diff --git a/LibOneM2M/oneM2M_Types b/LibOneM2M/oneM2M_Types
index d889689ceb276b318e80da545e2b57881578a2ed..2782131b4c78662f8175412cdc69812e7811dfa0 160000
--- a/LibOneM2M/oneM2M_Types
+++ b/LibOneM2M/oneM2M_Types
@@ -1 +1 @@
-Subproject commit d889689ceb276b318e80da545e2b57881578a2ed
+Subproject commit 2782131b4c78662f8175412cdc69812e7811dfa0
diff --git a/OneM2M_PermutationFunctions.ttcn b/OneM2M_PermutationFunctions.ttcn
index d7eec53c8148671e8744d7c6b89891c2b7dcec71..6cd543086cc4fc8baa64ed907ad352007c229a08 100644
--- a/OneM2M_PermutationFunctions.ttcn
+++ b/OneM2M_PermutationFunctions.ttcn
@@ -11975,6 +11975,68 @@ module OneM2M_PermutationFunctions {
} //end f_CSE_SEC_ACP_016
+ function f_CSE_SEC_ACP_017(template RequestPrimitive p_requestPrimitive, in ResponseStatusCode p_responseStatusCode) runs on AeSimu system CseSystem {
+ // Local variables
+ var MsgIn v_response;
+ var integer v_aeIndex := -1;
+ var integer v_containerIndex := -1;
+ var integer v_acpIndex := -1;
+ var integer v_groupIndex := -1;
+ var template RequestPrimitive v_groupRequest := m_createGroup(1, -, omit, int2, -, -, -);
+ var template RequestPrimitive v_createRequest := valueof(m_createAcpBase);
+
+ // Test control
+
+ // Test component configuration
+ f_cf01Up();
+
+ // Test adapter configuration
+
+ // Preamble
+ v_aeIndex := f_cse_preamble_registerAe(-, -);
+ v_containerIndex := f_cse_createResource(int3, m_createContainerBase, v_aeIndex);
+
+ v_groupRequest.primitiveContent.group_.memberIDs := {f_getResourceId(vc_resourcesList[v_aeIndex].resource)};
+
+ v_groupIndex := f_cse_createResource(int9, v_groupRequest, -);
+
+ v_createRequest := m_createAcp(-, {f_getResourceId(vc_resourcesList[v_groupIndex].resource)} , -);
+
+ v_acpIndex := f_cse_createResource(int1, v_createRequest, -);
+
+ // Test Body
+ p_requestPrimitive.to_ := f_getResourceAddress(v_containerIndex);
+ p_requestPrimitive.from_ := f_getOriginator(v_aeIndex);
+ p_requestPrimitive.requestIdentifier := valueof(p_requestPrimitive.requestIdentifier) & f_rnd(1, 1000000);
+
+ f_send(e_mcaPort, m_request(valueof(p_requestPrimitive)));
+ tc_ac.start;
+ alt {
+ [] mcaPort.receive(mw_response(mw_responsePrimitive(p_responseStatusCode))) -> value v_response {
+ tc_ac.stop;
+ setverdict(pass, __SCOPE__ & ": Successful operation on resource type int3 (Container)");
+ }
+ [] mcaPort.receive(mw_response(mw_responsePrimitiveOK)) -> value v_response {
+ tc_ac.stop;
+ setverdict(fail, __SCOPE__ & ": Wrong response status code");
+ }
+ [] mcaPort.receive(mw_response(mw_responsePrimitiveKO)) -> value v_response {
+ tc_ac.stop;
+ setverdict(fail, __SCOPE__ & ": Error while operation on resource type int3 (Container)");
+ }
+ [] tc_ac.timeout {
+ setverdict(fail, __SCOPE__ & ": No answer while executing operation on resource type int3 (Container)");
+ }
+ }
+
+ //Postamble
+ f_cse_postamble_deleteResources();
+
+ //Tear down
+ f_cf01Down();
+
+ } //end f_CSE_SEC_ACP_017
+
}// end of Basic_Operations
}//end group AccessControlPolicy
diff --git a/OneM2M_Testcases_CSE_Release_4.ttcn b/OneM2M_Testcases_CSE_Release_4.ttcn
index 7e9d19a5092b3d5af4c8e299cf49a5cfd43ba9af..e61c238442bf9ceb0012d613dcea74cfde923cc3 100644
--- a/OneM2M_Testcases_CSE_Release_4.ttcn
+++ b/OneM2M_Testcases_CSE_Release_4.ttcn
@@ -2729,6 +2729,204 @@ module OneM2M_Testcases_CSE_Release_4 {
group Access_Control_Policy { // TODO To be moved to authorization group
+
+ group Create{
+
+ }//end group Create
+
+ group Retrieve {
+
+ /**
+ * @desc Check that the IUT successfully returns the privileges of the ORIGINATOR on the TARGET_RESOURCE_ADDRESS when the RETRIEVE request contains Result Content set to permissions
+ *
+ */
+ testcase TC_CSE_SEC_ACP_RET_001() runs on Tester system CseSystem {
+
+ var AeSimu v_ae := AeSimu.create("AE1") alive;
+
+ v_ae.start(f_CSE_SEC_ACP_RET_001());
+
+ v_ae.done;
+
+ }
+
+ function f_CSE_SEC_ACP_RET_001() runs on AeSimu system CseSystem {
+ // Local variables
+ var MsgIn v_response;
+ var integer v_aeIndex := -1;
+ var integer v_acpIndex := -1;
+ var RequestPrimitive v_createRequestAcp := valueof(m_createAcp(omit, -, -));
+ var RequestPrimitive v_retrieveRequest;
+ var AccessControlRule v_accessControlRule;
+ var PrimitiveContent v_primitiveContentRetrievedResource;
+
+ // Test control
+
+ // Test component configuration
+ f_cf01Up();
+
+ // Test adapter configuration
+
+ // Preamble
+ v_acpIndex := f_cse_createResource(int1, v_createRequestAcp); // CSE child resource
+
+ v_aeIndex := f_cse_preamble_registerAe({f_getResourceId(vc_resourcesList[v_acpIndex].resource)}, -);
+
+ v_accessControlRule := valueof(m_createAcr({f_getOriginator(v_aeIndex)}, int59)); // c_CRDNDi
+
+ // TODO Check Content containing permissions ...
+ // pernissions only present is Token
+ v_primitiveContentRetrievedResource := f_cse_retrieveResource(v_aeIndex);
+
+ // Test Body
+ v_retrieveRequest := valueof(m_retrieve(f_getResourceAddress(v_acpIndex), f_getOriginator(v_acpIndex)));
+ v_retrieveRequest.primitiveContent.aE.accessControlPolicyIDs := {f_getResourceId(vc_resourcesList[v_acpIndex].resource)};
+ v_retrieveRequest.resultContent := int12;
+
+ f_send(e_mcaPort, m_request(v_retrieveRequest));
+ tc_ac.start;
+ alt {
+ [] mcaPort.receive(mw_response(mw_responsePrimitive(int2000, v_primitiveContentRetrievedResource))) -> value v_response {
+ tc_ac.stop;
+ setverdict(pass, __SCOPE__ & ": Successful Update operation on resource type int1 (Ae)");
+ }
+ [] mcaPort.receive(mw_response(mw_responsePrimitiveOK)) -> value v_response {
+ tc_ac.stop;
+ setverdict(fail, __SCOPE__ & ": Wrong response status code");
+ }
+ [] mcaPort.receive(mw_response(mw_responsePrimitiveKO)) -> value v_response {
+ tc_ac.stop;
+ setverdict(fail, __SCOPE__ & ": Error while Update operation on resource type int2 (Ae)");
+ }
+ [] tc_ac.timeout {
+ setverdict(fail, __SCOPE__ & ": No answer while executing update operation on resource type int2 (Ae)");
+ }
+ }
+
+ if(getverdict == pass){
+ if(ischosen(v_primitiveContentRetrievedResource.aE)) {
+ if(not match (f_resourceIdCleaner(v_primitiveContentRetrievedResource.aE.accessControlPolicyIDs[0]), v_retrieveRequest.primitiveContent.aE.accessControlPolicyIDs[0])){
+ setverdict(fail, __SCOPE__ & ": Error: Access Control policy ID attribute not updated correctly");
+ }
+ }
+ }
+
+ //Postamble
+ f_cse_postamble_deleteResources();
+
+ //Tear down
+ f_cf01Down();
+
+ }//end TC_CSE_SEC_ACP_RET_001
+
+ /**
+ * @desc Check that the IUT rejects a RETRIEVE request from the AE containing Result Content set to permissions when AE has no RETRIEVE privileges on the selfPrivileges attribute of <accessControlPolicy> resources associated with the TARGET_RESOURCE_ADDRESS resource
+ *
+ */
+ testcase TC_CSE_SEC_ACP_RET_002() runs on Tester system CseSystem {
+
+ var AeSimu v_ae := AeSimu.create("AE1") alive;
+
+ v_ae.start(f_CSE_SEC_ACP_RET_002());
+
+ v_ae.done;
+
+ }
+
+ function f_CSE_SEC_ACP_RET_002() runs on AeSimu system CseSystem {
+ // Local variables
+ var MsgIn v_response;
+ var integer v_aeIndex := -1;
+ var RequestPrimitive v_retrieveRequest;
+
+ // Test control
+
+ // Test component configuration
+ f_cf01Up();
+
+ // Test adapter configuration
+
+ // Preamble
+ v_aeIndex := f_cse_preamble_registerAe();
+
+ // Test Body
+ v_retrieveRequest := valueof(m_retrieve(f_getResourceAddress(v_aeIndex), f_getOriginator(v_aeIndex)));
+ v_retrieveRequest.primitiveContent.aE.accessControlPolicyIDs := {f_getResourceId(vc_resourcesList[v_aeIndex].resource)};
+ v_retrieveRequest.resultContent := int12;
+
+ f_send(e_mcaPort, m_request(v_retrieveRequest));
+ tc_ac.start;
+ alt {
+ [] mcaPort.receive(mw_response(mw_responsePrimitive(int4130))) -> value v_response {
+ tc_ac.stop;
+ setverdict(pass, __SCOPE__ & ": Successful Update operation on resource type int1 (Ae)");
+ }
+ [] mcaPort.receive(mw_response(mw_responsePrimitiveOK)) -> value v_response {
+ tc_ac.stop;
+ setverdict(fail, __SCOPE__ & ": Wrong response status code");
+ }
+ [] mcaPort.receive(mw_response(mw_responsePrimitiveKO)) -> value v_response {
+ tc_ac.stop;
+ setverdict(fail, __SCOPE__ & ": Error while Update operation on resource type int2 (Ae)");
+ }
+ [] tc_ac.timeout {
+ setverdict(fail, __SCOPE__ & ": No answer while executing update operation on resource type int2 (Ae)");
+ }
+ }
+
+ //Postamble
+ f_cse_postamble_deleteResources();
+
+ //Tear down
+ f_cf01Down();
+
+ }//end TC_CSE_SEC_ACP_RET_002
+
+ }// end of group Retrieve
+
+ group Basic_Operations {
+
+ group g_CSE_SEC_ACP_017 {
+
+ /**
+ * @desc Check that the IUT accepts the OPERATION request on <accessControlPolicy> resource when at least one of the access control rules defined in the selfPrivileges attribute allows the operation
+ *
+ */
+ testcase TC_CSE_SEC_ACP_017_CRE() runs on Tester system CseSystem { //Create
+ var AeSimu v_ae1 := AeSimu.create("AE1") alive;
+
+ v_ae1.start(f_CSE_SEC_ACP_017(m_createContainerBase, int2001));
+ v_ae1.done;
+ }//end TC_CSE_SEC_ACP_017_CRE
+
+ testcase TC_CSE_SEC_ACP_017_UPD() runs on Tester system CseSystem { //Update
+ var AeSimu v_ae1 := AeSimu.create("AE1") alive;
+
+ var template RequestPrimitive v_updateRequest := m_updateContainerBase;
+ var Labels v_labels_1:= {"VALUE_1"};
+ v_updateRequest.primitiveContent.container.labels := v_labels_1;
+ v_ae1.start(f_CSE_SEC_ACP_017(v_updateRequest, int2004));
+ v_ae1.done;
+ }//end TC_CSE_SEC_ACP_017_UPD
+
+ testcase TC_CSE_SEC_ACP_017_RET() runs on Tester system CseSystem { //Retrieve
+ var AeSimu v_ae1 := AeSimu.create("AE1") alive;
+
+ v_ae1.start(f_CSE_SEC_ACP_017(m_retrieve("Temporary", "Temporary"), int2000));
+ v_ae1.done;
+ }//end TC_CSE_SEC_ACP_017_RET
+
+ testcase TC_CSE_SEC_ACP_017_DEL() runs on Tester system CseSystem { //Delete
+ var AeSimu v_ae1 := AeSimu.create("AE1") alive;
+
+ v_ae1.start(f_CSE_SEC_ACP_017(m_delete("Temporary", "Temporary"), int2002));
+ v_ae1.done;
+ }//end TC_CSE_SEC_ACP_017_DEL
+
+ } //end g_CSE_SEC_ACP_017
+
+ } // End of group Basic_Operations
+
}//end group AccessControlPolicy
} // End of group authentication