module org-openroadm-user-mgmt {
  namespace "http://org/openroadm/user-mgmt";
  prefix org-openroadm-user-mgmt;

  organization
    "Open ROADM MSA";
  contact
    "OpenROADM.org";
  description
    "YANG definitions of user managements.

      Copyright of the Members of the Open ROADM MSA Agreement dated (c) 2016,
      All other rights reserved.

      Redistribution and use in source and binary forms, with or without modification,
      are permitted provided that the following conditions are met:

      * Redistributions of source code must retain the above copyright notice, this
        list of conditions and the following disclaimer.
      * Redistributions in binary form must reproduce the above copyright notice,
        this list of conditions and the following disclaimer in the documentation and/or
        other materials provided with the distribution.
      * Neither the Members of the Open ROADM MSA Agreement nor the names of its
        contributors may be used to endorse or promote products derived from this software
        without specific prior written permission.

      THIS SOFTWARE IS PROVIDED BY THE MEMBERS OF THE OPEN ROADM MSA  AGREEMENT ''AS IS''
      AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
      WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
      IN NO EVENT THE MEMBERS OF THE OPEN ROADM MSA  AGREEMENT BE LIABLE FOR ANY DIRECT,
      INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
      NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;  LOSS OF USE, DATA,
      OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
      WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
      ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
      POSSIBILITY OF SUCH DAMAGE";

  revision 2020-09-25 {
    description
      "Version 8.0";
  }
  revision 2019-11-29 {
    description
      "Version 6.1.0";
  }
  revision 2018-11-30 {
    description
      "Version 4.1.0";
  }
  revision 2017-12-15 {
    description
      "Version 2.2";
  }
  revision 2017-09-29 {
    description
      "Version 2.1";
  }
  revision 2017-06-26 {
    description
      "Version 2.0";
  }
  revision 2016-10-14 {
    description
      "Version 1.2";
  }

  typedef username-type {
    type string {
      length "3..32";
      pattern '[a-z][a-z0-9]{2,31}' {
        error-message
          "A username must begin with a lowercase letter, The remainder
           of the string may contain lowercase letters, or numbers 0 through 9.";
      }
    }
    description
      "The user name string identifying this entry.";
  }

  typedef password-type {
    type string {
      length "8..128";
      pattern '[a-zA-Z0-9!$%\^()\[\]_\-~{}.+]*' {
        error-message "Password content does not meet the requirements";
      }
    }
    description
      "The password for this entry.
       The Password must contain at least 2 characters from
       each of the following groups:
       a) Lower case alphabetic (a-z)
       b) Upper case alphabetic (A-Z)
       c) Numeric 0-9
       d) Special characters Allowed !$%^()[]_-~{}.+
       Password must not contain Username.";
  }

  grouping user-profile {
    list user {
      key "name";
      description
        "The list of local users configured on this device.";
      leaf name {
        type username-type;
        description
          "The user name string identifying this entry.";
      }
      leaf password {
        type password-type;
        description
          "The password for this entry.";
      }
      leaf group {
        type enumeration {
          enum sudo;
        }
        description
          "The group to which the user is associated to.";
      }
    }
  }

  rpc chg-password {
    input {
      leaf currentPassword {
        type password-type;
        mandatory true;
        description
          "provide the current password";
      }
      leaf newPassword {
        type password-type;
        mandatory true;
        description
          "provide a new password";
      }
      leaf newPasswordConfirm {
        type password-type;
        mandatory true;
        description
          "re-enter the new password ";
      }
    }
    output {
      leaf status {
        type enumeration {
          enum Successful {
            value 1;
          }
          enum Failed {
            value 2;
          }
        }
        mandatory true;
        description
          "Successful or Failed";
      }
      leaf status-message {
        type string;
        description
          "Gives a more detailed reason for success / failure";
      }
    }
  }
}