From: Habib Virji <habib.virji@samsung.com>
Date: Tue, 5 Apr 2016 18:58:01 +0000 (+0100)
Subject: IOT-1075 PUT/POST/DELETE for /oic/res, /oic/d, /oic/p returns error
X-Git-Tag: 1.2.0+RC1~355^2^2~19
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=10ac37501a95a2ebbeb4e16a873b45d2c8a9a3b4;p=platform%2Fupstream%2Fiotivity.git

IOT-1075 PUT/POST/DELETE for /oic/res, /oic/d, /oic/p returns error

/oic/res. /oic/d and /oic/p returns error when PUT/POST/DELETE is performed on the resource.

Change-Id: Ib40c4d2b5e9263bc4252e3553fa7e30ef21c2a51
Signed-off-by: Habib Virji <habib.virji@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/7625
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Mushfiqul Islam <i.mushfiq@samsung.com>
Reviewed-by: Markus Jung <markus.jung85@gmail.com>
Reviewed-by: Uze Choi <uzchoi@samsung.com>
---

diff --git a/resource/csdk/stack/src/ocresource.c b/resource/csdk/stack/src/ocresource.c
index 3272862..3c0ee58 100755
--- a/resource/csdk/stack/src/ocresource.c
+++ b/resource/csdk/stack/src/ocresource.c
@@ -680,6 +680,12 @@ static OCStackResult HandleVirtualResource (OCServerRequest *request, OCResource
     // Step 1: Generate the response to discovery request
     if (virtualUriInRequest == OC_WELL_KNOWN_URI)
     {
+        if (request->method == OC_REST_PUT || request->method == OC_REST_POST || request->method == OC_REST_DELETE)
+        {
+            OIC_LOG_V(ERROR, TAG, "Resource : %s not permitted for method: %d", request->resourceUrl, request->method);
+            return OC_STACK_UNAUTHORIZED_REQ;
+        }
+
         char *interfaceQuery = NULL;
         char *resourceTypeQuery = NULL;
 
@@ -812,6 +818,12 @@ static OCStackResult HandleVirtualResource (OCServerRequest *request, OCResource
     }
     else if (virtualUriInRequest == OC_DEVICE_URI)
     {
+        if (request->method == OC_REST_PUT || request->method == OC_REST_POST || request->method == OC_REST_DELETE)
+        {
+            OIC_LOG_V(ERROR, TAG, "Resource : %s not permitted for method: %d", request->resourceUrl, request->method);
+            return OC_STACK_UNAUTHORIZED_REQ;
+        }
+
         const char* deviceId = OCGetServerInstanceIDString();
         if (!deviceId)
         {
@@ -833,6 +845,12 @@ static OCStackResult HandleVirtualResource (OCServerRequest *request, OCResource
     }
     else if (virtualUriInRequest == OC_PLATFORM_URI)
     {
+        if (request->method == OC_REST_PUT || request->method == OC_REST_POST || request->method == OC_REST_DELETE)
+        {
+            OIC_LOG_V(ERROR, TAG, "Resource : %s not permitted for method: %d", request->resourceUrl, request->method);
+            return OC_STACK_UNAUTHORIZED_REQ;
+        }
+
         payload = (OCPayload*)OCPlatformPayloadCreate(&savedPlatformInfo);
         if (!payload)
         {
diff --git a/resource/csdk/stack/src/ocstack.c b/resource/csdk/stack/src/ocstack.c
index 5f66cd5..7fe2254 100644
--- a/resource/csdk/stack/src/ocstack.c
+++ b/resource/csdk/stack/src/ocstack.c
@@ -1193,8 +1193,8 @@ void OCHandleResponse(const CAEndpoint_t* endPoint, const CAResponseInfo_t* resp
                          cbNode->method == OC_REST_DELETE)
                 {
                     char targetUri[MAX_URI_LENGTH];
-                    snprintf(targetUri, MAX_URI_LENGTH, "%s?rt=%s",
-                            OC_RSRVD_RD_URI, OC_RSRVD_RESOURCE_TYPE_RDPUBLISH);
+                    snprintf(targetUri, MAX_URI_LENGTH, "%s?rt=%s", OC_RSRVD_RD_URI,
+                            OC_RSRVD_RESOURCE_TYPE_RDPUBLISH);
                     if (strcmp(targetUri, cbNode->requestUri) == 0)
                     {
                         type = PAYLOAD_TYPE_RD;