I have leaf node which is hidden not using group as below
list peer
{
leaf ip-add
{
tailf:hidden ip-add;
type string;
}
}
I need to access the hidden leaf in web UI using Maapi.request(“get_values”)
If i add the leaf in hidden group “full” i can access using the Maapi unhide_schema but this requires to enter the group name and password as clear text in the js file.
Is there a way to access the hidden leaf in webUI without using the Maapi unhide_schema
There are several options, but keep in mind that the purpose of tailf:hidden is not to hide the data from a malicious user, it is more something like a note to the user that this element should not be touched unless the user really knows what she is doing. From this point of view, there is nothing wrong in having the hide-group password plaintext in your JS code. If the aim is to protect the data from read or write access by a group of users, NACM rules are probably a better way to go.
The options, some of them may or may not be applicable to your use case:
employ NACM instead, as written above;
let the user write the hide group password - if the user is expected to have access to the element, she should know the password;
if the aim is to store data that would be used later by e.g. a CDB subscriber, you may want to have a look at transaction hooks or set-hooks.
Then NACM might actually work for you - you can configure a rule that says that your users have read-only access to that leaf, it might look somewhat like this:
This way no user can modify the leaf, but it is still accessible for reading. Hooks are not affected by NACM rules, they still have full access to the leaf.
Or maybe this leaf is not supposed to be really configurable, i.e. you can declare the leaf as config false and either implement a data provider for it, or declare it also tailf:cdb-oper with tailf:persistent true and your hook can update the leaf in the operational CDB. That may be actually better approach, depending on how other components of your system are supposed to treat this leaf.