portctl_nameonly to limit port control to name only (F. Schiavarelli)

Netdisco/Changes

@@ -1,5 +1,9 @@
 2.028001
 
+  [ENHANCEMENTS]
+
+  * portctl_nameonly to limit port control to name only (F. Schiavarelli)
+
   [BUG FIXES]
 
   * [ND1#117] unknown devices missing from inventory

Netdisco/lib/App/Netdisco/Manual/Configuration.pod

@@ -782,6 +782,14 @@ field to use as the management IP address for a device.
 Value: Boolean. Default: C<true>.
 
 Set to false to prevent users from changing the default VLAN on an interface.
+This setting has no effect when C<portctl_nameonly> below is set to true.
+
+=head3 C<portctl_nameonly>
+
+Value: Boolean. Default: C<false>.
+
+Set to true to limit port control action to only changing the interface name
+(description).
 
 =head3 C<portctl_nophones>
 

Netdisco/lib/App/Netdisco/Util/Port.pm

@@ -68,6 +68,10 @@ sub vlan_reconfig_check {
 
 =item *
 
+Permission check that C<portctl_nameonly> is false in Netdisco config.
+
+=item *
+
 Permission check that C<portctl_uplinks> is true in Netdisco config, if
 C<$port> is an uplink.
 
@@ -95,6 +99,10 @@ sub port_reconfig_check {
   my $has_phone = port_has_phone($port);
   my $is_vlan   = is_vlan_interface($port);
 
+  # only permitted to change interface name
+  return "forbidden: not permitted to change port configuration"
+    if setting('portctl_nameonly');
+
   # uplink check
   return "forbidden: port [$name] on [$ip] is an uplink"
     if $port->remote_type and not $has_phone and not setting('portctl_uplinks');

Netdisco/share/config.yml

@@ -144,6 +144,7 @@ ignore_interfaces:
 ignore_private_nets: false
 reverse_sysname: false
 vlanctl: true
+portctl_nameonly: false
 portctl_nophones: false
 portctl_vlans: false
 portctl_uplinks: false