static bool ValidateQuery(unsigned char * query) { // Send doxm resource data if the state of doxm resource // matches with the query parameters. // else send doxm resource data as NULL // TODO Remove this check and rely on Policy Engine // and Provisioning Mode to enforce provisioning-state // access rules. Eventually, the PE and PM code will // not send a request to the /doxm Entity Handler at all // if it should not respond. OC_LOG (INFO, TAG, PCF("In ValidateQuery")); if(NULL == gDoxm) { return false; } OicParseQueryIter_t parseIter = {0}; ParseQueryIterInit(query, &parseIter); while(GetNextQuery(&parseIter)) { if(strncasecmp((char *)parseIter.attrPos, OIC_JSON_OWNED_NAME, parseIter.attrLen) == 0) { if((strncasecmp((char *)parseIter.valPos, OIC_SEC_TRUE, parseIter.valLen) == 0) && (gDoxm->owned)) { return true; } else if((strncasecmp((char *)parseIter.valPos, OIC_SEC_FALSE, parseIter.valLen) == 0) && (!gDoxm->owned)) { return true; } } } return false; }
static bool ValidateQuery(const char * query) { // Send doxm resource data if the state of doxm resource // matches with the query parameters. // else send doxm resource data as NULL // TODO Remove this check and rely on Policy Engine // and Provisioning Mode to enforce provisioning-state // access rules. Eventually, the PE and PM code will // not send a request to the /doxm Entity Handler at all // if it should not respond. OIC_LOG (DEBUG, TAG, "In ValidateQuery"); if(NULL == gDoxm) { return false; } bool bOwnedQry = false; // does querystring contains 'owned' query ? bool bOwnedMatch = false; // does 'owned' query value matches with doxm.owned status? bool bDeviceIDQry = false; // does querystring contains 'deviceid' query ? bool bDeviceIDMatch = false; // does 'deviceid' query matches with doxm.deviceid ? OicParseQueryIter_t parseIter = {.attrPos = NULL}; ParseQueryIterInit((unsigned char*)query, &parseIter); while(GetNextQuery(&parseIter)) { if(strncasecmp((char *)parseIter.attrPos, OIC_JSON_OWNED_NAME, parseIter.attrLen) == 0) { bOwnedQry = true; if((strncasecmp((char *)parseIter.valPos, OIC_SEC_TRUE, parseIter.valLen) == 0) && (gDoxm->owned)) { bOwnedMatch = true; } else if((strncasecmp((char *)parseIter.valPos, OIC_SEC_FALSE, parseIter.valLen) == 0) && (!gDoxm->owned)) { bOwnedMatch = true; } } if(strncasecmp((char *)parseIter.attrPos, OIC_JSON_DEVICE_ID_NAME, parseIter.attrLen) == 0) { bDeviceIDQry = true; OicUuid_t subject = {.id={0}}; unsigned char base64Buff[sizeof(((OicUuid_t*)0)->id)] = {}; uint32_t outLen = 0; B64Result b64Ret = B64_OK; b64Ret = b64Decode((char *)parseIter.valPos, parseIter.valLen, base64Buff, sizeof(base64Buff), &outLen); VERIFY_SUCCESS(TAG, (B64_OK == b64Ret && outLen <= sizeof(subject.id)), ERROR); memcpy(subject.id, base64Buff, outLen); if(0 == memcmp(&gDoxm->deviceID.id, &subject.id, sizeof(gDoxm->deviceID.id))) { bDeviceIDMatch = true; } } }