diff --git a/examples/all-clusters-app/all-clusters-common/all-clusters-app.matter b/examples/all-clusters-app/all-clusters-common/all-clusters-app.matter index badb11f5097014..7e65f2ae525471 100644 --- a/examples/all-clusters-app/all-clusters-common/all-clusters-app.matter +++ b/examples/all-clusters-app/all-clusters-common/all-clusters-app.matter @@ -42,7 +42,7 @@ server cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } diff --git a/examples/bridge-app/bridge-common/bridge-app.matter b/examples/bridge-app/bridge-common/bridge-app.matter index 18c6dc420112d8..1f21b34ed80857 100644 --- a/examples/bridge-app/bridge-common/bridge-app.matter +++ b/examples/bridge-app/bridge-common/bridge-app.matter @@ -42,7 +42,7 @@ client cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } @@ -104,7 +104,7 @@ server cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } diff --git a/examples/door-lock-app/door-lock-common/door-lock-app.matter b/examples/door-lock-app/door-lock-common/door-lock-app.matter index a09ae7ec0b5750..ce063313690ddc 100644 --- a/examples/door-lock-app/door-lock-common/door-lock-app.matter +++ b/examples/door-lock-app/door-lock-common/door-lock-app.matter @@ -42,7 +42,7 @@ server cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } diff --git a/examples/light-switch-app/light-switch-common/light-switch-app.matter b/examples/light-switch-app/light-switch-common/light-switch-app.matter index e79b5e23efc08a..7ca2ce1f7b3d65 100644 --- a/examples/light-switch-app/light-switch-common/light-switch-app.matter +++ b/examples/light-switch-app/light-switch-common/light-switch-app.matter @@ -42,7 +42,7 @@ server cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } diff --git a/examples/lighting-app/lighting-common/lighting-app.matter b/examples/lighting-app/lighting-common/lighting-app.matter index df7b51a7518649..c697dc9524683a 100644 --- a/examples/lighting-app/lighting-common/lighting-app.matter +++ b/examples/lighting-app/lighting-common/lighting-app.matter @@ -42,7 +42,7 @@ server cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } diff --git a/examples/lock-app/lock-common/lock-app.matter b/examples/lock-app/lock-common/lock-app.matter index 9107a06c99bf80..d658430da14f54 100644 --- a/examples/lock-app/lock-common/lock-app.matter +++ b/examples/lock-app/lock-common/lock-app.matter @@ -42,7 +42,7 @@ server cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } diff --git a/examples/log-source-app/log-source-common/log-source-app.matter b/examples/log-source-app/log-source-common/log-source-app.matter index d6196305deaa03..800f9564284329 100644 --- a/examples/log-source-app/log-source-common/log-source-app.matter +++ b/examples/log-source-app/log-source-common/log-source-app.matter @@ -37,7 +37,7 @@ server cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } diff --git a/examples/ota-provider-app/ota-provider-common/ota-provider-app.matter b/examples/ota-provider-app/ota-provider-common/ota-provider-app.matter index 35cd61bba64fa9..f2a77bbc0a7c43 100644 --- a/examples/ota-provider-app/ota-provider-common/ota-provider-app.matter +++ b/examples/ota-provider-app/ota-provider-common/ota-provider-app.matter @@ -42,7 +42,7 @@ client cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } @@ -104,7 +104,7 @@ server cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } diff --git a/examples/ota-requestor-app/ota-requestor-common/ota-requestor-app.matter b/examples/ota-requestor-app/ota-requestor-common/ota-requestor-app.matter index 488b02e24eabea..d2f259dfc59c5c 100644 --- a/examples/ota-requestor-app/ota-requestor-common/ota-requestor-app.matter +++ b/examples/ota-requestor-app/ota-requestor-common/ota-requestor-app.matter @@ -42,7 +42,7 @@ server cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } diff --git a/examples/pump-app/pump-common/pump-app.matter b/examples/pump-app/pump-common/pump-app.matter index f5a5e6ba7b1166..402c3b64d7fa1e 100644 --- a/examples/pump-app/pump-common/pump-app.matter +++ b/examples/pump-app/pump-common/pump-app.matter @@ -42,7 +42,7 @@ server cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } diff --git a/examples/pump-controller-app/pump-controller-common/pump-controller-app.matter b/examples/pump-controller-app/pump-controller-common/pump-controller-app.matter index bba78f8dd84786..17c76cbb874026 100644 --- a/examples/pump-controller-app/pump-controller-common/pump-controller-app.matter +++ b/examples/pump-controller-app/pump-controller-common/pump-controller-app.matter @@ -42,7 +42,7 @@ server cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } diff --git a/examples/temperature-measurement-app/esp32/main/temperature-measurement.matter b/examples/temperature-measurement-app/esp32/main/temperature-measurement.matter index 28bed31546655d..072068a81de046 100644 --- a/examples/temperature-measurement-app/esp32/main/temperature-measurement.matter +++ b/examples/temperature-measurement-app/esp32/main/temperature-measurement.matter @@ -42,7 +42,7 @@ server cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } diff --git a/examples/thermostat/thermostat-common/thermostat.matter b/examples/thermostat/thermostat-common/thermostat.matter index d63e70076dd7b8..b2618a97fb277e 100644 --- a/examples/thermostat/thermostat-common/thermostat.matter +++ b/examples/thermostat/thermostat-common/thermostat.matter @@ -42,7 +42,7 @@ server cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } diff --git a/examples/tv-app/tv-common/tv-app.matter b/examples/tv-app/tv-common/tv-app.matter index 9d51b1683ef775..fc7404bfaa70a0 100644 --- a/examples/tv-app/tv-common/tv-app.matter +++ b/examples/tv-app/tv-common/tv-app.matter @@ -42,7 +42,7 @@ server cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } diff --git a/examples/tv-casting-app/tv-casting-common/tv-casting-app.matter b/examples/tv-casting-app/tv-casting-common/tv-casting-app.matter index 854e02bdb1e5b2..6d212c00ca1217 100644 --- a/examples/tv-casting-app/tv-casting-common/tv-casting-app.matter +++ b/examples/tv-casting-app/tv-casting-common/tv-casting-app.matter @@ -42,7 +42,7 @@ server cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } diff --git a/examples/window-app/common/window-app.matter b/examples/window-app/common/window-app.matter index f45ad80b652656..5681c8f3911047 100644 --- a/examples/window-app/common/window-app.matter +++ b/examples/window-app/common/window-app.matter @@ -42,7 +42,7 @@ server cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } diff --git a/src/app/clusters/access-control-server/access-control-server.cpp b/src/app/clusters/access-control-server/access-control-server.cpp index 19b17d4406093f..537f9c9fb2e185 100644 --- a/src/app/clusters/access-control-server/access-control-server.cpp +++ b/src/app/clusters/access-control-server/access-control-server.cpp @@ -26,6 +26,7 @@ #include #include #include +#include #include #include @@ -35,6 +36,9 @@ using namespace chip::Access; namespace AccessControlCluster = chip::app::Clusters::AccessControl; +// TODO(#13590): generated code doesn't automatically handle max length so do it manually +constexpr int kExtensionDataMaxLength = 128; + namespace { struct Subject @@ -355,18 +359,17 @@ class AccessControlAttribute : public chip::app::AttributeAccessInterface CHIP_ERROR ReadAcl(AttributeValueEncoder & aEncoder); CHIP_ERROR ReadExtension(AttributeValueEncoder & aEncoder); CHIP_ERROR WriteAcl(const ConcreteDataAttributePath & aPath, AttributeValueDecoder & aDecoder); - CHIP_ERROR WriteExtension(AttributeValueDecoder & aDecoder); + CHIP_ERROR WriteExtension(const ConcreteDataAttributePath & aPath, AttributeValueDecoder & aDecoder); }; constexpr uint16_t AccessControlAttribute::ClusterRevision; -CHIP_ERROR LogEntryChangedEvent(const AccessControl::Entry & entry, const Access::SubjectDescriptor & subjectDescriptor, - AccessControlCluster::ChangeTypeEnum changeType) +CHIP_ERROR LogAclChangedEvent(const AccessControl::Entry & entry, const Access::SubjectDescriptor & subjectDescriptor, + AccessControlCluster::ChangeTypeEnum changeType) { CHIP_ERROR err; // Record AccessControlEntry event - EventNumber eventNumber; DataModel::Nullable adminNodeID; DataModel::Nullable adminPasscodeID; DataModel::Nullable latestValue; @@ -432,10 +435,39 @@ CHIP_ERROR LogEntryChangedEvent(const AccessControl::Entry & entry, const Access AccessControlCluster::Events::AccessControlEntryChanged::Type event{ adminNodeID, adminPasscodeID, changeType, latestValue, subjectDescriptor.fabricIndex }; + EventNumber eventNumber; err = LogEvent(event, 0, eventNumber); if (CHIP_NO_ERROR != err) { - ChipLogError(DataManagement, "AccessControlCluster: log event failed"); + ChipLogError(DataManagement, "AccessControlCluster: log event failed %" CHIP_ERROR_FORMAT, err.Format()); + } + + return err; +} + +CHIP_ERROR LogExtensionChangedEvent(const AccessControlCluster::Structs::ExtensionEntry::Type & item, + const Access::SubjectDescriptor & subjectDescriptor, + AccessControlCluster::ChangeTypeEnum changeType) +{ + AccessControlCluster::Events::AccessControlExtensionChanged::Type event{ .changeType = changeType, + .adminFabricIndex = subjectDescriptor.fabricIndex }; + + if (subjectDescriptor.authMode == Access::AuthMode::kCase) + { + event.adminNodeID.SetNonNull(subjectDescriptor.subject); + } + else if (subjectDescriptor.authMode == Access::AuthMode::kPase) + { + event.adminPasscodeID.SetNonNull(PAKEKeyIdFromNodeId(subjectDescriptor.subject)); + } + + event.latestValue.SetNonNull(item); + + EventNumber eventNumber; + CHIP_ERROR err = LogEvent(event, 0, eventNumber); + if (CHIP_NO_ERROR != err) + { + ChipLogError(DataManagement, "AccessControlCluster: log event failed %" CHIP_ERROR_FORMAT, err.Format()); } return err; @@ -476,7 +508,31 @@ CHIP_ERROR AccessControlAttribute::ReadAcl(AttributeValueEncoder & aEncoder) CHIP_ERROR AccessControlAttribute::ReadExtension(AttributeValueEncoder & aEncoder) { - return aEncoder.EncodeEmptyList(); + auto & storage = Server::GetInstance().GetPersistentStorage(); + DefaultStorageKeyAllocator key; + + auto & fabrics = Server::GetInstance().GetFabricTable(); + + return aEncoder.EncodeList([&](const auto & encoder) -> CHIP_ERROR { + for (auto & fabric : fabrics) + { + uint8_t buffer[kExtensionDataMaxLength] = { 0 }; + uint16_t size = static_cast(sizeof(buffer)); + CHIP_ERROR errStorage = storage.SyncGetKeyValue(key.AccessControlExtensionEntry(fabric.GetFabricIndex()), buffer, size); + ReturnErrorCodeIf(errStorage == CHIP_ERROR_BUFFER_TOO_SMALL, CHIP_ERROR_INCORRECT_STATE); + if (errStorage == CHIP_ERROR_PERSISTED_STORAGE_VALUE_NOT_FOUND) + { + continue; + } + ReturnErrorOnFailure(errStorage); + AccessControlCluster::Structs::ExtensionEntry::Type item = { + .data = ByteSpan(buffer, size), + .fabricIndex = fabric.GetFabricIndex(), + }; + ReturnErrorOnFailure(encoder.Encode(item)); + } + return CHIP_NO_ERROR; + }); } CHIP_ERROR AccessControlAttribute::Write(const ConcreteDataAttributePath & aPath, AttributeValueDecoder & aDecoder) @@ -486,7 +542,7 @@ CHIP_ERROR AccessControlAttribute::Write(const ConcreteDataAttributePath & aPath case AccessControlCluster::Attributes::Acl::Id: return WriteAcl(aPath, aDecoder); case AccessControlCluster::Attributes::Extension::Id: - return WriteExtension(aDecoder); + return WriteExtension(aPath, aDecoder); } return CHIP_NO_ERROR; @@ -520,7 +576,8 @@ CHIP_ERROR AccessControlAttribute::WriteAcl(const ConcreteDataAttributePath & aP ReturnErrorOnFailure(list.ComputeSize(&newCount)); ReturnErrorOnFailure(GetAccessControl().GetMaxEntryCount(maxCount)); VerifyOrReturnError(allCount >= oldCount, CHIP_ERROR_INTERNAL); - VerifyOrReturnError(static_cast(allCount - oldCount + newCount) <= maxCount, CHIP_ERROR_INVALID_LIST_LENGTH); + VerifyOrReturnError(static_cast(allCount - oldCount + newCount) <= maxCount, + CHIP_IM_GLOBAL_STATUS(ConstraintError)); auto iterator = list.begin(); size_t i = 0; @@ -529,14 +586,14 @@ CHIP_ERROR AccessControlAttribute::WriteAcl(const ConcreteDataAttributePath & aP if (i < oldCount) { ReturnErrorOnFailure(GetAccessControl().UpdateEntry(i, iterator.GetValue().entry, &accessingFabricIndex)); - ReturnErrorOnFailure(LogEntryChangedEvent(iterator.GetValue().entry, aDecoder.GetSubjectDescriptor(), - AccessControlCluster::ChangeTypeEnum::kChanged)); + ReturnErrorOnFailure(LogAclChangedEvent(iterator.GetValue().entry, aDecoder.GetSubjectDescriptor(), + AccessControlCluster::ChangeTypeEnum::kChanged)); } else { ReturnErrorOnFailure(GetAccessControl().CreateEntry(nullptr, iterator.GetValue().entry, &accessingFabricIndex)); - ReturnErrorOnFailure(LogEntryChangedEvent(iterator.GetValue().entry, aDecoder.GetSubjectDescriptor(), - AccessControlCluster::ChangeTypeEnum::kAdded)); + ReturnErrorOnFailure(LogAclChangedEvent(iterator.GetValue().entry, aDecoder.GetSubjectDescriptor(), + AccessControlCluster::ChangeTypeEnum::kAdded)); } ++i; } @@ -549,7 +606,7 @@ CHIP_ERROR AccessControlAttribute::WriteAcl(const ConcreteDataAttributePath & aP --oldCount; ReturnErrorOnFailure(GetAccessControl().ReadEntry(oldCount, entry, &accessingFabricIndex)); ReturnErrorOnFailure( - LogEntryChangedEvent(entry, aDecoder.GetSubjectDescriptor(), AccessControlCluster::ChangeTypeEnum::kRemoved)); + LogAclChangedEvent(entry, aDecoder.GetSubjectDescriptor(), AccessControlCluster::ChangeTypeEnum::kRemoved)); ReturnErrorOnFailure(GetAccessControl().DeleteEntry(oldCount, &accessingFabricIndex)); } } @@ -560,7 +617,7 @@ CHIP_ERROR AccessControlAttribute::WriteAcl(const ConcreteDataAttributePath & aP ReturnErrorOnFailure(GetAccessControl().CreateEntry(nullptr, item.entry, &accessingFabricIndex)); ReturnErrorOnFailure( - LogEntryChangedEvent(item.entry, aDecoder.GetSubjectDescriptor(), AccessControlCluster::ChangeTypeEnum::kAdded)); + LogAclChangedEvent(item.entry, aDecoder.GetSubjectDescriptor(), AccessControlCluster::ChangeTypeEnum::kAdded)); } else { @@ -570,10 +627,79 @@ CHIP_ERROR AccessControlAttribute::WriteAcl(const ConcreteDataAttributePath & aP return CHIP_NO_ERROR; } -CHIP_ERROR AccessControlAttribute::WriteExtension(AttributeValueDecoder & aDecoder) +CHIP_ERROR AccessControlAttribute::WriteExtension(const ConcreteDataAttributePath & aPath, AttributeValueDecoder & aDecoder) { - DataModel::DecodableList list; - ReturnErrorOnFailure(aDecoder.Decode(list)); + auto & storage = Server::GetInstance().GetPersistentStorage(); + DefaultStorageKeyAllocator key; + + FabricIndex accessingFabricIndex = aDecoder.AccessingFabricIndex(); + + uint8_t buffer[kExtensionDataMaxLength] = { 0 }; + uint16_t size = static_cast(sizeof(buffer)); + CHIP_ERROR errStorage = storage.SyncGetKeyValue(key.AccessControlExtensionEntry(accessingFabricIndex), buffer, size); + ReturnErrorCodeIf(errStorage == CHIP_ERROR_BUFFER_TOO_SMALL, CHIP_ERROR_INCORRECT_STATE); + ReturnErrorCodeIf(errStorage != CHIP_NO_ERROR && errStorage != CHIP_ERROR_PERSISTED_STORAGE_VALUE_NOT_FOUND, errStorage); + + if (!aPath.IsListItemOperation()) + { + DataModel::DecodableList list; + ReturnErrorOnFailure(aDecoder.Decode(list)); + + size_t count = 0; + ReturnErrorOnFailure(list.ComputeSize(&count)); + + if (count == 0) + { + ReturnErrorCodeIf(errStorage == CHIP_ERROR_PERSISTED_STORAGE_VALUE_NOT_FOUND, CHIP_NO_ERROR); + ReturnErrorOnFailure(storage.SyncDeleteKeyValue(key.AccessControlExtensionEntry(accessingFabricIndex))); + AccessControlCluster::Structs::ExtensionEntry::Type item = { + .data = ByteSpan(buffer, size), + .fabricIndex = accessingFabricIndex, + }; + ReturnErrorOnFailure( + LogExtensionChangedEvent(item, aDecoder.GetSubjectDescriptor(), AccessControlCluster::ChangeTypeEnum::kRemoved)); + } + else if (count == 1) + { + auto iterator = list.begin(); + if (!iterator.Next()) + { + ReturnErrorOnFailure(iterator.GetStatus()); + // If counted an item, iterator doesn't return it, iterator has no error, that's bad. + return CHIP_ERROR_INCORRECT_STATE; + } + auto & item = iterator.GetValue(); + // TODO(#13590): generated code doesn't automatically handle max length so do it manually + ReturnErrorCodeIf(item.data.size() > kExtensionDataMaxLength, CHIP_IM_GLOBAL_STATUS(ConstraintError)); + ReturnErrorOnFailure(storage.SyncSetKeyValue(key.AccessControlExtensionEntry(accessingFabricIndex), item.data.data(), + static_cast(item.data.size()))); + ReturnErrorOnFailure(LogExtensionChangedEvent(item, aDecoder.GetSubjectDescriptor(), + errStorage == CHIP_ERROR_PERSISTED_STORAGE_VALUE_NOT_FOUND + ? AccessControlCluster::ChangeTypeEnum::kAdded + : AccessControlCluster::ChangeTypeEnum::kChanged)); + } + else + { + return CHIP_IM_GLOBAL_STATUS(ConstraintError); + } + } + else if (aPath.mListOp == ConcreteDataAttributePath::ListOperation::AppendItem) + { + ReturnErrorCodeIf(errStorage != CHIP_ERROR_PERSISTED_STORAGE_VALUE_NOT_FOUND, CHIP_IM_GLOBAL_STATUS(ConstraintError)); + AccessControlCluster::Structs::ExtensionEntry::DecodableType item; + ReturnErrorOnFailure(aDecoder.Decode(item)); + // TODO(#13590): generated code doesn't automatically handle max length so do it manually + ReturnErrorCodeIf(item.data.size() > kExtensionDataMaxLength, CHIP_IM_GLOBAL_STATUS(ConstraintError)); + ReturnErrorOnFailure(storage.SyncSetKeyValue(key.AccessControlExtensionEntry(accessingFabricIndex), item.data.data(), + static_cast(item.data.size()))); + ReturnErrorOnFailure( + LogExtensionChangedEvent(item, aDecoder.GetSubjectDescriptor(), AccessControlCluster::ChangeTypeEnum::kAdded)); + } + else + { + return CHIP_ERROR_UNSUPPORTED_CHIP_FEATURE; + } + return CHIP_NO_ERROR; } diff --git a/src/app/zap-templates/zcl/data-model/chip/access-control-cluster.xml b/src/app/zap-templates/zcl/data-model/chip/access-control-cluster.xml index fa7d0eb82254ce..561925936784dc 100644 --- a/src/app/zap-templates/zcl/data-model/chip/access-control-cluster.xml +++ b/src/app/zap-templates/zcl/data-model/chip/access-control-cluster.xml @@ -58,8 +58,8 @@ limitations under the License. - - + + diff --git a/src/controller/data_model/controller-clusters.matter b/src/controller/data_model/controller-clusters.matter index a0d033a57e7740..3f7a2f9a8fac1b 100644 --- a/src/controller/data_model/controller-clusters.matter +++ b/src/controller/data_model/controller-clusters.matter @@ -42,7 +42,7 @@ client cluster AccessControl = 31 { } struct ExtensionEntry { - OCTET_STRING<254> data = 1; + OCTET_STRING<128> data = 1; fabric_idx fabricIndex = 254; } diff --git a/src/lib/support/DefaultStorageKeyAllocator.h b/src/lib/support/DefaultStorageKeyAllocator.h index 4dab3c77123b02..48b97e766b496e 100644 --- a/src/lib/support/DefaultStorageKeyAllocator.h +++ b/src/lib/support/DefaultStorageKeyAllocator.h @@ -52,7 +52,8 @@ class DefaultStorageKeyAllocator // FailSafeContext const char * FailSafeContextKey() { return Format("g/fsc"); } - // Access Control List + // Access Control + const char * AccessControlExtensionEntry(FabricIndex fabric) { return Format("f/%x/ac/1", fabric); } // TODO: We should probably store the fabric-specific parts of the ACL list // under keys starting with "f/%x/". diff --git a/zzz_generated/app-common/app-common/zap-generated/cluster-objects.cpp b/zzz_generated/app-common/app-common/zap-generated/cluster-objects.cpp index 896d137b6ee1bf..d462d03636fb60 100644 --- a/zzz_generated/app-common/app-common/zap-generated/cluster-objects.cpp +++ b/zzz_generated/app-common/app-common/zap-generated/cluster-objects.cpp @@ -4683,9 +4683,13 @@ CHIP_ERROR Type::EncodeForRead(TLV::TLVWriter & writer, TLV::Tag tag, FabricInde CHIP_ERROR Type::DoEncode(TLV::TLVWriter & writer, TLV::Tag tag, const Optional & accessingFabricIndex) const { + bool includeSensitive = !accessingFabricIndex.HasValue() || (accessingFabricIndex.Value() == fabricIndex); TLV::TLVType outer; ReturnErrorOnFailure(writer.StartContainer(tag, TLV::kTLVType_Structure, outer)); - ReturnErrorOnFailure(DataModel::Encode(writer, TLV::ContextTag(to_underlying(Fields::kData)), data)); + if (includeSensitive) + { + ReturnErrorOnFailure(DataModel::Encode(writer, TLV::ContextTag(to_underlying(Fields::kData)), data)); + } if (accessingFabricIndex.HasValue()) { ReturnErrorOnFailure(DataModel::Encode(writer, TLV::ContextTag(to_underlying(Fields::kFabricIndex)), fabricIndex));