/oic/res. /oic/d and /oic/p returns error when PUT/POST/DELETE is performed on the resource.
Change-Id: Ib40c4d2b5e9263bc4252e3553fa7e30ef21c2a51
Signed-off-by: Habib Virji <habib.virji@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/7625
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Mushfiqul Islam <i.mushfiq@samsung.com>
Reviewed-by: Markus Jung <markus.jung85@gmail.com>
Reviewed-by: Uze Choi <uzchoi@samsung.com>
(cherry picked from commit
10ac37501a95a2ebbeb4e16a873b45d2c8a9a3b4)
Reviewed-on: https://gerrit.iotivity.org/gerrit/7831
// Step 1: Generate the response to discovery request
if (virtualUriInRequest == OC_WELL_KNOWN_URI)
{
// Step 1: Generate the response to discovery request
if (virtualUriInRequest == OC_WELL_KNOWN_URI)
{
+ if (request->method == OC_REST_PUT || request->method == OC_REST_POST || request->method == OC_REST_DELETE)
+ {
+ OIC_LOG_V(ERROR, TAG, "Resource : %s not permitted for method: %d", request->resourceUrl, request->method);
+ return OC_STACK_UNAUTHORIZED_REQ;
+ }
+
char *interfaceQuery = NULL;
char *resourceTypeQuery = NULL;
char *interfaceQuery = NULL;
char *resourceTypeQuery = NULL;
}
else if (virtualUriInRequest == OC_DEVICE_URI)
{
}
else if (virtualUriInRequest == OC_DEVICE_URI)
{
+ if (request->method == OC_REST_PUT || request->method == OC_REST_POST || request->method == OC_REST_DELETE)
+ {
+ OIC_LOG_V(ERROR, TAG, "Resource : %s not permitted for method: %d", request->resourceUrl, request->method);
+ return OC_STACK_UNAUTHORIZED_REQ;
+ }
+
const char* deviceId = OCGetServerInstanceIDString();
if (!deviceId)
{
const char* deviceId = OCGetServerInstanceIDString();
if (!deviceId)
{
}
else if (virtualUriInRequest == OC_PLATFORM_URI)
{
}
else if (virtualUriInRequest == OC_PLATFORM_URI)
{
+ if (request->method == OC_REST_PUT || request->method == OC_REST_POST || request->method == OC_REST_DELETE)
+ {
+ OIC_LOG_V(ERROR, TAG, "Resource : %s not permitted for method: %d", request->resourceUrl, request->method);
+ return OC_STACK_UNAUTHORIZED_REQ;
+ }
+
payload = (OCPayload*)OCPlatformPayloadCreate(&savedPlatformInfo);
if (!payload)
{
payload = (OCPayload*)OCPlatformPayloadCreate(&savedPlatformInfo);
if (!payload)
{
cbNode->method == OC_REST_DELETE)
{
char targetUri[MAX_URI_LENGTH];
cbNode->method == OC_REST_DELETE)
{
char targetUri[MAX_URI_LENGTH];
- snprintf(targetUri, MAX_URI_LENGTH, "%s?rt=%s",
- OC_RSRVD_RD_URI, OC_RSRVD_RESOURCE_TYPE_RDPUBLISH);
+ snprintf(targetUri, MAX_URI_LENGTH, "%s?rt=%s", OC_RSRVD_RD_URI,
+ OC_RSRVD_RESOURCE_TYPE_RDPUBLISH);
if (strcmp(targetUri, cbNode->requestUri) == 0)
{
type = PAYLOAD_TYPE_RD;
if (strcmp(targetUri, cbNode->requestUri) == 0)
{
type = PAYLOAD_TYPE_RD;