anjay
access_control.h File Reference
#include <avsystem/commons/avs_stream.h>
#include <anjay/dm.h>

Go to the source code of this file.

Functions

int anjay_access_control_install (anjay_t *anjay)
 
void anjay_access_control_purge (anjay_t *anjay)
 
avs_error_t anjay_access_control_persist (anjay_t *anjay, avs_stream_t *out_stream)
 
avs_error_t anjay_access_control_restore (anjay_t *anjay, avs_stream_t *in_stream)
 
bool anjay_access_control_is_modified (anjay_t *anjay)
 
int anjay_access_control_set_acl (anjay_t *anjay, anjay_oid_t oid, anjay_iid_t iid, anjay_ssid_t ssid, anjay_access_mask_t access_mask)
 
int anjay_access_control_set_owner (anjay_t *anjay, anjay_oid_t target_oid, anjay_iid_t target_iid, anjay_ssid_t owner_ssid, anjay_iid_t *inout_acl_iid)
 

Function Documentation

◆ anjay_access_control_install()

int anjay_access_control_install ( anjay_t anjay)

Installs the Access Control Object in an Anjay object.

The Access Control module does not require explicit cleanup; all resources will be automatically freed up during the call to anjay_delete.

WARNING: After any modification of Security, Server or Access Control Object by means other than LwM2M one has to execute anjay_notify_instances_changed in order to trigger necessary revalidation routines of Access Control Object instances.

Parameters
anjayANJAY object for which the Access Control Object is installed.
Returns
0 on success, or a negative value in case of error.

◆ anjay_access_control_is_modified()

bool anjay_access_control_is_modified ( anjay_t anjay)

Checks whether the Access Control Object from Anjay instance has been modified since last successful call to anjay_access_control_persist or anjay_access_control_restore.

◆ anjay_access_control_persist()

avs_error_t anjay_access_control_persist ( anjay_t anjay,
avs_stream_t *  out_stream 
)

Dumps Access Control Object Instances to the out_stream.

Parameters
anjayANJAY object with the Access Control module installed
out_streamstream to write to
Returns
AVS_OK in case of success, or an error code.

◆ anjay_access_control_purge()

void anjay_access_control_purge ( anjay_t anjay)

Removes all instances of Access Control Object, leaving it in an empty state.

Parameters
anjayANJAY object with the Access Control module installed

◆ anjay_access_control_restore()

avs_error_t anjay_access_control_restore ( anjay_t anjay,
avs_stream_t *  in_stream 
)

Tries to restore Access Control Object Instances from given in_stream.

Parameters
anjayANJAY object with the Access Control module installed
in_streamstream used for reading Access Control Object Instances
Returns
AVS_OK in case of success, or an error code.

◆ anjay_access_control_set_acl()

int anjay_access_control_set_acl ( anjay_t anjay,
anjay_oid_t  oid,
anjay_iid_t  iid,
anjay_ssid_t  ssid,
anjay_access_mask_t  access_mask 
)

Assign permissions for Instance /OID/IID to a particular server.

Parameters
anjayANJAY object with the Access Control module installed
oidObject ID of the target Instance.
iidTarget Object Instance ID, or ANJAY_ID_INVALID (i.e., MAX_ID==65535) to set an ACL referring to new instance creation.
ssidSSID of the server to grant permissions to. ANJAY_SSID_ANY may be used to set default permissions for all servers with no explicit ACL entry. Must not be equal to MAX_ID (65535).
access_maskACL value to set for given Instance. NOTE: Create permission makes no sense for an Instance, and other permissions make no sense for new instance creation.
Returns
0 in case of success, negative value in case of an error (including the case where target Object Instance does not exist).

◆ anjay_access_control_set_owner()

int anjay_access_control_set_owner ( anjay_t anjay,
anjay_oid_t  target_oid,
anjay_iid_t  target_iid,
anjay_ssid_t  owner_ssid,
anjay_iid_t inout_acl_iid 
)

Set the Access Control Owner for a given Object Instance.

Parameters
anjayANJAY object with the Access Control module installed
target_oidObject ID of the target Instance.
target_iidTarget Object Instance ID, or ANJAY_ID_INVALID (i.e., MAX_ID==65535) to set an ACL referring to new instance creation.
owner_ssidSSID of the server which should become the Access Control Owner for the given Object Instance. ANJAY_SSID_BOOTSTRAP can be specified to signify that the ACL shall not be editable by any regular LwM2M Server.
inout_acl_iidSetting related to the Instance ID of the Access Control Object Instance that governs the given target.
  • If NULL, any existing instance governing the given target will be used if present, or a new instance with a first free Instance ID will be created.
  • If non-NULL and *inout_acl_iid == ANJAY_ID_INVALID, any existing instance governing the given target will be used if present, or a new instance with a first free Instance ID will be created, and *inout_acl_iid will be set to the Instance ID of the affected Access Control Object Instance upon a successful return from this function.
  • If non-NULL and *inout_acl_iid != ANJAY_ID_INVALID, a new instance with that ID will be created; an existing instance may also be used, but only if the instance governing the given target has the ID specified. If an instance governing the given target already exists and has a different Instance ID, or if an instance with the given ID, but governs a different target, *inout_acl_iid will be set to the ID of the conflicting instance and this function will return an error.
Returns
0 in case of success, negative value in case of an error (including the case where target Object Instance does not exist).