diff options
author | Jose Bollo <jose.bollo@iot.bzh> | 2019-12-06 15:12:36 +0100 |
---|---|---|
committer | Jose Bollo <jose.bollo@iot.bzh> | 2019-12-06 15:18:48 +0100 |
commit | 23bc1035a51fe54600db691981f8ed1537cbe125 (patch) | |
tree | 4e0ec6c9d03072d8313b75632d3448b4ba3a8432 /agent.md | |
parent | 6c88efcb7b1361ba6389753e520e26fc556b7d79 (diff) |
agent-at: Move field separator from : to ;icefish_8.99.3icefish/8.99.38.99.3
Because Smack labels and permissions of AGL
all contain the character colon (:), it is better
have a distinct field separator for agent-at.
Bug-AGL: SPEC-2968
Change-Id: I378eefcd7b29e424acccced62abe48b35ad8736e
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
Diffstat (limited to 'agent.md')
-rw-r--r-- | agent.md | 14 |
1 files changed, 6 insertions, 8 deletions
@@ -32,7 +32,7 @@ The file `cynagora.initial` that provides a default initialisation file has the following lines: * * @ADMIN * yes forever - * * 0 * @:%c:%s:@ADMIN:%p forever + * * 0 * @:%c;%s;@ADMIN;%p forever The first line defines a special user `@ADMIN` that always has the permission. The special user can be seen as a group: the admin group. Remember that strings @@ -44,15 +44,15 @@ admin. To achieve that it uses the agent-AT mecanism. So if no other rule was selected for the user `0` then cynagora find at least the rule that requires to query the predefined agent `@` (AT) with the value -`%c:%s:@ADMIN:%p`. +`%c;%s;@ADMIN;%p`. The agent is asked with the following values: - - `%c:%s:@ADMIN:%p` the value + - `%c;%s;@ADMIN;%p` the value - `CLIENT`, `SESSION`, `USER` and `PERMISSION`, the values of original request -The AT-agent use the value `%c:%s:@ADMIN:%p` to compose a check query. -it interpret the value as a colon separated rule query of cynagora, in the +The AT-agent use the value `%c;%s;@ADMIN;%p` to compose a check query. +it interpret the value as a semi-colon separated rule query of cynagora, in the order: client, session, user, permission. Then it replaces any occurency of: - `%c` with value of `CLIENT` of original request @@ -60,7 +60,7 @@ order: client, session, user, permission. Then it replaces any occurency of: - `%u` with value of `USER` of original request - `%p` with value of `PERMISSION` of original request - `%%` with `%` - - `%:` with `:` + - `%;` with `;` So for the given value, the result at the end is the result of querying cynagora for the result of: @@ -73,5 +73,3 @@ cynagora for the result of: The query to cynagora with CLIENT SESSION @ADMIN PERMMISSION must be done using sub-query of agents. - - |