From: Jongmin Choi <jminl.choi@samsung.com>
Date: Wed, 12 Oct 2016 12:00:45 +0000 (+0900)
Subject: [IOT-1446] Fix discovery failure issue
X-Git-Tag: 1.3.0~1055^2~61
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=00c9302d9f935328ad4e368be56e030debaff529;p=platform%2Fupstream%2Fiotivity.git

[IOT-1446] Fix discovery failure issue

Change logic in the Policy Engine in order to resolve
discovery failure issue

Patch #1: Initial upload
Patch #2: Error message changed

Change-Id: I08ab1dec15cb0f49374d42d97b65a23fe885db39
Signed-off-by: Jongmin Choi <jminl.choi@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/13173
Reviewed-by: Kevin Kane <kkane@microsoft.com>
Reviewed-by: Nathan Heldt-Sheller <nathan.heldt-sheller@intel.com>
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Randeep Singh <randeep.s@samsung.com>
(cherry picked from commit 5c78f31a2d4415c970f38db14e248bfef348a6b0)
Reviewed-on: https://gerrit.iotivity.org/gerrit/13199
---

diff --git a/resource/csdk/security/src/policyengine.c b/resource/csdk/security/src/policyengine.c
index 2baf6f9..c3f0734 100644
--- a/resource/csdk/security/src/policyengine.c
+++ b/resource/csdk/security/src/policyengine.c
@@ -478,23 +478,24 @@ SRMAccessResponse_t CheckPermission(PEContext_t     *context,
 
         // Before doing any ACL processing, check if request a) coming
         // from DevOwner AND b) the device is in Ready for OTM or Reset state
-        // (which in IoTivity is equivalent to isOp == false && owned == false) 
-        // AND c) the request is for a SVR resource.  
+        // (which in IoTivity is equivalent to isOp == false && owned == false)
+        // AND c) the request is for a SVR resource.
         // If all 3 conditions are met, grant request.
         bool isDeviceOwned = true; // default to value that will not grant access
-        if (OC_STACK_OK == GetDoxmIsOwned(&isDeviceOwned)) // if runtime error, don't grant
+        if (OC_STACK_OK != GetDoxmIsOwned(&isDeviceOwned)) // if runtime error, don't grant
         {
-            // If we were able to get the value of doxm->isOwned, proceed with
-            // test for implicit access...
-            if (IsRequestFromDevOwner(context) // if from DevOwner
-            && (GetPstatIsop() == false) // AND if pstat->isOp == false
-            && (isDeviceOwned == false) // AND if doxm->isOwned == false
-            && (context->resourceType != NOT_A_SVR_RESOURCE)) // AND if SVR type
-            {
-                context->retVal = ACCESS_GRANTED;
-            }        
+            context->retVal = ACCESS_DENIED_POLICY_ENGINE_ERROR;
+        }
+        // If we were able to get the value of doxm->isOwned, proceed with
+        // test for implicit access...
+        else if (IsRequestFromDevOwner(context) // if from DevOwner
+        && (GetPstatIsop() == false) // AND if pstat->isOp == false
+        && (isDeviceOwned == false) // AND if doxm->isOwned == false
+        && (context->resourceType != NOT_A_SVR_RESOURCE)) // AND if SVR type
+        {
+            context->retVal = ACCESS_GRANTED;
         }
-        // If not granted via DevOwner status, 
+        // If not granted via DevOwner status,
         // then check if request is for a SVR and coming from rowner
         else if (IsRequestFromResourceOwner(context))
         {