* NACM Data node READ access module support (RFC8341 3.4.5)

* Access control points added for `get` and `get-config` in addition to incoming rpc. * RFC 8341 Example A.2 implemented, see: [test/test_nacm_module.sh] * Added `username` argument on `xmldb_put()` datastore function for NACM data-node write checks * Added `xml_rootchild_node()` lib function as variant of `xml_rootchild()`
2019-01-27 13:26:15 +01:00 · 2019-01-27 13:26:15 +01:00 · ffecebf32a
commit ffecebf32a
parent 04bb05c83f
20 changed files with 656 additions and 145 deletions
--- a/lib/src/clixon_xml_db.c
+++ b/lib/src/clixon_xml_db.c
@ -379,6 +379,7 @@ xmldb_get(clicon_handle h,
 * @param[in]  db     running or candidate
 * @param[in]  op     Top-level operation, can be superceded by other op in tree
 * @param[in]  xt     xml-tree. Top-level symbol is dummy
+ * @param[in]  username User name for nacm
 * @param[out] cbret  Initialized cligen buffer. On exit contains XML if retval == 0
 * @retval     1      OK
 * @retval     0      Failed, cbret contains error xml message
@ -389,7 +390,7 @@ xmldb_get(clicon_handle h,
 *   cxobj     *xret = NULL;
 *   if (xml_parse_string("<a>17</a>", yspec, &xt) < 0)
 *     err;
- *   if ((ret = xmldb_put(xh, "running", OP_MERGE, xt, cbret)) < 0)
+ *   if ((ret = xmldb_put(xh, "running", OP_MERGE, xt, username, cbret)) < 0)
 *     err;
 *   if (ret==0)
 *     cbret contains netconf error message
@ -404,6 +405,7 @@ xmldb_put(clicon_handle       h,
 	  const char         *db, 
 	  enum operation_type op, 
 	  cxobj              *xt,
+	  char               *username,
 	  cbuf               *cbret)
 {
    int               retval = -1;
@ -434,7 +436,7 @@ xmldb_put(clicon_handle       h,
 	cbuf_free(cb);
    }
 #endif
-    retval = xa->xa_put_fn(xh, db, op, xt, cbret);
+    retval = xa->xa_put_fn(xh, db, op, xt, username, cbret);
 done:
    return retval;
 }