map statement for conditional logic
map
The map statement allows you to define conditional logic based on the value of
a specified variable. It evaluates the given variable and executes the
corresponding block of code that matches the variable's value.
Syntax
map <variable> {
"<value1>" => {
// actions for value1
}
"<value2>" => {
// actions for value2
}
// additional value mappings...
}
Parameters
<variable>- The variable to evaluate and match against the defined values<value>- String literals that represent possible values of the variable- Actions within each block can include
modify,ifstatements, and other policy handlers
Example
aaa {
policy "MANAGEMENT" {
handler "AUTHENTICATION" {
authentication {
map user.backend {
"USERS_INTERNAL_FILE" => {
modify {
user.privilege = "write";
}
}
"LDAP" => {
if all {
user.group == "administrators";
} then {
modify {
user.privilege = "write";
}
}
}
any => {
modify {
user.privilege = "read";
}
}
}
http-management-authentication;
}
}
}
}