netconf_acm

package
v0.0.0-...-50def94 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 2, 2023 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Overview

NETCONF Access Control Model.

Copyright (c) 2012 IETF Trust and the persons identified as authors of the code. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info).

This version of this YANG module is part of RFC 6536; see the RFC itself for full legal notices.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ActionType

type ActionType string

ActionType represents rule matches.

const (
	// Requested action is permitted.
	ActionType_permit ActionType = "permit"

	// Requested action is denied.
	ActionType_deny ActionType = "deny"
)

type Nacm

type Nacm struct {
	EntityData types.CommonEntityData
	YFilter    yfilter.YFilter

	// Enables or disables all NETCONF access control enforcement.  If 'true',
	// then enforcement is enabled.  If 'false', then enforcement is disabled. The
	// type is bool. The default value is true.
	EnableNacm interface{}

	// Controls whether read access is granted if no appropriate rule is found for
	// a particular read request. The type is ActionType. The default value is
	// permit.
	ReadDefault interface{}

	// Controls whether create, update, or delete access is granted if no
	// appropriate rule is found for a particular write request. The type is
	// ActionType. The default value is deny.
	WriteDefault interface{}

	// Controls whether exec access is granted if no appropriate rule is found for
	// a particular protocol operation request. The type is ActionType. The
	// default value is permit.
	ExecDefault interface{}

	// Controls whether the server uses the groups reported by the NETCONF
	// transport layer when it assigns the user to a set of NACM groups.  If this
	// leaf has the value 'false', any group names reported by the transport layer
	// are ignored by the server. The type is bool. The default value is true.
	EnableExternalGroups interface{}

	// Number of times since the server last restarted that a protocol operation
	// request was denied. The type is interface{} with range: 0..4294967295. This
	// attribute is mandatory.
	DeniedOperations interface{}

	// Number of times since the server last restarted that a protocol operation
	// request to alter a configuration datastore was denied. The type is
	// interface{} with range: 0..4294967295. This attribute is mandatory.
	DeniedDataWrites interface{}

	// Number of times since the server last restarted that a notification was
	// dropped for a subscription because access to the event type was denied. The
	// type is interface{} with range: 0..4294967295. This attribute is mandatory.
	DeniedNotifications interface{}

	// NETCONF Access Control Groups.
	Groups Nacm_Groups

	// An ordered collection of access control rules. The type is slice of
	// Nacm_RuleList.
	RuleList []*Nacm_RuleList
}

Nacm Parameters for NETCONF Access Control Model.

func (*Nacm) GetEntityData

func (nacm *Nacm) GetEntityData() *types.CommonEntityData

type Nacm_Groups

type Nacm_Groups struct {
	EntityData types.CommonEntityData
	YFilter    yfilter.YFilter

	// One NACM Group Entry.  This list will only contain configured entries, not
	// any entries learned from any transport protocols. The type is slice of
	// Nacm_Groups_Group.
	Group []*Nacm_Groups_Group
}

Nacm_Groups NETCONF Access Control Groups.

func (*Nacm_Groups) GetEntityData

func (groups *Nacm_Groups) GetEntityData() *types.CommonEntityData

type Nacm_Groups_Group

type Nacm_Groups_Group struct {
	EntityData types.CommonEntityData
	YFilter    yfilter.YFilter
	YListKey   string

	// This attribute is a key. Group name associated with this entry. The type is
	// string with length: 1..18446744073709551615.
	Name interface{}

	// Each entry identifies the username of a member of the group associated with
	// this entry. The type is slice of string with length:
	// 1..18446744073709551615.
	UserName []interface{}
}

Nacm_Groups_Group One NACM Group Entry. This list will only contain configured entries, not any entries learned from any transport protocols.

func (*Nacm_Groups_Group) GetEntityData

func (group *Nacm_Groups_Group) GetEntityData() *types.CommonEntityData

type Nacm_RuleList

type Nacm_RuleList struct {
	EntityData types.CommonEntityData
	YFilter    yfilter.YFilter
	YListKey   string

	// This attribute is a key. Arbitrary name assigned to the rule-list. The type
	// is string with length: 1..18446744073709551615.
	Name interface{}

	// List of administrative groups that will be assigned the associated access
	// rights defined by the 'rule' list.  The string '*' indicates that all
	// groups apply to the entry. The type is one of the following types: slice of
	// string with pattern: \*, or slice of string with length:
	// 1..18446744073709551615.
	Group []interface{}

	// One access control rule.  Rules are processed in user-defined order until a
	// match is found.  A rule matches if 'module-name', 'rule-type', and
	// 'access-operations' match the request.  If a rule matches, the 'action'
	// leaf determines if access is granted or not. The type is slice of
	// Nacm_RuleList_Rule.
	Rule []*Nacm_RuleList_Rule
}

Nacm_RuleList An ordered collection of access control rules.

func (*Nacm_RuleList) GetEntityData

func (ruleList *Nacm_RuleList) GetEntityData() *types.CommonEntityData

type Nacm_RuleList_Rule

type Nacm_RuleList_Rule struct {
	EntityData types.CommonEntityData
	YFilter    yfilter.YFilter
	YListKey   string

	// This attribute is a key. Arbitrary name assigned to the rule. The type is
	// string with length: 1..18446744073709551615.
	Name interface{}

	// Name of the module associated with this rule.  This leaf matches if it has
	// the value '*' or if the object being accessed is defined in the module with
	// the specified module name. The type is one of the following types: string
	// with pattern: \* The default value is *., or string The default value is
	// *..
	ModuleName interface{}

	// This leaf matches if it has the value '*' or if its value equals the
	// requested protocol operation name. The type is one of the following types:
	// string with pattern: \*, or string.
	RpcName interface{}

	// This leaf matches if it has the value '*' or if its value equals the
	// requested notification name. The type is one of the following types: string
	// with pattern: \*, or string.
	NotificationName interface{}

	// Data Node Instance Identifier associated with the data node controlled by
	// this rule.  Configuration data or state data instance identifiers start
	// with a top-level data node.  A complete instance identifier is required for
	// this type of path value.  The special value '/' refers to all possible
	// datastore contents. The type is string. This attribute is mandatory.
	Path interface{}

	// Access operations associated with this rule.  This leaf matches if it has
	// the value '*' or if the bit corresponding to the requested operation is
	// set. The type is one of the following types: string with pattern: \* The
	// default value is *., or :go:struct:`Bits <ydk/models/netconf_acm/Bits>` The
	// default value is *..
	AccessOperations interface{}

	// The access control action associated with the rule.  If a rule is
	// determined to match a particular request, then this object is used to
	// determine whether to permit or deny the request. The type is ActionType.
	// This attribute is mandatory.
	Action interface{}

	// A textual description of the access rule. The type is string.
	Comment interface{}
}

Nacm_RuleList_Rule One access control rule.

Rules are processed in user-defined order until a match is found. A rule matches if 'module-name', 'rule-type', and 'access-operations' match the request. If a rule matches, the 'action' leaf determines if access is granted or not.

func (*Nacm_RuleList_Rule) GetEntityData

func (rule *Nacm_RuleList_Rule) GetEntityData() *types.CommonEntityData

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL