/**
* Find ACLs containing context->subject.
* Search each ACL for requested resource.
* If resource found, check for context->permission.
* Set context->retVal to result from first ACL found which contains
* correct subject AND resource.
*
* @retval void
*/
void ProcessAccessRequest(PEContext_t *context)
{
OC_LOG(INFO, TAG, "Entering ProcessAccessRequest()");
if(NULL != context)
{
const OicSecAcl_t *currentAcl = NULL;
OicSecAcl_t *savePtr = NULL;
// Start out assuming subject not found.
context->retVal = ACCESS_DENIED_SUBJECT_NOT_FOUND;
do
{
OC_LOG(INFO, TAG, "ProcessAccessRequest(): getting ACL...");
currentAcl = GetACLResourceData(context->subject, &savePtr);
if(NULL != currentAcl)
{
// Found the subject, so how about resource?
OC_LOG(INFO, TAG, "ProcessAccessRequest(): \
found ACL matching subject.");
context->retVal = ACCESS_DENIED_RESOURCE_NOT_FOUND;
OC_LOG(INFO, TAG, "ProcessAccessRequest(): \
Searching for resource...");
if(IsResourceInAcl(context->resource, currentAcl))
{
OC_LOG(INFO, TAG, "ProcessAccessRequest(): \
found matching resource in ACL.");
context->matchingAclFound = true;
// Found the resource, so it's down to valid period & permission.
context->retVal = ACCESS_DENIED_INVALID_PERIOD;
if(IsAccessWithinValidTime(currentAcl))
{
context->retVal = ACCESS_DENIED_INSUFFICIENT_PERMISSION;
if(IsPermissionAllowingRequest(currentAcl->permission, \
context->permission))
{
context->retVal = ACCESS_GRANTED;
}
}
}
}
else
{
/**
* Find ACLs containing context->subject.
* Search each ACL for requested resource.
* If resource found, check for context->permission.
* Set context->retVal to result from first ACL found which contains
* correct subject AND resource.
*
* @retval void
*/
void ProcessAccessRequest(PEContext_t *context)
{
OC_LOG(INFO, TAG, PCF("Entering ProcessAccessRequest()"));
if(NULL != context)
{
const OicSecAcl_t *currentAcl = NULL;
OicSecAcl_t *savePtr = NULL;
// Start out assuming subject not found.
context->retVal = ACCESS_DENIED_SUBJECT_NOT_FOUND;
do
{
OC_LOG(INFO, TAG, PCF("ProcessAccessRequest(): getting ACL..."));
currentAcl = GetACLResourceData(context->subject, &savePtr);
char *tmp = (char*)OICMalloc(sizeof(OicUuid_t) +1);
memcpy(tmp, context->subject, sizeof(OicUuid_t));
tmp[sizeof(OicUuid_t) + 1] = '\0';
if(NULL != currentAcl)
{
// Found the subject, so how about resource?
OC_LOG(INFO, TAG, PCF("ProcessAccessRequest(): \
found ACL matching subject."));
context->retVal = ACCESS_DENIED_RESOURCE_NOT_FOUND;
OC_LOG(INFO, TAG, PCF("ProcessAccessRequest(): \
Searching for resource..."));
if(IsResourceInAcl(context->resource, currentAcl))
{
OC_LOG(INFO, TAG, PCF("ProcessAccessRequest(): \
found matching resource in ACL."));
context->matchingAclFound = true;
// Found the resource, so it's down to permission.
context->retVal = ACCESS_DENIED_INSUFFICIENT_PERMISSION;
if(IsPermissionAllowingRequest(currentAcl->permission, \
context->permission))
{
context->retVal = ACCESS_GRANTED;
}
}
}
else
{
