forked from sonic-net/sonic-buildimage
-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Translib support for authorization, yang versioning and Delete flag (#21
) Translib support for user authorization, yang versioning and Delete flag to indicate if the object needs to be deleted on last field delete needed for CLI
- Loading branch information
1 parent
80f369e
commit dbf1093
Showing
11 changed files
with
642 additions
and
17 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
# YANG directory | ||
|
||
## Directory structure | ||
|
||
yang/ --> Standard YANGs | ||
|-- annotations/ --> Transformer annotations | ||
|-- common/ --> Dependencies for standard YANGs | ||
|-- extensions/ --> Extenstions for standard YANGs | ||
|-- sonic/ --> SONiC yangs | ||
|-- testdata/ --> Test YANGs - ignored | ||
`-- version.xml --> YANG bundle version configuration file | ||
|
||
All supported standard YANG files (OpenConfig and IETF) are kept in this **yang** directory. Usual practice is to keep only top level YANG module here and keep dependent YANGs, submodules in **yang/common** directory. | ||
|
||
Example: openconfig-platform.yang is kept in top **yang** directory and openconfig-platform-types.yang in **yang/common** directory. | ||
|
||
All extenstion YANGs **MUST** be kept in **yang/extensions** directory. | ||
|
||
## version.xml | ||
|
||
version.xml file maintains the yang bundle version number in **Major.Minor.Patch** format. | ||
It is the collective version number for all the YANG modules defined here. | ||
**UPDATE THIS VERSION NUMBER FOR EVERY YANG CHANGE.** | ||
|
||
**Major version** should be incremented if YANG model is changed in a non backward compatible manner. | ||
Such changes should be avoided. | ||
|
||
* Delete, rename or relocate data node | ||
* Change list key attributes | ||
* Change data type of a node to an incompatible type | ||
* Change leafref target | ||
|
||
**Minor version** should be incremented if the YANG change modifies the API in a backward | ||
compatible way. Patch version should be reset to 0. | ||
Candidate YANG changes for this category are: | ||
|
||
* Add new YANG module | ||
* Add new YANG data nodes | ||
* Mark a YANG data node as deprecated | ||
* Change data type of a node to a compatible type | ||
* Add new enum or identity | ||
|
||
**Patch version** should incremented for cosmetic fixes that do not change YANG API. | ||
Candidate YANG changes for this category are: | ||
|
||
* Change description, beautification. | ||
* Expand pattern or range of a node to wider set. | ||
* Change must expression to accept more cases. | ||
* Error message or error tag changes. | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
<version-config> | ||
<!-- | ||
yang-bundle-version configuration indicates the version | ||
for the collection of all yang modules. | ||
Update the version numbers here for every yang change. | ||
Bump up MAJOR version only if the yang change are not | ||
backward compatible. | ||
+ Renaming or relocating of data nodes | ||
+ Deleting unsupported configs | ||
+ Changing list key attributes | ||
+ Incompatible data type changes | ||
+ Changing leafref target | ||
Bump up MINOR version number for all backward compatible | ||
API changes. | ||
+ Add new config node | ||
+ Data type changes like pattern, range (that are backward compatibile) | ||
+ Adding new enum/identity | ||
Bump up PATCH number for cosmetic fixes that do not affect any API | ||
+ Description changes, beautification | ||
+ Must expression and validations that are backward compatibile | ||
+ error-tag, error-message | ||
+ max-elements, min-elements | ||
+ Mark a node as deprecated | ||
--> | ||
<yang-bundle-version> | ||
<Major>1</Major> | ||
<Minor>0</Minor> | ||
<Patch>0</Patch> | ||
</yang-bundle-version> | ||
|
||
</version-config> | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
//////////////////////////////////////////////////////////////////////////////// | ||
// // | ||
// Copyright 2019 Broadcom. The term Broadcom refers to Broadcom Inc. and/or // | ||
// its subsidiaries. // | ||
// // | ||
// Licensed under the Apache License, Version 2.0 (the "License"); // | ||
// you may not use this file except in compliance with the License. // | ||
// You may obtain a copy of the License at // | ||
// // | ||
// http://www.apache.org/licenses/LICENSE-2.0 // | ||
// // | ||
// Unless required by applicable law or agreed to in writing, software // | ||
// distributed under the License is distributed on an "AS IS" BASIS, // | ||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // | ||
// See the License for the specific language governing permissions and // | ||
// limitations under the License. // | ||
// // | ||
//////////////////////////////////////////////////////////////////////////////// | ||
|
||
/* | ||
Package translib defines the functions to be used to authorize | ||
an incoming user. It also includes caching of the UserDB data | ||
needed to authorize the user. | ||
*/ | ||
|
||
package translib | ||
|
||
func isAuthorizedForSet(req SetRequest) bool { | ||
if !req.AuthEnabled { | ||
return true | ||
} | ||
for _, r := range req.User.Roles { | ||
if r == "admin" { | ||
return true | ||
} | ||
} | ||
return false | ||
} | ||
|
||
func isAuthorizedForBulk(req BulkRequest) bool { | ||
if !req.AuthEnabled { | ||
return true | ||
} | ||
for _, r := range req.User.Roles { | ||
if r == "admin" { | ||
return true | ||
} | ||
} | ||
return false | ||
} | ||
|
||
func isAuthorizedForGet(req GetRequest) bool { | ||
if !req.AuthEnabled { | ||
return true | ||
} | ||
return true | ||
} | ||
|
||
func isAuthorizedForSubscribe(req SubscribeRequest) bool { | ||
if !req.AuthEnabled { | ||
return true | ||
} | ||
return true | ||
} | ||
|
||
func isAuthorizedForIsSubscribe(req IsSubscribeRequest) bool { | ||
if !req.AuthEnabled { | ||
return true | ||
} | ||
return true | ||
} | ||
|
||
func isAuthorizedForAction(req ActionRequest) bool { | ||
if !req.AuthEnabled { | ||
return true | ||
} | ||
return true | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.