RDK Resources
[*RDK Preferred*]
Code Management Facility
RDK Forums
[RDK Conferences]
RDK Support
Archives
Papers & Presentations Archive
...
"roles" define each of the roles which specify the ACL permissions or rules for plugins to either "blocked" or "allowed". if there is a "default" rule set (to "allowed" or "blocked"), then subsequent rules listed under that role are exceptions to the default rule. For instance the comcast role in the sample acl below has blocked access to all plugins except Messenger.There is also support to control access to specific APIs in a particular plugin. For as an allow and block list. For development and testing purposes /etc/thunder_acl.json file can be copied to /opt/thunder_acl.json and edited. This is allowed only on VBN builds.
Code Block | ||||
---|---|---|---|---|
| ||||
{ "assign": [ { { "url": "*://localhost", "role": "local" }, { { "url": "*://testurl1.com/localhost:*", "role": "localrestricted1" }, { { "url": "*://127.0.0.1testurl2.com/*", "role": "localrestricted2" }, { { "url": "*://127.0.0.1:*", ", "role": "localdefault" }, { "url": "*://[::1]", "role": "local" }, { "url": "*://[::1]:*", "role": "local" }, { "url": "*://[0:0:0:0:0:0:0:1]", "role": "local" }, { "url": "*://[0:0:0:0:0:0:0:1]:*", "role": "local" }, { "url": "file://*", "role": "local" }, { "url": "*://*.comcast.com", "role": "comcast" }, { "url": "*://metrological.com", "role": "metrological" }, { "url": "*", "role": "default" } ], "roles": { "default" : { "default" : "blocked" }, "local" : { "default" : "allowed" }, "metrological": { "default": "blocked", "DeviceInfo": { "default": "allowed", "methods": [ "register", "unregister" ] }, "JSONRPCPlugin": { "default": "blocked", "methods": [ "time", "status" ] } }, "comcast": { "default": "blocked", "Messenger": { "default": "allowed" } } } } } ] "roles": { "default": { "thunder": { "block": [ "*" ] } }, "local": { "thunder": { "allow": [ "*" ] } }, "restricted1": { "thunder": { "allow": [ "org.rdk.DisplaySettings", "org.rdk.Timer" ] } }, "restricted2": { "thunder": { "allow": [ "*" ], "block": [ "org.rdk.SystemServices", "org.rdk.StorageManager" ] } } } } |