NACM data should be updated correctly

parent a072e7b8
This diff is collapsed.
...@@ -380,7 +380,7 @@ def _post(ds: BaseDatastore, pth: str, username: str, data: str) -> HttpResponse ...@@ -380,7 +380,7 @@ def _post(ds: BaseDatastore, pth: str, username: str, data: str) -> HttpResponse
try: try:
new_root = ds.create_node_rpc(ds.get_data_root_staging(rpc1.username), rpc1, json_data) new_root = ds.create_node_rpc(ds.get_data_root_staging(rpc1.username), rpc1, json_data)
ds.add_to_journal_rpc(ChangeType.CREATE, rpc1, json_data, new_root) ds.add_to_journal_rpc(ChangeType.CREATE, rpc1, json_data, *new_root)
http_resp = HttpResponse.empty(HttpStatus.Created) http_resp = HttpResponse.empty(HttpStatus.Created)
except NacmForbiddenError as e: except NacmForbiddenError as e:
http_resp = HttpResponse.error( http_resp = HttpResponse.error(
...@@ -468,7 +468,7 @@ def _put(ds: BaseDatastore, pth: str, username: str, data: str) -> HttpResponse: ...@@ -468,7 +468,7 @@ def _put(ds: BaseDatastore, pth: str, username: str, data: str) -> HttpResponse:
try: try:
new_root = ds.update_node_rpc(ds.get_data_root_staging(rpc1.username), rpc1, json_data) new_root = ds.update_node_rpc(ds.get_data_root_staging(rpc1.username), rpc1, json_data)
ds.add_to_journal_rpc(ChangeType.REPLACE, rpc1, json_data, new_root) ds.add_to_journal_rpc(ChangeType.REPLACE, rpc1, json_data, *new_root)
http_resp = HttpResponse.empty(HttpStatus.NoContent, status_in_body=False) http_resp = HttpResponse.empty(HttpStatus.NoContent, status_in_body=False)
except NacmForbiddenError as e: except NacmForbiddenError as e:
http_resp = HttpResponse.error( http_resp = HttpResponse.error(
...@@ -529,7 +529,7 @@ def _delete(ds: BaseDatastore, pth: str, username: str) -> HttpResponse: ...@@ -529,7 +529,7 @@ def _delete(ds: BaseDatastore, pth: str, username: str) -> HttpResponse:
try: try:
new_root = ds.delete_node_rpc(ds.get_data_root_staging(rpc1.username), rpc1) new_root = ds.delete_node_rpc(ds.get_data_root_staging(rpc1.username), rpc1)
ds.add_to_journal_rpc(ChangeType.DELETE, rpc1, None, new_root) ds.add_to_journal_rpc(ChangeType.DELETE, rpc1, None, *new_root)
http_resp = HttpResponse.empty(HttpStatus.NoContent, status_in_body=False) http_resp = HttpResponse.empty(HttpStatus.NoContent, status_in_body=False)
except NacmForbiddenError as e: except NacmForbiddenError as e:
http_resp = HttpResponse.error( http_resp = HttpResponse.error(
......
...@@ -4,7 +4,7 @@ from threading import Lock ...@@ -4,7 +4,7 @@ from threading import Lock
from enum import Enum from enum import Enum
from typing import Union from typing import Union
from colorlog import error, info from colorlog import error, warning as warn, info
from typing import List, Set, Optional from typing import List, Set, Optional
from yangson.datamodel import DataModel from yangson.datamodel import DataModel
...@@ -87,7 +87,7 @@ class NacmRule: ...@@ -87,7 +87,7 @@ class NacmRule:
class RuleTreeNode: class RuleTreeNode:
def __init__(self, isel: "InstanceSelector"=None, up: "RuleTreeNode"=None): def __init__(self, isel=None, up: "RuleTreeNode"=None):
self.isel = isel self.isel = isel
self.rule = None # type: NacmRule self.rule = None # type: NacmRule
self.up = up self.up = up
...@@ -199,7 +199,8 @@ class NacmConfig: ...@@ -199,7 +199,8 @@ class NacmConfig:
try: try:
nacm_json = self.nacm_ds.get_data_root()["ietf-netconf-acm:nacm"].value nacm_json = self.nacm_ds.get_data_root()["ietf-netconf-acm:nacm"].value
except NonexistentInstance: except NonexistentInstance:
raise ValueError("Data does not contain \"ietf-netconf-acm:nacm\" root element") warn("Data does not contain \"ietf-netconf-acm:nacm\" node, NACM rules will be empty")
return
self.enabled = nacm_json["enable-nacm"] self.enabled = nacm_json["enable-nacm"]
if not self.enabled: if not self.enabled:
...@@ -318,7 +319,7 @@ class UserRuleSet: ...@@ -318,7 +319,7 @@ class UserRuleSet:
if not self.nacm_enabled: if not self.nacm_enabled:
return Action.PERMIT return Action.PERMIT
data_node_value = root.value # type: Union[Value, ArrayValue, ObjectValue] data_node_value = (root.value, root.schema_node)
nl = self.rule_tree.root # type: List[RuleTreeNode] nl = self.rule_tree.root # type: List[RuleTreeNode]
node_match = None # type: RuleTreeNode node_match = None # type: RuleTreeNode
...@@ -331,14 +332,14 @@ class UserRuleSet: ...@@ -331,14 +332,14 @@ class UserRuleSet:
break break
if isinstance(isel, EntryIndex) and isinstance(rule_node.isel, EntryKeys) and \ if isinstance(isel, EntryIndex) and isinstance(rule_node.isel, EntryKeys) and \
(isel.peek_step(data_node_value) is rule_node.isel.peek_step(data_node_value)): (isel.peek_step(*data_node_value)[0] is rule_node.isel.peek_step(*data_node_value)[0]):
node_match_step = rule_node node_match_step = rule_node
break break
if node_match_step: if node_match_step:
nl = node_match_step.children nl = node_match_step.children
node_match = node_match_step node_match = node_match_step
data_node_value = isel.peek_step(data_node_value) data_node_value = isel.peek_step(*data_node_value)
else: else:
break break
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment