From 5bb427a6713a0e102b387cacdc99a81df90e825b Mon Sep 17 00:00:00 2001 From: Peter Suna Date: Fri, 17 Feb 2023 14:02:28 +0100 Subject: [PATCH] Update AAA documentation Use only RFC8040 in RESTCONF requests. Add missing mandatory "index" field to the policies request. Fix wrong path for h2 database jar. JIRA: AAA-249 Change-Id: Ief534eaa633a45321a1792cffc609f35413f0279 Signed-off-by: Peter Suna (cherry picked from commit 7c46e5941cc395448bf69b6e96c3c4c07aec425e) --- docs/dev-guide.rst | 44 +++++++++++++++++++++++++------------------- docs/user-guide.rst | 42 ++++++++++++++++++++++-------------------- 2 files changed, 47 insertions(+), 39 deletions(-) diff --git a/docs/dev-guide.rst b/docs/dev-guide.rst index df555d1c9..525d73b7f 100644 --- a/docs/dev-guide.rst +++ b/docs/dev-guide.rst @@ -266,7 +266,7 @@ command to enable the user interface: .. code-block:: bash - java -cp ./data/cache/org.eclipse.osgi/bundles/217/1/.cp/h2-1.4.185.jar + java -cp ./system/com/h2database/h2/2.1.214/h2-2.1.214.jar org.h2.tools.Server -trace -pg -web -webAllowOthers -baseDir `pwd` @@ -401,26 +401,32 @@ This an example on how to limit access to the modules endpoint: :: HTTP Operation: - put URL: /restconf/config/aaa:http-authorization/policies + put URL: /rests/data/aaa:http-authorization/policies headers: Content-Type: application/json Accept: application/json body: - { "aaa:policies": - { "aaa:policies": - [ { "aaa:resource": "/restconf/modules/**", - "aaa:permissions": [ { "aaa:role": "admin", - "aaa:actions": [ "get", - "post", - "put", - "patch", - "delete" - ] - } - ] - } - ] - } + { + "aaa:policies": { + "aaa:policies": [ + { + "aaa:resource": "/restconf/modules/**", + "aaa:index": 1, + "aaa:permissions": [ + { + "aaa:role": "admin", + "aaa:actions": [ + "get", + "post", + "put", + "patch", + "delete" + ] + } + ] + } + ] + } } The above example locks down access to the modules endpoint (and any URLS @@ -490,7 +496,7 @@ feature or module: 1. It is assumed that there exists an already created OpenDaylight distribution project following `this guide - `_. + `_. 2. In the implementation bundle the following artifact must be added to its *pom.xml* file as dependency. @@ -612,7 +618,7 @@ AAA Encryption Service with an OpenDaylight distribution project to encrypt data 1. It is assumed that there exists an already created OpenDaylight distribution project following `this guide - `_. + `_. 2. In the implementation bundle the following artifact must be added to its *pom.xml* file as dependency. diff --git a/docs/user-guide.rst b/docs/user-guide.rst index c0031cd9f..97c57287f 100644 --- a/docs/user-guide.rst +++ b/docs/user-guide.rst @@ -816,30 +816,32 @@ This an example on how to limit access to the modules endpoint: :: HTTP Operation: - put URL: /restconf/config/aaa:http-authorization/policies - - or - - put RFC8040 URL: /rests/data/aaa:http-authorization/policies + put URL: /rests/data/aaa:http-authorization/policies headers: Content-Type: application/json Accept: application/json body: - { "aaa:policies": - { "aaa:policies": - [ { "aaa:resource": "/restconf/modules/**", - "aaa:permissions": [ { "aaa:role": "admin", - "aaa:actions": [ "get", - "post", - "put", - "patch", - "delete" - ] - } - ] - } - ] - } + { + "aaa:policies": { + "aaa:policies": [ + { + "aaa:resource": "/restconf/modules/**", + "aaa:index": 1, + "aaa:permissions": [ + { + "aaa:role": "admin", + "aaa:actions": [ + "get", + "post", + "put", + "patch", + "delete" + ] + } + ] + } + ] + } } The above example locks down access to the modules endpoint (and any URLS -- 2.36.6