Hi Mike,I think that the YANG below already enforces what you want, or otherwise I don't follow your issue.
The YANG below is valid in two cases:(1) AssignmentMechanism = DHCP, and IPAddresses is not present in the config (due to the when statement). (2) AssignmentMechanism = Static, IPAddresses exists and has at least one element (due to min-elements 1).
Thanks, Rob On 10/10/2018 16:23, Michael Rehder wrote:
Container "foo" would be mandatory if not for the "when" child element. With the "when" child element, the logic becomes "inverted" and the constraint is a negative one of "disallowed under certain condition". The UC is for enforcement in REST API payloads. For a practical example: leaf AssignmentMechanism { type enumeration { enum "DHCP"; enum "Static"; } mandatory true; description "The address assignment mechanism."; } list IPAddresses { when "../AssignmentMechanism = 'Static'"; key Address; min-elements 1;leaf Address {type capit:IPv4Address; description "An ipv4 address."; } } There is no way in the IPAddresses list to enforce that there is at least one IP Address when the assignment method is "Static". One could put a "must" on "AssignmentMechanism" to ensure at least one element of the IPAddresses list when "Static", but I don't see this as a good schema design, to have the controlling attribute check controlled attributes. I appreciate that this semantic can't be changed in YANG at this point. Could the "when" statement have a modifying child element to state that the mandatory status of the element is to be enforced? Like container foo { when "condition" { enforce-mandatory-status; } There is already back-end for existential checks for mandatory choice so this seems reasonably consistent to me. I appreciate there are existing issues for "when" but I don't see why this would make things any worse. In fact by promoting a better dependency "direction" between schema elements, think it could simplify things (so I naively think :) ). Thanks Mike-----Original Message----- From: Ladislav Lhotka [mailto:lho...@nic.cz] Sent: Wednesday, October 10, 2018 10:28 AM To: Michael Rehder <michael.reh...@amdocs.com>; netmod@ietf.org Subject: Re: [netmod] WHEN statement within mandatory objects doesn't ensure presence of the mandatory object Michael Rehder <michael.reh...@amdocs.com> writes:I have a question about “when” and mandatory objects. It seems to me that the implemented semantics of “when” are really“optional when”, in that the enclosing object can be absent even though it is mandatory and the “when” clause holds true.The RFC could be clearer about this. Example leaf color { enumeration { enum “blue”; enum “black”; } mandatory true; } container foo { when ../color = ‘blue’; etc. } “foo” is optional due to the presence of the “when” statement even though the object is mandatory (same is true for mandatory leaf, min-elements=1 list etc.).Maybe you intended to have, e.g., a "mandatory true" leaf inside "container foo"?This is considered valid XML for the above <color>blue</color>Yes, it is, under current YANG rules, no matter what "etc." stands for. Note that evaluation of the XPath expression in this case (with "foo" missing) requires the peculiar procedure of sec. 7.21.5 in RFC 7950.In my view this makes conditionally variant schemas “loose” in their enforcement (some scenarios can use choice but it doesn’t cover everything). I think that mandatory should be respected for the enclosing objects of a “when” statement. That is, a mandatory object must be present when its “when” clause holds true and a Schematron statement should enforce that.In fact, this is one case where the DSDL mapping (RFC 6110) deviates from YANG 1.0. Nodes that mandatory aren't enclosed in the RELAX NG <optional> pattern, and are then required no matter what any "when" statements say (because RELAX NG validation comes before Schematron).What is the rationale behind the current YANG rules behavior, that the “when” Schematron mapping doesn’t check for presence of the enclosing mandatory object?FWIW, I have been repeatedly protesting against this behaviour but without much luck. See for example https://www.ietf.org/mail-archive/web/netmod/current/msg14012.html As a result, "when" is the trickiest feature in YANG by far. Ladathanks Mike Rehder-- Ladislav Lhotka Head, CZ.NIC Labs PGP Key ID: 0xB8F92B08A9F76C67“Amdocs’ email platform is based on a third-party, worldwide, cloud-based system. Any emails sent to Amdocs will be processed and stored using such system and are accessible by third party providers of such system on a limited basis. Your sending of emails to Amdocs evidences your consent to the use of such system and such processing, storing and access”. _______________________________________________ netmod mailing list netmod@ietf.org https://www.ietf.org/mailman/listinfo/netmod
_______________________________________________ netmod mailing list netmod@ietf.org https://www.ietf.org/mailman/listinfo/netmod
