NacmRule

nacm_validator

Struct NacmRule 

Source 
pub struct NacmRule {
    pub name: String,
    pub module_name: Option<String>,
    pub rpc_name: Option<String>,
    pub path: Option<String>,
    pub access_operations: HashSet<Operation>,
    pub effect: RuleEffect,
    pub order: u32,
    pub context: Option<String>,
    pub log_if_permit: bool,
    pub log_if_deny: bool,
}
Expand description

NACM Rule structure (extended to match XML format)

Represents a single NACM access control rule. Each rule defines:

  • What it applies to (module, RPC, path)
  • Which operations it covers
  • Whether it permits or denies access
  • Its precedence order (lower numbers = higher priority)

§Fields

  • name - Human-readable identifier for the rule
  • module_name - YANG module this rule applies to (None = any module)
  • rpc_name - Specific RPC name (None = any RPC, “*” = wildcard)
  • path - XPath or data path (None = any path, “/” = root)
  • access_operations - Set of operations this rule covers
  • effect - Whether to permit or deny matching requests
  • order - Rule precedence (lower = higher priority)
  • context - Request context this rule applies to (Tail-f extension)
  • log_if_permit - Log when this rule permits access (Tail-f extension)
  • log_if_deny - Log when this rule denies access (Tail-f extension)

§Examples

use nacm_validator::{NacmRule, RuleEffect, Operation};
use std::collections::HashSet;
 
let mut ops = HashSet::new();
ops.insert(Operation::Read);
 
let rule = NacmRule {
    name: "allow-read-interfaces".to_string(),
    module_name: Some("ietf-interfaces".to_string()),
    rpc_name: None,
    path: Some("/interfaces".to_string()),
    access_operations: ops,
    effect: RuleEffect::Permit,
    order: 10,
    context: None,
    log_if_permit: false,
    log_if_deny: false,
};

Fields§

§name: String

Unique name for this rule

§module_name: Option<String>

YANG module name this rule applies to (None = any module)

§rpc_name: Option<String>

RPC name this rule applies to (None = any RPC)

§path: Option<String>

XPath or data path (None = any path)

§access_operations: HashSet<Operation>

Set of operations covered by this rule

§effect: RuleEffect

Whether this rule permits or denies access

§order: u32

Rule precedence - lower numbers have higher priority

§context: Option<String>

Request context pattern this rule applies to (Tail-f extension)

§log_if_permit: bool

Log when this rule permits access (Tail-f extension)

§log_if_deny: bool

Log when this rule denies access (Tail-f extension)

Trait Implementations§

Source§

impl Clone for NacmRule

Source§

fn clone(&self) -> NacmRule

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for NacmRule

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.