Added error-info to netconf error-msg for duplicate leaf-lists

Test: removed potential duplicate user in nacm.sh
2024-03-26 14:32:41 +01:00 · 2024-03-26 14:32:41 +01:00 · c9c5d4f813
commit c9c5d4f813
parent df2af320c2
6 changed files with 38 additions and 22 deletions
--- a/lib/src/clixon_validate_minmax.c
+++ b/lib/src/clixon_validate_minmax.c
@ -553,6 +553,7 @@ xml_yang_minmax_new_leaf_list(cxobj     *x0,
    cxobj     *xj;
    char      *bi;
    char      *bj;
    cvec      *cvv = NULL;
    xi = x0;
    do {
@ -564,7 +565,12 @@ xml_yang_minmax_new_leaf_list(cxobj     *x0,
            if ((bj = xml_body(xj)) == NULL)
                continue;
            if (bi && bj && strcmp(bi, bj) == 0){
-                if (xret && netconf_data_not_unique_xml(xret, xi, NULL) < 0)
+                if ((cvv = cvec_new(0)) == NULL){
                    clixon_err(OE_UNIX, errno, "cvec_new");
                    goto done;
                }
                cvec_add_string(cvv, "name", bi);
                if (xret && netconf_data_not_unique_xml(xret, xi, cvv) < 0)
                    goto done;
                goto fail;
            }
@ -574,6 +580,8 @@ xml_yang_minmax_new_leaf_list(cxobj     *x0,
           xml_spec(xi) == y0);
    retval = 1;
 done:
    if (cvv)
        cvec_free(cvv);
    return retval;
 fail:
    retval = 0;
--- a/test/nacm.sh
+++ b/test/nacm.sh
@ -2,7 +2,9 @@
 # Authentication and authorization and IETF NACM
 # Library variable and functions
-USER=$(whoami)
+if [ $(whoami) != root ]; then
    EXTRAUSER="<user-name>$(whoami)</user-name>"
 fi
 # Three groups from RFC8341 A.1 (admin extended with $USER)
 NGROUPS=$(cat <<EOF
@ -12,7 +14,7 @@ NGROUPS=$(cat <<EOF
         <user-name>root</user-name>
         <user-name>admin</user-name>
         <user-name>andy</user-name>
-         <user-name>$USER</user-name>
+         $EXTRAUSER
       </group>
       <group>
         <name>limited</name>
--- a/test/test_nacm_credentials.sh
+++ b/test/test_nacm_credentials.sh
@ -18,6 +18,8 @@ APPNAME=example
 cfg=$dir/conf_yang.xml
 fyang=$dir/nacm-example.yang
 NACMUSER=$(whoami)
 cat <<EOF > $fyang
 module nacm-example{
  yang-version 1.1;
@ -182,13 +184,13 @@ testrun except "" UNIX $dir/backend.sock "$OK" ""
 # UNIX socket, myuser, loop mode. All should work
 new "Credentials: mode=none, fam=UNIX user=me"
-testrun none "$USER" UNIX $dir/backend.sock "$OK" ""
+testrun none "$NACMUSER" UNIX $dir/backend.sock "$OK" ""
 new "Credentials: mode=exact, fam=UNIX user=me"
-testrun exact "$USER" UNIX $dir/backend.sock "$OK" ""
+testrun exact "$NACMUSER" UNIX $dir/backend.sock "$OK" ""
 new "Credentials: mode=except, fam=UNIX user=me"
-testrun except "$USER" UNIX $dir/backend.sock "$OK" ""
+testrun except "$NACMUSER" UNIX $dir/backend.sock "$OK" ""
 # UNIX socket, admin user. First should work
 new "Credentials: mode=none, fam=UNIX user=admin"
@ -212,15 +214,17 @@ testrun except admin UNIX $dir/backend.sock "$OK" sudo
 # IPv4 socket, admin user. First should work
 new "Credentials: mode=none, fam=UNIX user=admin sudo"
-testrun none $USER IPv4 127.0.0.1 "$OK" ""
+testrun none $NACMUSER IPv4 127.0.0.1 "$OK" ""
 new "Credentials: mode=exact, fam=UNIX user=admin sudo"
-testrun exact $USER IPv4 127.0.0.1 "$ERROR" ""
+testrun exact $NACMUSER IPv4 127.0.0.1 "$ERROR" ""
 new "Credentials: mode=except, fam=UNIX user=admin sudo"
-testrun except $USER IPv4 127.0.0.1 "$ERROR" ""
+testrun except $NACMUSER IPv4 127.0.0.1 "$ERROR" ""
 rm -rf $dir
 unset NACMUSER
 new "endtest"
 endtest
--- a/test/test_nacm_recovery.sh
+++ b/test/test_nacm_recovery.sh
@ -18,6 +18,8 @@ APPNAME=example
 cfg=$dir/conf_yang.xml
 fyang=$dir/nacm-example.yang
 NACMUSER=$(whoami)
 # cred:none, exact, except
 # Define default restconfig config: RESTCONFIG
@ -147,20 +149,20 @@ EOF
 }
 #------- CRED: except USER: non-root
-if [ "$USER" != root ]; then # Skip if USER is root
+if [ "$NACMUSER" != root ]; then # Skip if USER is root
 # This is default, therefore first
 CRED=except 
-REALUSER=$USER
+REALUSER=$NACMUSER
 # Recovery as a seperate user does not work
-PSEUDO=$USER
+PSEUDO=$NACMUSER
 RECOVERY=_recovery
 new "cred: $CRED realuser:$REALUSER pseudo:$PSEUDO recovery:$RECOVERY"
 testrun $CRED $REALUSER $PSEUDO $RECOVERY true false
 # Recovery as actual user works
-PSEUDO=$USER
+PSEUDO=$NACMUSER
-RECOVERY=$USER
+RECOVERY=$NACMUSER
 new "cred: $CRED realuser:$REALUSER pseudo:$PSEUDO recovery:$RECOVERY"
 testrun $CRED $REALUSER $PSEUDO $RECOVERY true true
@ -171,13 +173,13 @@ new "cred: $CRED realuser:$REALUSER pseudo:$PSEUDO recovery:$RECOVERY"
 testrun $CRED $REALUSER $PSEUDO $RECOVERY false false
 PSEUDO=_recovery
-RECOVERY=$USER
+RECOVERY=$NACMUSER
 new "cred: $CRED realuser:$REALUSER pseudo:$PSEUDO recovery:$RECOVERY"
 testrun $CRED $REALUSER $PSEUDO $RECOVERY false false
-fi # skip is USER is root
+fi # skip is NACMUSER is root
-#------- CRED: except USER: root
+#------- CRED: except NACMUSER: root
 CRED=except 
 REALUSER=root 
@ -207,7 +209,7 @@ testrun $CRED $REALUSER $PSEUDO $RECOVERY true false
 #------- CRED: none
 # Check you can use any pseudo user if cred is none
 CRED=none
-REALUSER=$USER
+REALUSER=$NACMUSER
 PSEUDO=_recovery
 RECOVERY=_recovery
 new "cred: $CRED realuser:$REALUSER pseudo:$PSEUDO recovery:$RECOVERY"
@ -225,4 +227,6 @@ testrun $CRED $REALUSER $PSEUDO $RECOVERY false false
 new "endtest"
 endtest
 unset NACMUSER
 rm -rf $dir
--- a/test/test_netconf_duplicate.sh
+++ b/test/test_netconf_duplicate.sh
@ -66,7 +66,6 @@ fi
 new "wait backend"
 wait_backend
 if false; then
 new "Add list with duplicate"
 expecteof_netconf "$clixon_netconf -qf $cfg" 0 "$DEFAULTHELLO" "<rpc $DEFAULTNS><edit-config><target><candidate/></target><default-operation>replace</default-operation><config><c xmlns=\"urn:example:clixon\">
     <server>
@ -78,14 +77,13 @@ expecteof_netconf "$clixon_netconf -qf $cfg" 0 "$DEFAULTHELLO" "<rpc $DEFAULTNS>
       <value>foo</value>
     </server>
 </c></config></edit-config></rpc>" "" "<rpc-reply $DEFAULTNS><rpc-error><error-type>application</error-type><error-tag>operation-failed</error-tag><error-app-tag>data-not-unique</error-app-tag><error-severity>error</error-severity><error-info><non-unique xmlns=\"urn:ietf:params:xml:ns:yang:1\">/rpc/edit-config/config/c/server[name=\"one\"]/name</non-unique></error-info></rpc-error></rpc-reply>"
 fi
 new "Add leaf-list with duplicate"
 expecteof_netconf "$clixon_netconf -qf $cfg" 0 "$DEFAULTHELLO" "<rpc $DEFAULTNS><edit-config><target><candidate/></target><default-operation>replace</default-operation><config><c xmlns=\"urn:example:clixon\">
       <b>one</b>
       <b>two</b>
       <b>one</b>
-</c></config></edit-config></rpc>" "" "<rpc-reply $DEFAULTNS><rpc-error><error-type>application</error-type><error-tag>operation-failed</error-tag><error-app-tag>data-not-unique</error-app-tag><error-severity>error</error-severity></rpc-error></rpc-reply>"
+</c></config></edit-config></rpc>" "" "<rpc-reply $DEFAULTNS><rpc-error><error-type>application</error-type><error-tag>operation-failed</error-tag><error-app-tag>data-not-unique</error-app-tag><error-severity>error</error-severity><error-info><non-unique xmlns=\"urn:ietf:params:xml:ns:yang:1\">/rpc/edit-config/config/c/b[.=\"one\"]/one</non-unique></error-info></rpc-error></rpc-reply>"
 if [ $BE -ne 0 ]; then
    new "Kill backend"
--- a/test/test_restconf_basic_auth.sh
+++ b/test/test_restconf_basic_auth.sh
@ -101,7 +101,7 @@ cat <<EOF > $dir/startup_db
       <group>
         <name>admin</name>
         <user-name>root</user-name>
-         <user-name>$USER</user-name>
+         $EXTRAUSER
       </group>
     </groups>
     <rule-list>