FOGL-6613: Fledge GUI: Add support for ACL configuration item type

[mshariq-nerd]

Test against fledge-iot/fledge#738

[pintomax]

@mshariq-nerd @praveen-garg As per specs in "Control Dispatcher Service" document

we need to call

ATTACH

PUT /fledge/service/$serviceName/ACL -d '{"acl_name" : "ACL1"}'

DETACH

DELETE 127.0.0.1:8081/fledge/service/$serviceName/ACL

The GUI calls instead, ACL item update for /fledge/$serviceNameSecurity
example
PUT http://192.168.56.10:8081/fledge/category/SIN2Security -d '{"ACL":"ACL1"}'

c/c @MarkRiddoch

[mshariq-nerd]

@MarkRiddoch Current implementation is as per the JIRA requirement. We are getting ACL as a config item in the security category of the service. In GUI I have added a new configuration type ACL, that is rendered on the configuration page dynamically with other configuration item if any. When we change the config value, updating that using the API endpoint PUT fledge/category/Security, that is true for any configuration item to update its value.

Now, If we want to use API of attach/detach ACL with service we have to take it out from the configuration category and put it as a separate item of the service because in the current GUI design calling different api on the category configuration item update, we need to identify the ACL item in the config and separate it out then update it and resync the updated config.

Please advise.

[MarkRiddoch]

Now, If we want to use API of attach/detach ACL with service we have to take it out from the configuration category and put it as a separate item of the service because in the current GUI design calling different api on the category configuration item update, we need to identify the ACL item in the config and separate it out then update it and resync the updated config.

Please advise.

You don't need to take it out. You can very easily identify the ACL's, that is why they are a different type. We will use the ACL mechanism in other places than a configuration category, we must make sure we deal with ACL's in a consistent way, hence the attach and detach calls that need to be made in addition to the update of the configuration category. If you are telling me the GUI code is not up to the job of making two API calls then we will have to move the intelligence into the API rather than have the GUI do it.

[mshariq-nerd]

@MarkRiddoch I think Deepanshu doing the stuff that when config item is changed then notify to service? And we are getting ACL type in Security child category for this purpose?
if we need to make two calls based on ACL, I can chain that. let me know. Security category config item update call will be there anyway?

This is how we are doing it in GUI right now.
https://user-images.githubusercontent.com/16384273/182409925-072bbcc8-bcf4-42c8-9093-3dad34765cde.mov

[pintomax]

@mshariq-nerd when we select an ACL in the GUI, say ACL1 then
the GUI should do:

ATTACH

PUT /fledge/service/$serviceName/ACL -d '{"acl_name" : "ACL1"}'

Wen we select "none"

DETACH

DELETE 127.0.0.1:8081/fledge/service/$serviceName/ACL

Those are the only two APIs for adding/removing an ACL to a service

If an ACL is already set, we can only remove it.

Then a new one should be attached

[praveen-garg]

This looks good to move forward.

[mshariq-nerd]

As this base work is required and we are able to display and save ACL type config item; I’m merging this.
@MarkRiddoch, please add a Jira for any change/extension required to this, with a clarification note to my earlier comment for my overall understanding.