<?xml version="1.0" encoding="UTF-8"?> <module name="ietf-netconf-acm" xmlns="urn:ietf:params:xml:ns:yang:yin:1" xmlns:nacm="urn:ietf:params:xml:ns:yang:ietf-netconf-acm" xmlns:yang="urn:ietf:params:xml:ns:yang:ietf-yang-types"> <namespace uri="urn:ietf:params:xml:ns:yang:ietf-netconf-acm"/> <prefix value="nacm"/> <import module="ietf-yang-types"> <prefix value="yang"/> </import> <organization> <text>IETF NETCONF (Network Configuration) Working Group</text> </organization> <contact> <text>WG Web: &lt;http://tools.ietf.org/wg/netconf/&gt; WG List: &lt;mailto:netconf@ietf.org&gt; WG Chair: Mehmet Ersue &lt;mailto:mehmet.ersue@nsn.com&gt; WG Chair: Bert Wijnen &lt;mailto:bertietf@bwijnen.net&gt; Editor: Andy Bierman &lt;mailto:andy@yumaworks.com&gt; Editor: Martin Bjorklund &lt;mailto:mbj@tail-f.com&gt;</text> </contact> <description> <text>NETCONF Access Control Model. Copyright (c) 2012 IETF Trust and the persons identified as authors of the code. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info). This version of this YANG module is part of RFC 6536; see the RFC itself for full legal notices.</text> </description> <revision date="2012-02-22"> <description> <text>Initial version</text> </description> <reference> <text>RFC 6536: Network Configuration Protocol (NETCONF) Access Control Model</text> </reference> </revision> <extension name="default-deny-write"> <description> <text>Used to indicate that the data model node represents a sensitive security system parameter. If present, and the NACM module is enabled (i.e., /nacm/enable-nacm object equals 'true'), the NETCONF server will only allow the designated 'recovery session' to have write access to the node. An explicit access control rule is required for all other users. The 'default-deny-write' extension MAY appear within a data definition statement. It is ignored otherwise.</text> </description> </extension> <extension name="default-deny-all"> <description> <text>Used to indicate that the data model node controls a very sensitive security system parameter. If present, and the NACM module is enabled (i.e., /nacm/enable-nacm object equals 'true'), the NETCONF server will only allow the designated 'recovery session' to have read, write, or execute access to the node. An explicit access control rule is required for all other users. The 'default-deny-all' extension MAY appear within a data definition statement, 'rpc' statement, or 'notification' statement. It is ignored otherwise.</text> </description> </extension> <typedef name="user-name-type"> <type name="string"> <length value="1..max"/> </type> <description> <text>General Purpose Username string.</text> </description> </typedef> <typedef name="matchall-string-type"> <type name="string"> <pattern value="\*"/> </type> <description> <text>The string containing a single asterisk '*' is used to conceptually represent all possible values for the particular leaf using this data type.</text> </description> </typedef> <typedef name="access-operations-type"> <type name="bits"> <bit name="create"> <description> <text>Any protocol operation that creates a new data node.</text> </description> </bit> <bit name="read"> <description> <text>Any protocol operation or notification that returns the value of a data node.</text> </description> </bit> <bit name="update"> <description> <text>Any protocol operation that alters an existing data node.</text> </description> </bit> <bit name="delete"> <description> <text>Any protocol operation that removes a data node.</text> </description> </bit> <bit name="exec"> <description> <text>Execution access to the specified protocol operation.</text> </description> </bit> </type> <description> <text>NETCONF Access Operation.</text> </description> </typedef> <typedef name="group-name-type"> <type name="string"> <length value="1..max"/> <pattern value="[^\*].*"/> </type> <description> <text>Name of administrative group to which users can be assigned.</text> </description> </typedef> <typedef name="action-type"> <type name="enumeration"> <enum name="permit"> <description> <text>Requested action is permitted.</text> </description> </enum> <enum name="deny"> <description> <text>Requested action is denied.</text> </description> </enum> </type> <description> <text>Action taken by the server when a particular rule matches.</text> </description> </typedef> <typedef name="node-instance-identifier"> <type name="yang:xpath1.0"/> <description> <text>Path expression used to represent a special data node instance identifier string. A node-instance-identifier value is an unrestricted YANG instance-identifier expression. All the same rules as an instance-identifier apply except predicates for keys are optional. If a key predicate is missing, then the node-instance-identifier represents all possible server instances for that key. This XPath expression is evaluated in the following context: o The set of namespace declarations are those in scope on the leaf element where this type is used. o The set of variable bindings contains one variable, 'USER', which contains the name of the user of the current session. o The function library is the core function library, but note that due to the syntax restrictions of an instance-identifier, no functions are allowed. o The context node is the root node in the data tree.</text> </description> </typedef> <container name="nacm"> <nacm:default-deny-all/> <description> <text>Parameters for NETCONF Access Control Model.</text> </description> <leaf name="enable-nacm"> <type name="boolean"/> <default value="true"/> <description> <text>Enables or disables all NETCONF access control enforcement. If 'true', then enforcement is enabled. If 'false', then enforcement is disabled.</text> </description> <
{
    "name": "onap-policy-clamp-ui",
    "version": "${project.version}",
    "description"