summaryrefslogtreecommitdiffstats
path: root/agent.md
diff options
context:
space:
mode:
authorJose Bollo <jose.bollo@iot.bzh>2019-12-06 15:12:36 +0100
committerJose Bollo <jose.bollo@iot.bzh>2019-12-06 15:18:48 +0100
commit23bc1035a51fe54600db691981f8ed1537cbe125 (patch)
tree4e0ec6c9d03072d8313b75632d3448b4ba3a8432 /agent.md
parent6c88efcb7b1361ba6389753e520e26fc556b7d79 (diff)
agent-at: Move field separator from : to ;icefish_8.99.3icefish/8.99.38.99.3
Because Smack labels and permissions of AGL all contain the character colon (:), it is better have a distinct field separator for agent-at. Bug-AGL: SPEC-2968 Change-Id: I378eefcd7b29e424acccced62abe48b35ad8736e Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
Diffstat (limited to 'agent.md')
-rw-r--r--agent.md14
1 files changed, 6 insertions, 8 deletions
diff --git a/agent.md b/agent.md
index 4e19d45..0f3e07f 100644
--- a/agent.md
+++ b/agent.md
@@ -32,7 +32,7 @@ The file `cynagora.initial` that provides a default initialisation file
has the following lines:
* * @ADMIN * yes forever
- * * 0 * @:%c:%s:@ADMIN:%p forever
+ * * 0 * @:%c;%s;@ADMIN;%p forever
The first line defines a special user `@ADMIN` that always has the permission.
The special user can be seen as a group: the admin group. Remember that strings
@@ -44,15 +44,15 @@ admin. To achieve that it uses the agent-AT mecanism.
So if no other rule was selected for the user `0` then cynagora find at least
the rule that requires to query the predefined agent `@` (AT) with the value
-`%c:%s:@ADMIN:%p`.
+`%c;%s;@ADMIN;%p`.
The agent is asked with the following values:
- - `%c:%s:@ADMIN:%p` the value
+ - `%c;%s;@ADMIN;%p` the value
- `CLIENT`, `SESSION`, `USER` and `PERMISSION`, the values of original request
-The AT-agent use the value `%c:%s:@ADMIN:%p` to compose a check query.
-it interpret the value as a colon separated rule query of cynagora, in the
+The AT-agent use the value `%c;%s;@ADMIN;%p` to compose a check query.
+it interpret the value as a semi-colon separated rule query of cynagora, in the
order: client, session, user, permission. Then it replaces any occurency of:
- `%c` with value of `CLIENT` of original request
@@ -60,7 +60,7 @@ order: client, session, user, permission. Then it replaces any occurency of:
- `%u` with value of `USER` of original request
- `%p` with value of `PERMISSION` of original request
- `%%` with `%`
- - `%:` with `:`
+ - `%;` with `;`
So for the given value, the result at the end is the result of querying
cynagora for the result of:
@@ -73,5 +73,3 @@ cynagora for the result of:
The query to cynagora with CLIENT SESSION @ADMIN PERMMISSION must be done using
sub-query of agents.
-
-