[#AAA-214] Support application of policies based on query parameters

[AAA-214] Support application of policies based on query parameters Created: 24/May/21 Updated: 24/May/21
Status:	Open
Project:	aaa
Component/s:	General
Affects Version/s:	None
Fix Version/s:	None

Type:

New Feature

Priority:

Medium

Reporter:

Jaroslav Tóth

Assignee:

Unassigned

Resolution:

Unresolved

Votes:

Labels:

None

Remaining Estimate:

Not Specified

Time Spent:

Not Specified

Original Estimate:

Not Specified

Description

In RFC-8040 RESTCONF, it is possible to specify from which datastore user would like to read data using query parameter; example:

GET /rests/data/network-topology:network-topology/topology=topology-netconf/node=test/yang-ext:mount/interfaces:interfaces?content=nonconfig

Another example - selection API (fields query parameter):

GET /rests/data/network-topology:network-topology/topology=topology-netconf/node=test/yang-ext:mount/interfaces:interfaces/interface=l0?fields=config,description

It would be great, if it is possible to specify policy that can restrict access to resources based on content of some query parameter.

Use cases:

allow to read only operational/config data on selected paths for selected users (this was probably possible in DRAFT-02 RESTCONF, since datastore specification is part of URI)
for selected resources, user must specify fields query parameter that matches some pattern - it is not possible to read 'whole' subtree

Note: Such feature is probably out-of-scope of http://shiro.apache.org/web.html.

Generated at Wed Feb 07 19:08:56 UTC 2024 using Jira 8.20.10#820010-sha1:ace47f9899e9ee25d7157d59aa17ab06aee30d3d.

[AAA-214] Support application of policies based on query parameters Created: 24/May/21 Updated: 24/May/21