1 //******************************************************************
3 // Copyright 2015 Intel Mobile Communications GmbH All Rights Reserved.
5 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
7 // Licensed under the Apache License, Version 2.0 (the "License");
8 // you may not use this file except in compliance with the License.
9 // You may obtain a copy of the License at
11 // http://www.apache.org/licenses/LICENSE-2.0
13 // Unless required by applicable law or agreed to in writing, software
14 // distributed under the License is distributed on an "AS IS" BASIS,
15 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 // See the License for the specific language governing permissions and
17 // limitations under the License.
19 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
21 #ifndef IOTVT_SRM_PE_H
22 #define IOTVT_SRM_PE_H
26 #include "securevirtualresourcetypes.h"
27 #include "cainterface.h"
32 typedef struct AmsMgrContext AmsMgrContext_t;
36 STOPPED = 0, //Policy engine state machine is not running
37 AWAITING_REQUEST, //Can process new request
38 AWAITING_AMS_RESPONSE, //Can't process new request; waiting for AMS response
39 BUSY //Can't process new request as processing other requests
42 typedef struct PEContext
46 char resource[MAX_URI_LENGTH];
47 OicSecSvrType_t resourceType;
49 bool matchingAclFound;
51 SRMAccessResponse_t retVal;
52 AmsMgrContext_t *amsMgrContext;
56 * Check whether a request should be allowed.
58 * @param context is the pointer to Policy Engine context to use.
59 * @param subjectId is the pointer to Id of the requesting entity.
60 * @param resource is the pointer to URI of Resource being requested.
61 * @param permission is the requested permission.
63 * @return ::ACCESS_GRANTED if request should go through, otherwise some flavor of ACCESS_DENIED.
65 SRMAccessResponse_t CheckPermission(
67 const OicUuid_t *subjectId,
69 const uint16_t requestedPermission);
72 * Initialize the Policy Engine. Call this before calling CheckPermission().
73 * TODO Eventually this and DeInit() need to be called from a new
74 * "SRMInit(SRMContext_t *)" function, TBD after BeachHead.
75 * @param context is the pointer to Policy Engine context to initialize.
77 * @return ::OC_STACK_OK for Success, otherwise some error value.
79 OCStackResult InitPolicyEngine(PEContext_t *context);
82 * De-Initialize the Policy Engine. Call this before exiting to allow Policy
83 * Engine to do cleanup on context.
85 * @param context is the pointer to Policy Engine context to de-initialize.
87 void DeInitPolicyEngine(PEContext_t *context);
90 * Get CRUDN permission for a method.
92 * @param method is CRUDN permission being seeked.
94 * @return the uint16_t CRUDN permission .
96 uint16_t GetPermissionFromCAMethod_t(const CAMethod_t method);
99 * This method reset Policy Engine context to default state and update
100 * it's state to @param state.
102 * @param context is the policy engine context.
103 * @param state set Policy engine state to this.
105 void SetPolicyEngineState(PEContext_t *context, const PEState_t state);
107 typedef OCStackResult (*GetSvrRownerId_t)(OicUuid_t *rowner);
109 #endif //IOTVT_SRM_PE_H