{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
},\r
{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/ad",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.ad"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/amacl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.amacl"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- } \r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
+ }\r
],\r
"permission": 2\r
}\r
]\r
},\r
"rowneruuid" : "61646D69-6E44-6576-6963-655575696430"\r
- }, \r
+ },\r
"pstat": {\r
"isop": true,\r
"cm": 2,\r
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
},\r
{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/ad",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.ad"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
- "href": "/oic/sec/acl",\r
+ "href": "/oic/sec/amacl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.amacl"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- } ,\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
+ },\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
},\r
{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/ad",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.ad"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/acl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.acl"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- } ,\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
+ },\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/a/light",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.core"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/a/light0",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.core"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/a/light1",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.core"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 6\r
*
* @note On the first call to @ref GetACLResourceData, savePtr should point to NULL.
*
- * @return reference to @ref OicSecAcl_t if ACL is found, else NULL.
+ * @return reference to @ref OicSecAce_t if ACE is found, else NULL.
*/
-const OicSecAcl_t* GetACLResourceData(const OicUuid_t* subjectId, OicSecAcl_t **savePtr);
+const OicSecAce_t* GetACLResourceData(const OicUuid_t* subjectId, OicSecAce_t **savePtr);
/**
* This function converts ACL data into CBOR format.
void DeleteACLList(OicSecAcl_t* acl);
/**
+ * Internal function to duplicate the ACE instance.
+ *
+ * @param ace instance of @ref OicSecAce_t structure to be duplicated.
+ * @return reference to @ref OicSecAce_t if ACE was successfully duplicated.
+ */
+OicSecAce_t* DuplicateACE(const OicSecAce_t* ace);
+
+/**
* This function installs a new ACL.
*
* @param payload cbor value representing a new ACL.
OCStackResult InstallNewACL(const uint8_t* payload, const size_t size);
/**
- * This function updates default ACL which is required for ownership transfer.
+ * This function updates default ACE which is required for ownership transfer.
* This function should be invoked after OTM is complete to prevent anonymous user access.
*
* @retval OC_STACK_OK for Success, otherwise some error value
*/
-OCStackResult UpdateDefaultSecProvACL();
+OCStackResult UpdateDefaultSecProvACE();
/**
* Internal function to update resource owner
extern const char * OIC_JSON_PRIVDATA_NAME;
extern const char * OIC_JSON_OPTDATA_NAME;
extern const char * OIC_JSON_CRMS_NAME;
+extern const char * OIC_JSON_VALIDITY_NAME;
extern const char * OIC_JSON_PERIOD_NAME;
extern const char * OIC_JSON_PERIODS_NAME;
extern const char * OIC_JSON_RECURRENCES_NAME;
}
}
+typedef struct OicSecRsrc OicSecRsrc_t;
+
+typedef struct OicSecValidity OicSecValidity_t;
+
+typedef struct OicSecAce OicSecAce_t;
+
typedef struct OicSecAcl OicSecAcl_t;
typedef struct OicSecAmacl OicSecAmacl_t;
};
+struct OicSecRsrc
+{
+ char *href; // 0:R:S:Y:String
+ char *rel; // 1:R:S:N:String
+ char** types; // 2:R:S:N:String Array
+ size_t typeLen; // the number of elts in types
+ char** interfaces; // 3:R:S:N:String Array
+ size_t interfaceLen; // the number of elts in interfaces
+ OicSecRsrc_t *next;
+};
+
+struct OicSecValidity
+{
+ char* period; // 0:R:S:Y:String
+ char** recurrences; // 1:R:M:Y:Array of String
+ size_t recurrenceLen; // the number of elts in recurrence
+ OicSecValidity_t *next;
+};
+
+struct OicSecAce
+{
+ // <Attribute ID>:<Read/Write>:<Multiple/Single>:<Mandatory?>:<Type>
+ OicUuid_t subjectuuid; // 0:R:S:Y:uuid
+ OicSecRsrc_t *resources; // 1:R:M:Y:Resource
+ uint16_t permission; // 2:R:S:Y:UINT16
+ OicSecValidity_t *validities; // 3:R:M:N:Time-interval
+ OicSecAce_t *next;
+};
+
/**
* /oic/sec/acl (Access Control List) data type.
* Derived from OIC Security Spec; see Spec for details.
struct OicSecAcl
{
// <Attribute ID>:<Read/Write>:<Multiple/Single>:<Mandatory?>:<Type>
- OicUuid_t subject; // 0:R:S:Y:uuid TODO: this deviates
- // from spec and needs to be updated
- // in spec (where it's a String).
- size_t resourcesLen; // the number of elts in Resources
- char **resources; // 1:R:M:Y:String
- uint16_t permission; // 2:R:S:Y:UINT16
- size_t prdRecrLen; // the number of elts in Periods
- char **periods; // 3:R:M*:N:String (<--M*; see Spec)
- char **recurrences; // 5:R:M:N:String
- OicUuid_t rownerID; // 8:R:S:Y:oic.uuid
- OicSecAcl_t *next;
+ OicUuid_t rownerID; // 0:R:S:Y:oic.uuid
+ OicSecAce_t *aces; // 1:R:M:N:ACE
};
/**
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
+ },{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
+ },{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/presence",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/acl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.acl"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
- "href": "/oic/sec/crl",\r
+ "href": "/oic/sec/cred",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.cred"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
- "href": "/oic/sec/cred",\r
+ "href": "/oic/sec/crl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.crl"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 6\r
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
+ },{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
+ },{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/presence",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/acl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.acl"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
- "href": "/oic/sec/crl",\r
+ "href": "/oic/sec/cred",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.cred"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
- "href": "/oic/sec/cred",\r
+ "href": "/oic/sec/crl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.crl"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 6\r
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
+ },{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
+ },{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/ad",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- } ,\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
+ },\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
+ },{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
+ },{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/ad",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- } ,\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
+ },\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/acl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.acl"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/cred",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.cred"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 7\r
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
+ },{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
+ },{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
+ }\r
+ ],\r
+ "permission": 2\r
+ },\r
+ {\r
+ "subjectuuid": "*",\r
+ "resources": [\r
{\r
- "href": "/oic/ad",\r
+ "href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
- "href": "/oic/sec/amacl",\r
+ "href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
"subjectuuid": "*",\r
"resources": [\r
{\r
- "href": "/oic/sec/doxm",\r
+ "href": "/oic/sec/pconf",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pconf"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
- "href": "/oic/sec/pstat",\r
+ "href": "/oic/sec/dpairing",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- } \r
+ "rt": ["oic.r.dpairing"],\r
+ "if": ["oic.if.baseline"]\r
+ }\r
],\r
"permission": 2\r
}\r
]\r
},\r
"rowneruuid" : "61646D69-6E44-6576-6963-655575696430"\r
- }, \r
+ },\r
"pstat": {\r
"isop": true,\r
"cm": 0,\r
{
"href": "/oic/res",
"rel": "",
- "rt": "",
- "if": ""
- },
- {
+ "rt": ["oic.wk.res"],
+ "if": ["oic.if.ll"]
+ },{
"href": "/oic/d",
"rel": "",
- "rt": "",
- "if": ""
- },
- {
+ "rt": ["oic.wk.d"],
+ "if": ["oic.if.baseline", "oic.if.r"]
+ },{
"href": "/oic/p",
"rel": "",
- "rt": "",
- "if": ""
- },
- {
- "href": "/oic/res/d",
- "rel": "",
- "rt": "",
- "if": ""
- },
- {
- "href": "/oic/res/types/d",
- "rel": "",
- "rt": "",
- "if": ""
- },
- {
- "href": "/oic/presence",
- "rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.wk.p"],
+ "if": ["oic.if.baseline", "oic.if.r"]
}
],
"permission": 2
{
"href": "/oic/sec/doxm",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.r.doxm"],
+ "if": ["oic.if.baseline"]
},
{
"href": "/oic/sec/pstat",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.r.pstat"],
+ "if": ["oic.if.baseline"]
},
{
"href": "/oic/sec/acl",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.r.acl"],
+ "if": ["oic.if.baseline"]
},
{
"href": "/oic/sec/cred",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.r.cred"],
+ "if": ["oic.if.baseline"]
}
],
"permission": 6
{
"href": "/oic/sec/pconf",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.r.pconf"],
+ "if": ["oic.if.baseline"]
},
{
"href": "/oic/sec/dpairing",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.r.dpairing"],
+ "if": ["oic.if.baseline"]
}
],
"permission": 6
{
"href": "/oic/sec/ver",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.r.ver"],
+ "if": ["oic.if.baseline"]
}
],
"permission": 2
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
},{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/presence",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/acl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.acl"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/cred",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.cred"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 6\r
{\r
"href": "/oic/sec/pconf",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pconf"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/dpairing",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.dpairing"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 6\r
{\r
"href": "/oic/sec/ver",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.ver"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
"rowneruuid": "6A757374-776F-726B-4465-765575696430",\r
"dpc": true\r
}\r
-}
\ No newline at end of file
+}\r
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
+ },{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
+ },{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/presence",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/acl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.acl"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/cred",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.cred"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 6\r
{\r
"href": "/oic/sec/pconf",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pconf"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/dpairing",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.dpairing"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 6\r
{\r
"href": "/oic/sec/ver",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.ver"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
#endif
#include "platform_features.h"
+#include "utlist.h"
#include "logger.h"
#include "oic_malloc.h"
#include "oic_string.h"
#define _99_EXIT_PRVN_CLT_ 99
#define ACL_RESRC_MAX_NUM 16
+#define ACL_RESRC_ARRAY_SIZE 3 //This value is used only for sample (not OCF spec)
#define ACL_RESRC_MAX_LEN 128
#define ACL_PEMISN_CNT 5
#define DISCOVERY_TIMEOUT 10 // 10 sec
OIC_LOG(ERROR, TAG, "createAcl: OICCalloc error return");
return NULL; // not need to 'goto' |ERROR| before allocating |acl|
}
+ OicSecAce_t* ace = (OicSecAce_t*) OICCalloc(1, sizeof(OicSecAce_t));
+ if(!ace)
+ {
+ OIC_LOG(ERROR, TAG, "createAcl: OICCalloc error return");
+ return NULL; // not need to 'goto' |ERROR| before allocating |acl|
+ }
+ LL_APPEND(acl->aces, ace);
// enter |subject| device number
int num = 0;
OIC_LOG(ERROR, TAG, "createAcl: device instance empty");
goto CRACL_ERROR;
}
- memcpy(&acl->subject, &dev->doxm->deviceID, UUID_LENGTH);
+ memcpy(&ace->subjectuuid, &dev->doxm->deviceID, UUID_LENGTH);
// enter number of |resources| in 'accessed' device
for( ; ; )
// enter actually each 'accessed' |resources| name
printf(" Enter Each Accessed Resource Name (each under 128 char)\n");
// '128' is ACL_RESRC_MAX_LEN
- acl->resourcesLen = (unsigned) num;
- acl->resources = (char**) OICCalloc(acl->resourcesLen, sizeof(char*));
- if(!acl->resources)
- {
- OIC_LOG(ERROR, TAG, "createAcl: OICCalloc error return");
- goto CRACL_ERROR;
- }
+
char rsrc_in[ACL_RESRC_MAX_LEN+1] = {0}; // '1' for null termination
- for(int i=0; acl->resourcesLen>(unsigned)i; ++i)
+ for(int i = 0; num > i; ++i)
{
+ OicSecRsrc_t* rsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+ if(!rsrc)
+ {
+ OIC_LOG(ERROR, TAG, "createAcl: OICCalloc error return");
+ goto CRACL_ERROR;
+ }
+
printf(" Enter Accessed Resource[%d] Name: ", i+1);
for(int ret=0; 1!=ret; )
{
// '0x20<=code' is character region
}
size_t len = strlen(rsrc_in)+1; // '1' for null termination
- char* rsrc = (char*) OICCalloc(len, sizeof(char));
+ rsrc->href = (char*) OICCalloc(len, sizeof(char));
if(!rsrc)
{
OIC_LOG(ERROR, TAG, "createAcl: OICCalloc error return");
goto CRACL_ERROR;
}
- OICStrcpy(rsrc, len, rsrc_in);
- acl->resources[i] = rsrc; // after here, |rsrc| points nothing
+ OICStrcpy(rsrc->href, len, rsrc_in);
+
+ int arrLen = 0;
+ while(1)
+ {
+ printf(" Enter Number of resource type for [%s]: ", rsrc_in);
+ for(int ret=0; 1!=ret; )
+ {
+ ret = scanf("%d", &arrLen);
+ for( ; 0x20<=getchar(); ); // for removing overflow garbages
+ // '0x20<=code' is character region
+ }
+ if(0 < arrLen && ACL_RESRC_ARRAY_SIZE >= arrLen)
+ {
+ break;
+ }
+ printf(" Entered Wrong Number. Please Enter under %d Again\n", ACL_RESRC_ARRAY_SIZE);
+ }
+
+ rsrc->typeLen = arrLen;
+ rsrc->types = (char**)OICCalloc(arrLen, sizeof(char*));
+ if(!rsrc->types)
+ {
+ OIC_LOG(ERROR, TAG, "createAcl: OICCalloc error return");
+ goto CRACL_ERROR;
+ }
+
+ for(int i = 0; i < arrLen; i++)
+ {
+ printf(" Enter ResourceType[%d] Name: ", i+1);
+ for(int ret=0; 1!=ret; )
+ {
+ ret = scanf("%128s", rsrc_in); // '128' is ACL_RESRC_MAX_LEN
+ for( ; 0x20<=getchar(); ); // for removing overflow garbages
+ // '0x20<=code' is character region
+ }
+ rsrc->types[i] = OICStrdup(rsrc_in);
+ if(!rsrc->types[i])
+ {
+ OIC_LOG(ERROR, TAG, "createAcl: OICStrdup error return");
+ goto CRACL_ERROR;
+ }
+ }
+
+ while(1)
+ {
+ printf(" Enter Number of interface name for [%s]: ", rsrc_in);
+ for(int ret=0; 1!=ret; )
+ {
+ ret = scanf("%d", &arrLen);
+ for( ; 0x20<=getchar(); ); // for removing overflow garbages
+ // '0x20<=code' is character region
+ }
+ if(0 < arrLen && ACL_RESRC_ARRAY_SIZE >= arrLen)
+ {
+ break;
+ }
+ printf(" Entered Wrong Number. Please Enter under %d Again\n", ACL_RESRC_ARRAY_SIZE);
+ }
+
+ rsrc->interfaceLen = arrLen;
+ rsrc->interfaces = (char**)OICCalloc(arrLen, sizeof(char*));
+ if(!rsrc->interfaces)
+ {
+ OIC_LOG(ERROR, TAG, "createAcl: OICCalloc error return");
+ goto CRACL_ERROR;
+ }
+
+ for(int i = 0; i < arrLen; i++)
+ {
+ printf(" Enter ResourceType[%d] Name: ", i+1);
+ for(int ret=0; 1!=ret; )
+ {
+ ret = scanf("%128s", rsrc_in); // '128' is ACL_RESRC_MAX_LEN
+ for( ; 0x20<=getchar(); ); // for removing overflow garbages
+ // '0x20<=code' is character region
+ }
+ rsrc->interfaces[i] = OICStrdup(rsrc_in);
+ if(!rsrc->interfaces[i])
+ {
+ OIC_LOG(ERROR, TAG, "createAcl: OICStrdup error return");
+ goto CRACL_ERROR;
+ }
+ }
+
+ LL_APPEND(ace->resources, rsrc);
}
// enter |permission| for this access
}
pmsn_msk <<= 1;
}
- acl->permission = pmsn;
-
- // enter |owner| device number
- int own_num = 0;
- for( ; ; )
- {
- printf(" > [D] Enter Owner Device Number: ");
- for(int ret=0; 1!=ret; )
- {
- ret = scanf("%d", &own_num);
- for( ; 0x20<=getchar(); ); // for removing overflow garbages
- // '0x20<=code' is character region
- }
- if(0<own_num && g_own_cnt>=own_num)
- {
- break;
- }
- printf(" Entered Wrong Number. Please Enter Again\n");
- }
-
- dev = getDevInst((const OCProvisionDev_t*)g_own_list, own_num);
- if(!dev || !dev->doxm)
- {
- OIC_LOG(ERROR, TAG, "createAcl: device instance empty");
- goto CRACL_ERROR;
- }
- memcpy(&acl->rownerID, &dev->doxm->deviceID, sizeof(OicUuid_t));
- printf("\n");
+ ace->permission = pmsn;
return acl;
OIC_LOG(ERROR, TAG, "Failed to AclToCBORPayload");
return OC_STACK_NO_MEMORY;
}
+ OIC_LOG(DEBUG, TAG, "Created payload for ACL:");
+ OIC_LOG_BUFFER(DEBUG, TAG, secPayload->securityData, secPayload->payloadSize);
+
char query[MAX_URI_LENGTH + MAX_QUERY_LENGTH] = {0};
if(!PMGenerateQuery(true,
selectedDeviceInfo->endpoint.addr,
#endif
#include <stdlib.h>
+#include "utlist.h"
#include "ocstack.h"
+#include "octypes.h"
#include "ocserverrequest.h"
#include "oic_malloc.h"
#include "oic_string.h"
static OCResourceHandle gAclHandle = NULL;
/**
+ * This function frees OicSecRsrc_t object's fields and object itself.
+ */
+static void FreeRsrc(OicSecRsrc_t *rsrc)
+{
+ //Clean each member of resource
+ OICFree(rsrc->href);
+ OICFree(rsrc->rel);
+ //Clean "rt"
+ if(0 < rsrc->typeLen && rsrc->types)
+ {
+ for(size_t i = 0; i < rsrc->typeLen; i++)
+ {
+ OICFree(rsrc->types[i]);
+ }
+ OICFree(rsrc->types);
+ rsrc->types = NULL;
+ }
+ //Clean "if"
+ if(0 < rsrc->interfaceLen && rsrc->interfaces)
+ {
+ for(size_t i = 0; i < rsrc->interfaceLen; i++)
+ {
+ OICFree(rsrc->interfaces[i]);
+ }
+ OICFree(rsrc->interfaces);
+ rsrc->interfaces = NULL;
+ }
+ OICFree(rsrc);
+ rsrc = NULL;
+}
+
+/**
* This function frees OicSecAcl_t object's fields and object itself.
*/
-static void FreeACE(OicSecAcl_t *ace)
+static void FreeACE(OicSecAce_t *ace)
{
- size_t i;
if (NULL == ace)
{
OIC_LOG(ERROR, TAG, "Invalid Parameter");
return;
}
- // Clean Resources
- for (i = 0; i < ace->resourcesLen; i++)
+ //Clean Resources
+ OicSecRsrc_t* rsrc = NULL;
+ OicSecRsrc_t* tmpRsrc = NULL;
+ LL_FOREACH_SAFE(ace->resources, rsrc, tmpRsrc)
{
- OICFree(ace->resources[i]);
+ LL_DELETE(ace->resources, rsrc);
+ FreeRsrc(rsrc);
}
- OICFree(ace->resources);
- //Clean Period
- if (ace->periods)
+ //Clean Validities
+ OicSecValidity_t *validity = NULL;
+ OicSecValidity_t *tmpValidity = NULL;
+ LL_FOREACH_SAFE(ace->validities, validity, tmpValidity)
{
- for (i = 0; i < ace->prdRecrLen; i++)
- {
- OICFree(ace->periods[i]);
- }
- OICFree(ace->periods);
- }
+ LL_DELETE(ace->validities, validity);
- //Clean Recurrence
- if (ace->recurrences)
- {
- for (i = 0; i < ace->prdRecrLen; i++)
+ //Clean period
+ OICFree(validity->period);
+
+ //Clean recurrence
+ for(size_t i = 0; i < validity->recurrenceLen; i++)
{
- OICFree(ace->recurrences[i]);
+ OICFree(validity->recurrences[i]);
}
- OICFree(ace->recurrences);
+ OICFree(validity->recurrences);
+ OICFree(validity);
+ validity = NULL;
}
- // Clean ACL node itself
+ //Clean ACE
OICFree(ace);
+ ace = NULL;
}
void DeleteACLList(OicSecAcl_t* acl)
{
if (acl)
{
- OicSecAcl_t *aclTmp1 = NULL;
- OicSecAcl_t *aclTmp2 = NULL;
- LL_FOREACH_SAFE(acl, aclTmp1, aclTmp2)
+ OicSecAce_t *ace = NULL;
+ OicSecAce_t *tmpAce = NULL;
+ LL_FOREACH_SAFE(acl->aces, ace, tmpAce)
{
- LL_DELETE(acl, aclTmp1);
- FreeACE(aclTmp1);
+ LL_DELETE(acl->aces, ace);
+ FreeACE(ace);
}
+ acl->aces = NULL;
+ OICFree(acl);
}
}
+OicSecAce_t* DuplicateACE(const OicSecAce_t* ace)
+{
+ OicSecAce_t* newAce = NULL;
+ size_t allocateSize = 0;
+
+ if(ace)
+ {
+ newAce = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+ VERIFY_NON_NULL(TAG, newAce, ERROR);
+
+ //Subject uuid
+ memcpy(&newAce->subjectuuid, &ace->subjectuuid, sizeof(OicUuid_t));
+
+ OicSecRsrc_t* rsrc = NULL;
+ LL_FOREACH(ace->resources, rsrc)
+ {
+ OicSecRsrc_t* newRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+ VERIFY_NON_NULL(TAG, newRsrc, ERROR);
+ LL_APPEND(newAce->resources, newRsrc);
+
+ //href is mandatory
+ VERIFY_NON_NULL(TAG, rsrc->href, ERROR);
+ allocateSize = strlen(rsrc->href) + 1;
+ newRsrc->href = (char*)OICMalloc(sizeof(char) * allocateSize);
+ VERIFY_NON_NULL(TAG, newRsrc->href, ERROR);
+ OICStrcpy(newRsrc->href, allocateSize, rsrc->href);
+
+ if(rsrc->rel)
+ {
+ allocateSize = strlen(rsrc->rel) + 1;
+ newRsrc->rel = (char*)OICMalloc(sizeof(char) * allocateSize);
+ VERIFY_NON_NULL(TAG, newRsrc->rel, ERROR);
+ OICStrcpy(newRsrc->rel, allocateSize, rsrc->rel);
+ }
+
+ if(rsrc->types && 0 < rsrc->typeLen)
+ {
+ newRsrc->typeLen = rsrc->typeLen;
+ newRsrc->types = (char**)OICCalloc(rsrc->typeLen, sizeof(char*));
+ VERIFY_NON_NULL(TAG, (newRsrc->types), ERROR);
+ for(size_t i = 0; i < rsrc->typeLen; i++)
+ {
+ newRsrc->types[i] = OICStrdup(rsrc->types[i]);
+ VERIFY_NON_NULL(TAG, (newRsrc->types[i]), ERROR);
+ }
+ }
+
+ if(rsrc->interfaces && 0 < rsrc->interfaceLen)
+ {
+ newRsrc->interfaceLen = rsrc->interfaceLen;
+ newRsrc->interfaces = (char**)OICCalloc(rsrc->interfaceLen, sizeof(char*));
+ VERIFY_NON_NULL(TAG, (newRsrc->interfaces), ERROR);
+ for(size_t i = 0; i < rsrc->interfaceLen; i++)
+ {
+ newRsrc->interfaces[i] = OICStrdup(rsrc->interfaces[i]);
+ VERIFY_NON_NULL(TAG, (newRsrc->interfaces[i]), ERROR);
+ }
+ }
+ }
+
+ //Permission
+ newAce->permission = ace->permission;
+
+ //Validity
+ if(ace->validities)
+ {
+ OicSecValidity_t* validity = NULL;
+ LL_FOREACH(ace->validities, validity)
+ {
+ OicSecValidity_t* newValidity = (OicSecValidity_t*)OICCalloc(1, sizeof(OicSecValidity_t));
+ VERIFY_NON_NULL(TAG, newValidity, ERROR);
+ LL_APPEND(newAce->validities, newValidity);
+
+ if(validity->period)
+ {
+ allocateSize = strlen(validity->period) + 1;
+ newValidity->period = (char*)OICMalloc(sizeof(char) * allocateSize);
+ VERIFY_NON_NULL(TAG, newValidity->period, ERROR);
+ OICStrcpy(newValidity->period, allocateSize, validity->period);
+ }
+
+ if(validity->recurrences && 0 < validity->recurrenceLen)
+ {
+ newValidity->recurrenceLen = validity->recurrenceLen;
+
+ newValidity->recurrences = (char**)OICMalloc(sizeof(char*) * validity->recurrenceLen);
+ VERIFY_NON_NULL(TAG, newValidity->recurrences, ERROR);
+
+ for(size_t i = 0; i < validity->recurrenceLen; i++)
+ {
+ allocateSize = strlen(validity->recurrences[i]) + 1;
+ newValidity->recurrences[i] = (char*)OICMalloc(sizeof(char) * allocateSize);
+ VERIFY_NON_NULL(TAG, (newValidity->recurrences[i]), ERROR);
+ OICStrcpy(newValidity->recurrences[i], allocateSize, validity->recurrences[i]);
+ }
+ }
+ }
+ }
+
+ newAce->next = NULL;
+ }
+
+ return newAce;
+
+exit:
+ FreeACE(newAce);
+ return NULL;
+}
+
static size_t OicSecAclSize(const OicSecAcl_t *secAcl)
{
if (!secAcl)
{
return 0;
}
- OicSecAcl_t *acl = (OicSecAcl_t *)secAcl;
+ OicSecAce_t *ace= (OicSecAce_t *)secAcl->aces;
size_t size = 0;
- while (acl)
+ while (ace)
{
size++;
- acl = acl->next;
+ ace = ace->next;
}
return size;
}
OCStackResult ret = OC_STACK_ERROR;
CborError cborEncoderResult = CborNoError;
OicSecAcl_t *acl = (OicSecAcl_t *)secAcl;
+ OicSecAce_t* ace = NULL;
CborEncoder encoder;
CborEncoder aclMap;
CborEncoder aclListMap;
cborEncoderResult = cbor_encoder_create_array(&aclListMap, &acesArray, OicSecAclSize(secAcl));
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Creating ACES Array.");
- while (acl)
+ ace = NULL;
+ LL_FOREACH (acl->aces, ace)
{
CborEncoder oicSecAclMap;
// ACL Map size - Number of mandatory items
uint8_t aclMapSize = ACL_ACES_MAP_SIZE;
size_t inLen = 0;
- // Create ACL Map
- if (acl->periods)
+ OicSecValidity_t* validityElts = ace->validities;
+ while(validityElts)
{
- ++aclMapSize;
- }
- if (acl->recurrences)
- {
- ++aclMapSize;
+ if(validityElts->period)
+ {
+ aclMapSize++;
+ }
+ if(validityElts->recurrences)
+ {
+ aclMapSize++;
+ }
}
cborEncoderResult = cbor_encoder_create_map(&acesArray, &oicSecAclMap, aclMapSize);
cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, OIC_JSON_SUBJECTID_NAME,
strlen(OIC_JSON_SUBJECTID_NAME));
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Subject Name Tag.");
- inLen = (memcmp(&(acl->subject), &WILDCARD_SUBJECT_ID, sizeof(OicUuid_t)) == 0) ?
+ inLen = (memcmp(&(ace->subjectuuid), &WILDCARD_SUBJECT_ID, sizeof(OicUuid_t)) == 0) ?
WILDCARD_SUBJECT_ID_LEN : sizeof(OicUuid_t);
if(inLen == WILDCARD_SUBJECT_ID_LEN)
{
else
{
char *subject = NULL;
- ret = ConvertUuidToStr(&acl->subject, &subject);
+ ret = ConvertUuidToStr(&ace->subjectuuid, &subject);
VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, subject, strlen(subject));
- VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Subject Id Value.");
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Subject UUID Value.");
OICFree(subject);
}
strlen(OIC_JSON_RESOURCES_NAME));
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Resource Name Tag.");
- cborEncoderResult = cbor_encoder_create_array(&oicSecAclMap, &resources, acl->resourcesLen);
+ size_t rsrcLen = 0;
+ OicSecRsrc_t* rsrcElts = NULL;
+ LL_FOREACH(ace->resources, rsrcElts)
+ {
+ rsrcLen++;
+ }
+
+ cborEncoderResult = cbor_encoder_create_array(&oicSecAclMap, &resources, rsrcLen);
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Resource Name Array.");
- for (size_t i = 0; i < acl->resourcesLen; i++)
+ OicSecRsrc_t* rsrc = NULL;
+ LL_FOREACH(ace->resources, rsrc)
{
CborEncoder rMap;
cborEncoderResult = cbor_encoder_create_map(&resources, &rMap, ACL_RESOURCE_MAP_SIZE);
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Resource Map.");
+ //href -- Mandatory
+ VERIFY_NON_NULL(TAG, rsrc->href, ERROR);
cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_HREF_NAME,
strlen(OIC_JSON_HREF_NAME));
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding HREF Name Tag.");
- cborEncoderResult = cbor_encode_text_string(&rMap, acl->resources[i],
- strlen(acl->resources[i]));
+ cborEncoderResult = cbor_encode_text_string(&rMap, rsrc->href, strlen(rsrc->href));
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding HREF Value in Map.");
- cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_REL_NAME,
- strlen(OIC_JSON_REL_NAME));
- VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding REL Name Tag.");
-
- // TODO : Need to assign real value of REL
- cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_EMPTY_STRING,
- strlen(OIC_JSON_EMPTY_STRING));
- VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding REL Value.");
-
+ //resource type -- Mandatory
cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_RT_NAME,
strlen(OIC_JSON_RT_NAME));
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RT Name Tag.");
- // TODO : Need to assign real value of RT
- cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_EMPTY_STRING,
- strlen(OIC_JSON_EMPTY_STRING));
- VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RT Value.");
+ CborEncoder resourceTypes;
+ cborEncoderResult = cbor_encoder_create_array(&rMap, &resourceTypes, rsrc->typeLen);
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding RT Array.");
+ for(size_t i = 0; i < rsrc->typeLen; i++)
+ {
+ cborEncoderResult = cbor_encode_text_string(&resourceTypes, rsrc->types[i], strlen(rsrc->types[i]));
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RT Value.");
+ }
+ cborEncoderResult = cbor_encoder_close_container(&rMap, &resourceTypes);
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing resourceTypes.");
+ //interface -- Mandatory
cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_IF_NAME,
strlen(OIC_JSON_IF_NAME));
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding IF Name Tag.");
- // TODO : Need to assign real value of IF
- cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_EMPTY_STRING,
- strlen(OIC_JSON_EMPTY_STRING));
- VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding IF Value.");
+ CborEncoder interfaces;
+ cborEncoderResult = cbor_encoder_create_array(&rMap, &interfaces, rsrc->interfaceLen);
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding IF Array.");
+ for(size_t i = 0; i < rsrc->interfaceLen; i++)
+ {
+ cborEncoderResult = cbor_encode_text_string(&interfaces, rsrc->interfaces[i], strlen(rsrc->interfaces[i]));
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding IF Value.");
+ }
+ cborEncoderResult = cbor_encoder_close_container(&rMap, &interfaces);
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing interfaces.");
+ //rel
+ if(rsrc->rel)
+ {
+ cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_REL_NAME,
+ strlen(OIC_JSON_REL_NAME));
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding REL Name Tag.");
+ cborEncoderResult = cbor_encode_text_string(&rMap, rsrc->rel, strlen(rsrc->rel));
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding REL Value.");
+ }
+ else
+ {
+ cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_REL_NAME,
+ strlen(OIC_JSON_REL_NAME));
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding REL Name Tag.");
+ cborEncoderResult = cbor_encode_text_string(&rMap, "", 0);
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding REL Value.");
+ }
cborEncoderResult = cbor_encoder_close_container(&resources, &rMap);
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Resource Map.");
-
}
cborEncoderResult = cbor_encoder_close_container(&oicSecAclMap, &resources);
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Resource Name Array.");
}
-
// Permissions -- Mandatory
cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, OIC_JSON_PERMISSION_NAME,
strlen(OIC_JSON_PERMISSION_NAME));
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Permission Name Tag.");
- cborEncoderResult = cbor_encode_int(&oicSecAclMap, acl->permission);
+ cborEncoderResult = cbor_encode_int(&oicSecAclMap, ace->permission);
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Permission Name Value.");
- // Period -- Not Mandatory
- if (acl->periods)
+ // TODO: Need to verfication for validity
+ // Validity(Time-interval) -- Not Mandatory
+ if(ace->validities)
{
-
- CborEncoder period;
- cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, OIC_JSON_PERIOD_NAME,
- strlen(OIC_JSON_PERIOD_NAME));
- VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Period Tag.");
- cborEncoderResult = cbor_encoder_create_array(&oicSecAclMap, &period, acl->prdRecrLen);
- VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Period Array.");
- for (size_t i = 0; i < acl->prdRecrLen; i++)
+ size_t validityLen = 0;
+ validityElts = NULL;
+ LL_FOREACH(ace->validities, validityElts)
{
- cborEncoderResult = cbor_encode_text_string(&period, acl->periods[i],
- strlen(acl->periods[i]));
- VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Period Value in Array.");
+ validityLen++;
}
- cborEncoderResult = cbor_encoder_close_container(&oicSecAclMap, &period);
- VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Period Array.");
- }
- // Recurrence -- Not Mandatory
- if (acl->recurrences)
- {
- CborEncoder recurrences;
- cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, OIC_JSON_RECURRENCES_NAME,
- strlen(OIC_JSON_RECURRENCES_NAME));
- VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Recurrence Tag.");
- cborEncoderResult = cbor_encoder_create_array(&oicSecAclMap, &recurrences, acl->prdRecrLen);
- VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Recurrence Array.");
-
- for (size_t i = 0; i < acl->prdRecrLen; i++)
+ CborEncoder validities;
+ cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, OIC_JSON_VALIDITY_NAME,
+ strlen(OIC_JSON_VALIDITY_NAME));
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Validity Tag.");
+ cborEncoderResult = cbor_encoder_create_array(&oicSecAclMap, &validities, validityLen);
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Validities Array.");
+
+ //How to add the value w/o "title" using tinycobr...? :(
+
+ validityElts = NULL;
+ LL_FOREACH(ace->validities, validityElts)
{
- cborEncoderResult = cbor_encode_text_string(&recurrences, acl->recurrences[i],
- strlen(acl->recurrences[i]));
- VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Recurrence Array Value.");
+ CborEncoder validity;
+ size_t validitySize = 0;
+ if(validityElts->period)
+ {
+ validitySize++;
+ }
+ if(validityElts->recurrences)
+ {
+ validitySize++;
+ }
+
+ cborEncoderResult = cbor_encoder_create_array(&validities, &validity, validitySize);
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Validity Array.");
+
+ // Period
+ if (validityElts->period)
+ {
+ cborEncoderResult = cbor_encode_text_string(&validity, validityElts->period,
+ strlen(validityElts->period));
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Period Value.");
+ }
+
+ // Recurrence
+ if (validityElts->recurrences)
+ {
+ CborEncoder recurrences;
+ cborEncoderResult = cbor_encoder_create_array(&validity, &recurrences, validityElts->recurrenceLen);
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Recurrence Array.");
+
+ for (size_t i = 0; i < validityElts->recurrenceLen; i++)
+ {
+ cborEncoderResult = cbor_encode_text_string(&recurrences, validityElts->recurrences[i],
+ strlen(validityElts->recurrences[i]));
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Recurrence Array Value.");
+ }
+ cborEncoderResult = cbor_encoder_close_container(&validity, &recurrences);
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Recurrence Array");
+ }
+
+ cborEncoderResult = cbor_encoder_close_container(&validities, &validity);
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Validity Array.");
}
- cborEncoderResult = cbor_encoder_close_container(&oicSecAclMap, &recurrences);
- VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Recurrence Array");
+ cborEncoderResult = cbor_encoder_close_container(&oicSecAclMap, &validities);
+ VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Validities Array.");
}
-
cborEncoderResult = cbor_encoder_close_container(&acesArray, &oicSecAclMap);
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing ACES Map.");
- acl = acl->next;
}
// Close ACES Array
CborError cborFindResult = CborNoError;
cbor_parser_init(cborPayload, size, 0, &parser, &aclCbor);
- OicSecAcl_t *headAcl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
+ OicSecAcl_t *acl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
// Enter ACL Map
CborValue aclMap = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 };
char* tagName = NULL;
size_t len = 0;
CborType type = cbor_value_get_type(&aclMap);
- if (type == CborTextStringType && cbor_value_is_text_string(&aclMap))
+ if (type == CborTextStringType)
{
cborFindResult = cbor_value_dup_text_string(&aclMap, &tagName, &len, NULL);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Name in ACL Map.");
while (cbor_value_is_valid(&aclistMap))
{
char* acName = NULL;
- size_t acLen = 0;
+ size_t readLen = 0;
CborType acType = cbor_value_get_type(&aclistMap);
- if (acType == CborTextStringType && cbor_value_is_text_string(&aclistMap))
+ if (acType == CborTextStringType)
{
- cborFindResult = cbor_value_dup_text_string(&aclistMap, &acName, &acLen, NULL);
+ cborFindResult = cbor_value_dup_text_string(&aclistMap, &acName, &readLen, NULL);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Name in ACLIST Map.");
cborFindResult = cbor_value_advance(&aclistMap);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Value in ACLIST Map.");
}
+
if(acName)
{
if (strcmp(acName, OIC_JSON_ACES_NAME) == 0)
{
-
// Enter ACES Array
- CborValue aclArray = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 };
- cborFindResult = cbor_value_enter_container(&aclistMap, &aclArray);
- VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering ACL Array.");
+ CborValue acesArray = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 };
+ cborFindResult = cbor_value_enter_container(&aclistMap, &acesArray);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering ACES Array.");
int acesCount = 0;
- while (cbor_value_is_valid(&aclArray))
+ while (cbor_value_is_valid(&acesArray))
{
acesCount++;
+ CborValue aceMap = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 };
+ cborFindResult = cbor_value_enter_container(&acesArray, &aceMap);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering ACE Map.");
- CborValue aclMap = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 };
- cborFindResult = cbor_value_enter_container(&aclArray, &aclMap);
- VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering ACL Map.");
- OicSecAcl_t *acl = NULL;
+ OicSecAce_t *ace = NULL;
+ ace = (OicSecAce_t *) OICCalloc(1, sizeof(OicSecAce_t));
+ VERIFY_NON_NULL(TAG, ace, ERROR);
+ LL_APPEND(acl->aces, ace);
- if(acesCount == 1)
- {
- acl = headAcl;
- }
- else
- {
- acl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
- OicSecAcl_t *temp = headAcl;
- while (temp->next)
- {
- temp = temp->next;
- }
- temp->next = acl;
- }
VERIFY_NON_NULL(TAG, acl, ERROR);
- while (cbor_value_is_valid(&aclMap))
+ while (cbor_value_is_valid(&aceMap))
{
char* name = NULL;
size_t len = 0;
- CborType type = cbor_value_get_type(&aclMap);
- if (type == CborTextStringType && cbor_value_is_text_string(&aclMap))
+ CborType type = cbor_value_get_type(&aceMap);
+ if (type == CborTextStringType)
{
- cborFindResult = cbor_value_dup_text_string(&aclMap, &name, &len, NULL);
- VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Name in ACL Map.");
- cborFindResult = cbor_value_advance(&aclMap);
- VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Value in ACL Map.");
+ cborFindResult = cbor_value_dup_text_string(&aceMap, &name, &len, NULL);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Name in ACE Map.");
+ cborFindResult = cbor_value_advance(&aceMap);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Value in ACE Map.");
}
if (name)
{
// Subject -- Mandatory
- if (strcmp(name, OIC_JSON_SUBJECTID_NAME) == 0 && cbor_value_is_text_string(&aclMap))
+ if (strcmp(name, OIC_JSON_SUBJECTID_NAME) == 0)
{
char *subject = NULL;
- cborFindResult = cbor_value_dup_text_string(&aclMap, &subject, &len, NULL);
+ cborFindResult = cbor_value_dup_text_string(&aceMap, &subject, &len, NULL);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding subject Value.");
if(strcmp(subject, WILDCARD_RESOURCE_URI) == 0)
{
- acl->subject.id[0] = '*';
+ ace->subjectuuid.id[0] = '*';
}
else
{
- ret = ConvertStrToUuid(subject, &acl->subject);
+ ret = ConvertStrToUuid(subject, &ace->subjectuuid);
VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
}
OICFree(subject);
if (strcmp(name, OIC_JSON_RESOURCES_NAME) == 0)
{
CborValue resources = { .parser = NULL };
- cborFindResult = cbor_value_get_array_length(&aclMap, &acl->resourcesLen);
- VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Resource Array Len Value.");
- cborFindResult = cbor_value_enter_container(&aclMap, &resources);
+ cborFindResult = cbor_value_enter_container(&aceMap, &resources);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering a Resource Array.");
- acl->resources = (char **) OICMalloc(acl->resourcesLen * sizeof(char*));
- VERIFY_NON_NULL(TAG, acl->resources, ERROR);
- int i = 0;
while (cbor_value_is_valid(&resources))
{
// rMap
cborFindResult = cbor_value_enter_container(&resources, &rMap);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Resource Map");
+ OicSecRsrc_t* rsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+ VERIFY_NON_NULL(TAG, rsrc, ERROR);
+ LL_APPEND(ace->resources, rsrc);
- while(cbor_value_is_valid(&rMap) && cbor_value_is_text_string(&rMap))
+ while(cbor_value_is_valid(&rMap))
{
char *rMapName = NULL;
size_t rMapNameLen = 0;
// "href"
if (0 == strcmp(OIC_JSON_HREF_NAME, rMapName))
{
- // TODO : Need to check data structure of OicSecAcl_t based on RAML spec.
- cborFindResult = cbor_value_dup_text_string(&rMap, &acl->resources[i++], &len, NULL);
+ cborFindResult = cbor_value_dup_text_string(&rMap, &rsrc->href, &len, NULL);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Href Value.");
}
- // "rel"
- if (0 == strcmp(OIC_JSON_REL_NAME, rMapName))
- {
- // TODO : Need to check data structure of OicSecAcl_t based on RAML spec.
- char *relData = NULL;
- cborFindResult = cbor_value_dup_text_string(&rMap, &relData, &len, NULL);
- VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding REL Value.");
- OICFree(relData);
- }
+
// "rt"
- if (0 == strcmp(OIC_JSON_RT_NAME, rMapName))
+ if (0 == strcmp(OIC_JSON_RT_NAME, rMapName) && cbor_value_is_array(&rMap))
{
- // TODO : Need to check data structure of OicSecAcl_t and assign based on RAML spec.
- char *rtData = NULL;
- cborFindResult = cbor_value_dup_text_string(&rMap, &rtData, &len, NULL);
- VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RT Value.");
- OICFree(rtData);
+ cbor_value_get_array_length(&rMap, &rsrc->typeLen);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RT array length.");
+ VERIFY_SUCCESS(TAG, (0 != rsrc->typeLen), ERROR);
+
+ rsrc->types = (char**)OICCalloc(rsrc->typeLen, sizeof(char*));
+ VERIFY_NON_NULL(TAG, rsrc->types, ERROR);
+
+ CborValue resourceTypes;
+ cborFindResult = cbor_value_enter_container(&rMap, &resourceTypes);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering RT Array.");
+
+ for(size_t i = 0; cbor_value_is_valid(&resourceTypes) && cbor_value_is_text_string(&resourceTypes); i++)
+ {
+ cborFindResult = cbor_value_dup_text_string(&resourceTypes, &(rsrc->types[i]), &readLen, NULL);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding resource type.");
+ cborFindResult = cbor_value_advance(&resourceTypes);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing resource type.");
+ }
}
// "if"
- if (0 == strcmp(OIC_JSON_IF_NAME, rMapName))
+ if (0 == strcmp(OIC_JSON_IF_NAME, rMapName) && cbor_value_is_array(&rMap))
{
- // TODO : Need to check data structure of OicSecAcl_t and assign based on RAML spec.
- char *ifData = NULL;
- cborFindResult = cbor_value_dup_text_string(&rMap, &ifData, &len, NULL);
- VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding IF Value.");
- OICFree(ifData);
+ cbor_value_get_array_length(&rMap, &rsrc->interfaceLen);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding IF array length.");
+ VERIFY_SUCCESS(TAG, (0 != rsrc->interfaceLen), ERROR);
+
+ rsrc->interfaces = (char**)OICCalloc(rsrc->interfaceLen, sizeof(char*));
+ VERIFY_NON_NULL(TAG, rsrc->interfaces, ERROR);
+
+ CborValue interfaces;
+ cborFindResult = cbor_value_enter_container(&rMap, &interfaces);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering IF Array.");
+
+ for(size_t i = 0; cbor_value_is_valid(&interfaces) && cbor_value_is_text_string(&interfaces); i++)
+ {
+ cborFindResult = cbor_value_dup_text_string(&interfaces, &(rsrc->interfaces[i]), &readLen, NULL);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding IF type.");
+ cborFindResult = cbor_value_advance(&interfaces);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing IF type.");
+ }
+ }
+
+ // "rel"
+ if (0 == strcmp(OIC_JSON_REL_NAME, rMapName))
+ {
+ cborFindResult = cbor_value_dup_text_string(&rMap, &rsrc->rel, &len, NULL);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding REL Value.");
}
if (cbor_value_is_valid(&rMap))
if (strcmp(name, OIC_JSON_PERMISSION_NAME) == 0)
{
uint64_t tmp64;
-
- cborFindResult = cbor_value_get_uint64(&aclMap, &tmp64);
+ cborFindResult = cbor_value_get_uint64(&aceMap, &tmp64);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a PERM Value.");
- acl->permission = tmp64;
+ ace->permission = (uint16_t)tmp64;
}
- // Period -- Not mandatory
- if (strcmp(name, OIC_JSON_PERIOD_NAME) == 0 && cbor_value_is_array(&aclMap))
+ // TODO: Need to verfication for validity
+ // Validity -- Not mandatory
+ if(strcmp(name, OIC_JSON_VALIDITY_NAME) == 0)
{
- CborValue period = { .parser = NULL };
- cborFindResult = cbor_value_get_array_length(&aclMap, &acl->prdRecrLen);
- VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Period Array Len.");
- cborFindResult = cbor_value_enter_container(&aclMap, &period);
- VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Period Array Map.");
- acl->periods = (char**)OICCalloc(acl->prdRecrLen, sizeof(char*));
- VERIFY_NON_NULL(TAG, acl->periods, ERROR);
- int i = 0;
- while (cbor_value_is_text_string(&period) && cbor_value_is_text_string(&period))
- {
- cborFindResult = cbor_value_dup_text_string(&period, &acl->periods[i++],
- &len, NULL);
- VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Period Array Value.");
- cborFindResult = cbor_value_advance(&period);
- VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing a Period Array.");
- }
- }
+ CborValue validitiesMap = {.parser = NULL};
+ size_t validitySize = 0;
- // Recurrence -- Not mandatory
- if (strcmp(name, OIC_JSON_RECURRENCES_NAME) == 0)
- {
- CborValue recurrences = { .parser = NULL };
- cborFindResult = cbor_value_enter_container(&aclMap, &recurrences);
- VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Adding Recurrence Array.");
- acl->recurrences = (char**)OICCalloc(acl->prdRecrLen, sizeof(char*));
- VERIFY_NON_NULL(TAG, acl->recurrences, ERROR);
- int i = 0;
- while (cbor_value_is_text_string(&recurrences) && cbor_value_is_text_string(&recurrences))
+ cborFindResult = cbor_value_get_array_length(&aceMap, &validitySize);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Validity Array Length.");
+
+ cborFindResult = cbor_value_enter_container(&aceMap, &validitiesMap);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a validity Array Map.");
+
+ while(cbor_value_is_valid(&validitiesMap))
{
- cborFindResult = cbor_value_dup_text_string(&recurrences,
- &acl->recurrences[i++], &len, NULL);
- VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Adding Recurrence Array Value.");
- cborFindResult = cbor_value_advance(&recurrences);
- VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Closing Recurrence Array.");
+ OicSecValidity_t* validity = (OicSecValidity_t*)OICCalloc(1, sizeof(OicSecValidity_t));
+ VERIFY_NON_NULL(TAG, validity, ERROR);
+ LL_APPEND(ace->validities, validity);
+
+ CborValue validityMap = {.parser = NULL};
+ //period (string)
+ cborFindResult = cbor_value_enter_container(&validitiesMap, &validityMap);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a validity Map.");
+
+ size_t len = 0;
+ cborFindResult =cbor_value_dup_text_string(&validityMap, &validity->period, &len, NULL);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Period value.");
+
+ //recurrence (string array)
+ CborValue recurrenceMap = {.parser = NULL};
+ cborFindResult = cbor_value_enter_container(&validityMap, &recurrenceMap);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a recurrence array.");
+
+ cborFindResult = cbor_value_get_array_length(&recurrenceMap, &validity->recurrenceLen);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Adding Recurrence Array.");
+
+ validity->recurrences = (char**)OICCalloc(validity->recurrenceLen, sizeof(char*));
+ VERIFY_NON_NULL(TAG, validity->recurrences, ERROR);
+
+ for(size_t i = 0; cbor_value_is_text_string(&recurrenceMap) && i < validity->recurrenceLen; i++)
+ {
+ cborFindResult = cbor_value_dup_text_string(&recurrenceMap, &validity->recurrences[i], &len, NULL);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a recurrence Value.");
+
+ cborFindResult = cbor_value_advance(&recurrenceMap);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing a recurrences Array.");
+ }
+
+ cborFindResult = cbor_value_advance(&validitiesMap);
+ VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing a validities Array.");
}
}
-
OICFree(name);
}
- if (type != CborMapType && cbor_value_is_valid(&aclMap))
+ if (type != CborMapType && cbor_value_is_valid(&aceMap))
{
- cborFindResult = cbor_value_advance(&aclMap);
+ cborFindResult = cbor_value_advance(&aceMap);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing the Array.");
}
}
- acl->next = NULL;
-
- if (cbor_value_is_valid(&aclArray))
+ if (cbor_value_is_valid(&acesArray))
{
- cborFindResult = cbor_value_advance(&aclArray);
+ cborFindResult = cbor_value_advance(&acesArray);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing ACL Array.");
}
}
}
}
- // TODO : Need to modify headAcl->owners[0].id to headAcl->rowner based on RAML spec.
- if (strcmp(tagName, OIC_JSON_ROWNERID_NAME) == 0 && cbor_value_is_text_string(&aclMap))
+ //rownerID -- Mandatory
+ if (strcmp(tagName, OIC_JSON_ROWNERID_NAME) == 0)
{
char *stRowner = NULL;
cborFindResult = cbor_value_dup_text_string(&aclMap, &stRowner, &len, NULL);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Rownerid Value.");
- ret = ConvertStrToUuid(stRowner, &headAcl->rownerID);
+ ret = ConvertStrToUuid(stRowner, &acl->rownerID);
VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
OICFree(stRowner);
}
if (cborFindResult != CborNoError)
{
OIC_LOG(ERROR, TAG, "Failed to CBORPayloadToAcl");
- DeleteACLList(headAcl);
- headAcl = NULL;
+ DeleteACLList(acl);
+ acl = NULL;
}
- return headAcl;
+
+ return acl;
}
/**
{
OIC_LOG(DEBUG, TAG, "IN RemoveACE");
- OicSecAcl_t *acl = NULL;
- OicSecAcl_t *tempAcl = NULL;
+ OicSecAce_t *ace = NULL;
+ OicSecAce_t *tempAce = NULL;
bool deleteFlag = false;
OCStackResult ret = OC_STACK_NO_RESOURCE;
//If resource is NULL then delete all the ACE for the subject.
if (NULL == resource || resource[0] == '\0')
{
- LL_FOREACH_SAFE(gAcl, acl, tempAcl)
+ LL_FOREACH_SAFE(gAcl->aces, ace, tempAce)
{
- if (memcmp(acl->subject.id, subject->id, sizeof(subject->id)) == 0)
+ if (memcmp(ace->subjectuuid.id, subject->id, sizeof(subject->id)) == 0)
{
- LL_DELETE(gAcl, acl);
- FreeACE(acl);
+ LL_DELETE(gAcl->aces, ace);
+ FreeACE(ace);
deleteFlag = true;
}
}
//resource in the ACE for the subject then delete the whole ACE. If there are more resources
//than the required resource in the ACE, for the subject then just delete the resource from
//the resource array
- LL_FOREACH_SAFE(gAcl, acl, tempAcl)
+ LL_FOREACH_SAFE(gAcl->aces, ace, tempAce)
{
- if (memcmp(acl->subject.id, subject->id, sizeof(subject->id)) == 0)
+ if (memcmp(ace->subjectuuid.id, subject->id, sizeof(subject->id)) == 0)
{
- if (1 == acl->resourcesLen && strcmp(acl->resources[0], resource) == 0)
+ OicSecRsrc_t* rsrc = NULL;
+ OicSecRsrc_t* tempRsrc = NULL;
+ LL_FOREACH_SAFE(ace->resources, rsrc, tempRsrc)
{
- LL_DELETE(gAcl, acl);
- FreeACE(acl);
- deleteFlag = true;
- break;
- }
- else
- {
- size_t resPos = -1;
- size_t i;
- for (i = 0; i < acl->resourcesLen; i++)
- {
- if (strcmp(acl->resources[i], resource) == 0)
- {
- resPos = i;
- break;
- }
- }
- if (0 <= (int) resPos)
+ if(strcmp(rsrc->href, resource) == 0)
{
- OICFree(acl->resources[resPos]);
- acl->resources[resPos] = NULL;
- acl->resourcesLen -= 1;
- for (i = resPos; i < acl->resourcesLen; i++)
- {
- acl->resources[i] = acl->resources[i + 1];
- }
+ LL_DELETE(ace->resources, rsrc);
+ FreeRsrc(rsrc);
deleteFlag = true;
- break;
}
}
+
+ //If resource list is empty
+ if(NULL == ace->resources && true == deleteFlag)
+ {
+ //Remove the ACE from ACL
+ LL_DELETE(gAcl->aces, ace);
+ FreeACE(ace);
+ }
}
}
}
char resource[MAX_URI_LENGTH] = { 0 };
- OicSecAcl_t *savePtr = NULL;
- const OicSecAcl_t *currentAce = NULL;
+ OicSecAce_t *savePtr = NULL;
+ const OicSecAce_t *currentAce = NULL;
+ OicSecAcl_t targetAcl;
+
+ memcpy(&targetAcl.rownerID, &gAcl->rownerID, sizeof(OicUuid_t));
+ targetAcl.aces = NULL;
// 'Subject' field is MUST for processing a querystring in REST request.
GetResourceFromQueryString(ehRequest->query, resource, sizeof(resource));
*/
while ((currentAce = GetACLResourceData(&subject, &savePtr)))
{
+ targetAcl.aces = (OicSecAce_t*)currentAce;
+
/*
* If REST querystring contains a specific resource, we need
* to search for that resource in ACE.
*/
if (resource[0] != '\0')
{
- for (size_t n = 0; n < currentAce->resourcesLen; n++)
+ OicSecRsrc_t *rsrc = NULL;
+ LL_FOREACH(currentAce->resources, rsrc)
{
- if ((currentAce->resources[n])
- && (0 == strcmp(resource, currentAce->resources[n])
- || 0 == strcmp(WILDCARD_RESOURCE_URI, currentAce->resources[n])))
+ if(0 == strcmp(rsrc->href, resource) ||
+ 0 == strcmp(WILDCARD_RESOURCE_URI, rsrc->href))
{
// Convert ACL data into CBOR format for transmission
- if (OC_STACK_OK != AclToCBORPayload(currentAce, &payload, &size))
+ if (OC_STACK_OK != AclToCBORPayload(&targetAcl, &payload, &size))
{
ehRet = OC_EH_ERROR;
}
else
{
// Convert ACL data into CBOR format for transmission
- if (OC_STACK_OK != AclToCBORPayload(currentAce, &payload, &size))
+ if (OC_STACK_OK != AclToCBORPayload(&targetAcl, &payload, &size))
{
ehRet = OC_EH_ERROR;
}
if (newAcl)
{
// Append the new ACL to existing ACL
- LL_APPEND(gAcl, newAcl);
- size_t size = 0;
- // In case of unit test do not update persistant storage.
- if (memcmp(newAcl->subject.id, &WILDCARD_SUBJECT_ID, sizeof(newAcl->subject.id)) == 0
- || memcmp(newAcl->subject.id, &WILDCARD_SUBJECT_B64_ID, sizeof(newAcl->subject.id)) == 0)
+ OicSecAce_t* newAce = NULL;
+ OicSecAce_t* tempAce = NULL;
+ LL_FOREACH_SAFE(newAcl->aces, newAce, tempAce)
{
- ehRet = OC_EH_RESOURCE_CREATED;
+ LL_APPEND(gAcl->aces, newAce);
}
- else
+ newAcl->aces = NULL;
+
+ size_t size = 0;
+ uint8_t *cborPayload = NULL;
+ if (OC_STACK_OK == AclToCBORPayload(gAcl, &cborPayload, &size))
{
- uint8_t *cborPayload = NULL;
- if (OC_STACK_OK == AclToCBORPayload(gAcl, &cborPayload, &size))
+ if (UpdateSecureResourceInPS(OIC_JSON_ACL_NAME, cborPayload, size) == OC_STACK_OK)
{
- if (UpdateSecureResourceInPS(OIC_JSON_ACL_NAME, cborPayload, size) == OC_STACK_OK)
- {
- ehRet = OC_EH_RESOURCE_CREATED;
- }
- OICFree(cborPayload);
+ ehRet = OC_EH_RESOURCE_CREATED;
}
+ OICFree(cborPayload);
}
}
+
+ DeleteACLList(newAcl);
}
// Send payload to request originator
OCStackResult GetDefaultACL(OicSecAcl_t** defaultAcl)
{
OCStackResult ret = OC_STACK_ERROR;
-
OicUuid_t ownerId = { .id = { 0 } };
+ OicSecAcl_t *acl = NULL;
+ OicSecAce_t *ace = NULL;
+ OicSecRsrc_t* resRsrc = NULL;
+ OicSecRsrc_t* deviceRsrc = NULL;
+ OicSecRsrc_t* platformRsrc = NULL;
+ OicSecRsrc_t* aclRsrc = NULL;
+ OicSecRsrc_t* doxmRsrc = NULL;
+ OicSecRsrc_t* pstatRsrc = NULL;
/*
* TODO In future, when new virtual resources will be added in OIC
* mechanism in SVR database.
*/
- const char *rsrcs[] = {
- OC_RSRVD_WELL_KNOWN_URI,
- OC_RSRVD_DEVICE_URI,
- OC_RSRVD_PLATFORM_URI,
- OC_RSRVD_RESOURCE_TYPES_URI,
-#ifdef WITH_PRESENCE
- OC_RSRVD_PRESENCE_URI,
-#endif //WITH_PRESENCE
- OIC_RSRC_ACL_URI,
- OIC_RSRC_DOXM_URI,
- OIC_RSRC_PSTAT_URI,
- };
-
if (!defaultAcl)
{
return OC_STACK_INVALID_PARAM;
}
- OicSecAcl_t *acl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
+ acl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
VERIFY_NON_NULL(TAG, acl, ERROR);
- // Subject -- Mandatory
- memcpy(&(acl->subject), &WILDCARD_SUBJECT_ID, sizeof(acl->subject));
-
- // Resources -- Mandatory
- acl->resourcesLen = sizeof(rsrcs) / sizeof(rsrcs[0]);
+ ace = (OicSecAce_t *) OICCalloc(1, sizeof(OicSecAce_t));
+ VERIFY_NON_NULL(TAG, ace, ERROR);
- acl->resources = (char**) OICCalloc(acl->resourcesLen, sizeof(char*));
- VERIFY_NON_NULL(TAG, (acl->resources), ERROR);
+ LL_APPEND(acl->aces, ace);
- for (size_t i = 0; i < acl->resourcesLen; i++)
- {
- size_t len = strlen(rsrcs[i]) + 1;
- acl->resources[i] = (char*) OICMalloc(len * sizeof(char));
- VERIFY_NON_NULL(TAG, (acl->resources[i]), ERROR);
- OICStrcpy(acl->resources[i], len, rsrcs[i]);
- }
+ // Subject -- Mandatory
+ memcpy(ace->subjectuuid.id, &WILDCARD_SUBJECT_ID, sizeof(OicUuid_t));
- acl->permission = PERMISSION_READ;
- acl->prdRecrLen = 0;
- acl->periods = NULL;
- acl->recurrences = NULL;
+ // Resources -- Mandatory
+ // /oic/res
+ resRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+ VERIFY_NON_NULL(TAG, resRsrc, ERROR);
+ LL_APPEND(ace->resources, resRsrc);
+ resRsrc->href = OICStrdup(OC_RSRVD_WELL_KNOWN_URI);
+ VERIFY_NON_NULL(TAG, (resRsrc->href), ERROR);
+ resRsrc->typeLen = 1;
+ resRsrc->types = (char**)OICCalloc(1, sizeof(char*));
+ VERIFY_NON_NULL(TAG, resRsrc->types, ERROR);
+ resRsrc->types[0] = OICStrdup(OC_RSRVD_RESOURCE_TYPE_RES);
+ VERIFY_NON_NULL(TAG, resRsrc->types[0], ERROR);
+ resRsrc->interfaceLen = 2;
+ resRsrc->interfaces = (char**)OICCalloc(resRsrc->interfaceLen, sizeof(char*));
+ VERIFY_NON_NULL(TAG, resRsrc->interfaces, ERROR);
+ resRsrc->interfaces[0] = OICStrdup(OC_RSRVD_INTERFACE_DEFAULT);
+ VERIFY_NON_NULL(TAG, resRsrc->interfaces[0], ERROR);
+ resRsrc->interfaces[1] = OICStrdup(OC_RSRVD_INTERFACE_READ);
+ VERIFY_NON_NULL(TAG, resRsrc->interfaces[1], ERROR);
+
+ // /oic/d
+ deviceRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+ VERIFY_NON_NULL(TAG, deviceRsrc, ERROR);
+ LL_APPEND(ace->resources, deviceRsrc);
+ deviceRsrc->href = OICStrdup(OC_RSRVD_DEVICE_URI);
+ VERIFY_NON_NULL(TAG, (deviceRsrc->href), ERROR);
+ deviceRsrc->typeLen = 1;
+ deviceRsrc->types = (char**)OICCalloc(1, sizeof(char*));
+ VERIFY_NON_NULL(TAG, deviceRsrc->types, ERROR);
+ deviceRsrc->types[0] = OICStrdup(OC_RSRVD_RESOURCE_TYPE_DEVICE);
+ VERIFY_NON_NULL(TAG, deviceRsrc->types[0], ERROR);
+ deviceRsrc->interfaceLen = 2;
+ deviceRsrc->interfaces = (char**)OICCalloc(deviceRsrc->interfaceLen, sizeof(char*));
+ VERIFY_NON_NULL(TAG, deviceRsrc->interfaces, ERROR);
+ deviceRsrc->interfaces[0] = OICStrdup(OC_RSRVD_INTERFACE_DEFAULT);
+ VERIFY_NON_NULL(TAG, deviceRsrc->interfaces[0], ERROR);
+ deviceRsrc->interfaces[1] = OICStrdup(OC_RSRVD_INTERFACE_READ);
+ VERIFY_NON_NULL(TAG, deviceRsrc->interfaces[1], ERROR);
+
+ // /oic/p
+ platformRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+ VERIFY_NON_NULL(TAG, platformRsrc, ERROR);
+ LL_APPEND(ace->resources, platformRsrc);
+ platformRsrc->href = OICStrdup(OC_RSRVD_PLATFORM_URI);
+ VERIFY_NON_NULL(TAG, (platformRsrc->href), ERROR);
+ platformRsrc->typeLen = 1;
+ platformRsrc->types = (char**)OICCalloc(1, sizeof(char*));
+ VERIFY_NON_NULL(TAG, platformRsrc->types, ERROR);
+ platformRsrc->types[0] = OICStrdup(OC_RSRVD_RESOURCE_TYPE_PLATFORM);
+ VERIFY_NON_NULL(TAG, platformRsrc->types[0], ERROR);
+ platformRsrc->interfaceLen = 2;
+ platformRsrc->interfaces = (char**)OICCalloc(platformRsrc->interfaceLen, sizeof(char*));
+ VERIFY_NON_NULL(TAG, platformRsrc->interfaces, ERROR);
+ platformRsrc->interfaces[0] = OICStrdup(OC_RSRVD_INTERFACE_DEFAULT);
+ VERIFY_NON_NULL(TAG, platformRsrc->interfaces[0], ERROR);
+ platformRsrc->interfaces[1] = OICStrdup(OC_RSRVD_INTERFACE_READ);
+ VERIFY_NON_NULL(TAG, platformRsrc->interfaces[1], ERROR);
+
+ // /oic/sec/acl
+ aclRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+ VERIFY_NON_NULL(TAG, aclRsrc, ERROR);
+ LL_APPEND(ace->resources, aclRsrc);
+ aclRsrc->href = OICStrdup(OIC_RSRC_ACL_URI);
+ VERIFY_NON_NULL(TAG, (aclRsrc->href), ERROR);
+ aclRsrc->typeLen = 1;
+ aclRsrc->types = (char**)OICCalloc(1, sizeof(char*));
+ VERIFY_NON_NULL(TAG, aclRsrc->types, ERROR);
+ aclRsrc->types[0] = OICStrdup(OIC_RSRC_TYPE_SEC_ACL);
+ VERIFY_NON_NULL(TAG, aclRsrc->types[0], ERROR);
+ aclRsrc->interfaceLen = 1;
+ aclRsrc->interfaces = (char**)OICCalloc(aclRsrc->interfaceLen, sizeof(char*));
+ VERIFY_NON_NULL(TAG, aclRsrc->interfaces, ERROR);
+ aclRsrc->interfaces[0] = OICStrdup(OC_RSRVD_INTERFACE_DEFAULT);
+ VERIFY_NON_NULL(TAG, aclRsrc->interfaces[0], ERROR);
+
+ // /oic/sec/doxm
+ doxmRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+ VERIFY_NON_NULL(TAG, doxmRsrc, ERROR);
+ LL_APPEND(ace->resources, doxmRsrc);
+ doxmRsrc->href = OICStrdup(OIC_RSRC_DOXM_URI);
+ VERIFY_NON_NULL(TAG, (doxmRsrc->href), ERROR);
+ doxmRsrc->typeLen = 1;
+ doxmRsrc->types = (char**)OICCalloc(1, sizeof(char*));
+ VERIFY_NON_NULL(TAG, doxmRsrc->types, ERROR);
+ doxmRsrc->types[0] = OICStrdup(OIC_RSRC_TYPE_SEC_DOXM);
+ VERIFY_NON_NULL(TAG, doxmRsrc->types[0], ERROR);
+ doxmRsrc->interfaceLen = 1;
+ doxmRsrc->interfaces = (char**)OICCalloc(doxmRsrc->interfaceLen, sizeof(char*));
+ VERIFY_NON_NULL(TAG, doxmRsrc->interfaces, ERROR);
+ doxmRsrc->interfaces[0] = OICStrdup(OC_RSRVD_INTERFACE_DEFAULT);
+ VERIFY_NON_NULL(TAG, doxmRsrc->interfaces[0], ERROR);
+
+ // /oic/sec/pstat
+ pstatRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+ VERIFY_NON_NULL(TAG, pstatRsrc, ERROR);
+ LL_APPEND(ace->resources, pstatRsrc);
+ pstatRsrc->href = OICStrdup(OIC_RSRC_PSTAT_URI);
+ VERIFY_NON_NULL(TAG, (pstatRsrc->href), ERROR);
+ pstatRsrc->typeLen = 1;
+ pstatRsrc->types = (char**)OICCalloc(1, sizeof(char*));
+ VERIFY_NON_NULL(TAG, pstatRsrc->types, ERROR);
+ pstatRsrc->types[0] = OICStrdup(OIC_RSRC_TYPE_SEC_PSTAT);
+ VERIFY_NON_NULL(TAG, pstatRsrc->types[0], ERROR);
+ pstatRsrc->interfaceLen = 1;
+ pstatRsrc->interfaces = (char**)OICCalloc(pstatRsrc->interfaceLen, sizeof(char*));
+ VERIFY_NON_NULL(TAG, pstatRsrc->interfaces, ERROR);
+ pstatRsrc->interfaces[0] = OICStrdup(OC_RSRVD_INTERFACE_DEFAULT);
+ VERIFY_NON_NULL(TAG, pstatRsrc->interfaces[0], ERROR);
+
+ ace->permission = PERMISSION_READ;
+ ace->validities = NULL;
// Device ID is the owner of this default ACL
if (GetDoxmResourceData() != NULL)
memcpy(&acl->rownerID, &ownerId, sizeof(OicUuid_t));
- acl->next = NULL;
-
*defaultAcl = acl;
ret = OC_STACK_OK;
size_t size = 0;
ret = GetSecureVirtualDatabaseFromPS(OIC_JSON_ACL_NAME, &data, &size);
// If database read failed
- if (ret != OC_STACK_OK)
+ if (OC_STACK_OK != ret)
{
OIC_LOG(DEBUG, TAG, "ReadSVDataFromPS failed");
}
*/
if (!gAcl)
{
- GetDefaultACL(&gAcl);
+ ret = GetDefaultACL(&gAcl);
+ if (OC_STACK_OK != ret)
+ {
+ OIC_LOG(ERROR, TAG, "Failed to create default ACL");
+ }
// TODO Needs to update persistent storage
}
VERIFY_NON_NULL(TAG, gAcl, FATAL);
return ret;
}
-const OicSecAcl_t* GetACLResourceData(const OicUuid_t* subjectId, OicSecAcl_t **savePtr)
+const OicSecAce_t* GetACLResourceData(const OicUuid_t* subjectId, OicSecAce_t **savePtr)
{
- OicSecAcl_t *acl = NULL;
- OicSecAcl_t *begin = NULL;
+ OicSecAce_t *ace = NULL;
+ OicSecAce_t *begin = NULL;
if (NULL == subjectId)
{
*/
if (NULL == *savePtr)
{
- begin = gAcl;
+ begin = gAcl->aces;
}
else
{
* savePtr and assign 'begin' to the next ACL after it in the linked
* list and start searching from there.
*/
- LL_FOREACH(gAcl, acl)
+ LL_FOREACH(gAcl->aces, ace)
{
- if (acl == *savePtr)
+ if (ace == *savePtr)
{
- begin = acl->next;
+ begin = ace->next;
}
}
}
// Find the next ACL corresponding to the 'subjectID' and return it.
- LL_FOREACH(begin, acl)
+ LL_FOREACH(begin, ace)
{
- if (memcmp(&(acl->subject), subjectId, sizeof(OicUuid_t)) == 0)
+ if (memcmp(&(ace->subjectuuid), subjectId, sizeof(OicUuid_t)) == 0)
{
- *savePtr = acl;
- return acl;
+ *savePtr = ace;
+ return ace;
}
}
if (newAcl)
{
// Append the new ACL to existing ACL
- LL_APPEND(gAcl, newAcl);
-
- // Update persistent storage only if it is not WILDCARD_SUBJECT_ID
- if (memcmp(newAcl->subject.id, &WILDCARD_SUBJECT_ID, sizeof(newAcl->subject.id)) == 0
- || memcmp(newAcl->subject.id, &WILDCARD_SUBJECT_B64_ID, sizeof(newAcl->subject.id)) == 0)
+ OicSecAce_t* newAce = NULL;
+ LL_FOREACH(newAcl->aces, newAce)
{
- ret = OC_STACK_OK;
+ LL_APPEND(gAcl->aces, newAce);
}
- else
+
+ size_t size = 0;
+ uint8_t *payload = NULL;
+ if (OC_STACK_OK == AclToCBORPayload(gAcl, &payload, &size))
{
- size_t size = 0;
- uint8_t *payload = NULL;
- if (OC_STACK_OK == AclToCBORPayload(gAcl, &payload, &size))
+ if (UpdateSecureResourceInPS(OIC_JSON_ACL_NAME, payload, size) == OC_STACK_OK)
{
- if (UpdateSecureResourceInPS(OIC_JSON_ACL_NAME, payload, size) == OC_STACK_OK)
- {
- ret = OC_STACK_OK;
- }
- OICFree(payload);
+ ret = OC_STACK_OK;
}
+ OICFree(payload);
}
}
}
/**
- * This function generates default ACL for security resource in case of owned status.
+ * This function generates default ACE for security resource in case of owned status.
*
- * @return Default ACL for security resource.
+ * @return Default ACE for security resource.
*/
-static OicSecAcl_t* GetSecDefaultACL()
+static OicSecAce_t* GetSecDefaultACE()
{
- const char *sec_rsrcs[] = {
- OIC_RSRC_DOXM_URI,
- OIC_RSRC_PSTAT_URI
- };
- OicUuid_t ownerId = {.id = {0}};
- OCStackResult res = OC_STACK_ERROR;
- OicSecAcl_t* newDefaultAcl = (OicSecAcl_t*)OICCalloc(1, sizeof(OicSecAcl_t));
- VERIFY_NON_NULL(TAG, newDefaultAcl, ERROR);
+ const int NUM_OF_DOXM_RT = 1;
+ const int NUM_OF_DOXM_IF = 1;
+ const int NUM_OF_PSTAT_RT = 1;
+ const int NUM_OF_PSTAT_IF = 1;
+ const char *doxmRt[] = { OIC_RSRC_TYPE_SEC_DOXM };
+ const char *pstatRt[] = { OIC_RSRC_TYPE_SEC_PSTAT };
+ const char *doxmIf[] = { OC_RSRVD_INTERFACE_DEFAULT };
+ const char *pstatIf[] = { OC_RSRVD_INTERFACE_DEFAULT };
+ OicSecRsrc_t* doxmRsrc = NULL;
+ OicSecRsrc_t* pstatRsrc = NULL;
+
+ //Generate default ACE
+ OicSecAce_t* newAce = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+ VERIFY_NON_NULL(TAG, newAce, ERROR);
// Subject -- Mandatory
- memcpy(&(newDefaultAcl->subject), &WILDCARD_SUBJECT_ID, WILDCARD_SUBJECT_ID_LEN);
-
- // Resources -- Mandatory
- newDefaultAcl->resourcesLen = NUMBER_OF_DEFAULT_SEC_RSCS;
- newDefaultAcl->resources = (char**)OICCalloc(NUMBER_OF_DEFAULT_SEC_RSCS, sizeof(char*));
- VERIFY_NON_NULL(TAG, (newDefaultAcl->resources), ERROR);
+ memcpy(newAce->subjectuuid.id, &WILDCARD_SUBJECT_ID, WILDCARD_SUBJECT_ID_LEN);
+
+ //Resources -- Mandatory
+ //Add doxm
+ doxmRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+ VERIFY_NON_NULL(TAG, doxmRsrc, ERROR);
+ LL_APPEND(newAce->resources, doxmRsrc);
+ // pstat-href
+ doxmRsrc->href = OICStrdup(OIC_RSRC_DOXM_URI);
+ VERIFY_NON_NULL(TAG, (doxmRsrc->href), ERROR);
+ // pstat-rt
+ doxmRsrc->typeLen = NUM_OF_DOXM_RT;
+ doxmRsrc->types = (char**)OICCalloc(NUM_OF_DOXM_RT, sizeof(char*));
+ VERIFY_NON_NULL(TAG, (doxmRsrc->types), ERROR);
+ for(int i = 0; i < NUM_OF_DOXM_RT; i++)
+ {
+ doxmRsrc->types[i] = OICStrdup(doxmRt[i]);
+ VERIFY_NON_NULL(TAG, (doxmRsrc->types[i]), ERROR);
+ }
+ // pstat-if
+ doxmRsrc->interfaceLen = NUM_OF_DOXM_IF;
+ doxmRsrc->interfaces = (char**)OICCalloc(NUM_OF_DOXM_IF, sizeof(char*));
+ VERIFY_NON_NULL(TAG, (doxmRsrc->interfaces), ERROR);
+ for(int i = 0; i < NUM_OF_DOXM_IF; i++)
+ {
+ doxmRsrc->interfaces[i] = OICStrdup(doxmIf[i]);
+ VERIFY_NON_NULL(TAG, (doxmRsrc->interfaces[i]), ERROR);
+ }
- for (size_t i = 0; i < NUMBER_OF_DEFAULT_SEC_RSCS; i++)
+ //Add pstat
+ pstatRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+ VERIFY_NON_NULL(TAG, pstatRsrc, ERROR);
+ LL_APPEND(newAce->resources, pstatRsrc);
+ //pstat-href
+ pstatRsrc->href = OICStrdup(OIC_RSRC_PSTAT_URI);
+ VERIFY_NON_NULL(TAG, (pstatRsrc->href), ERROR);
+ //pstat-rt
+ pstatRsrc->typeLen = NUM_OF_PSTAT_RT;
+ pstatRsrc->types = (char**)OICCalloc(NUM_OF_PSTAT_RT, sizeof(char*));
+ VERIFY_NON_NULL(TAG, (pstatRsrc->types), ERROR);
+ for(int i = 0; i < NUM_OF_PSTAT_RT; i++)
{
- size_t len = strlen(sec_rsrcs[i]) + 1;
- newDefaultAcl->resources[i] = (char*)OICMalloc(len * sizeof(char));
- VERIFY_NON_NULL(TAG, (newDefaultAcl->resources[i]), ERROR);
- OICStrcpy(newDefaultAcl->resources[i], len, sec_rsrcs[i]);
+ pstatRsrc->types[i] = OICStrdup(pstatRt[i]);
+ VERIFY_NON_NULL(TAG, (pstatRsrc->types[i]), ERROR);
+ }
+ // pstat-if
+ pstatRsrc->interfaceLen = NUM_OF_PSTAT_IF;
+ pstatRsrc->interfaces = (char**)OICCalloc(NUM_OF_PSTAT_IF, sizeof(char*));
+ VERIFY_NON_NULL(TAG, (pstatRsrc->interfaces), ERROR);
+ for(int i = 0; i < NUM_OF_PSTAT_IF; i++)
+ {
+ pstatRsrc->interfaces[i] = OICStrdup(pstatIf[i]);
+ VERIFY_NON_NULL(TAG, (pstatRsrc->interfaces[i]), ERROR);
}
// Permissions -- Mandatory
- newDefaultAcl->permission = PERMISSION_READ;
+ newAce->permission = PERMISSION_READ;
//Period -- Not Mandatory
- newDefaultAcl->prdRecrLen = 0;
- newDefaultAcl->periods = NULL;
-
- //Recurrence -- Not Mandatory
- newDefaultAcl->recurrences = NULL;
-
- // Device ID is the owner of this default ACL
- res = GetDoxmDeviceID(&ownerId);
- VERIFY_SUCCESS(TAG, OC_STACK_OK == res, FATAL);
-
- // Owners -- Mandatory
- memcpy(&newDefaultAcl->rownerID, &ownerId, sizeof(OicUuid_t));
+ newAce->validities = NULL;
- return newDefaultAcl;
+ return newAce;
exit:
- DeleteACLList(newDefaultAcl);
+ FreeACE(newAce);
return NULL;
}
-OCStackResult UpdateDefaultSecProvACL()
+OCStackResult UpdateDefaultSecProvACE()
{
OCStackResult ret = OC_STACK_OK;
- OicSecAcl_t *acl = NULL;
- OicSecAcl_t *tmp = NULL;
+ OicSecAce_t *ace = NULL;
+ OicSecAce_t *tempAce = NULL;
if(gAcl)
{
int matchedRsrc = 0;
bool isRemoved = false;
- LL_FOREACH_SAFE(gAcl, acl, tmp)
+ LL_FOREACH_SAFE(gAcl->aces, ace, tempAce)
{
//Find default security resource ACL
- if(memcmp(&acl->subject, &WILDCARD_SUBJECT_ID, sizeof(OicUuid_t)) == 0 &&
- ((PERMISSION_READ | PERMISSION_WRITE) == acl->permission))
+ if(memcmp(&ace->subjectuuid, &WILDCARD_SUBJECT_ID, sizeof(OicUuid_t)) == 0 &&
+ ((PERMISSION_READ | PERMISSION_WRITE) == ace->permission))
{
matchedRsrc = 0;
- for(size_t i = 0; i < acl->resourcesLen; i++)
+ OicSecRsrc_t* rsrc = NULL;
+ LL_FOREACH(ace->resources, rsrc)
{
- if(strncmp(acl->resources[i], OIC_RSRC_DOXM_URI,
+ if(strncmp(rsrc->href, OIC_RSRC_DOXM_URI,
strlen(OIC_RSRC_DOXM_URI) + 1) == 0 ||
- strncmp(acl->resources[i], OIC_RSRC_CRED_URI,
+ strncmp(rsrc->href, OIC_RSRC_CRED_URI,
strlen(OIC_RSRC_CRED_URI) + 1) == 0 ||
- strncmp(acl->resources[i], OIC_RSRC_ACL_URI,
+ strncmp(rsrc->href, OIC_RSRC_ACL_URI,
strlen(OIC_RSRC_ACL_URI) + 1) == 0 ||
- strncmp(acl->resources[i], OIC_RSRC_PSTAT_URI,
+ strncmp(rsrc->href, OIC_RSRC_PSTAT_URI,
strlen(OIC_RSRC_PSTAT_URI) + 1) == 0)
{
matchedRsrc++;
//If default security resource ACL is detected, delete it.
if(NUMBER_OF_SEC_PROV_RSCS == matchedRsrc)
{
- LL_DELETE(gAcl, acl);
- FreeACE(acl);
+ LL_DELETE(gAcl->aces, ace);
+ FreeACE(ace);
isRemoved = true;
}
}
if(isRemoved)
{
/*
- * Generate new security resource ACL as follows :
+ * Generate new security resource ACE as follows :
* subject : "*"
* resources : '/oic/sec/doxm', '/oic/sec/pstat'
* permission : READ
*/
- OicSecAcl_t *newDefaultAcl = GetSecDefaultACL();
- if (newDefaultAcl)
+ OicSecAce_t *secDefaultAce = GetSecDefaultACE();
+ if (secDefaultAce)
{
- LL_APPEND(gAcl, newDefaultAcl);
+ LL_APPEND(gAcl->aces, secDefaultAce);
size_t size = 0;
uint8_t *payload = NULL;
// Update new state in persistent storage
if (UpdatePersistentStorage(gDoxm))
{
- //Update default ACL of security resource to prevent anonymous user access.
- if(OC_STACK_OK == UpdateDefaultSecProvACL())
+ //Update default ACE of security resource to prevent anonymous user access.
+ if(OC_STACK_OK == UpdateDefaultSecProvACE())
{
ehRet = OC_EH_OK;
}
}
uint8_t pairingPSK[OWNER_PSK_LENGTH_128] = {0};
- OicSecKey_t pairingKey = {pairingPSK, OWNER_PSK_LENGTH_128};
+ OicSecKey_t pairingKey = {pairingPSK, OWNER_PSK_LENGTH_128, OIC_ENCODING_RAW};
//Generating PairingPSK using OwnerPSK scheme
CAResult_t pskRet = CAGenerateOwnerPSK((const CAEndpoint_t *)endpoint,
OicSecPdAcl_t *pdAcl;
LL_FOREACH(pconf->pdacls, pdAcl)
{
- OicSecAcl_t acl;
- memset(&acl, 0, sizeof(OicSecAcl_t));
- memcpy(&acl.subject, &gDpair->pdeviceID, sizeof(OicUuid_t));
- acl.resources = pdAcl->resources;
- acl.resourcesLen = pdAcl->resourcesLen;
- memcpy(&acl.rownerID, &pconf->rownerID, sizeof(OicUuid_t));
- acl.permission = pdAcl->permission;
- acl.periods = pdAcl->periods;
- acl.recurrences = pdAcl->recurrences;
- acl.prdRecrLen = pdAcl->prdRecrLen;
+ OicSecAcl_t* acl = (OicSecAcl_t*)OICCalloc(1, sizeof(OicSecAcl_t));
+ VERIFY_NON_NULL(TAG, acl, ERROR);
+
+ OicSecAce_t* ace = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+ VERIFY_NON_NULL(TAG, ace, ERROR);
+
+ LL_APPEND(acl->aces, ace);
+
+ memcpy(&ace->subjectuuid, &gDpair->pdeviceID, sizeof(OicUuid_t));
+
+ for(size_t i = 0; i < pdAcl->resourcesLen; i++)
+ {
+ OicSecRsrc_t* rsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+ VERIFY_NON_NULL(TAG, rsrc, ERROR);
+
+ size_t rsrcLen = strlen(pdAcl->resources[i]) + 1;
+ rsrc->href = (char*)OICMalloc(rsrcLen * sizeof(char));
+ VERIFY_NON_NULL(TAG, (rsrc->href), ERROR);
+
+ OICStrcpy(rsrc->href, rsrcLen, pdAcl->resources[i]);
+ LL_APPEND(ace->resources, rsrc);
+ }
+
+ ace->permission = pdAcl->permission;
+
+ //Copy the validity
+ if(pdAcl->periods || pdAcl->recurrences)
+ {
+ OicSecValidity_t* validity = (OicSecValidity_t*)OICCalloc(1, sizeof(OicSecValidity_t));
+ VERIFY_NON_NULL(TAG, validity, ERROR);
+
+ if(pdAcl->periods && pdAcl->periods[0])
+ {
+ size_t periodLen = strlen(pdAcl->periods[0]) + 1;
+ validity->period = (char*)OICMalloc(periodLen * sizeof(char));
+ VERIFY_NON_NULL(TAG, (validity->period), ERROR);
+ OICStrcpy(validity->period, periodLen, pdAcl->periods[0]);
+ }
+
+ if(pdAcl->recurrences && 0 < pdAcl->prdRecrLen)
+ {
+ validity->recurrenceLen = pdAcl->prdRecrLen;
+ validity->recurrences = (char**)OICMalloc(sizeof(char*) * pdAcl->prdRecrLen);
+ VERIFY_NON_NULL(TAG, (validity->recurrences), ERROR);
+
+ for(size_t i = 0; i < pdAcl->prdRecrLen; i++)
+ {
+ size_t recurrenceLen = strlen(pdAcl->recurrences[i]) + 1;
+ validity->recurrences[i] = (char*)OICMalloc(recurrenceLen * sizeof(char));
+ VERIFY_NON_NULL(TAG, (validity->recurrences[i]), ERROR);
+
+ OICStrcpy(validity->recurrences[i], recurrenceLen, pdAcl->recurrences[i]);
+ }
+ }
+
+ LL_APPEND(ace->validities, validity);
+ }
size_t size = 0;
uint8_t *payload = NULL;
- if (OC_STACK_OK == AclToCBORPayload(&acl, &payload, &size))
+ if (OC_STACK_OK == AclToCBORPayload(acl, &payload, &size))
{
InstallNewACL(payload, size);
OICFree(payload);
}
+ DeleteACLList(acl);
}
//update pconf device list
//-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
#include <string.h>
+#include "utlist.h"
#include "oic_malloc.h"
#include "policyengine.h"
#include "amsmgr.h"
* @return true if access is within valid time period or if the period or recurrence is not present.
* false if period and recurrence present and the access is not within valid time period.
*/
-static bool IsAccessWithinValidTime(const OicSecAcl_t *acl)
+static bool IsAccessWithinValidTime(const OicSecAce_t *ace)
{
#ifndef WITH_ARDUINO //Period & Recurrence not supported on Arduino due
- //lack of absolute time
- if (NULL== acl || NULL == acl->periods || 0 == acl->prdRecrLen)
+ //lack of absolute time
+ if (NULL== ace || NULL == ace->validities)
{
return true;
}
//periods & recurrences rules are paired.
- if (NULL == acl->recurrences)
+ if (NULL == ace->validities->recurrences)
{
return false;
}
- for (size_t i = 0; i < acl->prdRecrLen; i++)
+ OicSecValidity_t* validity = NULL;
+ LL_FOREACH(ace->validities, validity)
{
- if (IOTVTICAL_VALID_ACCESS == IsRequestWithinValidTime(acl->periods[i],
- acl->recurrences[i]))
+ for(size_t i = 0; i < validity->recurrenceLen; i++)
{
- OIC_LOG(INFO, TAG, "Access request is in allowed time period");
- return true;
+ if (IOTVTICAL_VALID_ACCESS == IsRequestWithinValidTime(validity->period,
+ validity->recurrences[i]))
+ {
+ OIC_LOG(INFO, TAG, "Access request is in allowed time period");
+ return true;
+ }
}
}
OIC_LOG(ERROR, TAG, "Access request is in invalid time period");
}
/**
- * Check whether 'resource' is in the passed ACL.
+ * Check whether 'resource' is in the passed ACE.
*
* @param resource is the resource being searched.
- * @param acl is the ACL to check.
+ * @param ace is the ACE to check.
*
* @return true if 'resource' found, otherwise false.
*/
- static bool IsResourceInAcl(const char *resource, const OicSecAcl_t *acl)
+ static bool IsResourceInAce(const char *resource, const OicSecAce_t *ace)
{
- if (NULL== acl || NULL == resource)
+ if (NULL== ace || NULL == resource)
{
return false;
}
- for (size_t n = 0; n < acl->resourcesLen; n++)
- {
- if (0 == strcmp(resource, acl->resources[n]) || // TODO null terms?
- 0 == strcmp(WILDCARD_RESOURCE_URI, acl->resources[n]))
+ OicSecRsrc_t* rsrc = NULL;
+ LL_FOREACH(ace->resources, rsrc)
+ {
+ if (0 == strcmp(resource, rsrc->href) || // TODO null terms?
+ 0 == strcmp(WILDCARD_RESOURCE_URI, rsrc->href))
{
return true;
}
OIC_LOG(DEBUG, TAG, "Entering ProcessAccessRequest()");
if (NULL != context)
{
- const OicSecAcl_t *currentAcl = NULL;
- OicSecAcl_t *savePtr = NULL;
+ const OicSecAce_t *currentAce = NULL;
+ OicSecAce_t *savePtr = NULL;
// Start out assuming subject not found.
context->retVal = ACCESS_DENIED_SUBJECT_NOT_FOUND;
// ACL for this request.
do
{
- OIC_LOG_V(DEBUG, TAG, "%s: getting ACL..." ,__func__);
- currentAcl = GetACLResourceData(&context->subject, &savePtr);
+ OIC_LOG_V(DEBUG, TAG, "%s: getting ACE..." ,__func__);
+ currentAce = GetACLResourceData(&context->subject, &savePtr);
- if (NULL != currentAcl)
+ if (NULL != currentAce)
{
// Found the subject, so how about resource?
- OIC_LOG_V(DEBUG, TAG, "%s:found ACL matching subject" ,__func__);
+ OIC_LOG_V(DEBUG, TAG, "%s:found ACE matching subject" ,__func__);
// Subject was found, so err changes to Rsrc not found for now.
context->retVal = ACCESS_DENIED_RESOURCE_NOT_FOUND;
OIC_LOG_V(DEBUG, TAG, "%s:Searching for resource..." ,__func__);
- if (IsResourceInAcl(context->resource, currentAcl))
+ if (IsResourceInAce(context->resource, currentAce))
{
- OIC_LOG_V(INFO, TAG, "%s:found matching resource in ACL" ,__func__);
+ OIC_LOG_V(INFO, TAG, "%s:found matching resource in ACE" ,__func__);
context->matchingAclFound = true;
// Found the resource, so it's down to valid period & permission.
context->retVal = ACCESS_DENIED_INVALID_PERIOD;
- if (IsAccessWithinValidTime(currentAcl))
+ if (IsAccessWithinValidTime(currentAce))
{
context->retVal = ACCESS_DENIED_INSUFFICIENT_PERMISSION;
- if (IsPermissionAllowingRequest(currentAcl->permission, context->permission))
+ if (IsPermissionAllowingRequest(currentAce->permission, context->permission))
{
context->retVal = ACCESS_GRANTED;
}
{
OIC_LOG_V(INFO, TAG, "%s:no ACL found matching subject for resource %s",__func__, context->resource);
}
- } while ((NULL != currentAcl) && (false == context->matchingAclFound));
+ } while ((NULL != currentAce) && (false == context->matchingAclFound));
if (IsAccessGranted(context->retVal))
{
#include <stdlib.h>
#include "securevirtualresourcetypes.h"
+#include "octypes.h"
const char * SVR_DB_FILE_NAME = "oic_svr_db.json";
const char * SVR_DB_DAT_FILE_NAME = "oic_svr_db.dat";
const char * OIC_JSON_OPTDATA_NAME = "optdata";
const char * OIC_JSON_SERVICE_DEVICE_ID = "svcdid";
const char * OIC_JSON_SERVICE_TYPE = "svct";
+const char* OIC_JSON_VALIDITY_NAME = "validity";
const char * OIC_JSON_PERIOD_NAME = "period";
const char * OIC_JSON_PERIODS_NAME = "prds";
const char * OIC_JSON_CRMS_NAME = "crms";
const char * OIC_JSON_SPM_NAME = "spm";
const char * OIC_JSON_PDEVICE_ID_NAME = "pdeviceuuid";
const char * OIC_JSON_RLIST_NAME = "rlist";
-const char * OIC_JSON_HREF_NAME = "href";
-const char * OIC_JSON_REL_NAME = "rel";
-const char * OIC_JSON_RT_NAME = "rt";
-const char * OIC_JSON_IF_NAME = "if";
+const char * OIC_JSON_HREF_NAME = OC_RSRVD_HREF;
+const char * OIC_JSON_REL_NAME = OC_RSRVD_REL;
+const char * OIC_JSON_RT_NAME = OC_RSRVD_RESOURCE_TYPE;
+const char * OIC_JSON_IF_NAME = OC_RSRVD_INTERFACE;
const char * OIC_JSON_ROWNERID_NAME = "rowneruuid";
const char * OIC_JSON_ENCODING_NAME = "encoding";
const char * OIC_JSON_DATA_NAME = "data";
#include <stdlib.h>
#include <string.h>
+#include "utlist.h"
#include "cJSON.h"
#include "base64.h"
#include "cainterface.h"
cJSON *jsonAcl = cJSON_GetArrayItem(jsonAclArray, idx);
VERIFY_NON_NULL(TAG, jsonAcl, ERROR);
- OicSecAcl_t *acl = NULL;
- if(idx == 0)
- {
- acl = headAcl;
- }
- else
- {
- acl = (OicSecAcl_t*)OICCalloc(1, sizeof(OicSecAcl_t));
- OicSecAcl_t *temp = headAcl;
- while (temp->next)
- {
- temp = temp->next;
- }
- temp->next = acl;
- }
-
- VERIFY_NON_NULL(TAG, acl, ERROR);
+ OicSecAce_t *ace = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+ VERIFY_NON_NULL(TAG, ace, ERROR);
+ LL_APPEND(headAcl->aces, ace);
size_t jsonObjLen = 0;
cJSON *jsonObj = NULL;
VERIFY_SUCCESS(TAG, cJSON_String == jsonObj->type, ERROR);
if(strcmp(jsonObj->valuestring, WILDCARD_RESOURCE_URI) == 0)
{
- acl->subject.id[0] = '*';
+ ace->subjectuuid.id[0] = '*';
}
else
{
- ret = ConvertStrToUuid(jsonObj->valuestring, &acl->subject);
+ ret = ConvertStrToUuid(jsonObj->valuestring, &ace->subjectuuid);
VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR);
}
// Resources -- Mandatory
VERIFY_NON_NULL(TAG, jsonObj, ERROR);
VERIFY_SUCCESS(TAG, cJSON_Array == jsonObj->type, ERROR);
- acl->resourcesLen = (size_t)cJSON_GetArraySize(jsonObj);
-
- VERIFY_SUCCESS(TAG, acl->resourcesLen > 0, ERROR);
- acl->resources = (char**)OICCalloc(acl->resourcesLen, sizeof(char*));
- VERIFY_NON_NULL(TAG, (acl->resources), ERROR);
+ size_t resourcesLen = (size_t)cJSON_GetArraySize(jsonObj);
+ VERIFY_SUCCESS(TAG, resourcesLen > 0, ERROR);
- size_t idxx = 0;
- do
+ for(size_t idxx = 0; idxx < resourcesLen; idxx++)
{
+ OicSecRsrc_t* rsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+ VERIFY_NON_NULL(TAG, rsrc, ERROR);
+
cJSON *jsonRsrc = cJSON_GetArrayItem(jsonObj, idxx);
VERIFY_NON_NULL(TAG, jsonRsrc, ERROR);
+ //href
size_t jsonRsrcObjLen = 0;
cJSON *jsonRsrcObj = cJSON_GetObjectItem(jsonRsrc, OIC_JSON_HREF_NAME);
VERIFY_NON_NULL(TAG, jsonRsrcObj, ERROR);
VERIFY_SUCCESS(TAG, cJSON_String == jsonRsrcObj->type, ERROR);
jsonRsrcObjLen = strlen(jsonRsrcObj->valuestring) + 1;
- acl->resources[idxx] = (char*)OICMalloc(jsonRsrcObjLen);
+ rsrc->href = (char*)OICMalloc(jsonRsrcObjLen);
+ VERIFY_NON_NULL(TAG, (rsrc->href), ERROR);
+ OICStrcpy(rsrc->href, jsonRsrcObjLen, jsonRsrcObj->valuestring);
+
+ //rel
+ jsonRsrcObj = cJSON_GetObjectItem(jsonRsrc, OIC_JSON_REL_NAME);
+ if(jsonRsrcObj)
+ {
+ jsonRsrcObjLen = strlen(jsonRsrcObj->valuestring) + 1;
+ rsrc->rel = (char*)OICMalloc(jsonRsrcObjLen);
+ VERIFY_NON_NULL(TAG, (rsrc->rel), ERROR);
+ OICStrcpy(rsrc->rel, jsonRsrcObjLen, jsonRsrcObj->valuestring);
+ }
- VERIFY_NON_NULL(TAG, (acl->resources[idxx]), ERROR);
- OICStrcpy(acl->resources[idxx], jsonRsrcObjLen, jsonRsrcObj->valuestring);
+ //rt
+ jsonRsrcObj = cJSON_GetObjectItem(jsonRsrc, OIC_JSON_RT_NAME);
+ if(jsonRsrcObj && cJSON_Array == jsonRsrcObj->type)
+ {
+ rsrc->typeLen = (size_t)cJSON_GetArraySize(jsonRsrcObj);
+ VERIFY_SUCCESS(TAG, (0 < rsrc->typeLen), ERROR);
+ rsrc->types = (char**)OICCalloc(rsrc->typeLen, sizeof(char*));
+ VERIFY_NON_NULL(TAG, (rsrc->types), ERROR);
+ for(size_t i = 0; i < rsrc->typeLen; i++)
+ {
+ cJSON *jsonRsrcType = cJSON_GetArrayItem(jsonRsrcObj, i);
+ rsrc->types[i] = OICStrdup(jsonRsrcType->valuestring);
+ VERIFY_NON_NULL(TAG, (rsrc->types[i]), ERROR);
+ }
+ }
+
+ //if
+ jsonRsrcObj = cJSON_GetObjectItem(jsonRsrc, OIC_JSON_IF_NAME);
+ if(jsonRsrcObj && cJSON_Array == jsonRsrcObj->type)
+ {
+ rsrc->interfaceLen = (size_t)cJSON_GetArraySize(jsonRsrcObj);
+ VERIFY_SUCCESS(TAG, (0 < rsrc->interfaceLen), ERROR);
+ rsrc->interfaces = (char**)OICCalloc(rsrc->interfaceLen, sizeof(char*));
+ VERIFY_NON_NULL(TAG, (rsrc->interfaces), ERROR);
+ for(size_t i = 0; i < rsrc->interfaceLen; i++)
+ {
+ cJSON *jsonInterface = cJSON_GetArrayItem(jsonRsrcObj, i);
+ rsrc->interfaces[i] = OICStrdup(jsonInterface->valuestring);
+ VERIFY_NON_NULL(TAG, (rsrc->interfaces[i]), ERROR);
+ }
+ }
- } while ( ++idxx < acl->resourcesLen);
+ LL_APPEND(ace->resources, rsrc);
+ }
// Permissions -- Mandatory
jsonObj = cJSON_GetObjectItem(jsonAcl, OIC_JSON_PERMISSION_NAME);
VERIFY_NON_NULL(TAG, jsonObj, ERROR);
VERIFY_SUCCESS(TAG, cJSON_Number == jsonObj->type, ERROR);
- acl->permission = jsonObj->valueint;
- //Period -- Not Mandatory
- cJSON *jsonPeriodObj = cJSON_GetObjectItem(jsonAcl, OIC_JSON_PERIOD_NAME);
- if(jsonPeriodObj)
+ ace->permission = jsonObj->valueint;
+
+ //Validity -- Not Mandatory
+ cJSON *jsonValidityObj = cJSON_GetObjectItem(jsonAcl, OIC_JSON_VALIDITY_NAME);
+ if(jsonValidityObj)
{
- VERIFY_SUCCESS(TAG, cJSON_Array == jsonPeriodObj->type, ERROR);
- acl->prdRecrLen = (size_t)cJSON_GetArraySize(jsonPeriodObj);
- if(acl->prdRecrLen > 0)
+ VERIFY_SUCCESS(TAG, cJSON_Array == jsonValidityObj->type, ERROR);
+ size_t validityLen = cJSON_GetArraySize(jsonValidityObj);
+ VERIFY_SUCCESS(TAG, (0 < validityLen), ERROR);
+
+ cJSON *jsonValidity = NULL;
+ for(size_t i = 0; i < validityLen; i++)
{
- acl->periods = (char**)OICCalloc(acl->prdRecrLen, sizeof(char*));
- VERIFY_NON_NULL(TAG, acl->periods, ERROR);
+ jsonValidity = cJSON_GetArrayItem(jsonValidityObj, i);
+ VERIFY_NON_NULL(TAG, jsonValidity, ERROR);
+ VERIFY_SUCCESS(TAG, (jsonValidity->type == cJSON_Array), ERROR);
+
+ OicSecValidity_t* validity = (OicSecValidity_t*)OICCalloc(1, sizeof(OicSecValidity_t));
+ VERIFY_NON_NULL(TAG, validity, ERROR);
+ LL_APPEND(ace->validities, validity);
- cJSON *jsonPeriod = NULL;
- for(size_t i = 0; i < acl->prdRecrLen; i++)
+ //Period
+ cJSON* jsonPeriod = cJSON_GetArrayItem(jsonValidity, 0);
+ if(jsonPeriod)
{
- jsonPeriod = cJSON_GetArrayItem(jsonPeriodObj, i);
- VERIFY_NON_NULL(TAG, jsonPeriod, ERROR);
+ VERIFY_SUCCESS(TAG, (cJSON_String == jsonPeriod->type), ERROR);
jsonObjLen = strlen(jsonPeriod->valuestring) + 1;
- acl->periods[i] = (char*)OICMalloc(jsonObjLen);
- VERIFY_NON_NULL(TAG, acl->periods[i], ERROR);
- OICStrcpy(acl->periods[i], jsonObjLen, jsonPeriod->valuestring);
+ validity->period = (char*)OICMalloc(jsonObjLen);
+ VERIFY_NON_NULL(TAG, validity->period, ERROR);
+ OICStrcpy(validity->period, jsonObjLen, jsonPeriod->valuestring);
}
- }
- }
- //Recurrence -- Not mandatory
- cJSON *jsonRecurObj = cJSON_GetObjectItem(jsonAcl, OIC_JSON_RECURRENCES_NAME);
- if(jsonRecurObj)
- {
-
- VERIFY_SUCCESS(TAG, cJSON_Array == jsonRecurObj->type, ERROR);
- if(acl->prdRecrLen > 0)
- {
- acl->recurrences = (char**)OICCalloc(acl->prdRecrLen, sizeof(char*));
- VERIFY_NON_NULL(TAG, acl->recurrences, ERROR);
-
- cJSON *jsonRecur = NULL;
- for(size_t i = 0; i < acl->prdRecrLen; i++)
+ //Recurrence
+ cJSON* jsonRecurObj = cJSON_GetArrayItem(jsonValidity, 1);
+ if(jsonRecurObj)
{
- jsonRecur = cJSON_GetArrayItem(jsonRecurObj, i);
- VERIFY_NON_NULL(TAG, jsonRecur, ERROR);
- jsonObjLen = strlen(jsonRecur->valuestring) + 1;
- acl->recurrences[i] = (char*)OICMalloc(jsonObjLen);
- VERIFY_NON_NULL(TAG, acl->recurrences[i], ERROR);
- OICStrcpy(acl->recurrences[i], jsonObjLen, jsonRecur->valuestring);
+ VERIFY_SUCCESS(TAG, (cJSON_Array == jsonRecurObj->type), ERROR);
+ validity->recurrenceLen = cJSON_GetArraySize(jsonRecurObj);
+ VERIFY_SUCCESS(TAG, (0 < validity->recurrenceLen), ERROR);
+
+ validity->recurrences = (char**)OICCalloc(validity->recurrenceLen, sizeof(char*));
+ VERIFY_NON_NULL(TAG, validity->recurrences, ERROR);
+
+ cJSON *jsonRecur = NULL;
+ for(size_t i = 0; i < validity->recurrenceLen; i++)
+ {
+ jsonRecur = cJSON_GetArrayItem(jsonRecurObj, i);
+ VERIFY_NON_NULL(TAG, jsonRecur, ERROR);
+ jsonObjLen = strlen(jsonRecur->valuestring) + 1;
+ validity->recurrences[i] = (char*)OICMalloc(jsonObjLen);
+ VERIFY_NON_NULL(TAG, validity->recurrences[i], ERROR);
+ OICStrcpy(validity->recurrences[i], jsonObjLen, jsonRecur->valuestring);
+ }
}
}
}
-
- acl->next = NULL;
-
} while( ++idx < numAcl);
}
int numCred = cJSON_GetArraySize(jsonCredArray);
VERIFY_SUCCESS(TAG, numCred > 0, ERROR);
int idx = 0;
- size_t ownersLen = 0;
do
{
cJSON *jsonCred = cJSON_GetArrayItem(jsonCredArray, idx);
VERIFY_NON_NULL(TAG, (cred->privateData.data), ERROR);
memcpy(cred->privateData.data, jsonPriv->valuestring, jsonObjLen);
cred->privateData.len = jsonObjLen;
+
+ cJSON *jsonEncoding = cJSON_GetObjectItem(jsonObj, OIC_JSON_ENCODING_NAME);
+ VERIFY_NON_NULL(TAG, jsonEncoding, ERROR);
+
+ if(strcmp(OIC_SEC_ENCODING_RAW, jsonEncoding->valuestring) == 0)
+ {
+ cred->privateData.encoding = OIC_ENCODING_RAW;
+ }
+ else if(strcmp(OIC_SEC_ENCODING_BASE64, jsonEncoding->valuestring) == 0)
+ {
+ cred->privateData.encoding = OIC_ENCODING_BASE64;
+ }
+ else
+ {
+ printf("Unknow encoding type dectected!\n");
+ printf("json2cbor will use \"oic.sec.encoding.raw\" as default encoding type.\n");
+ cred->privateData.encoding = OIC_ENCODING_RAW;
+ }
}
#ifdef __WITH_X509__
//PublicData is mandatory only for SIGNED_ASYMMETRIC_KEY credentials type.
//-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
#include "gtest/gtest.h"
+#include "utlist.h"
#include <sys/stat.h>
#include "ocstack.h"
#include "psinterface.h"
#define NUM_ACE_FOR_WILDCARD_IN_ACL1_DAT (1)
-TEST(ACLResourceTest, CBORDefaultACLConversion)
+static bool AddResourceToACE(OicSecAce_t* ace, const char* rsrcName,
+ const char* typeName, const char* interfaceName)
{
- OicSecAcl_t *defaultAcl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
- ASSERT_TRUE(defaultAcl != NULL);
- uint8_t defaultAclSub[] = { 0x2a };
- memcpy(defaultAcl->subject.id, defaultAclSub, sizeof(defaultAclSub));
- defaultAcl->permission = 2;
- const char *defaulAclRsrc[] = { "/oic/res", "/oic/d", "/oic/p", "/oic/res/types/d",
- "/oic/ad", "/oic/sec/acl", "/oic/sec/doxm", "/oic/sec/pstat"};
- defaultAcl->resourcesLen = 8;
- defaultAcl->resources = (char **)OICCalloc(defaultAcl->resourcesLen, sizeof(char *));
- ASSERT_TRUE(defaultAcl->resources != NULL);
- for (size_t i = 0 ; i < defaultAcl->resourcesLen; i++)
+ OicSecRsrc_t* rsrc = NULL;
+
+ VERIFY_NON_NULL(TAG, ace, ERROR);
+ VERIFY_NON_NULL(TAG, rsrcName, ERROR);
+ VERIFY_NON_NULL(TAG, interfaceName, ERROR);
+ VERIFY_NON_NULL(TAG, typeName, ERROR);
+
+ rsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+ VERIFY_NON_NULL(TAG, rsrc, ERROR);
+ rsrc->href = OICStrdup(rsrcName);
+ VERIFY_NON_NULL(TAG, rsrc->href, ERROR);
+
+ rsrc->typeLen = 1;
+ rsrc->types = (char**)OICCalloc(1, sizeof(char*));
+ VERIFY_NON_NULL(TAG, rsrc->types, ERROR);
+ rsrc->types[0] = OICStrdup(typeName);
+ VERIFY_NON_NULL(TAG, rsrc->types[0], ERROR);
+
+ rsrc->interfaceLen = 1;
+ rsrc->interfaces = (char**)OICCalloc(1, sizeof(char*));
+ VERIFY_NON_NULL(TAG, rsrc->interfaces, ERROR);
+ rsrc->interfaces[0] = OICStrdup(interfaceName);
+ VERIFY_NON_NULL(TAG, rsrc->interfaces[0], ERROR);
+
+ LL_APPEND(ace->resources, rsrc);
+ return true;
+exit:
+ if(rsrc)
+ {
+ if(rsrc->href)
+ {
+ OICFree(rsrc->href);
+ OICFree(rsrc->types[0]);
+ OICFree(rsrc->types);
+ OICFree(rsrc->interfaces[0]);
+ OICFree(rsrc->interfaces);
+ }
+ OICFree(rsrc);
+ }
+ return false;
+}
+
+static int GetNumberOfResource(const OicSecAce_t* ace)
+{
+ int ret = 0;
+ OicSecRsrc_t* rsrc = NULL;
+ LL_FOREACH(ace->resources, rsrc)
{
- defaultAcl->resources[i] = OICStrdup(defaulAclRsrc[i]);
- ASSERT_TRUE(defaultAcl->resources[i] != NULL);
+ ret++;
}
+
+ return ret;
+}
+
+TEST(ACLResourceTest, CBORDefaultACLConversion)
+{
+ uint8_t defaultAclSub[] = { 0x2a };
uint8_t defaultAclOwnrs[] = {0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32,
0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32};
+
+ OicSecAcl_t *defaultAcl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
+ ASSERT_TRUE(NULL != defaultAcl);
+ OicSecAce_t *ace = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+ ASSERT_TRUE(NULL != ace);
+ ace->permission = 2;
+ memcpy(ace->subjectuuid.id, defaultAclSub, sizeof(defaultAclSub));
+ LL_APPEND(defaultAcl->aces, ace);
+
+ EXPECT_EQ(true, AddResourceToACE(ace, "/oic/res", "oic.wk.res", "oic.if.ll"));
+ EXPECT_EQ(true, AddResourceToACE(ace, "/oic/d", "oic.wk.d", "oic.if.r"));
+ EXPECT_EQ(true, AddResourceToACE(ace, "/oic/p", "oic.wk.p", "oic.if.r"));
+ EXPECT_EQ(true, AddResourceToACE(ace, "/oic/res/types/d", "oic.wk.unknow", "oic.if.r"));
+ EXPECT_EQ(true, AddResourceToACE(ace, "/oic/ad", "oic.wk.ad", "oic.if.baseline"));
+ EXPECT_EQ(true, AddResourceToACE(ace, "/oic/sec/acl", "oic.r.acl", "oic.if.baseline"));
+ EXPECT_EQ(true, AddResourceToACE(ace, "/oic/sec/doxm", "oic.r.doxm" ,"oic.if.baseline"));
+ EXPECT_EQ(true, AddResourceToACE(ace, "/oic/sec/pstat", "oic.r.pstat" ,"oic.if.baseline"));
+
memcpy(defaultAcl->rownerID.id, defaultAclOwnrs, sizeof(defaultAclOwnrs));
size_t defaultAclSize = 0;
uint8_t *defaultPsStorage = NULL;
OCStackResult convRet = AclToCBORPayload(defaultAcl, &defaultPsStorage, &defaultAclSize);
EXPECT_EQ(OC_STACK_OK, convRet);
- ASSERT_TRUE(defaultPsStorage != NULL);
+ ASSERT_TRUE(NULL != defaultPsStorage);
EXPECT_NE(0, defaultAclSize);
OicSecAcl_t* convertedAcl = CBORPayloadToAcl(defaultPsStorage, defaultAclSize);
- ASSERT_TRUE(convertedAcl != NULL);
+ ASSERT_TRUE(NULL != convertedAcl);
- EXPECT_EQ(defaultAcl->resourcesLen, convertedAcl->resourcesLen);
- for(size_t i = 0; i < convertedAcl->resourcesLen; i++)
+ size_t rsrcCnt1 = 0;
+ size_t rsrcCnt2 = 0;
+ OicSecAce_t* tempAce = NULL;
+ LL_FOREACH(defaultAcl->aces, tempAce)
+ {
+ rsrcCnt1 += GetNumberOfResource(tempAce);
+ }
+ tempAce = NULL;
+ LL_FOREACH(convertedAcl->aces, tempAce)
{
- EXPECT_EQ(0, strcmp(defaultAcl->resources[i], convertedAcl->resources[i]));
+ rsrcCnt2 += GetNumberOfResource(tempAce);
}
+ EXPECT_EQ(rsrcCnt1, rsrcCnt2);
DeleteACLList(convertedAcl);
DeleteACLList(defaultAcl);
TEST(ACLResourceTest, CBORACLConversion)
{
+ uint8_t ownrs[] = {0x32, 0x32, 0x32, 0x32,
+ 0x32, 0x32, 0x32, 0x32,
+ 0x32, 0x32, 0x32, 0x32,
+ 0x32, 0x32, 0x32, 0x32};
+ const char* subjectUuid[3] = {"0000000000000000",
+ "1111111111111111",
+ "2222222222222222"};
+ const uint16_t permission[3] = {2, 6, 31};
+ const size_t numOfRsrc[3] = {6, 2, 2};
+
OicSecAcl_t *secAcl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
ASSERT_TRUE(secAcl != NULL);
- uint8_t subjectBytes[] = { 0x2a };
- memcpy(secAcl->subject.id, subjectBytes, sizeof(subjectBytes));
- secAcl->permission = 2;
- const char *rsrc[] = { "/oic/res", "/oic/d", "/oic/p", "/oic/res/types/d",
- "/oic/ad", "/oic/sec/acl"};
- secAcl->resourcesLen = 6;
- secAcl->resources = (char **)OICCalloc(secAcl->resourcesLen, sizeof(char *));
- ASSERT_TRUE(secAcl->resources != NULL);
- for (size_t i = 0 ; i < secAcl->resourcesLen; i++)
- {
- secAcl->resources[i] = OICStrdup(rsrc[i]);
- ASSERT_TRUE(secAcl->resources[i] != NULL);
-
- }
-
- uint8_t ownrs[] = {0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32,
- 0x32, 0x32, 0x32, 0x32, 0x32, 0x32};
memcpy(secAcl->rownerID.id, ownrs, sizeof(ownrs));
- OicSecAcl_t *secAcl1 = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
- ASSERT_TRUE(secAcl1 != NULL);
- memcpy(secAcl1->subject.id, subjectBytes, sizeof(subjectBytes));
- secAcl1->permission = 6;
- const char *rsrc1[] = { "/oic/sec/doxm", "/oic/sec/pstat"};
- secAcl1->resourcesLen = 2;
- secAcl1->resources = (char **)OICCalloc(secAcl1->resourcesLen, sizeof(char *));
- ASSERT_TRUE(secAcl1->resources != NULL);
- for (size_t i = 0 ; i < secAcl1->resourcesLen; i++)
- {
- secAcl1->resources[i] = OICStrdup(rsrc1[i]);
- ASSERT_TRUE(secAcl1->resources[i] != NULL);
- }
- memcpy(secAcl1->rownerID.id, ownrs, sizeof(ownrs));
- secAcl->next = secAcl1;
-
- OicSecAcl_t *secAcl2 = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
- ASSERT_TRUE(secAcl2 != NULL);
- uint8_t subjectBytes1[] = {0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31,
- 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31};
- memcpy(secAcl2->subject.id, subjectBytes1, sizeof(subjectBytes1));
- secAcl2->permission = 255;
- const char *rsrc2[] = {"/oic/light", "/oic/fan" };
- secAcl2->resourcesLen = 2;
- secAcl2->resources = (char **)OICCalloc(secAcl2->resourcesLen, sizeof(char *));
- ASSERT_TRUE(secAcl2->resources != NULL);
- for (size_t i = 0 ; i < secAcl2->resourcesLen; i++)
- {
- secAcl2->resources[i] = OICStrdup(rsrc2[i]);
- ASSERT_TRUE(secAcl2->resources[i] != NULL);
- }
- memcpy(secAcl2->rownerID.id, ownrs, sizeof(ownrs));
- secAcl1->next = secAcl2;
-
- OicSecAcl_t *secAcl3 = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
- ASSERT_TRUE(secAcl3 != NULL);
- uint8_t subjectBytes2[] = {0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33,
- 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33};
- memcpy(secAcl3->subject.id, subjectBytes2, sizeof(subjectBytes2));
- secAcl3->permission = 255;
- const char *rsrc3[] = {"/oic/light", "/oic/garage" };
- secAcl3->resourcesLen = 2;
- secAcl3->resources = (char **)OICCalloc(secAcl3->resourcesLen, sizeof(char *));
- ASSERT_TRUE(secAcl3->resources != NULL);
- for (size_t i = 0 ; i < secAcl3->resourcesLen; i++)
- {
- secAcl3->resources[i] = OICStrdup(rsrc3[i]);
- ASSERT_TRUE(secAcl3->resources[i] != NULL);
- }
- memcpy(secAcl3->rownerID.id, ownrs, sizeof(ownrs));
- secAcl2->next = secAcl3;
- secAcl3->next = NULL;
+ OicSecAce_t *ace = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+ ASSERT_TRUE(NULL != ace);
+ ace->permission = permission[0];
+ memcpy(ace->subjectuuid.id, subjectUuid[0], strlen(subjectUuid[0]));
+ EXPECT_EQ(true, AddResourceToACE(ace, "/oic/res", "oic.wk.res", "oic.if.ll"));
+ EXPECT_EQ(true, AddResourceToACE(ace, "/oic/d", "oic.wk.d", "oic.if.r"));
+ EXPECT_EQ(true, AddResourceToACE(ace, "/oic/p", "oic.wk.p", "oic.if.r"));
+ EXPECT_EQ(true, AddResourceToACE(ace, "/oic/res/types/d", "oic.wk.unknow", "oic.if.r"));
+ EXPECT_EQ(true, AddResourceToACE(ace, "/oic/ad", "oic.wk.ad", "oic.if.baseline"));
+ EXPECT_EQ(true, AddResourceToACE(ace, "/oic/sec/acl", "oic.r.acl", "oic.if.baseline"));
+ LL_APPEND(secAcl->aces, ace);
+
+ OicSecAce_t *ace1 = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+ ASSERT_TRUE(NULL != ace1);
+ ace1->permission = permission[1];
+ memcpy(ace1->subjectuuid.id, subjectUuid[1], strlen(subjectUuid[1]));
+ EXPECT_EQ(true, AddResourceToACE(ace1, "/oic/sec/doxm", "oic.r.doxm" ,"oic.if.baseline"));
+ EXPECT_EQ(true, AddResourceToACE(ace1, "/oic/sec/pstat", "oic.r.pstat" ,"oic.if.baseline"));
+ LL_APPEND(secAcl->aces, ace1);
+
+ OicSecAce_t *ace2 = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+ ASSERT_TRUE(NULL != ace2);
+ ace2->permission = permission[2];
+ memcpy(ace2->subjectuuid.id, subjectUuid[2], strlen(subjectUuid[2]));
+ EXPECT_EQ(true, AddResourceToACE(ace2, "/oic/light", "oic.core", "oic.if.baseline"));
+ EXPECT_EQ(true, AddResourceToACE(ace2, "/oic/garage", "oic.core", "oic.if.baseline"));
+ LL_APPEND(secAcl->aces, ace2);
size_t size = 0;
uint8_t *psStorage = NULL;
ASSERT_TRUE(NULL != psStorage);
OicSecAcl_t *acl = CBORPayloadToAcl(psStorage, size);
ASSERT_TRUE(NULL != acl);
- EXPECT_EQ(2, acl->permission);
- EXPECT_EQ(6 , acl->resourcesLen);
- EXPECT_STREQ("/oic/res", acl->resources[0]);
+
+ size_t numberOfCheckedAce = 0;
+ OicSecAce_t* tempAce = NULL;
+ LL_FOREACH(acl->aces, tempAce)
+ {
+ if(memcmp(tempAce->subjectuuid.id, subjectUuid[0], strlen(subjectUuid[0])) == 0)
+ {
+ EXPECT_EQ(numOfRsrc[0], GetNumberOfResource(tempAce));
+ EXPECT_EQ(permission[0], tempAce->permission);
+ numberOfCheckedAce++;
+ }
+ if(memcmp(tempAce->subjectuuid.id, subjectUuid[1], strlen(subjectUuid[1])) == 0)
+ {
+ EXPECT_EQ(numOfRsrc[1], GetNumberOfResource(tempAce));
+ EXPECT_EQ(permission[1], tempAce->permission);
+ numberOfCheckedAce++;
+ }
+ if(memcmp(tempAce->subjectuuid.id, subjectUuid[2], strlen(subjectUuid[2])) == 0)
+ {
+ EXPECT_EQ(numOfRsrc[2], GetNumberOfResource(tempAce));
+ EXPECT_EQ(permission[2], tempAce->permission);
+ numberOfCheckedAce++;
+ }
+ }
+ EXPECT_EQ(3, numberOfCheckedAce);
+
DeleteACLList(acl);
- OICFree(psStorage);
DeleteACLList(secAcl);
+ OICFree(psStorage);
}
//InitResource Tests
size_t size = 0;
ASSERT_TRUE(ReadCBORFile(DEFAULT_ACL_FILE_NAME, OIC_JSON_ACL_NAME, &payload, &size));
- ASSERT_TRUE(payload != NULL);
+ ASSERT_TRUE(NULL != payload);
OicSecAcl_t *psAcl = CBORPayloadToAcl(payload, size);
- ASSERT_TRUE(psAcl != NULL);
+ ASSERT_TRUE(NULL != psAcl);
OicSecAcl_t *acl = NULL;
EXPECT_EQ(OC_STACK_OK, GetDefaultACL(&acl));
- ASSERT_TRUE(acl != NULL);
+ ASSERT_TRUE(NULL != acl);
// Verify if the SRM generated default ACL matches with unit test default
if (acl && psAcl)
{
- EXPECT_TRUE(strcmp((char*)acl->subject.id, (char*)psAcl->subject.id) == 0);
- EXPECT_EQ(acl->resourcesLen, psAcl->resourcesLen);
- for (size_t i = 0; i < acl->resourcesLen; i++)
+ OicSecAce_t* tempAce1 = NULL;
+ OicSecAce_t* tempAce2 = NULL;
+
+ for(tempAce1 = acl->aces, tempAce2 = psAcl->aces;
+ tempAce1 && tempAce2; tempAce1 = tempAce1->next,
+ tempAce2 = tempAce2->next)
{
- EXPECT_EQ(strlen(acl->resources[i]), strlen(psAcl->resources[i]));
- EXPECT_TRUE(memcmp(acl->resources[i], psAcl->resources[i],
- strlen(acl->resources[i])) == 0);
+ EXPECT_TRUE(memcmp(tempAce1->subjectuuid.id, tempAce2->subjectuuid.id, sizeof(tempAce1->subjectuuid.id)) == 0);
+ EXPECT_EQ(tempAce1->permission, tempAce2->permission);
+ EXPECT_EQ(GetNumberOfResource(tempAce1), GetNumberOfResource(tempAce2));
}
- EXPECT_EQ(acl->permission, psAcl->permission);
}
DeleteACLList(psAcl);
uint8_t *payload = NULL;
size_t size = 0;
+ static OCPersistentStorage ps = OCPersistentStorage();
+ SetPersistentHandler(&ps, true);
+
+ OicSecAcl_t *defaultAcl = NULL;
+ EXPECT_EQ(OC_STACK_OK, GetDefaultACL(&defaultAcl));
+ ASSERT_TRUE(defaultAcl != NULL);
+ EXPECT_EQ(OC_STACK_OK, SetDefaultACL(defaultAcl));
+
ASSERT_TRUE(ReadCBORFile(ACL1_FILE_NAME, OIC_JSON_ACL_NAME, &payload, &size));
ASSERT_TRUE(NULL != payload);
OCSecurityPayload *securityPayload = OCSecurityPayloadCreate(payload, size);
ASSERT_TRUE(NULL != securityPayload);
- static OCPersistentStorage ps = OCPersistentStorage();
- SetPersistentHandler(&ps, true);
-
// Create Entity Handler POST request payload
OCEntityHandlerRequest ehReq = OCEntityHandlerRequest();
ehReq.method = OC_REST_POST;
ASSERT_TRUE(NULL != acl);
// Verify if SRM contains ACL for the subject
- OicSecAcl_t *savePtr = NULL;
- const OicSecAcl_t* subjectAcl = GetACLResourceData(&(acl->subject), &savePtr);
+ OicSecAce_t *savePtr = NULL;
+ const OicSecAce_t* subjectAcl = GetACLResourceData(&(acl->aces->subjectuuid), &savePtr);
ASSERT_TRUE(NULL != subjectAcl);
// Perform cleanup
EXPECT_EQ(OC_STACK_OK, SetDefaultACL(acl1));
// Verify that ACL file contains 2 ACE entries for 'WILDCARD' subject
- const OicSecAcl_t *acl = NULL;
- OicSecAcl_t *savePtr = NULL;
+ const OicSecAce_t *ace = NULL;
+ OicSecAce_t *savePtr = NULL;
OicUuid_t subject = WILDCARD_SUBJECT_ID;
int count = 0;
do
{
- acl = GetACLResourceData(&subject, &savePtr);
- count = (NULL != acl) ? count + 1 : count;
- } while (acl != NULL);
+ ace = GetACLResourceData(&subject, &savePtr);
+ count = (NULL != ace) ? count + 1 : count;
+ } while (ace != NULL);
EXPECT_EQ(count, NUM_ACE_FOR_WILDCARD_IN_ACL1_DAT);
static OCStackResult populateAcl(OicSecAcl_t *acl, int numRsrc)
{
- OCStackResult ret = OC_STACK_ERROR;
- memcpy(acl->subject.id, "2222222222222222", sizeof(acl->subject.id));
- acl->resourcesLen = (size_t)numRsrc;
- acl->resources = (char**)OICCalloc(acl->resourcesLen, sizeof(char*));
- VERIFY_NON_NULL(TAG, acl->resources, ERROR);
- acl->resources[0] = (char*)OICMalloc(strlen("/a/led")+1);
- VERIFY_NON_NULL(TAG, acl->resources[0], ERROR);
- OICStrcpy(acl->resources[0], strlen("/a/led")+1, "/a/led");
- if(numRsrc == 2)
+ OCStackResult ret = OC_STACK_ERROR;
+ OicSecAce_t* ace = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+ VERIFY_NON_NULL(TAG, ace, ERROR);
+
+ memcpy(ace->subjectuuid.id, "2222222222222222", sizeof(ace->subjectuuid.id));
+ EXPECT_EQ(true, AddResourceToACE(ace, "/a/led", "oic.core", "oic.if.r"));
+ if(2 == numRsrc)
{
- acl->resources[1] = (char*)OICMalloc(strlen("/a/fan")+1);
- VERIFY_NON_NULL(TAG, acl->resources[1], ERROR);
- OICStrcpy(acl->resources[1], strlen("/a/fan")+1, "/a/fan");
+ EXPECT_EQ(true, AddResourceToACE(ace, "/a/fan", "oic.core", "oic.if.r"));
}
- acl->permission = 6;
+ ace->permission = 6;
+ LL_APPEND(acl->aces, ace);
+
memcpy(acl->rownerID.id, "1111111111111111", sizeof(acl->rownerID.id));
ret = OC_STACK_OK;
+
+ return ret;
exit:
+ DeleteACLList(acl);
return ret;
-
}
//'DELETE' ACL test
TEST(ACLResourceTest, ACLDeleteWithSingleResourceTest)
{
+ static OCPersistentStorage ps = OCPersistentStorage();
+ SetPersistentHandler(&ps, true);
+
+ OicSecAcl_t *defaultAcl = NULL;
+ EXPECT_EQ(OC_STACK_OK, GetDefaultACL(&defaultAcl));
+ ASSERT_TRUE(defaultAcl != NULL);
+ EXPECT_EQ(OC_STACK_OK, SetDefaultACL(defaultAcl));
+
//Populate ACL
OicSecAcl_t acl = OicSecAcl_t();
EXPECT_EQ(OC_STACK_OK, populateAcl(&acl, 1));
OCSecurityPayload *securityPayload = OCSecurityPayloadCreate(payload, size);
ASSERT_TRUE(NULL != securityPayload);
- static OCPersistentStorage ps = OCPersistentStorage();
- SetPersistentHandler(&ps, true);
-
// Create Entity Handler POST request payload
OCEntityHandlerRequest ehReq = OCEntityHandlerRequest();
ehReq.payload = (OCPayload *) securityPayload;
ACLEntityHandler(OC_REQUEST_FLAG, &ehReq, NULL);
// Verify if SRM contains ACE for the subject
- OicSecAcl_t* savePtr = NULL;
- const OicSecAcl_t* subjectAcl1 = GetACLResourceData(&acl.subject, &savePtr);
- ASSERT_TRUE(NULL != subjectAcl1);
+ OicSecAce_t* savePtr = NULL;
+ const OicSecAce_t* subjectAce1 = GetACLResourceData(&acl.aces->subjectuuid, &savePtr);
+ ASSERT_TRUE(NULL != subjectAce1);
// Create Entity Handler DELETE request
ehReq.method = OC_REST_DELETE;
// Verify if SRM has deleted ACE for the subject
savePtr = NULL;
- const OicSecAcl_t* subjectAcl2 = GetACLResourceData(&acl.subject, &savePtr);
- ASSERT_TRUE(NULL == subjectAcl2);
+ const OicSecAce_t* subjectAce2 = GetACLResourceData(&acl.aces->subjectuuid, &savePtr);
+ ASSERT_TRUE(NULL == subjectAce2);
// Perform cleanup
DeInitACLResource();
TEST(ACLResourceTest, ACLDeleteWithMultiResourceTest)
{
+ static OCPersistentStorage ps = OCPersistentStorage();
+ SetPersistentHandler(&ps, true);
+
+ OicSecAcl_t *defaultAcl = NULL;
+ EXPECT_EQ(OC_STACK_OK, GetDefaultACL(&defaultAcl));
+ ASSERT_TRUE(defaultAcl != NULL);
+ EXPECT_EQ(OC_STACK_OK, SetDefaultACL(defaultAcl));
+
//Populate ACL
OicSecAcl_t acl = OicSecAcl_t();
EXPECT_EQ(OC_STACK_OK, populateAcl(&acl, 2));
OCSecurityPayload *securityPayload = OCSecurityPayloadCreate(payload, size);
ASSERT_TRUE(NULL!= securityPayload);
- static OCPersistentStorage ps = OCPersistentStorage();
- SetPersistentHandler(&ps, true);
-
// Create Entity Handler POST request payload
OCEntityHandlerRequest ehReq = OCEntityHandlerRequest();
ehReq.method = OC_REST_POST;
ACLEntityHandler(OC_REQUEST_FLAG, &ehReq, NULL);
// Verify if SRM contains ACE for the subject with two resources
- OicSecAcl_t* savePtr = NULL;
- const OicSecAcl_t* subjectAcl1 = GetACLResourceData(&acl.subject, &savePtr);
- ASSERT_TRUE(NULL != subjectAcl1);
- EXPECT_EQ(2, subjectAcl1->resourcesLen);
+ OicSecAce_t* savePtr = NULL;
+ const OicSecAce_t* subjectAce1 = GetACLResourceData(&acl.aces->subjectuuid, &savePtr);
+ ASSERT_TRUE(NULL != subjectAce1);
+ EXPECT_EQ(2, GetNumberOfResource(subjectAce1));
+
+ printf("\n\n");
+ OicSecRsrc_t* rsrc = NULL;
+ LL_FOREACH(subjectAce1->resources, rsrc)
+ {
+ printf("%s\n", rsrc->href);
+ }
+ printf("\n\n");
// Create Entity Handler DELETE request
ehReq.method = OC_REST_DELETE;
// Verify if SRM contains ACL for the subject but only with one resource
savePtr = NULL;
- const OicSecAcl_t* subjectAcl2 = GetACLResourceData(&acl.subject, &savePtr);
- ASSERT_TRUE(NULL != subjectAcl2);
- EXPECT_EQ(1, subjectAcl2->resourcesLen);
+ const OicSecAce_t* subjectAce2 = GetACLResourceData(&acl.aces->subjectuuid, &savePtr);
+ ASSERT_TRUE(NULL != subjectAce2);
+ EXPECT_EQ(1, GetNumberOfResource(subjectAce2));
// Perform cleanup
OCPayloadDestroy((OCPayload *)securityPayload);
//'GET' with query ACL test
TEST(ACLResourceTest, ACLGetWithQueryTest)
{
+ static OCPersistentStorage ps = OCPersistentStorage();
+ SetPersistentHandler(&ps, true);
+
+ OicSecAcl_t *defaultAcl = NULL;
+ EXPECT_EQ(OC_STACK_OK, GetDefaultACL(&defaultAcl));
+ ASSERT_TRUE(defaultAcl != NULL);
+ EXPECT_EQ(OC_STACK_OK, SetDefaultACL(defaultAcl));
+
//Populate ACL
OicSecAcl_t acl = OicSecAcl_t();
EXPECT_EQ(OC_STACK_OK, populateAcl(&acl, 1));
OCSecurityPayload *securityPayload = OCSecurityPayloadCreate(payload, size);
ASSERT_TRUE(NULL != securityPayload);
- static OCPersistentStorage ps = OCPersistentStorage();
- SetPersistentHandler(&ps, true);
-
//Create Entity Handler POST request payload
OCEntityHandlerRequest ehReq = OCEntityHandlerRequest();
ehReq.method = OC_REST_POST;
{
"href": "/oic/res",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.wk.res"],
+ "if": ["oic.if.ll"]
},
{
"href": "/oic/d",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.wk.d"],
+ "if": ["oic.if.baseline", "oic.if.r"]
},
{
"href": "/oic/p",
"rel": "",
- "rt": "",
- "if": ""
- },
- {
- "href": "/oic/res/types/d",
- "rel": "",
- "rt": "",
- "if": ""
- },
- {
- "href": "/oic/ad",
- "rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.wk.p"],
+ "if": ["oic.if.baseline", "oic.if.r"]
}
],
"permission": 2
{
"href": "/oic/sec/doxm",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.r.doxm"],
+ "if": ["oic.if.baseline"]
},
{
"href": "/oic/sec/pstat",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.r.pstat"],
+ "if": ["oic.if.baseline"]
},
{
"href": "/oic/sec/acl",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.r.acl"],
+ "if": ["oic.if.baseline"]
}
],
"permission": 6
{
"href": "/oic/sec/pconf",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.r.pconf"],
+ "if": ["oic.if.baseline"]
},
{
"href": "/oic/sec/dpairing",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.r.dpairing"],
+ "if": ["oic.if.baseline"]
}
],
"permission": 6
{
"href": "/oic/light",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.core"],
+ "if": ["oic.if.baseline"]
},
{
"href": "/oic/fan",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.core"],
+ "if": ["oic.if.baseline"]
}
],
- "permission": 31
+ "permission": 31
},
{
"subjectuuid": "33333333-3333-3333-3333-333333333333",
{
"href": "/oic/light",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.core"],
+ "if": ["oic.if.baseline"]
},
{
"href": "/oic/garage",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.core"],
+ "if": ["oic.if.baseline"]
}
],
- "permission": 31
+ "permission": 31
}
]
},
-¿caclY\ 2\8b¢faclist¡daces\84£ksubjectuuida*iresources\86¤dhrefh/oic/rescrel`brt`bif`¤dhreff/oic/dcrel`brt`bif`¤dhreff/oic/pcrel`brt`bif`¤dhrefp/oic/res/types/dcrel`brt`bif`¤dhrefg/oic/adcrel`brt`bif`¤dhrefl/oic/sec/aclcrel`brt`bif`jpermission\ 2£ksubjectuuida*iresources\82¤dhrefm/oic/sec/doxmcrel`brt`bif`¤dhrefn/oic/sec/pstatcrel`brt`bif`jpermission\ 6£ksubjectuuidx$31313131-3131-3131-3131-313131313131iresources\82¤dhrefj/oic/lightcrel`brt`bif`¤dhrefh/oic/fancrel`brt`bif`jpermission\18\1f£ksubjectuuidx$33333333-3333-3333-3333-333333333333iresources\82¤dhrefj/oic/lightcrel`brt`bif`¤dhrefk/oic/garagecrel`brt`bif`jpermission\18\1fjrowneruuidx$32323232-3232-3232-3232-323232323232ÿ
\ No newline at end of file
+¿caclY\ 3 ¢faclist¡daces\84£ksubjectuuida*iresources\83¤dhrefh/oic/resbrt\81joic.wk.resbif\81ioic.if.llcrel`¤dhreff/oic/dbrt\81hoic.wk.dbif\82ooic.if.baselinehoic.if.rcrel`¤dhreff/oic/pbrt\81hoic.wk.pbif\82ooic.if.baselinehoic.if.rcrel`jpermission\ 2£ksubjectuuida*iresources\82¤dhrefm/oic/sec/doxmbrt\81joic.r.doxmbif\81ooic.if.baselinecrel`¤dhrefn/oic/sec/pstatbrt\81koic.r.pstatbif\81ooic.if.baselinecrel`jpermission\ 6£ksubjectuuidx$31313131-3131-3131-3131-313131313131iresources\82¤dhrefj/oic/lightbrt\81hoic.corebif\81ooic.if.baselinecrel`¤dhrefh/oic/fanbrt\81hoic.corebif\81ooic.if.baselinecrel`jpermission\18\1f£ksubjectuuidx$33333333-3333-3333-3333-333333333333iresources\82¤dhrefj/oic/lightbrt\81hoic.corebif\81ooic.if.baselinecrel`¤dhrefk/oic/garagebrt\81hoic.corebif\81ooic.if.baselinecrel`jpermission\18\1fjrowneruuidx$32323232-3232-3232-3232-323232323232ÿ
\ No newline at end of file
{
"href": "/oic/res",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.wk.res"],
+ "if": ["oic.if.ll"]
},
{
"href": "/oic/d",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.wk.d"],
+ "if": ["oic.if.baseline", "oic.if.r"]
},
{
"href": "/oic/p",
"rel": "",
- "rt": "",
- "if": ""
- },
- {
- "href": "/oic/res/types/d",
- "rel": "",
- "rt": "",
- "if": ""
- },
- {
- "href": "/oic/ad",
- "rel": "",
- "rt": "",
- "if": ""
- },
- {
- "href": "/oic/sec/acl",
- "rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.wk.p"],
+ "if": ["oic.if.baseline", "oic.if.r"]
}
],
"permission": 2
{
"href": "/oic/sec/doxm",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.r.doxm"],
+ "if": ["oic.if.baseline"]
},
{
"href": "/oic/sec/pstat",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.r.pstat"],
+ "if": ["oic.if.baseline"]
}
],
"permission": 6
{
"href": "/oic/light",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.core"],
+ "if": ["oic.if.baseline"]
},
{
"href": "/oic/fan",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.core"],
+ "if": ["oic.if.baseline"]
}
],
- "permission": 31
+ "permission": 31
},
{
"subjectuuid": "33333333-3333-3333-3333-333333333333",
{
"href": "/oic/light",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.core"],
+ "if": ["oic.if.baseline"]
},
{
"href": "/oic/garage",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.core"],
+ "if": ["oic.if.baseline"]
}
],
- "permission": 31
+ "permission": 31
}
]
},
-¿caclY\ 1X¢faclist¡daces\81£ksubjectuuida*iresources\88¤dhrefh/oic/rescrel`brt`bif`¤dhreff/oic/dcrel`brt`bif`¤dhreff/oic/pcrel`brt`bif`¤dhrefp/oic/res/types/dcrel`brt`bif`¤dhrefg/oic/adcrel`brt`bif`¤dhrefl/oic/sec/aclcrel`brt`bif`¤dhrefm/oic/sec/doxmcrel`brt`bif`¤dhrefn/oic/sec/pstatcrel`brt`bif`jpermission\ 2jrowneruuidx$32323232-3232-3232-3232-323232323232ÿ
\ No newline at end of file
+¿caclY\ 1âfaclist¡daces\81£ksubjectuuida*iresources\86¤dhrefh/oic/resbrt\81joic.wk.resbif\81ioic.if.llcrel`¤dhreff/oic/dbrt\81hoic.wk.dbif\82ooic.if.baselinehoic.if.rcrel`¤dhreff/oic/pbrt\81hoic.wk.pbif\82ooic.if.baselinehoic.if.rcrel`¤dhrefm/oic/sec/doxmbrt\81joic.r.doxmbif\81ooic.if.baselinecrel`¤dhrefn/oic/sec/pstatbrt\81koic.r.pstatbif\81ooic.if.baselinecrel`¤dhrefl/oic/sec/aclbrt\81ioic.r.aclbif\81ooic.if.baselinecrel`jpermission\ 2jrowneruuidx$32323232-3232-3232-3232-323232323232ÿ
\ No newline at end of file
{
"href": "/oic/res",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.wk.res"],
+ "if": ["oic.if.ll"]
},
{
"href": "/oic/d",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.wk.d"],
+ "if": ["oic.if.baseline", "oic.if.r"]
},
{
"href": "/oic/p",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.wk.p"],
+ "if": ["oic.if.baseline", "oic.if.r"]
},
{
- "href": "/oic/res/types/d",
+ "href": "/oic/sec/doxm",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.r.doxm"],
+ "if": ["oic.if.baseline"]
},
{
- "href": "/oic/ad",
+ "href": "/oic/sec/pstat",
"rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.r.pstat"],
+ "if": ["oic.if.baseline"]
},
{
"href": "/oic/sec/acl",
"rel": "",
- "rt": "",
- "if": ""
- },
- {
- "href": "/oic/sec/doxm",
- "rel": "",
- "rt": "",
- "if": ""
- },
- {
- "href": "/oic/sec/pstat",
- "rel": "",
- "rt": "",
- "if": ""
+ "rt": ["oic.r.acl"],
+ "if": ["oic.if.baseline"]
}
],
"permission": 2
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
},\r
{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/ad",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.ad"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/acl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.acl"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/amacl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.amacl"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- } ,\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
+ },\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
"credtype": 1,\r
"privatedata": {\r
"data": "BBBBBBBBBBBBBBBB",\r
- "encoding": "oic.sec.encoding.raw"\r
+ "encoding": "oic.encoding.raw"\r
}\r
}\r
],\r
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
},\r
{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/ad",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.ad"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/acl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.acl"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/amacl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.amacl"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- } ,\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
+ },\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{
- "acl": {\r
- "aclist": {\r
- "aces": [\r
- {\r
- "subjectuuid": "*",\r
- "resources": [\r
- {\r
- "href": "/oic/res",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/p",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/presence",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- }\r
- ],\r
- "permission": 2\r
- },\r
- {\r
- "subjectuuid": "*",\r
- "resources": [\r
- {\r
- "href": "/oic/sec/doxm",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/sec/pstat",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/sec/acl",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/sec/cred",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- }\r
- ],\r
- "permission": 6\r
- }\r
- ]\r
- },\r
- "rowneruuid" : "64697265-6374-7061-6972-696e67446576"\r
- },\r
- "pstat": {\r
- "isop": false,\r
- "deviceuuid": "64697265-6374-7061-6972-696e67446576",\r
- "rowneruuid": "64697265-6374-7061-6972-696e67446576",\r
- "cm": 2,\r
- "tm": 0,\r
- "om": 3,\r
- "sm": 3\r
- },\r
- "doxm": {\r
- "oxms": [0],\r
- "oxmsel": 0,\r
- "sct": 1,\r
- "owned": false,\r
- "deviceuuid": "64697265-6374-7061-6972-696e67446576",\r
- "devowneruuid": "",\r
- "rowneruuid": "64697265-6374-7061-6972-696e67446576",\r
- "dpc": false\r
- }\r
-}\r
+ "acl": {
+ "aclist": {
+ "aces": [
+ {
+ "subjectuuid": "*",
+ "resources": [
+ {
+ "href": "/oic/res",
+ "rel": "",
+ "rt": ["oic.wk.res"],
+ "if": ["oic.if.ll"]
+ },
+ {
+ "href": "/oic/d",
+ "rel": "",
+ "rt": ["oic.wk.d"],
+ "if": ["oic.if.baseline", "oic.if.r"]
+ },
+ {
+ "href": "/oic/p",
+ "rel": "",
+ "rt": ["oic.wk.p"],
+ "if": ["oic.if.baseline", "oic.if.r"]
+ }
+ ],
+ "permission": 2
+ },
+ {
+ "subjectuuid": "*",
+ "resources": [
+ {
+ "href": "/oic/sec/doxm",
+ "rel": "",
+ "rt": ["oic.r.doxm"],
+ "if": ["oic.if.baseline"]
+ },
+ {
+ "href": "/oic/sec/pstat",
+ "rel": "",
+ "rt": ["oic.r.pstat"],
+ "if": ["oic.if.baseline"]
+ },
+ {
+ "href": "/oic/sec/acl",
+ "rel": "",
+ "rt": ["oic.r.acl"],
+ "if": ["oic.if.baseline"]
+ },
+ {
+ "href": "/oic/sec/cred",
+ "rel": "",
+ "rt": ["oic.r.cred"],
+ "if": ["oic.if.baseline"]
+ }
+ ],
+ "permission": 6
+ }
+ ]
+ },
+ "rowneruuid" : "64697265-6374-7061-6972-696e67446576"
+ },
+ "pstat": {
+ "isop": false,
+ "deviceuuid": "64697265-6374-7061-6972-696e67446576",
+ "rowneruuid": "64697265-6374-7061-6972-696e67446576",
+ "cm": 2,
+ "tm": 0,
+ "om": 3,
+ "sm": 3
+ },
+ "doxm": {
+ "oxms": [0],
+ "oxmsel": 0,
+ "sct": 1,
+ "owned": false,
+ "deviceuuid": "64697265-6374-7061-6972-696e67446576",
+ "devowneruuid": "",
+ "rowneruuid": "64697265-6374-7061-6972-696e67446576",
+ "dpc": false
+ }
+}
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
},\r
{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/ad",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.ad"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/acl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.acl"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/amacl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.amacl"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- } ,\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
+ },\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
},\r
{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/ad",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.ad"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/acl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.acl"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/amacl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.amacl"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
},\r
{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/ad",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.ad"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/acl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.acl"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- } ,\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
+ },\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
},\r
{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
- "href": "/oic/res/types/d",\r
+ "href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/presence",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/acl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.acl"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/cred",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.cred"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 6\r
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
},\r
{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/ad",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.ad"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/acl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.acl"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- } ,\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
+ },\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/a/light",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.core"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 6\r
'../../oc_logger/include',
'../../csdk/connectivity/api',
'../../csdk/security/include',
+ '../../csdk/security/include/internal',
'../../csdk/security/provisioning/include',
'../../csdk/security/provisioning/include/oxm',
'../../csdk/security/provisioning/include/internal'
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
},\r
{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/ad",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.ad"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/amacl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.amacl"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- } \r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
+ }\r
],\r
"permission": 2\r
}\r
]\r
},\r
"rowneruuid" : "61646D69-6E44-6576-6963-655575696430"\r
- }, \r
+ },\r
"pstat": {\r
"isop": true,\r
"cm": 0,\r
#include "OCProvisioningManager.h"
#include "oxmjustworks.h"
#include "oxmrandompin.h"
+#include "aclresource.h"
+#include "utlist.h"
#define MAX_URI_LENGTH (64)
#define MAX_PERMISSION_LENGTH (5)
+#define ACL_RESRC_ARRAY_SIZE (3)
#define CREATE (1)
#define READ (2)
#define UPDATE (4)
*/
static void deleteACL(OicSecAcl_t *acl)
{
- if (acl)
- {
- /* Clean Resources */
- for (unsigned int i = 0; i < (acl)->resourcesLen; i++)
- {
- OICFree((acl)->resources[i]);
- }
- OICFree((acl)->resources);
+ DeleteACLList(acl);
- /* Clean ACL node itself */
- /* Required only if acl was created in heap */
- OICFree((acl));
- }
}
/**
printf("Subject : ");
ret = scanf("%19ms", &temp_id);
+ OicSecAce_t* ace = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+ if(NULL == ace)
+ {
+ OIC_LOG(ERROR, TAG, "Error while memory allocation");
+ return -1;
+ }
+ LL_APPEND(acl->aces, ace);
+
if (1 == ret)
{
for (int i = 0, j = 0; temp_id[i] != '\0'; i++)
{
if (DASH != temp_id[i])
- acl->subject.id[j++] = temp_id[i];
+ ace->subjectuuid.id[j++] = temp_id[i];
}
OICFree(temp_id);
}
else
{
+ deleteACL(acl);
printf("Error while input\n");
return -1;
}
//Set Resource.
+ size_t resourcesLen = 0;
printf("Num. of Resource : ");
- ret = scanf("%zu", &acl->resourcesLen);
- if ((1 != ret) || (acl->resourcesLen <= 0 || acl->resourcesLen > 50))
+ ret = scanf("%zu", &resourcesLen);
+ if ((1 != ret) || (resourcesLen <= 0 || resourcesLen > 50))
{
+ deleteACL(acl);
printf("Error while input\n");
return -1;
}
printf("-URI of resource\n");
printf("ex)/oic/sh/temp/0 (Max_URI_Length: 64 Byte )\n");
- acl->resources = (char **)OICCalloc(acl->resourcesLen, sizeof(char *));
- if (NULL == acl->resources)
- {
- OIC_LOG(ERROR, TAG, "Error while memory allocation");
- return -1;
- }
- for (size_t i = 0; i < acl->resourcesLen; i++)
+ for(size_t i = 0; i < resourcesLen; i++)
{
+ OicSecRsrc_t* rsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+ if(NULL == rsrc)
+ {
+ deleteACL(acl);
+ OIC_LOG(ERROR, TAG, "Error while memory allocation");
+ return -1;
+ }
+
+ LL_APPEND(ace->resources, rsrc);
+
printf("[%zu]Resource : ", i + 1);
ret = scanf("%64ms", &temp_rsc);
if (1 != ret)
return -1;
}
- acl->resources[i] = OICStrdup(temp_rsc);
+ rsrc->href = OICStrdup(temp_rsc);
OICFree(temp_rsc);
- if (NULL == acl->resources[i])
+
+ char* rsrc_in = NULL;
+ int arrLen = 0;
+ while(1)
{
- OIC_LOG(ERROR, TAG, "Error while memory allocation");
- return -1;
+ printf(" Enter Number of resource type for [%s]: ", rsrc_in);
+ for(int ret=0; 1!=ret; )
+ {
+ ret = scanf("%d", &arrLen);
+ for( ; 0x20<=getchar(); ); // for removing overflow garbages
+ // '0x20<=code' is character region
+ }
+ if(0 < arrLen && ACL_RESRC_ARRAY_SIZE >= arrLen)
+ {
+ break;
+ }
+ printf(" Entered Wrong Number. Please Enter under %d Again\n", ACL_RESRC_ARRAY_SIZE);
+ }
+
+ rsrc->typeLen = arrLen;
+ rsrc->types = (char**)OICCalloc(arrLen, sizeof(char*));
+ if(!rsrc->types)
+ {
+ OIC_LOG(ERROR, TAG, "createAcl: OICCalloc error return");
+ goto error;
}
+
+ for(int i = 0; i < arrLen; i++)
+ {
+ printf(" Enter ResourceType[%d] Name: ", i+1);
+ for(int ret=0; 1!=ret; )
+ {
+ ret = scanf("%64ms", &rsrc_in); // '128' is ACL_RESRC_MAX_LEN
+ for( ; 0x20<=getchar(); ); // for removing overflow garbages
+ // '0x20<=code' is character region
+ }
+ rsrc->types[i] = OICStrdup(rsrc_in);
+ OICFree(rsrc_in);
+ if(!rsrc->types[i])
+ {
+ OIC_LOG(ERROR, TAG, "createAcl: OICStrdup error return");
+ goto error;
+ }
+ }
+
+ while(1)
+ {
+ printf(" Enter Number of interface name for [%s]: ", rsrc_in);
+ for(int ret=0; 1!=ret; )
+ {
+ ret = scanf("%d", &arrLen);
+ for( ; 0x20<=getchar(); ); // for removing overflow garbages
+ // '0x20<=code' is character region
+ }
+ if(0 < arrLen && ACL_RESRC_ARRAY_SIZE >= arrLen)
+ {
+ break;
+ }
+ printf(" Entered Wrong Number. Please Enter under %d Again\n", ACL_RESRC_ARRAY_SIZE);
+ }
+
+ rsrc->interfaceLen = arrLen;
+ rsrc->interfaces = (char**)OICCalloc(arrLen, sizeof(char*));
+ if(!rsrc->interfaces)
+ {
+ OIC_LOG(ERROR, TAG, "createAcl: OICCalloc error return");
+ goto error;
+ }
+
+ for(int i = 0; i < arrLen; i++)
+ {
+ printf(" Enter ResourceType[%d] Name: ", i+1);
+ for(int ret=0; 1!=ret; )
+ {
+ ret = scanf("%64ms", &rsrc_in); // '128' is ACL_RESRC_MAX_LEN
+ for( ; 0x20<=getchar(); ); // for removing overflow garbages
+ // '0x20<=code' is character region
+ }
+ rsrc->interfaces[i] = OICStrdup(rsrc_in);
+ OICFree(rsrc_in);
+ if(!rsrc->interfaces[i])
+ {
+ OIC_LOG(ERROR, TAG, "createAcl: OICStrdup error return");
+ goto error;
+ }
+ }
+
}
+
// Set Permission
do
{
if (1 != ret)
{
printf("Error while input\n");
- return -1;
+ goto error;
}
- ret = CalculateAclPermission(temp_pms, &(acl->permission));
+ ret = CalculateAclPermission(temp_pms, &(ace->permission));
OICFree(temp_pms);
} while (0 != ret );
if (1 != ret)
{
printf("Error while input\n");
- return -1;
+ goto error;
}
for (int k = 0, j = 0; temp_id[k] != '\0'; k++)
OICFree(temp_id);
return 0;
+
+error:
+ DeleteACLList(acl);
+ return -1;
}
static int InputCredentials(Credential &cred)
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
},\r
{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/ad",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.ad"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/acl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.acl"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- } ,\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
+ },\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
},\r
{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/ad",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.ad"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/acl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.acl"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- } ,\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
+ },\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/res",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.res"],\r
+ "if": ["oic.if.ll"]\r
},\r
{\r
"href": "/oic/d",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.d"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/p",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- },\r
- {\r
- "href": "/oic/res/types/d",\r
- "rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.p"],\r
+ "if": ["oic.if.baseline", "oic.if.r"]\r
},\r
{\r
"href": "/oic/ad",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.wk.ad"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/oic/sec/acl",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.acl"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/oic/sec/doxm",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
- } ,\r
+ "rt": ["oic.r.doxm"],\r
+ "if": ["oic.if.baseline"]\r
+ },\r
{\r
"href": "/oic/sec/pstat",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.r.pstat"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 2\r
{\r
"href": "/a/light",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.core"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/a/light0",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.core"],\r
+ "if": ["oic.if.baseline"]\r
},\r
{\r
"href": "/a/light1",\r
"rel": "",\r
- "rt": "",\r
- "if": ""\r
+ "rt": ["oic.core"],\r
+ "if": ["oic.if.baseline"]\r
}\r
],\r
"permission": 6\r