+
+#ifdef MULTIPLE_OWNER
+/**
+ * Compare the request's subject to SubOwner.
+ *
+ * @return true if context->subjectId exist subowner list, else false.
+ */
+static bool IsRequestFromSubOwner(PEContext_t *context)
+{
+ bool retVal = false;
+
+ if(NULL == context)
+ {
+ return retVal;
+ }
+
+ if(IsSubOwner(&context->subject))
+ {
+ retVal = true;
+ }
+
+ if(true == retVal)
+ {
+ OIC_LOG(INFO, TAG, "PE.IsRequestFromSubOwner(): returning true");
+ }
+ else
+ {
+ OIC_LOG(INFO, TAG, "PE.IsRequestFromSubOwner(): returning false");
+ }
+
+ return retVal;
+}
+
+
+/**
+ * Verify the SubOwner's request.
+ *
+ * @return true if request is valid, else false.
+ */
+static bool IsValidRequestFromSubOwner(PEContext_t *context)
+{
+ bool isValidRequest = false;
+
+ if(NULL == context)
+ {
+ return isValidRequest;
+ }
+
+ switch(context->resourceType)
+ {
+ case OIC_R_DOXM_TYPE:
+ //SubOwner has READ permission only for DOXM
+ if(PERMISSION_READ == context->permission)
+ {
+ isValidRequest = true;
+ }
+ break;
+ case OIC_R_PSTAT_TYPE:
+ //SubOwner has full permsion for PSTAT
+ isValidRequest = true;
+ break;
+ case OIC_R_CRED_TYPE:
+ //SubOwner can only access the credential which is registered as the eowner.
+ isValidRequest = IsValidCredentialAccessForSubOwner(&context->subject, context->payload, context->payloadSize);
+ break;
+ case OIC_R_ACL_TYPE:
+ //SubOwner can only access the ACL which is registered as the eowner.
+ isValidRequest = IsValidAclAccessForSubOwner(&context->subject, context->payload, context->payloadSize);
+ break;
+ default:
+ //SubOwner has full permission for all resource except the security resource
+ isValidRequest = true;
+ break;
+ }
+
+ if(isValidRequest)
+ {
+ OIC_LOG(INFO, TAG, "PE.IsValidRequestFromSubOwner(): returning true");
+ }
+ else
+ {
+ OIC_LOG(INFO, TAG, "PE.IsValidRequestFromSubOwner(): returning false");
+ }
+
+ return isValidRequest;
+}
+#endif //MULTIPLE_OWNER
+
+