I am having two issues while defining schema using YANG.
I have the below schema defined using yang. grouping wlan-profile-vap-params-2.4-g { leaf ssid { type string; } leaf enable { type boolean; default false; } }
I want to include a constraint at the schema " When enable is true and ssid is not configured provide an error"
I changed my schema like below:
grouping wlan-profile-vap-params-2.4-g {
leaf ssid {
type string;
}
leaf enable {
must “. = ‘true’ and not(…/ssid)”{
error-message “Must specify ssid”;
}
type boolean;
default false;
}
uses wlan-vap-params-2.4-g;
}
This seems to be not working. Could somebody help me with fix this?
And the second issue is I am having the below schema in YANG.
leaf model{
type enumeration ap-model-e;
}
container model-a {
when model is model-a
{
}
}
container model-b {
when model is model-b
{
}
}
container model-c {
when model is model-c
{
}
}
container model-d {
when model is model-d
{
}
}
Say i have configured model-a. I want to display an error when the model-a is being changed to model-b. Basically I want to restrict the user from setting the model after once it is set. Is it possible to provide this constraint in the schema?
Regarding your first issue: You should add to the existing contraint and ‘or .=false’ you should also add a tail:dependency statement to point to ssid.
Regarding question 2: I don’t think you can express that in YANG but you can control this via AAA rules by setting a rule that denies the users write permission on the leaf “model”. This has to be done within the same transaction you use to set “model”, by creating a hook to the callback: Refer to Chapter 10 in the user guide to create a hook.
You might also want to remodel this as a choice statement on model and each container would go in a different case.
Thanks. I tried your suggestion for the must statement.
grouping wlan-profile-vap-params-5-g { leaf ssid { type string; } leaf enable { must “. = ‘true’ and not(…/ssid) or . = ‘false’” { error-message “Must specify ssid”; } type boolean; default false; } }
This seems to be not working. When I enable the flag to ‘true’, I have to make ssid configuration mandatory.
On the other hand I changed the must statement like below:
must ( . != ‘true’ and not(…/ssid)) after this, even after providing ssid the commit doesn’t go through. Is there something I am missing?
Regarding the first issue, it is important to understand how the tailf:dependency statement triggers evaluation of the “must” statement. Also, the logic can be simplified to the following:
must “…/ssid != ‘’ or . = ‘false’” { // Those are two single quotes in the middle
error-message “Must specify ssid”;
tailf:dependency ‘…/ssid’;
tailf:dependency ‘.’;
}
The first dependency kicks in if you change ssid, the second if you change the enable flag.
Comparing ssid to the null string also takes care of never setting it at all, otherwise you could use other predicates like “boolean(ssid)” or “count(ssid)>0”.
Which version of ConfD are you using? It is possible to use a transaction hook to change the permissions of leaf ‘model’ upon a commit, but for older versions of ConfD, I have used an alternate approach that makes use of an alternate leaf that remains hidden until ‘model’ is committed, then the hidden/unhidden roles switch and the user only sees the alternate leaf, which is read-only.
Yay!! It worked Thanks a lot I looked up for examples to use such constraints. I couldn’t find any even in the user guide. There are few examples, but there is no explanation as to how these constraints work. Is there some place where this is available? It will be helpful to understand this because we need to use different constraints in the yang which we use.
Thanks a lot