Skip to content

Commit

Permalink
Hook up args to access control check calls (#12893)
Browse files Browse the repository at this point in the history
- Hook up wildcard/group expansion flag in IM read attribute
- Hook up subject descriptor in IM read/write attribute
  • Loading branch information
mlepage-google authored Dec 10, 2021
1 parent 98a1e36 commit a269640
Showing 1 changed file with 3 additions and 6 deletions.
9 changes: 3 additions & 6 deletions src/app/util/ember-compatibility-functions.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -393,16 +393,14 @@ CHIP_ERROR ReadSingleClusterData(const SubjectDescriptor & aSubjectDescriptor, c
}

{
Access::SubjectDescriptor subjectDescriptor; // TODO: get actual subject descriptor
Access::RequestPath requestPath{ .cluster = aPath.mClusterId, .endpoint = aPath.mEndpointId };
Access::Privilege requestPrivilege = Access::Privilege::kView; // TODO: get actual request privilege
bool pathWasExpanded = false; // TODO: get actual expanded flag
CHIP_ERROR err = Access::GetAccessControl().Check(subjectDescriptor, requestPath, requestPrivilege);
CHIP_ERROR err = Access::GetAccessControl().Check(aSubjectDescriptor, requestPath, requestPrivilege);
err = CHIP_NO_ERROR; // TODO: remove override
if (err != CHIP_NO_ERROR)
{
ReturnErrorCodeIf(err != CHIP_ERROR_ACCESS_DENIED, err);
if (pathWasExpanded)
if (aPath.mExpanded)
{
return CHIP_NO_ERROR;
}
Expand Down Expand Up @@ -845,10 +843,9 @@ CHIP_ERROR WriteSingleClusterData(const SubjectDescriptor & aSubjectDescriptor,
}

{
Access::SubjectDescriptor subjectDescriptor; // TODO: get actual subject descriptor
Access::RequestPath requestPath{ .cluster = aPath.mClusterId, .endpoint = aPath.mEndpointId };
Access::Privilege requestPrivilege = Access::Privilege::kOperate; // TODO: get actual request privilege
CHIP_ERROR err = Access::GetAccessControl().Check(subjectDescriptor, requestPath, requestPrivilege);
CHIP_ERROR err = Access::GetAccessControl().Check(aSubjectDescriptor, requestPath, requestPrivilege);
err = CHIP_NO_ERROR; // TODO: remove override
if (err != CHIP_NO_ERROR)
{
Expand Down

0 comments on commit a269640

Please sign in to comment.