Default ACL service
Base authorization service, see Authentication, authorization and accounting for more details.
Setup
Use the template EVA_DIR/share/svc-tpl/svc-tpl-aaa-acl.yml:
# ACL service
command: svc/eva-aaa-acl
bus:
path: var/bus.ipc
config: {}
user: nobody
Create the service using eva-shell:
eva svc create eva.aaa.acl /opt/eva4/share/svc-tpl/svc-tpl-aaa-acl.yml
or using the bus CLI client:
cd /opt/eva4
cat DEPLOY.yml | ./bin/yml2mp | \
./sbin/bus ./var/bus.ipc rpc call eva.core svc.deploy -
(see eva.core::svc.deploy for more info)
EAPI methods
See EAPI commons for the common information about the bus, types, errors and RPC calls.
acl.deploy
Description |
Deploys ACLs |
Parameters |
required |
Returns |
nothing |
Name |
Type |
Description |
Required |
acls |
Vec<struct> |
ACLs (same as got in acl.export) |
yes |
acl.destroy
Description |
Destroy a single ACL |
Parameters |
required |
Returns |
nothing |
Name |
Type |
Description |
Required |
i |
String |
ACL ID |
yes |
acl.export
Description |
Export ACLs as a deployment |
Parameters |
required |
Returns |
ACL deployment struct |
Name |
Type |
Description |
Required |
i |
String |
ACL ID (can be mask) |
yes |
Return payload example:
{
"acls": [
{
"id": "default",
"meta": {
"name": [
"default ACL"
]
},
"read": {
"items": [
"#"
]
},
"write": {
"items": [
"#"
]
}
}
]
}
acl.format
Description |
Prepares/combines ACL(s) |
Parameters |
required |
Returns |
ACL, prepared for authorization |
Name |
Type |
Description |
Required |
i |
String/Vec<String> |
ACL ID or multiple IDs |
yes |
Return payload example:
{
"admin": true,
"from": [
"admin",
"default"
],
"id": "admin+default",
"meta": {
"name": [
"default ACL"
]
},
"read": {
"items": [
"#"
]
},
"write": {
"items": [
"#"
]
}
}
acl.get_config
Description |
Get configuration of a single ACL |
Parameters |
required |
Returns |
ACL configuration |
Name |
Type |
Description |
Required |
i |
String |
ACL ID |
yes |
Return payload example:
{
"id": "default",
"meta": {
"name": [
"default ACL"
]
},
"read": {
"items": [
"#"
]
},
"write": {
"items": [
"#"
]
}
}
acl.list
Description |
Get list of ACLs and their properties |
Parameters |
none |
Returns |
List of ACLs (struct) |
Return payload example:
[
{
"admin": true,
"id": "admin"
},
{
"id": "default",
"meta": {
"name": [
"default ACL"
]
},
"read": {
"items": [
"#"
]
},
"write": {
"items": [
"#"
]
}
}
]
acl.undeploy
Description |
Undeploy ACLs |
Parameters |
required |
Returns |
nothing |
Name |
Type |
Description |
Required |
acls |
Vec<struct/String> |
ACLs or a list of ACL IDs |
yes |