/**
* Initialize ACL resource by loading data from persistent storage.
*
- * @retval OC_STACK_OK for Success, otherwise some error value
+ * @return ::OC_STACK_OK for Success, otherwise some error value.
*/
OCStackResult InitACLResource();
/**
* Perform cleanup for ACL resources.
*
- * @retval none
*/
-void DeInitACLResource();
+OCStackResult DeInitACLResource();
/**
* This method is used by PolicyEngine to retrieve ACL for a Subject.
* @param savePtr is used internally by @ref GetACLResourceData to maintain index between
* successive calls for same subjectId.
*
- * @retval reference to @ref OicSecAcl_t if ACL is found, else NULL
+ * @note On the first call to @ref GetACLResourceData, savePtr should point to NULL.
*
- * @note On the first call to @ref GetACLResourceData, savePtr should point to NULL
+ * @return reference to @ref OicSecAce_t if ACE is found, else NULL.
*/
-const OicSecAcl_t* GetACLResourceData(const OicUuid_t* subjectId, OicSecAcl_t **savePtr);
+const OicSecAce_t* GetACLResourceData(const OicUuid_t* subjectId, OicSecAce_t **savePtr);
/**
- * This function converts ACL data into JSON format.
- * Caller needs to invoke 'free' when done using
- * returned string.
- * @param acl instance of OicSecAcl_t structure.
+ * This function converts ACL data into CBOR format.
*
- * @retval pointer to ACL in json format.
+ * @param acl instance of @ref OicSecAcl_t structure.
+ * @param outPayload is the pointer to allocated memory for cbor payload.
+ * @param size of the cbor payload.
+ *
+ * @return ::OC_STACK_OK for Success, otherwise some error value.
*/
-char* BinToAclJSON(const OicSecAcl_t * acl);
+OCStackResult AclToCBORPayload(const OicSecAcl_t * acl, uint8_t **outPayload, size_t *size);
+
+#ifdef MULTIPLE_OWNER
+/**
+ * Function to check the ACL access of SubOwner
+ *
+ * @param[in] uuid SubOwner's UUID
+ * @param[in] cborPayload CBOR payload of ACL
+ * @param[in] size Byte length of cborPayload
+ *
+ * @return ::true for valid access, otherwise invalid access
+ */
+bool IsValidAclAccessForSubOwner(const OicUuid_t* uuid, const uint8_t *cborPayload, const size_t size);
+#endif //MULTIPLE_OWNER
/**
+ * This method removes ACE for the subject and resource from the ACL
+ *
+ * @param subject of the ACE
+ * @param resource of the ACE
+ *
+ * @return
+ * ::OC_STACK_RESOURCE_DELETED on success
+ * ::OC_STACK_NO_RESOURCE on failure to find the appropriate ACE
+ * ::OC_STACK_INVALID_PARAM on invalid parameter
+ */
+OCStackResult RemoveACE(const OicUuid_t * subject, const char * resource);
+
+/**
* This function deletes ACL data.
*
- * @param acl instance of OicSecAcl_t structure.
+ * @param acl instance of @ref OicSecAcl_t structure to be deleted.
*/
void DeleteACLList(OicSecAcl_t* acl);
+/**
+ * This function frees OicSecRsrc_t object's fields and object itself.
+ *
+ * @param rsrc instance of @ref OicSecRsrc_t structure to be deleted.
+ */
+void FreeRsrc(OicSecRsrc_t *rsrc);
+
+/**
+ * Internal function to duplicate the ACE instance.
+ *
+ * @param ace instance of @ref OicSecAce_t structure to be duplicated.
+ * @return reference to @ref OicSecAce_t if ACE was successfully duplicated.
+ */
+OicSecAce_t* DuplicateACE(const OicSecAce_t* ace);
+
+
+/**
+ * This function check the duplication with pre-installed ACL and installs only new ACEs.
+ *
+ * @param acl acl to install.
+ *
+ * @return ::OC_STACK_OK for Success, otherwise some error value
+ */
+OCStackResult InstallACL(const OicSecAcl_t* acl);
+
+/**
+ * This function appends a new ACL.
+ *
+ * @param payload cbor value representing a new ACL.
+ * @param size of the cbor payload.
+ *
+ * @return ::OC_STACK_OK for Success, otherwise some error value
+ */
+OCStackResult AppendACL(const uint8_t* payload, const size_t size);
+
+/**
+ * This function appends a new ACL.
+ *
+ * @param acl new acl to append.
+ *
+ * @return ::OC_STACK_OK for Success, otherwise some error value
+ */
+OCStackResult AppendACL2(const OicSecAcl_t* acl);
+
+/**
+ * This function updates default ACE which is required for ownership transfer.
+ * This function should be invoked after OTM is complete to prevent anonymous user access.
+ *
+ * @retval OC_STACK_OK for Success, otherwise some error value
+ */
+OCStackResult UpdateDefaultSecProvACE();
+
+/**
+ * Internal function to update resource owner
+ *
+ * @param newROwner new owner
+ *
+ * @retval ::OC_STACK_OK for Success, otherwise some error value
+ */
+OCStackResult SetAclRownerId(const OicUuid_t* newROwner);
+
/**
- * This function installs a new ACL.
- * @param newJsonStr JSON string representing a new ACL.
+ * Gets the OicUuid_t value for the rownerid of the acl resource.
*
- * @retval OC_STACK_OK for Success, otherwise some error value
+ * @param rowneruuid a pointer to be assigned to the rowneruuid property
+ * @return ::OC_STACK_OK if rowneruuid is assigned correctly, else ::OC_STACK_ERROR.
*/
-OCStackResult InstallNewACL(const char* newJsonStr);
+OCStackResult GetAclRownerId(OicUuid_t *rowneruuid);
+/**
+ * This function converts CBOR data into ACL.
+ *
+ * @param cborPayload is the pointer to cbor payload to parse.
+ * @param size of the cbor payload.
+ *
+ * @return ::acl instance of @ref OicSecAcl_t structure or NULL if error occurs
+ */
+OicSecAcl_t* CBORPayloadToAcl2(const uint8_t *cborPayload, const size_t size);
+
+/**
+ * This function prints ACL to stdin
+ * For debug purposes only
+ *
+ * @param acl acl to print
+ */
+void printACL(const OicSecAcl_t* acl);
#ifdef __cplusplus
}
projects / platform / upstream / iotivity.git / blobdiff