Versions Compared

Old Version 4

changes.mady.by.user Ashraf Bhanu Kothapeta

Saved on

compared with

New Version 5

changes.mady.by.user Ashraf Bhanu Kothapeta

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

"roles" define each of the roles which specify the ACL permissions or rules for plugins to either "blocked" or "allowed". if there is a "default" rule set (to "allowed" or "blocked"), then subsequent rules listed under that role are exceptions to the default rule. For instance the comcast role in the sample acl below has blocked access to all plugins except Messenger.There is also support to control access to specific APIs in a particular plugin. For as an allow and block list. For development and testing purposes /etc/thunder_acl.json file can be copied to /opt/thunder_acl.json and edited. This is allowed only on VBN builds.

Code Block
languagecpp
titleSample ACL
{
    
    "assign": [
    {
              {  
            "url": "*://localhost",
                  "role": "local"
            },
    {
              {  
            "url": "*://testurl1.com/localhost:*",
                  "role": "localrestricted1"
            },
    {
              {  
            "url": "*://127.0.0.1testurl2.com/*",
                  "role": "localrestricted2"
            },
    {
              {                                                 
            "url": "*://127.0.0.1:*",
      ",                  
            "role": "localdefault"
    },
    {
      "url": "*://[::1]",
      "role": "local"
    },
    {
      "url": "*://[::1]:*",
      "role": "local"
    },
    {
      "url": "*://[0:0:0:0:0:0:0:1]",
      "role": "local"
    },
    {
      "url": "*://[0:0:0:0:0:0:0:1]:*",
      "role": "local"
    },
    {
      "url": "file://*",
      "role": "local"
    },
    {
      "url": "*://*.comcast.com",
      "role": "comcast"
    },
    {
      "url": "*://metrological.com",
      "role": "metrological"
    },
    {
      "url": "*",
      "role": "default"
    }
  ],
  "roles": {
    "default" : {
      "default" : "blocked"
    },
    "local" : {
      "default" : "allowed"
    },
    "metrological": {
      "default": "blocked",
      "DeviceInfo": {
        "default": "allowed",
        "methods": [ "register", "unregister" ]
      },
      "JSONRPCPlugin": {
        "default": "blocked",
        "methods": [ "time", "status" ]
      }
    },
    "comcast": {
      "default": "blocked",
      "Messenger": {
        "default": "allowed"
      }
    }
  }
}
    
        }                 
    ]
"roles": {
        "default": {                  
            "thunder": {    
                "block": [
                    "*"
                ]                       
            }               
        },
        "local": {           
            "thunder": {  
                "allow": [
                    "*"
                ]                     
            }            
        },            
        "restricted1": {           
            "thunder": {  
                "allow": [
                    "org.rdk.DisplaySettings",
                    "org.rdk.Timer"
                ]                     
            }            
        },            
         "restricted2": {           
            "thunder": { 
            "allow": [
                    "*"
                ],                     
                "block": [
                    "org.rdk.SystemServices",
                    "org.rdk.StorageManager"
                ]                     
            }            
        }            
    }
}