From: Volodymyr Brynza <v.brynza@samsung.com>
Date: Mon, 1 Feb 2021 12:55:42 +0000 (+0200)
Subject: fix: /oic/sec/acl remove from srvdb
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=9ee9d9c2e043d86b79cafc9150c9630e41b87c3a;p=platform%2Fupstream%2Fiotivity.git

fix: /oic/sec/acl remove from srvdb

remove resource from read srvdb file
change default ACL

https://github.sec.samsung.net/RS7-IOTIVITY/IoTivity/pull/787
(cherry-picked from 1052ec718f7eada1b35efcdfe08f08379c84ac4f)

Change-Id: I2ec1b1d401fbe93a3df395990c88bbf0b3ae59a1
Signed-off-by: DoHyun Pyun <dh79.pyun@samsung.com>
---

diff --git a/resource/csdk/security/src/aclresource.c b/resource/csdk/security/src/aclresource.c
index 34b2ed251..6ba7ac029 100644
--- a/resource/csdk/security/src/aclresource.c
+++ b/resource/csdk/security/src/aclresource.c
@@ -1225,6 +1225,12 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size)
                                                     OICFree(rMapName);
                                                 }
 
+
+                                                if (strcmp(rsrc->href, OIC_RSRC_ACL_URI) == 0) {
+                                                  LL_DELETE(ace->resources, rsrc);
+                                                  FreeRsrc(rsrc);
+                                                }
+
                                                 if (cbor_value_is_valid(&resources))
                                                 {
                                                     cborFindResult = cbor_value_advance(&resources);
@@ -2187,13 +2193,15 @@ OCStackResult GetDefaultACL(OicSecAcl_t** defaultAcl)
     OCStackResult ret = OC_STACK_ERROR;
     OicUuid_t ownerId = { .id = { 0 } };
     OicSecAcl_t *acl = NULL;
-    OicSecAce_t *ace = NULL;
+    OicSecAce_t *ace_ro_res = NULL;
+    OicSecAce_t *ace_rw_res = NULL;
     OicSecRsrc_t* resRsrc = NULL;
     OicSecRsrc_t* deviceRsrc = NULL;
     OicSecRsrc_t* platformRsrc = NULL;
     OicSecRsrc_t* aclRsrc = NULL;
     OicSecRsrc_t* doxmRsrc = NULL;
     OicSecRsrc_t* pstatRsrc = NULL;
+    OicSecRsrc_t* credRsrc = NULL;
 
     /*
      * TODO In future, when new virtual resources will be added in OIC
@@ -2210,19 +2218,25 @@ OCStackResult GetDefaultACL(OicSecAcl_t** defaultAcl)
     acl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
     VERIFY_NON_NULL(TAG, acl, ERROR);
 
-    ace = (OicSecAce_t *) OICCalloc(1, sizeof(OicSecAce_t));
-    VERIFY_NON_NULL(TAG, ace, ERROR);
+    ace_ro_res = (OicSecAce_t *) OICCalloc(1, sizeof(OicSecAce_t));
+    VERIFY_NON_NULL(TAG, ace_ro_res, ERROR);
 
-    LL_APPEND(acl->aces, ace);
+    LL_APPEND(acl->aces, ace_ro_res);
+
+    ace_rw_res = (OicSecAce_t *) OICCalloc(1, sizeof(OicSecAce_t));
+    VERIFY_NON_NULL(TAG, ace_rw_res, ERROR);
+
+    LL_APPEND(acl->aces, ace_rw_res);
 
     // Subject -- Mandatory
-    memcpy(ace->subjectuuid.id, &WILDCARD_SUBJECT_ID, sizeof(OicUuid_t));
+    memcpy(ace_ro_res->subjectuuid.id, &WILDCARD_SUBJECT_ID, sizeof(OicUuid_t));
+    memcpy(ace_rw_res->subjectuuid.id, &WILDCARD_SUBJECT_ID, sizeof(OicUuid_t));
 
     // Resources -- Mandatory
     // /oic/res
     resRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
     VERIFY_NON_NULL(TAG, resRsrc, ERROR);
-    LL_APPEND(ace->resources, resRsrc);
+    LL_APPEND(ace_ro_res->resources, resRsrc);
     resRsrc->href = OICStrdup(OC_RSRVD_WELL_KNOWN_URI);
     VERIFY_NON_NULL(TAG, (resRsrc->href), ERROR);
     resRsrc->typeLen = 1;
@@ -2241,7 +2255,7 @@ OCStackResult GetDefaultACL(OicSecAcl_t** defaultAcl)
     // /oic/d
     deviceRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
     VERIFY_NON_NULL(TAG, deviceRsrc, ERROR);
-    LL_APPEND(ace->resources, deviceRsrc);
+    LL_APPEND(ace_ro_res->resources, deviceRsrc);
     deviceRsrc->href = OICStrdup(OC_RSRVD_DEVICE_URI);
     VERIFY_NON_NULL(TAG, (deviceRsrc->href), ERROR);
     deviceRsrc->typeLen = 1;
@@ -2260,7 +2274,7 @@ OCStackResult GetDefaultACL(OicSecAcl_t** defaultAcl)
     // /oic/p
     platformRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
     VERIFY_NON_NULL(TAG, platformRsrc, ERROR);
-    LL_APPEND(ace->resources, platformRsrc);
+    LL_APPEND(ace_ro_res->resources, platformRsrc);
     platformRsrc->href = OICStrdup(OC_RSRVD_PLATFORM_URI);
     VERIFY_NON_NULL(TAG, (platformRsrc->href), ERROR);
     platformRsrc->typeLen = 1;
@@ -2276,27 +2290,10 @@ OCStackResult GetDefaultACL(OicSecAcl_t** defaultAcl)
     platformRsrc->interfaces[1] = OICStrdup(OC_RSRVD_INTERFACE_READ);
     VERIFY_NON_NULL(TAG, platformRsrc->interfaces[1], ERROR);
 
-    // /oic/sec/acl
-    aclRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
-    VERIFY_NON_NULL(TAG, aclRsrc, ERROR);
-    LL_APPEND(ace->resources, aclRsrc);
-    aclRsrc->href = OICStrdup(OIC_RSRC_ACL_URI);
-    VERIFY_NON_NULL(TAG, (aclRsrc->href), ERROR);
-    aclRsrc->typeLen = 1;
-    aclRsrc->types = (char**)OICCalloc(1, sizeof(char*));
-    VERIFY_NON_NULL(TAG, aclRsrc->types, ERROR);
-    aclRsrc->types[0] = OICStrdup(OIC_RSRC_TYPE_SEC_ACL);
-    VERIFY_NON_NULL(TAG, aclRsrc->types[0], ERROR);
-    aclRsrc->interfaceLen = 1;
-    aclRsrc->interfaces = (char**)OICCalloc(aclRsrc->interfaceLen, sizeof(char*));
-    VERIFY_NON_NULL(TAG, aclRsrc->interfaces, ERROR);
-    aclRsrc->interfaces[0] = OICStrdup(OC_RSRVD_INTERFACE_DEFAULT);
-    VERIFY_NON_NULL(TAG, aclRsrc->interfaces[0], ERROR);
-
     // /oic/sec/doxm
     doxmRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
     VERIFY_NON_NULL(TAG, doxmRsrc, ERROR);
-    LL_APPEND(ace->resources, doxmRsrc);
+    LL_APPEND(ace_rw_res->resources, doxmRsrc);
     doxmRsrc->href = OICStrdup(OIC_RSRC_DOXM_URI);
     VERIFY_NON_NULL(TAG, (doxmRsrc->href), ERROR);
     doxmRsrc->typeLen = 1;
@@ -2313,7 +2310,7 @@ OCStackResult GetDefaultACL(OicSecAcl_t** defaultAcl)
     // /oic/sec/pstat
     pstatRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
     VERIFY_NON_NULL(TAG, pstatRsrc, ERROR);
-    LL_APPEND(ace->resources, pstatRsrc);
+    LL_APPEND(ace_rw_res->resources, pstatRsrc);
     pstatRsrc->href = OICStrdup(OIC_RSRC_PSTAT_URI);
     VERIFY_NON_NULL(TAG, (pstatRsrc->href), ERROR);
     pstatRsrc->typeLen = 1;
@@ -2327,8 +2324,28 @@ OCStackResult GetDefaultACL(OicSecAcl_t** defaultAcl)
     pstatRsrc->interfaces[0] = OICStrdup(OC_RSRVD_INTERFACE_DEFAULT);
     VERIFY_NON_NULL(TAG, pstatRsrc->interfaces[0], ERROR);
 
-    ace->permission = PERMISSION_READ;
-    ace->validities = NULL;
+    // /oic/sec/cred
+    credRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+    VERIFY_NON_NULL(TAG, credRsrc, ERROR);
+    LL_APPEND(ace_rw_res->resources, credRsrc);
+    credRsrc->href = OICStrdup(OIC_RSRC_CRED_URI);
+    VERIFY_NON_NULL(TAG, (credRsrc->href), ERROR);
+    credRsrc->typeLen = 1;
+    credRsrc->types = (char**)OICCalloc(1, sizeof(char*));
+    VERIFY_NON_NULL(TAG, credRsrc->types, ERROR);
+    credRsrc->types[0] = OICStrdup(OIC_RSRC_TYPE_SEC_CRED);
+    VERIFY_NON_NULL(TAG, credRsrc->types[0], ERROR);
+    credRsrc->interfaceLen = 1;
+    credRsrc->interfaces = (char**)OICCalloc(credRsrc->interfaceLen, sizeof(char*));
+    VERIFY_NON_NULL(TAG, credRsrc->interfaces, ERROR);
+    credRsrc->interfaces[0] = OICStrdup(OC_RSRVD_INTERFACE_DEFAULT);
+    VERIFY_NON_NULL(TAG, credRsrc->interfaces[0], ERROR);
+
+    ace_ro_res->permission = PERMISSION_READ;
+    ace_ro_res->validities = NULL;
+
+    ace_rw_res->permission = PERMISSION_READ | PERMISSION_WRITE;
+    ace_rw_res->validities = NULL;
 
     // Device ID is the owner of this default ACL
     if (GetDoxmResourceData() != NULL)