RBAC Module

Role-Based Access Control (RBAC) Module allows to setup the YencaP access control policy. The RBAC module is bound to the following namespace: urn:loria:madynes:ensuite:yencap:module:RBAC:1.0

<rbac xmlns="urn:loria:madynes:ensuite:yencap:module:RBAC:1.0">
  <users>
    <user id="14">
      <login>alice</login>
      <password>b</password>
      <firstname>Alice</firstname>
      <lastname>Blub</lastname>
      <room>B213</room>
    </user>
    <user id="15">
      <login>netconf</login>
      <password>netconf</password>
      <public-key keytype="rsa">>AAAAB3NzaC1yc2EAAAABIwAAA...P0CDbc350RfDJ6M=</public-key>
      <room>B213</room>
    </user>
  </users>
  <roles>
    <role id="1">
      <name>sysAdmin</name>
      <junior-roles>
        <junior-role roleRef="2"/>
      </junior-roles>
    </role>
    <role id="2">
      <name>netAdmin</name>
      <junior-roles/>
    </role>
  </roles>
  <permissions>
    <permission type="+" id="1" op="rw">
      <scope>/netconf/security/rbac/permissions/permission[@id='5']</scope>
    </permission>
    <permission type="+" id="2" op="rw">
      <scope>/netconf/network/interfaces</scope>
    </permission>
    <permission type="+" id="3" op="rw">
      <scope>/netconf/routing/bgp</scope>
    </permission>
  </permissions>
  <user-assignements>
    <user-assignement roleRef="1" userRef="15" id="1"/>
    <user-assignement roleRef="2" userRef="14" id="2"/>
  </user-assignements>
  <permission-assignements>
    <permission-assignement roleRef="1" permRef="1" id="1"/>
    <permission-assignement roleRef="2" permRef="2" id="2"/>
    <permission-assignement roleRef="2" permRef="3" id="3"/>
  </permission-assignements>
</rbac>

EnSuite - a Netconf Framework

RBAC Module