latest/html/agt__acm_8h_source.html

/*

 * Copyright (c) 2008 - 2012, Andy Bierman, All Rights Reserved.

 * Copyright (c) 2012 - 2025, YumaWorks, Inc., All Rights Reserved.

 *

 * Unless required by applicable law or agreed to in writing,

 * software distributed under the License is distributed on an

 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY

 * KIND, either express or implied.  See the License for the

 * specific language governing permissions and limitations

 * under the License.

 */

#ifndef _H_agt_acm

#define _H_agt_acm


/*  FILE: agt_acm.h

*********************************************************************

*                                                                   *

*                        P U R P O S E                              *

*                                                                   *

*********************************************************************/


/*********************************************************************

*                                                                   *

*                  C H A N G E   H I S T O R Y                      *

*                                                                   *

*********************************************************************


date         init     comment

----------------------------------------------------------------------

03-feb-06    abb      Begun

14-may-09    abb      add per-msg cache to speed up performance

*/


#include <xmlstring.h>


#ifndef _H_agt

#include "agt.h"

#endif


#ifndef _H_dlq

#include "dlq.h"

#endif


#ifndef _H_obj

#include "obj.h"

#endif


#ifndef _H_ses

#include "ses.h"

#endif


#ifndef _H_status

#include "status.h"

#endif


#ifndef _H_val

#include "val.h"

#endif


#ifndef _H_xml_msg

#include "xml_msg.h"

#endif


#ifndef _H_xmlns

#include "xmlns.h"

#endif


#ifndef _H_xpath

#include "xpath.h"

#endif


#ifdef __cplusplus

extern "C" {

#endif


/********************************************************************

*                                                                   *

*                        C O N S T A N T S                          *

*                                                                   *

*********************************************************************/


/* this is defined by the vendor and not allowed to change by

 * the user since there are no translation functions between models

 * Pick RFC 6536 as the default.

 */

// To change ACM models, also change the nacm:default-deny-* extensions

// in all YANG modules using these YANG extensions

#define AGT_DEF_ACM_MODEL         AGT_ACM_MODEL_IETF_NACM


//#define AGT_DEF_ACM_MODEL         AGT_ACM_MODEL_YUMA_NACM


/********************************************************************

*                                                                   *

*                            T Y P E S                              *

*                                                                   *

*********************************************************************/


/********************************************************************

*                                                                   *

*                       F U N C T I O N S                           *

*                                                                   *

*********************************************************************/


/* Header only */


extern status_t

    agt_acm_init (void);


extern status_t

    agt_acm_init2 (void);


extern void

    agt_acm_cleanup (void);


extern boolean

    agt_acm_rpc_allowed (xml_msg_hdr_t *msg,

                         const xmlChar *user,

                         const obj_template_t *rpcobj);


extern boolean

    agt_acm_action_allowed (xml_msg_hdr_t *msg,

                            const xmlChar *user,

                            val_value_t *actionval);


extern boolean

    agt_acm_notif_allowed (const xmlChar *user,

                           const obj_template_t *notifobj);


extern boolean

    agt_acm_val_write_allowed (xml_msg_hdr_t *msg,

                               const xmlChar *user,

                               val_value_t *newval,

                               val_value_t *curval,

                               op_editop_t editop);


extern boolean

    agt_acm_val_read_allowed (xml_msg_hdr_t *msg,

                              const xmlChar *user,

                              val_value_t *val);


extern status_t

    agt_acm_init_msg_cache (ses_cb_t *scb,

                            xml_msg_hdr_t *msg);


extern void

    agt_acm_clear_msg_cache (xml_msg_hdr_t *msg);


extern void agt_acm_clear_session_cache (ses_cb_t *scb);


extern void agt_acm_invalidate_session_cache (ses_cb_t *scb);


extern boolean

    agt_acm_session_cache_valid (const ses_cb_t *scb);


extern boolean

    agt_acm_session_is_superuser (const ses_cb_t *scb);


extern agt_acmode_t

    agt_acm_get_acmode (void);


extern void

    agt_acm_set_acmode (agt_acmode_t newmode);


extern boolean

    agt_acm_get_log_writes (void);


extern boolean

    agt_acm_get_log_reads (void);


extern boolean

    agt_acm_is_superuser (const xmlChar *username);


extern uint32

    agt_acm_get_deniedRpcs (void);


extern uint32

    agt_acm_get_deniedDataWrites (void);


extern uint32

    agt_acm_get_deniedNotifications (void);


extern void

    agt_acm_clean_xpath_cache (void);


extern void

    agt_acm_set_datarules (val_value_t *val,

                           uint32 msgid);


extern void

    agt_acm_clean_obj_datarule_cache (ncx_module_t *mod);


#ifdef WITH_YP_HA


extern void

    agt_acm_go_active (void);


extern void

    agt_acm_go_standby (void);


#endif  // WITH_YP_HA


#ifdef __cplusplus

}  /* end extern 'C' */

#endif


#endif      /* _H_agt_acm */

agt.h
Multi-Protocol Network Management Server.

dlq.h
dlq provides general double-linked list and queue support:

agt_acmode_t
agt_acmode_t
matches access-control enumeration in netconfd.yang
Definition: agt.h:730

agt_acm_get_log_writes
boolean agt_acm_get_log_writes(void)
Get the log_writes flag.
Definition: agt_acm.c:1049

agt_acm_get_acmode
agt_acmode_t agt_acm_get_acmode(void)
Get the –access-control mode.
Definition: agt_acm.c:1017

agt_acm_get_deniedNotifications
uint32 agt_acm_get_deniedNotifications(void)
Get the deniedNotification counter.
Definition: agt_acm.c:1137

agt_acm_is_superuser
boolean agt_acm_is_superuser(const xmlChar *username)
Check if the specified user name is the superuser Low-level access; no scb available.
Definition: agt_acm.c:1086

agt_acm_get_deniedRpcs
uint32 agt_acm_get_deniedRpcs(void)
Get the deniedRpcs counter.
Definition: agt_acm.c:1105

agt_acm_get_log_reads
boolean agt_acm_get_log_reads(void)
Get the log_reads flag.
Definition: agt_acm.c:1065

agt_acm_get_deniedDataWrites
uint32 agt_acm_get_deniedDataWrites(void)
Get the deniedDataWrites counter.
Definition: agt_acm.c:1121

agt_acm_session_is_superuser
boolean agt_acm_session_is_superuser(const ses_cb_t *scb)
Check if the specified session is the superuser.
Definition: agt_acm.c:997

op_editop_t
op_editop_t
NETCONF edit-config operation types.
Definition: op.h:122

status_t
status_t
global error return code
Definition: status_enum.h:219

obj.h
Data Object Support.

ses.h
NETCONF Session Common definitions module.

status.h
Global error messages for status code enumerations.

ncx_module_t
representation of one module or submodule during and after parsing
Definition: ncxtypes.h:1138

obj_template_t
One YANG data-def-stmt.
Definition: obj.h:1232

ses_cb_t
Session Control Block.
Definition: ses.h:573

val_value_t
one value to match one type
Definition: val.h:912

xml_msg_hdr_t
Common Encoding Message Header No longer XML specific!! Used by JSON and CBOR parsing as well!...
Definition: xml_msg.h:404

val.h
Value Node Basic Support.

xml_msg.h
XML and JSON Message send and receive support.

xmlns.h
XML namespace support.

xpath.h
Schema and data model Xpath search support.