Commit 2cddce2f authored by Miguel Angel Reina Ortega's avatar Miguel Angel Reina Ortega
Browse files

Addition of PX_SUPER_AE_ID and PX_SUPER_CSE_ID replacing PX_SUPER_USER +


Usage of AcpAux to have control on privileges for resources created directly at CSEBase +
Clean-up - modification and usage of f_getOriginator function, renaming of m_deleteRequest to m_delete
Signed-off-by: Miguel Angel Reina Ortega's avatarMiguel Angel Reina Ortega <miguelangel.reinaortega@etsi.org>
parent 59f4302d
......@@ -179,7 +179,7 @@ module OneM2M_Functions {
*/
function f_cse_preamble_createAcpAux(in template (value) XSD.String p_acpName := c_acpAuxName, in template (value) AccessControlOperations p_allowedOperations := int63) runs on CseTester return integer {//c_CRUDNDi
return f_cse_createAccessControlPolicyAux(p_acpName, p_allowedOperations);
return f_cse_createAccessControlPolicyAux(p_acpName, -, p_allowedOperations);
}
......@@ -197,7 +197,8 @@ module OneM2M_Functions {
var integer v_aeAuxIndex := -1;
v_request := valueof(m_createAeAux(p_accessControlPolicyIDs, p_poaList));
v_request.to_ := f_getResourceAddress();
v_request := f_getCreateRequestPrimitive(int2, v_request, -1);
mcaPort.send(m_request(v_request));
......@@ -350,18 +351,10 @@ module OneM2M_Functions {
v_resourceAddress := f_getResourceAddress(vc_resourcesIndexToBeDeleted[i]);
v_request := valueof(m_deleteRequest(v_resourceAddress));
v_request := valueof(m_delete(v_resourceAddress, f_getOriginator(vc_resourcesIndexToBeDeleted[i])));
//For deletion of AEs, priority is to use AE-ID in From parameter
//For other resources PX_SUPER_USER should be able to do DELETE operation
//TODO Replace below code by f_getOriginator
v_request.from_ := f_getOriginator(vc_resourcesIndexToBeDeleted[i]);
// if(PX_USE_RESOURCE_ID_AS_ORIGINATOR){
// if(ischosen(vc_resourcesList[vc_resourcesIndexToBeDeleted[i]].resource.aE)) {
// v_request.from_ := vc_resourcesList[vc_resourcesIndexToBeDeleted[i]].resource.aE.aE_ID;
// }
// }
mcaPort.send(m_request(v_request));
tc_ac.start;
......@@ -461,15 +454,14 @@ module OneM2M_Functions {
* @return Internal resource index of the created auxiliar ACP resource
* @verdict
*/
function f_cse_createAccessControlPolicyAux(in template (value) XSD.String p_acpName := c_acpAuxName, in template (value) AccessControlOperations p_allowedOperations := int63) runs on CseTester return integer{
var RequestPrimitive v_request;
function f_cse_createAccessControlPolicyAux(in template (value) XSD.String p_acpName := c_acpAuxName, in template (value) ListOfURIs p_acor := PX_ACOR, in template (value) AccessControlOperations p_allowedOperations := int63) runs on CseTester return integer{ var RequestPrimitive v_request;
var MsgIn v_response;
var integer v_acpAuxIndex := -1;
v_request := valueof(m_createAcpAux(p_acpName := p_acpName, p_allowedOperations := p_allowedOperations));
v_request.to_ := f_getResourceAddress();
v_request := f_getCreateRequestPrimitive(int1, v_request, -1);
mcaPort.send(m_request(v_request));
tc_ac.start;
alt {
......@@ -599,7 +591,7 @@ module OneM2M_Functions {
var RequestPrimitive v_request;
if(not isvalue(p_requestPrimitive)) {
v_request := valueof(m_deleteRequest(f_getResourceAddress(p_index)));
v_request := valueof(m_delete(f_getResourceAddress(p_index), f_getOriginator(p_index)));
} else {
v_request := valueof(p_requestPrimitive);
}
......@@ -1680,28 +1672,30 @@ module OneM2M_Functions {
/**
* @desc Resolution of the originator field (from) for a given resource
* @param p_targetResourceIndex Internal resource index of the given resource
* @param p_testSystemRole True if TS acting as an AE, False if TS acting as a CSE
* @return Originator for a given resource
* @verdict
*/
function f_getOriginator(integer p_targetResourceIndex := -1) runs on CseTester return XSD.AnyURI {
function f_getOriginator(integer p_targetResourceIndex := -1, boolean p_testSystemRole := true) runs on CseTester return XSD.AnyURI {
if(p_targetResourceIndex == -1) {
return PX_SUPER_USER;
if(p_testSystemRole) {
return PX_SUPER_AE_ID;
} else {
return PX_SUPER_CSE_ID;
}
}
if(PX_USE_RESOURCE_ID_AS_ORIGINATOR) {
if(vc_resourcesList[p_targetResourceIndex].parentIndex == -1) {
return f_getResourceId(vc_resourcesList[p_targetResourceIndex].resource);
if(vc_resourcesList[p_targetResourceIndex].parentIndex == -1) {
if(ischosen(vc_resourcesList[p_targetResourceIndex].resource.aE)) {
return vc_resourcesList[p_targetResourceIndex].resource.aE.aE_ID;
} else if (ischosen(vc_resourcesList[p_targetResourceIndex].resource.remoteCSE)) {
return vc_resourcesList[p_targetResourceIndex].resource.remoteCSE.cSE_ID;
} else {
return f_getOriginator(vc_resourcesList[p_targetResourceIndex].parentIndex);
// if(ischosen(vc_resourcesList[p_targetResourceIndex].resource.aE)) {
// return vc_resourcesList[p_targetResourceIndex].resource.aE.aE_ID;
// } else {
// return f_getOriginator(vc_resourcesList[p_targetResourceIndex].parentIndex);
// }
}
} else {
return PX_SUPER_USER;
return f_getOriginator(vc_resourcesList[p_targetResourceIndex].parentIndex);
}
}
......@@ -1752,8 +1746,8 @@ module OneM2M_Functions {
* @param p_announcementTargetResource Announcement Target Resource
* @return p_annoucementTargetPoA Announcemenet Target PoA
*/
function f_getAnnouncementTargetPoA(in charstring p_protocolBinding := PX_PROTOCOL_BINDING, in charstring p_announcementTargetAddress := PX_CSE1_ADDRESS, charstring p_announcementTargetResource := "/CseBaseTester" ) return charstring {
function f_getAnnouncementTargetPoA(in charstring p_protocolBinding := PX_PROTOCOL_BINDING, in charstring p_announcementTargetAddress := PX_CSE1_ADDRESS, charstring p_announcementTargetResource := "CseBaseTester" ) return charstring {
if(p_protocolBinding == "HTTP") {
return "http://" & p_announcementTargetAddress & "/" & p_announcementTargetResource;
} else if (p_protocolBinding == "COAP") {
......@@ -1889,6 +1883,29 @@ module OneM2M_Functions {
else if (ischosen(p_requestPrimitive.primitiveContent.locationPolicy)){
p_requestPrimitive.primitiveContent.locationPolicy.accessControlPolicyIDs := p_accessControlPolicyIDs;
}
else if (ischosen(p_requestPrimitive.primitiveContent.delivery)){
p_requestPrimitive.primitiveContent.delivery.accessControlPolicyIDs := p_accessControlPolicyIDs;
}
else if (ischosen(p_requestPrimitive.primitiveContent.mgmtCmd)){
p_requestPrimitive.primitiveContent.mgmtCmd.accessControlPolicyIDs := p_accessControlPolicyIDs;
}
else if (ischosen(p_requestPrimitive.primitiveContent.node)){
p_requestPrimitive.primitiveContent.node.accessControlPolicyIDs := p_accessControlPolicyIDs;
}
else if (ischosen(p_requestPrimitive.primitiveContent.remoteCSE)){
p_requestPrimitive.primitiveContent.remoteCSE.accessControlPolicyIDs := p_accessControlPolicyIDs;
}
else if (ischosen(p_requestPrimitive.primitiveContent.request)){
p_requestPrimitive.primitiveContent.request.accessControlPolicyIDs := p_accessControlPolicyIDs;
}
else if (ischosen(p_requestPrimitive.primitiveContent.statsCollect)){
p_requestPrimitive.primitiveContent.statsCollect.accessControlPolicyIDs := p_accessControlPolicyIDs;
}
else if (ischosen(p_requestPrimitive.primitiveContent.statsConfig)){
p_requestPrimitive.primitiveContent.statsConfig.accessControlPolicyIDs := p_accessControlPolicyIDs;
} else {
log( __SCOPE__, ":INFO: Resource not having acpi attribute. Not possible to set acpi")
}
return valueof(p_requestPrimitive);
}
......
......@@ -69,7 +69,15 @@ module OneM2M_Pixits {
*/
modulepar XSD.ID PX_AE2_ID_STEM := "";
modulepar XSD.ID PX_SUPER_USER := "admin:admin";
/**
* @desc AE-ID with privileges to CREATE at the IUT CSEBase with AE-ID-Stem format (relative) according to TS-0001-7.2-1
*/
modulepar XSD.ID PX_SUPER_AE_ID := "admin:admin";
/**
* @desc CSE-ID with privileges to CREATE at the IUT CSEBase with SP-relative-CSE-ID format (relative) according to TS-0001-7.2-1
*/
modulepar XSD.ID PX_SUPER_CSE_ID := "/admin:admin";
/**
* @desc Test System APP-ID with App-ID format according to TS-0001-7.2-1
......
......@@ -499,7 +499,6 @@ module OneM2M_Templates {
template (value) RequestPrimitive m_createAcp(XSD.ID p_parentResourceAddress, in template (omit) XSD.String p_name := c_defaultAccessControlPolicyResourceName, in template (value) ListOfURIs p_acor := PX_ACOR, in template (value) AccessControlOperations p_allowedOperations := int63) modifies m_create := {
to_ := p_parentResourceAddress,
from_ := PX_SUPER_USER,
requestIdentifier := testcasename() & "-m_createAcp" & f_rnd(1, 1000000),
resourceType := int1,
primitiveContent := {accessControlPolicy := m_contentCreateAcp (p_name, p_acor, p_allowedOperations)}
......@@ -520,7 +519,6 @@ module OneM2M_Templates {
* @desc Base CREATE request primitive for AccessControlPolicy resource (AUX)
*/
template (value) RequestPrimitive m_createAcpAux(in template (value) XSD.String p_acpName := c_acpAuxName, in template (value) ListOfURIs p_acor := PX_ACOR, in template (value) AccessControlOperations p_allowedOperations := int63 ) modifies m_create := {
from_ := PX_SUPER_USER,
requestIdentifier := testcasename() & "-m_createAcpAux" & f_rnd(1, 1000000),
resourceType := int1,
primitiveContent := {accessControlPolicy := m_contentCreateAcp (p_acpName, p_acor, p_allowedOperations)}
......@@ -910,7 +908,7 @@ module OneM2M_Templates {
group Delete {
template (value) RequestPrimitive m_deleteRequest(XSD.ID p_resourceAddress, in XSD.ID p_originator := PX_SUPER_USER) := {
template (value) RequestPrimitive m_delete(XSD.ID p_resourceAddress, in XSD.ID p_originator := PX_SUPER_AE_ID) := {
operation := int4,
to_ := p_resourceAddress,
from_ := p_originator,
......
......@@ -1091,6 +1091,7 @@ module OneM2M_Types {
Node_optional node,
NodeAnnc_optional nodeAnnc,
PollingChannel_optional pollingChannel,
Request_optional request,
RemoteCSE_optional remoteCSE,
Schedule_optional schedule,
ScheduleAnnc_optional scheduleAnnc,
......@@ -4998,6 +4999,45 @@ group optionalResourceTypes {
variant (choice.choice_list[-].group_) "name as 'group'";
variant (choice.choice_list[-].aEAnnc) "name as capitalized";
};
type record Request_optional
{
ResourceName resourceName optional,
ResourceType resourceType optional,
XSD.ID resourceID optional,
NhURI parentID optional,
Timestamp creationTime optional,
Timestamp lastModifiedTime optional,
Labels labels optional,
AcpType accessControlPolicyIDs optional,
Timestamp expirationTime optional,
ListOfURIs dynamicAuthorizationConsultationIDs optional,
XSD.NonNegativeInteger stateTag optional,
Operation operation optional,
XSD.AnyURI target optional,
XSD.ID originator optional,
RequestID requestID optional,
MetaInformation metaInformation optional,
PrimitiveContent primitiveContent optional,
RequestStatus requestStatus optional,
OperationResult operationResult optional,
union {
record length(1 .. infinity) of ChildResourceRef childResource_list,
record length(1 .. infinity) of union {
Subscription subscription
} choice_list
} choice optional
}
with {
variant "name as uncapitalized";
variant "element";
variant (resourceName) "attribute";
variant (choice) "untagged";
variant (choice.childResource_list) "untagged";
variant (choice.childResource_list[-]) "name as 'childResource'";
variant (choice.choice_list) "untagged";
variant (choice.choice_list[-]) "untagged";
};
type record Schedule_optional
{
......
This diff is collapsed.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment