The External ACM handler provides the required access control APIs outside of the server control. More...

Collaboration diagram for External ACM Model:

Typedefs
typedef boolean(*	agt_acm_extern_rpc_fn_t) (xml_msg_hdr_t msg, const xmlChar user, const obj_template_t *rpcobj)
	Check if the specified user is allowed to invoke an RPC. More...

typedef boolean(*	agt_acm_extern_notif_fn_t) (const xmlChar user, const obj_template_t notifobj)
	Check if the specified user is allowed to receive a notification event. More...

typedef boolean(*	agt_acm_extern_write_fn_t) (xml_msg_hdr_t msg, const xmlChar user, const val_value_t newval, const val_value_t curval, op_editop_t editop)
	Check if the specified user is allowed to access a value node. More...

typedef boolean(*	agt_acm_extern_read_fn_t) (xml_msg_hdr_t msg, const xmlChar user, const val_value_t *val)
	Check if the specified user is allowed to read a value node. More...

Functions
void	agt_acm_extern_register_callbacks (agt_acm_extern_rpc_fn_t rpcfn, agt_acm_extern_notif_fn_t notfn, agt_acm_extern_write_fn_t writefn, agt_acm_extern_read_fn_t readfn)
	Register the external callbacks for ACM implementation. More...

boolean	agt_acm_extern_rpc_allowed (xml_msg_hdr_t msg, const xmlChar user, const obj_template_t *rpcobj)
	Check if the specified user is allowed to invoke an RPC. More...

boolean	agt_acm_extern_notif_allowed (const xmlChar user, const obj_template_t notifobj)
	Check if the specified user is allowed to receive a notification event. More...

boolean	agt_acm_extern_val_write_allowed (xml_msg_hdr_t msg, const xmlChar user, const val_value_t newval, const val_value_t curval, op_editop_t editop)
	Check if the specified user is allowed to access a value node. More...

boolean	agt_acm_extern_val_read_allowed (xml_msg_hdr_t msg, const xmlChar user, const val_value_t *val)
	Check if the specified user is allowed to read a value node. More...

Detailed Description

The External ACM handler provides the required access control APIs outside of the server control.

The vendor callbacks are required to check access rights each time access is requested by a client.

Typedef Documentation

◆ agt_acm_extern_notif_fn_t

typedef boolean(* agt_acm_extern_notif_fn_t) (const xmlChar *user, const obj_template_t *notifobj)

Check if the specified user is allowed to receive a notification event.

OK for SIL; NOT OK for SIL-SA

Parameters

user	user name string
notifobj	obj_template_t for the notification event to check

Returns: TRUE if user allowed receive this notification event
FALSE otherwise

◆ agt_acm_extern_read_fn_t

typedef boolean(* agt_acm_extern_read_fn_t) (xml_msg_hdr_t *msg, const xmlChar *user, const val_value_t *val)

Check if the specified user is allowed to read a value node.

OK for SIL; NOT OK for SIL-SA

Parameters

msg	XML header from incoming message in progress
user	user name string
val	val_value_t in progress to check

Returns: TRUE if user allowed read access to the value node

◆ agt_acm_extern_rpc_fn_t

typedef boolean(* agt_acm_extern_rpc_fn_t) (xml_msg_hdr_t *msg, const xmlChar *user, const obj_template_t *rpcobj)

Check if the specified user is allowed to invoke an RPC.

OK for SIL; NOT OK for SIL-SA

Parameters

msg	XML header in incoming message in progress
user	user name string
rpcobj	obj_template_t for the RPC method to check

Returns: TRUE if user allowed invoke this RPC; FALSE otherwise

◆ agt_acm_extern_write_fn_t

typedef boolean(* agt_acm_extern_write_fn_t) (xml_msg_hdr_t *msg, const xmlChar *user, const val_value_t *newval, const val_value_t *curval, op_editop_t editop)

Check if the specified user is allowed to access a value node.

OK for SIL; NOT OK for SIL-SA

The val->obj template will be checked against the val->editop requested access and the user's configured max-access

Parameters

msg	XML header from incoming message in progress
user	user name string to check for access
newval	val_value_t in progress to check (may be NULL, if curval set)
curval	val_value_t in progress to check (may be NULL, if newval set)
editop	requested CRUD operation

Returns: TRUE if user allowed this level of access to the value node

Function Documentation

◆ agt_acm_extern_notif_allowed()

boolean agt_acm_extern_notif_allowed	(	const xmlChar *	user,
		const obj_template_t *	notifobj
	)

Check if the specified user is allowed to receive a notification event.

OK for SIL; NOT OK for SIL-SA

Parameters

user	user name string
notifobj	obj_template_t for the notification event to check

Returns: TRUE if user allowed receive this notification event
FALSE otherwise

◆ agt_acm_extern_register_callbacks()

void agt_acm_extern_register_callbacks	(	agt_acm_extern_rpc_fn_t	rpcfn,
		agt_acm_extern_notif_fn_t	notfn,
		agt_acm_extern_write_fn_t	writefn,
		agt_acm_extern_read_fn_t	readfn
	)

Register the external callbacks for ACM implementation.

OK for SIL; NOT OK for SIL-SA

A NULL callback means that type of access will always be granted!!!

Parameters

rpcfn	check-rpc function callback
notfn	check-notification function callback
writefn	check-val-write function callback
readfn	check-val-write function callback

◆ agt_acm_extern_rpc_allowed()

boolean agt_acm_extern_rpc_allowed	(	xml_msg_hdr_t *	msg,
		const xmlChar *	user,
		const obj_template_t *	rpcobj
	)

Check if the specified user is allowed to invoke an RPC.

OK for SIL; NOT OK for SIL-SA

Parameters

msg	XML header in incoming message in progress
user	user name string
rpcobj	obj_template_t for the RPC method to check

Returns: TRUE if user allowed invoke this RPC; FALSE otherwise

◆ agt_acm_extern_val_read_allowed()

boolean agt_acm_extern_val_read_allowed	(	xml_msg_hdr_t *	msg,
		const xmlChar *	user,
		const val_value_t *	val
	)

Check if the specified user is allowed to read a value node.

OK for SIL; NOT OK for SIL-SA

Parameters

msg	XML header from incoming message in progress
user	user name string
val	val_value_t in progress to check

Returns: TRUE if user allowed read access to the value node

◆ agt_acm_extern_val_write_allowed()

boolean agt_acm_extern_val_write_allowed	(	xml_msg_hdr_t *	msg,
		const xmlChar *	user,
		const val_value_t *	newval,
		const val_value_t *	curval,
		op_editop_t	editop
	)

Check if the specified user is allowed to access a value node.

OK for SIL; NOT OK for SIL-SA

The val->obj template will be checked against the val->editop requested access and the user's configured max-access

Parameters

msg	XML header from incoming message in progress
user	user name string
newval	val_value_t in progress to check (may be NULL, if curval set)
curval	val_value_t in progress to check (may be NULL, if newval set)
editop	requested CRUD operation

Returns: TRUE if user allowed this level of access to the value node

Typedefs

Functions

Detailed Description

Typedef Documentation

◆ agt_acm_extern_notif_fn_t

◆ agt_acm_extern_read_fn_t

◆ agt_acm_extern_rpc_fn_t

◆ agt_acm_extern_write_fn_t

Function Documentation

◆ agt_acm_extern_notif_allowed()

◆ agt_acm_extern_register_callbacks()

◆ agt_acm_extern_rpc_allowed()

◆ agt_acm_extern_val_read_allowed()

◆ agt_acm_extern_val_write_allowed()