Using confd_seterr_extended to give an error to REST client

Other Northbound Interfaces
1

I am trying to implement an external dataprovider from which I return CONFD_ERR. I am trying to send set this error to a particular type of error code. I am setting this in get_next_object callback using the below lines of code. Is confd supposed to use this error code and return it to the REST client? I am not seeing any error returned to the end user. I also tried to set the same error in finish() callback but nothing is being shown to the REST Client. Anyone used this before?

Code

confd_trans_seterr_extended(tctx, CONFD_ERRCODE_ACCESS_DENIED, 0, 0, "");
return CONFD_ERR;

dataprovider logs

TRACE CALL data get_next_object(thandle=72, /urib/regular/vrf, -1)
--> CONFD_ERR
TRACE CALL trans finish(thandle=72) --> CONFD_ERR
TRACE Close user sess 100
--> CONFD_OK

Developer logs

<ERR> 4-Oct-2017::07:52:07.940 n9372-1 confd[25009]: devel-c get_next_object error {access_denied, ""} for callpoint 'routes-cp' path /ip-rib-ipv4-oper:urib/regular/vrf
<ERR> 4-Oct-2017::07:52:07.962 n9372-1 confd[25009]: devel-c close_trans error {access_denied, ""} daemon id: 1
<ERR> 4-Oct-2017::07:52:07.962 n9372-1 confd[25009]: devel-c close_trans/"urib_dp_daemon" error {access_denied, ""}
2

In this case, what is the REST response that you are seeing?

3

blank. I get code 200 OK but no response body.

4

This seems like a bug in the legacy Tailf-f REST interface,
The bug should be reported, but may I suggest that you, if possible, use the IETF RFC8040 based RESTCONF protocol interface instead? No new project should use the legacy Tail-f REST interface, and RESTCONF works as expected here:

Inserted this into the examples.confd/intro/5-c_stats/arpstat.c example:

static int get_next_object(struct confd_trans_ctx *tctx,
                             confd_hkeypath_t *keypath, long next)
{
    confd_trans_seterr_extended(tctx, CONFD_ERRCODE_ACCESS_DENIED, 0, 0, "get_next_object: CONFD_ERRCODE_ACCESS_DENIED");
    return CONFD_ERR;
}

RESTCONF (OK):

$ curl -v -s -u admin:admin http://localhost:8008/restconf/data/arpentries
*   Trying ::1...
* TCP_NODELAY set
* Connection failed
* connect to ::1 port 8008 failed: Connection refused
*   Trying fe80::1...
* TCP_NODELAY set
* Connection failed
* connect to fe80::1 port 8008 failed: Connection refused
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8008 (#0)
* Server auth using Basic with user 'admin'
> GET /restconf/data/arpentries HTTP/1.1
> Host: localhost:8008
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.54.0
> Accept: */*
> 
< HTTP/1.1 403 Forbidden
< Server: 
< Date: Fri, 06 Oct 2017 08:18:05 GMT
< Content-Length: 303
< Content-Type: application/yang-data+xml
< Vary: Accept-Encoding
< 
<errors xmlns="urn:ietf:params:xml:ns:yang:ietf-restconf">
  <error>
    <error-message>get_next_object: CONFD_ERRCODE_ACCESS_DENIED</error-message>
    <error-path>/arpe:arpentries/arpe</error-path>
    <error-tag>access-denied</error-tag>
    <error-type>application</error-type>
  </error>
</errors>
* Connection #0 to host localhost left intact

REST (bug):

$ curl -v -s -u admin:admin http://localhost:8008/api/operational/arpentries
*   Trying ::1...
* TCP_NODELAY set
* Connection failed
* connect to ::1 port 8008 failed: Connection refused
*   Trying fe80::1...
* TCP_NODELAY set
* Connection failed
* connect to fe80::1 port 8008 failed: Connection refused
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8008 (#0)
* Server auth using Basic with user 'admin'
> GET /api/operational/arpentries HTTP/1.1
> Host: localhost:8008
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.54.0
> Accept: */*
> 
< HTTP/1.1 200 OK
< Server: 
< Date: Fri, 06 Oct 2017 08:20:04 GMT
< Cache-Control: private, no-cache, must-revalidate, proxy-revalidate
< Content-Length: 0
< Content-Type: text/html
< Pragma: no-cache
< 
* Connection #0 to host localhost left intact