From 30700289b280bd3b558e2d0b2c5fc1b4d8259976 Mon Sep 17 00:00:00 2001 From: Morozov-5F Date: Wed, 8 Jun 2022 20:33:42 +0300 Subject: [PATCH] [#19316] Don't require PIN for locking/unlocking the door when not required --- .../door-lock-server/door-lock-server.cpp | 18 +++++++++++------ .../door-lock-server/door-lock-server.h | 5 +++++ src/app/tests/suites/DL_LockUnlock.yaml | 20 +++++++++++++++++++ 3 files changed, 37 insertions(+), 6 deletions(-) diff --git a/src/app/clusters/door-lock-server/door-lock-server.cpp b/src/app/clusters/door-lock-server/door-lock-server.cpp index 2f69c839e6c1c8..93f83a529953b5 100644 --- a/src/app/clusters/door-lock-server/door-lock-server.cpp +++ b/src/app/clusters/door-lock-server/door-lock-server.cpp @@ -3143,13 +3143,19 @@ bool DoorLockServer::HandleRemoteLockOperation(chip::app::CommandHandler * comma } else { - // appclusters.pdf 5.3.4.1: - // If the RequirePINforRemoteOperation attribute is True then PINCode field SHALL be provided and the door lock SHALL NOT - // grant access if it is not provided. bool requirePin = false; - VerifyOrExit(GetAttribute(endpoint, Attributes::RequirePINforRemoteOperation::Id, - Attributes::RequirePINforRemoteOperation::Get, requirePin), - /* credentialsOk is false here */); + + // appclusters.pdf 5.3.4.1: + // If the RequirePINForRemoteOperation attribute is True then PINCode field SHALL be provided and the door lock SHALL NOT + // grant access if it is not provided. This attribute exists when COTA and PIN features are both enabled. Otherwise we + // assume PIN to be OK. + if (SupportsCredentialsOTA(endpoint) && SupportsPIN(endpoint)) + { + auto status = Attributes::RequirePINforRemoteOperation::Get(endpoint, &requirePin); + VerifyOrExit( + EMBER_ZCL_STATUS_UNSUPPORTED_ATTRIBUTE == status || EMBER_ZCL_STATUS_SUCCESS == status, + ChipLogError(Zcl, "Failed to read Require PIN For Remote Operation attribute, status=0x%x", to_underlying(status))); + } credentialsOk = !requirePin; } diff --git a/src/app/clusters/door-lock-server/door-lock-server.h b/src/app/clusters/door-lock-server/door-lock-server.h index 25ccf346a953b2..efe8a0ace57ae3 100644 --- a/src/app/clusters/door-lock-server/door-lock-server.h +++ b/src/app/clusters/door-lock-server/door-lock-server.h @@ -168,6 +168,11 @@ class DoorLockServer inline bool SupportsSchedules(chip::EndpointId endpointId) { return HasFeature(endpointId, DoorLockFeature::kAccessSchedules); } + inline bool SupportsCredentialsOTA(chip::EndpointId endpointId) + { + return HasFeature(endpointId, DoorLockFeature::kCredentialsOTA); + } + inline bool SupportsUSR(chip::EndpointId endpointId) { // appclusters, 5.2.2: USR feature has conformance [PIN | RID | FGP | FACE] diff --git a/src/app/tests/suites/DL_LockUnlock.yaml b/src/app/tests/suites/DL_LockUnlock.yaml index 0cf5e6f9f94c0b..4ddaee939b4254 100644 --- a/src/app/tests/suites/DL_LockUnlock.yaml +++ b/src/app/tests/suites/DL_LockUnlock.yaml @@ -28,6 +28,26 @@ tests: - name: "nodeId" value: nodeId + - label: "Try to unlock the door without PIN" + command: "UnlockDoor" + timedInteractionTimeoutMs: 10000 + + - label: "Verify that lock state attribute value is set to Unlocked" + command: "readAttribute" + attribute: "LockState" + response: + value: 2 + + - label: "Try to unlock the door without a PIN" + command: "LockDoor" + timedInteractionTimeoutMs: 10000 + + - label: "Verify that lock state attribute value is set to Locked" + command: "readAttribute" + attribute: "LockState" + response: + value: 1 + - label: "Create new PIN credential and lock/unlock user" command: "SetCredential" timedInteractionTimeoutMs: 10000