm_get_log_writes | ( | void | ) |
Get the log_writes flag.
status_t agt_acm_init | ( | void | ) |
Initialize the NETCONF Server access control module.
status_t agt_acm_init2 | ( | void | ) |
Phase 2 : Initialize the nacm.yang configuration data structures.
status_t agt_acm_init_msg_cache | ( | ses_cb_t * | scb, |
xml_msg_hdr_t * | msg | ||
) |
Malloc and initialize an agt_acm_cache_t struct and attach it to the incoming message.
[in,out] | scb | session control block to use; scb->acm_cache pointer may be set, if it was NULL |
[in,out] | msg | message to use; msg->acm_cache pointer set |
void agt_acm_invalidate_session_cache | ( | ses_cb_t * | scb | ) |
Mark an agt_acm_cache_t struct in a session control block as invalid so it will be refreshed next use.
scb | session control block to use |
boolean agt_acm_is_superuser | ( | const xmlChar * | username | ) |
Check if the specified user name is the superuser Low-level access; no scb available.
username | username to check |
boolean agt_acm_notif_allowed | ( | const xmlChar * | user, |
const obj_template_t * | notifobj | ||
) |
Check if the specified user is allowed to receive a notification event.
user | user name string |
notifobj | obj_template_t for the notification event to check |
boolean agt_acm_rpc_allowed | ( | xml_msg_hdr_t * | msg, |
const xmlChar * | user, | ||
const obj_template_t * | rpcobj | ||
) |
Check if the specified user is allowed to invoke an RPC.
msg | XML header in incoming message in progress |
user | user name string |
rpcobj | obj_template_t for the RPC method to check |
boolean agt_acm_session_cache_valid | ( | const ses_cb_t * | scb | ) |
Check if the specified session NACM cache is valid.
scb | session to check |
boolean agt_acm_session_is_superuser | ( | const ses_cb_t * | scb | ) |
Check if the specified session is the superuser.
scb | session to check |
void agt_acm_set_acmode | ( | agt_acmode_t | newmode | ) |
Set the –access-control mode.
newmode | new enum to use for acmode |
void agt_acm_set_datarules | ( | val_value_t * | val, |
uint32 | msgid | ||
) |
Check the dataruleQ in the object and all child nodes.
For each rule found. Cache any rule in the object in this value
val | value with the object struct to use |
msgid | update data rules after this msgid is finished |
boolean agt_acm_val_read_allowed | ( | xml_msg_hdr_t * | msg, |
const xmlChar * | user, | ||
val_value_t * | val | ||
) |
Check if the specified user is allowed to read a value node.
msg | XML header from incoming message in progress |
user | user name string |
val | val_value_t in progress to check |
boolean agt_acm_val_write_allowed | ( | xml_msg_hdr_t * | msg, |
const xmlChar * | user, | ||
val_value_t * | newval, | ||
val_value_t * | curval, | ||
op_editop_t | editop | ||
) |
Check if the specified user is allowed to access a value node.
The val->obj template will be checked against the val->editop requested access and the user's configured max-access
msg | XML header from incoming message in progress |
user | user name string |
newval | val_value_t in progress to check (may be NULL, if curval set) |
curval | val_value_t in progress to check (may be NULL, if newval set) |
editop | requested CRUD operation |