Access Control Model Interface

The netconfd-pro server supports 2 different access control models:

If the 'external' mode is used, then ACM callback functions must be registered with yp-system API functions that the server needs to validate the following types of client access:

  • protocol operation requests

  • database read and write requests

  • notification delivery

Register ACM Callback Functions

The function 'agt_acm_extern_register_callbacks' in agt/agt_acm_extern.h is used by the external system code to register its own callback functions to handle access control requests. These functions are used by the system instead of its own access control cache and data model.

If the external access control method is selected in the system initialization then these callback functions MUST be provided or all access requests will be granted by default!

void agt_acm_extern_register_callbacks(agt_acm_extern_rpc_fn_t rpcfn, agt_acm_extern_notif_fn_t notfn, agt_acm_extern_write_fn_t writefn, agt_acm_extern_read_fn_t readfn)

Register the external callbacks for ACM implementation.

A NULL callback means that type of access will always be granted!!!

Parameters
  • rpcfn -- check-rpc function callback

  • notfn -- check-notification function callback

  • writefn -- check-val-write function callback

  • readfn -- check-val-write function callback

The following functions must be registered:

  • RPC Request Callback Function

  • Notification Send Callback Function

  • Database Write Request Callback Function

  • Database Read Request Callback Function

The following example "init1" function shows how this function might be used:

 status_t yp_system_init1 (boolean pre_cli)
 {
     log_debug("\nyp_system init1\n");

     if (pre_cli) {
         ;
     } else {
         // example -- external NACM callbacks
         // load module for external module
         // with ncxmod_load_module

         // register the external ACM callbacks
         // this will have no affect unless the
         // yp_system_init_profile fn sets the
         // agt_acm_model to AGT_ACM_MODEL_EXTERNAL
         agt_acm_extern_register_callbacks(acm_extern_rpc,
                                           acm_extern_notif,
                                           acm_extern_write,
                                           acm_extern_read);
     }
     return NO_ERR;
 }

RPC Request

Checks if the user is allowed to invoke the specified YANG-defined protocol operation. The 'agt_acm_extern_rpc_fn_t' template is used for this callback.

typedef boolean (*agt_acm_extern_rpc_fn_t)(xml_msg_hdr_t *msg, const xmlChar *user, const obj_template_t *rpcobj)

Check if the specified user is allowed to invoke an RPC.

Param msg

XML header in incoming message in progress

Param user

user name string

Param rpcobj

obj_template_t for the RPC method to check

Return

TRUE if user allowed invoke this RPC; FALSE otherwise

This example RPC Request callback can be found in example-system.c:

static boolean
    acm_extern_rpc (xml_msg_hdr_t *msg,
                    const xmlChar *user,
                    const obj_template_t *rpcobj)
{
    (void)msg;

    const xmlChar *modname = obj_get_mod_name(rpcobj);
    const xmlChar *objname = obj_get_name(rpcobj);

    log_debug("\nChecking RPC access for user %s to operation '%s:%s'",
              user, modname, objname);

    // check access here

    log_debug("\nacm_extern_rpc: return OK\n");
    return TRUE;

} /* acm_extern_rpc */

Notification Send

Checks if the user is allowed to receive the specified YANG-defined notification event. The 'agt_acm_extern_notif_fn_t' template is used for this callback.

typedef boolean (*agt_acm_extern_notif_fn_t)(const xmlChar *user, const obj_template_t *notifobj)

Check if the specified user is allowed to receive a notification event.

Param user

user name string

Param notifobj

obj_template_t for the notification event to check

Return

TRUE if user allowed receive this notification event

FALSE otherwise

This example Notification Send callback can be found in example-system.c:

static boolean
    acm_extern_notif (const xmlChar *user,
                      const obj_template_t *notifobj)
{
    const xmlChar *modname = obj_get_mod_name(rpcobj);
    const xmlChar *objname = obj_get_name(rpcobj);

    log_debug("\nChecking Notification access for "
              "user %s to event '%s:%s'",
              user, modname, objname);

    // check access here

    log_debug("\nacm_extern_notif: return OK\n");
    return TRUE;

} /* acm_extern_notif */

Database Write

Checks if the user is allowed to edit the specified YANG-defined data node. The 'agt_acm_extern_write_fn_t' template is used for this callback.

typedef boolean (*agt_acm_extern_write_fn_t)(xml_msg_hdr_t *msg, const xmlChar *user, const val_value_t *newval, const val_value_t *curval, op_editop_t editop)

Check if the specified user is allowed to access a value node.

The val->obj template will be checked against the val->editop requested access and the user's configured max-access

Param msg

XML header from incoming message in progress

Param newval

val_value_t

in progress to check

(may be NULL, if curval set)

Param curval

val_value_t

in progress to check

(may be NULL, if newval set)

Param val

val_value_t in progress to check

Param editop

requested CRUD operation

Return

TRUE if user allowed this level of access to the value node

This example Database Write callback can be found in example-system.c:

static boolean
    acm_extern_write (xml_msg_hdr_t *msg,
                      const xmlChar *user,
                      const val_value_t *newval,
                      const val_value_t *curval,
                      op_editop_t editop)
{
    (void)msg;
    (void)user;
    (void)newval;
    (void)curval;
    (void)editop;
    log_debug("\nacm_extern_write: return OK\n");
    return TRUE;

} /* acm_extern_write */

Database Read

Checks if the user is allowed to read the specified YANG-defined data node. The 'agt_acm_extern_read_fn_t' template is used for this callback.

typedef boolean (*agt_acm_extern_read_fn_t)(xml_msg_hdr_t *msg, const xmlChar *user, const val_value_t *val)

Check if the specified user is allowed to read a value node.

Param msg

XML header from incoming message in progress

Param user

user name string

Param val

val_value_t in progress to check

Return

TRUE if user allowed read access to the value node

This example Database Write callback can be found in example-system.c:

static boolean
    acm_extern_read (xml_msg_hdr_t *msg,
                     const xmlChar *user,
                     const val_value_t *val)
{
    (void)msg;
    (void)user;
    (void)val;
    log_debug("\nacm_extern_read: return OK\n");
    return TRUE;

} /* acm_extern_read */