/** * Find ACLs containing context->subject. * Search each ACL for requested resource. * If resource found, check for context->permission. * Set context->retVal to result from first ACL found which contains * correct subject AND resource. * * @retval void */ void ProcessAccessRequest(PEContext_t *context) { OC_LOG(INFO, TAG, "Entering ProcessAccessRequest()"); if(NULL != context) { const OicSecAcl_t *currentAcl = NULL; OicSecAcl_t *savePtr = NULL; // Start out assuming subject not found. context->retVal = ACCESS_DENIED_SUBJECT_NOT_FOUND; do { OC_LOG(INFO, TAG, "ProcessAccessRequest(): getting ACL..."); currentAcl = GetACLResourceData(context->subject, &savePtr); if(NULL != currentAcl) { // Found the subject, so how about resource? OC_LOG(INFO, TAG, "ProcessAccessRequest(): \ found ACL matching subject."); context->retVal = ACCESS_DENIED_RESOURCE_NOT_FOUND; OC_LOG(INFO, TAG, "ProcessAccessRequest(): \ Searching for resource..."); if(IsResourceInAcl(context->resource, currentAcl)) { OC_LOG(INFO, TAG, "ProcessAccessRequest(): \ found matching resource in ACL."); context->matchingAclFound = true; // Found the resource, so it's down to valid period & permission. context->retVal = ACCESS_DENIED_INVALID_PERIOD; if(IsAccessWithinValidTime(currentAcl)) { context->retVal = ACCESS_DENIED_INSUFFICIENT_PERMISSION; if(IsPermissionAllowingRequest(currentAcl->permission, \ context->permission)) { context->retVal = ACCESS_GRANTED; } } } } else {
/** * Find ACLs containing context->subject. * Search each ACL for requested resource. * If resource found, check for context->permission. * Set context->retVal to result from first ACL found which contains * correct subject AND resource. * * @retval void */ void ProcessAccessRequest(PEContext_t *context) { OC_LOG(INFO, TAG, PCF("Entering ProcessAccessRequest()")); if(NULL != context) { const OicSecAcl_t *currentAcl = NULL; OicSecAcl_t *savePtr = NULL; // Start out assuming subject not found. context->retVal = ACCESS_DENIED_SUBJECT_NOT_FOUND; do { OC_LOG(INFO, TAG, PCF("ProcessAccessRequest(): getting ACL...")); currentAcl = GetACLResourceData(context->subject, &savePtr); char *tmp = (char*)OICMalloc(sizeof(OicUuid_t) +1); memcpy(tmp, context->subject, sizeof(OicUuid_t)); tmp[sizeof(OicUuid_t) + 1] = '\0'; if(NULL != currentAcl) { // Found the subject, so how about resource? OC_LOG(INFO, TAG, PCF("ProcessAccessRequest(): \ found ACL matching subject.")); context->retVal = ACCESS_DENIED_RESOURCE_NOT_FOUND; OC_LOG(INFO, TAG, PCF("ProcessAccessRequest(): \ Searching for resource...")); if(IsResourceInAcl(context->resource, currentAcl)) { OC_LOG(INFO, TAG, PCF("ProcessAccessRequest(): \ found matching resource in ACL.")); context->matchingAclFound = true; // Found the resource, so it's down to permission. context->retVal = ACCESS_DENIED_INSUFFICIENT_PERMISSION; if(IsPermissionAllowingRequest(currentAcl->permission, \ context->permission)) { context->retVal = ACCESS_GRANTED; } } } else {