Line data Source code
1 : /*
2 : *
3 : * Copyright (c) 2021 Project CHIP Authors
4 : * All rights reserved.
5 : *
6 : * Licensed under the Apache License, Version 2.0 (the "License");
7 : * you may not use this file except in compliance with the License.
8 : * You may obtain a copy of the License at
9 : *
10 : * http://www.apache.org/licenses/LICENSE-2.0
11 : *
12 : * Unless required by applicable law or agreed to in writing, software
13 : * distributed under the License is distributed on an "AS IS" BASIS,
14 : * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 : * See the License for the specific language governing permissions and
16 : * limitations under the License.
17 : */
18 :
19 : #include <app/AppConfig.h>
20 : #include <app/AttributeAccessInterfaceRegistry.h>
21 : #include <app/AttributeValueDecoder.h>
22 : #include <app/ConcreteAttributePath.h>
23 : #include <app/GlobalAttributes.h>
24 : #include <app/InteractionModelEngine.h>
25 : #include <app/MessageDef/EventPathIB.h>
26 : #include <app/MessageDef/StatusIB.h>
27 : #include <app/StatusResponse.h>
28 : #include <app/WriteHandler.h>
29 : #include <app/data-model-provider/ActionReturnStatus.h>
30 : #include <app/data-model-provider/MetadataLookup.h>
31 : #include <app/data-model-provider/MetadataTypes.h>
32 : #include <app/data-model-provider/OperationTypes.h>
33 : #include <app/reporting/Engine.h>
34 : #include <app/util/MatterCallbacks.h>
35 : #include <credentials/GroupDataProvider.h>
36 : #include <lib/core/CHIPError.h>
37 : #include <lib/core/DataModelTypes.h>
38 : #include <lib/support/CodeUtils.h>
39 : #include <lib/support/TypeTraits.h>
40 : #include <lib/support/logging/TextOnlyLogging.h>
41 : #include <messaging/ExchangeContext.h>
42 : #include <protocols/interaction_model/StatusCode.h>
43 :
44 : #include <optional>
45 :
46 : namespace chip {
47 : namespace app {
48 :
49 : namespace {
50 :
51 : using Protocols::InteractionModel::Status;
52 :
53 : /// Wraps a EndpointIterator and ensures that `::Release()` is called
54 : /// for the iterator (assuming it is non-null)
55 : class AutoReleaseGroupEndpointIterator
56 : {
57 : public:
58 0 : explicit AutoReleaseGroupEndpointIterator(Credentials::GroupDataProvider::EndpointIterator * iterator) : mIterator(iterator) {}
59 0 : ~AutoReleaseGroupEndpointIterator()
60 : {
61 0 : if (mIterator != nullptr)
62 : {
63 0 : mIterator->Release();
64 : }
65 0 : }
66 :
67 0 : bool IsNull() const { return mIterator == nullptr; }
68 0 : bool Next(Credentials::GroupDataProvider::GroupEndpoint & item) { return mIterator->Next(item); }
69 :
70 : private:
71 : Credentials::GroupDataProvider::EndpointIterator * mIterator;
72 : };
73 :
74 : } // namespace
75 :
76 : using namespace Protocols::InteractionModel;
77 : using Status = Protocols::InteractionModel::Status;
78 :
79 966 : CHIP_ERROR WriteHandler::Init(DataModel::Provider * apProvider, WriteHandlerDelegate * apWriteHandlerDelegate)
80 : {
81 966 : VerifyOrReturnError(!mExchangeCtx, CHIP_ERROR_INCORRECT_STATE);
82 966 : VerifyOrReturnError(apWriteHandlerDelegate, CHIP_ERROR_INVALID_ARGUMENT);
83 966 : VerifyOrReturnError(apProvider, CHIP_ERROR_INVALID_ARGUMENT);
84 965 : mDataModelProvider = apProvider;
85 :
86 965 : mDelegate = apWriteHandlerDelegate;
87 965 : MoveToState(State::Initialized);
88 :
89 965 : mACLCheckCache.ClearValue();
90 965 : mProcessingAttributePath.ClearValue();
91 :
92 965 : return CHIP_NO_ERROR;
93 : }
94 :
95 965 : void WriteHandler::Close()
96 : {
97 965 : VerifyOrReturn(mState != State::Uninitialized);
98 :
99 : // DeliverFinalListWriteEnd will be a no-op if we have called
100 : // DeliverFinalListWriteEnd in success conditions, so passing false for
101 : // wasSuccessful here is safe: if it does anything, we were in fact not
102 : // successful.
103 965 : DeliverFinalListWriteEnd(false /* wasSuccessful */);
104 965 : mExchangeCtx.Release();
105 965 : mStateFlags.Clear(StateBits::kSuppressResponse);
106 965 : mDataModelProvider = nullptr;
107 965 : MoveToState(State::Uninitialized);
108 : }
109 :
110 1094 : std::optional<bool> WriteHandler::IsListAttributePath(const ConcreteAttributePath & path)
111 : {
112 1094 : if (mDataModelProvider == nullptr)
113 : {
114 : #if CHIP_CONFIG_DATA_MODEL_EXTRA_LOGGING
115 0 : ChipLogError(DataManagement, "Null data model while checking attribute properties.");
116 : #endif
117 0 : return std::nullopt;
118 : }
119 :
120 1094 : DataModel::AttributeFinder finder(mDataModelProvider);
121 1094 : std::optional<DataModel::AttributeEntry> info = finder.Find(path);
122 :
123 1094 : if (!info.has_value())
124 : {
125 6 : return std::nullopt;
126 : }
127 :
128 1088 : return info->HasFlags(DataModel::AttributeQualityFlags::kListAttribute);
129 1094 : }
130 :
131 3877 : Status WriteHandler::HandleWriteRequestMessage(Messaging::ExchangeContext * apExchangeContext,
132 : System::PacketBufferHandle && aPayload, bool aIsTimedWrite)
133 : {
134 3877 : System::PacketBufferHandle packet = System::PacketBufferHandle::New(chip::app::kMaxSecureSduLengthBytes);
135 3877 : VerifyOrReturnError(!packet.IsNull(), Status::Failure);
136 :
137 3877 : System::PacketBufferTLVWriter messageWriter;
138 3877 : messageWriter.Init(std::move(packet));
139 7754 : VerifyOrReturnError(mWriteResponseBuilder.Init(&messageWriter) == CHIP_NO_ERROR, Status::Failure);
140 :
141 3877 : mWriteResponseBuilder.CreateWriteResponses();
142 7754 : VerifyOrReturnError(mWriteResponseBuilder.GetError() == CHIP_NO_ERROR, Status::Failure);
143 :
144 3877 : Status status = ProcessWriteRequest(std::move(aPayload), aIsTimedWrite);
145 :
146 : // Do not send response on Group Write
147 3877 : if (status == Status::Success && !apExchangeContext->IsGroupExchangeContext())
148 : {
149 3874 : CHIP_ERROR err = SendWriteResponse(std::move(messageWriter));
150 7748 : if (err != CHIP_NO_ERROR)
151 : {
152 0 : status = Status::Failure;
153 : }
154 : }
155 :
156 3877 : return status;
157 3877 : }
158 :
159 965 : Status WriteHandler::OnWriteRequest(Messaging::ExchangeContext * apExchangeContext, System::PacketBufferHandle && aPayload,
160 : bool aIsTimedWrite)
161 : {
162 : //
163 : // Let's take over further message processing on this exchange from the IM.
164 : // This is only relevant during chunked requests.
165 : //
166 965 : mExchangeCtx.Grab(apExchangeContext);
167 :
168 965 : Status status = HandleWriteRequestMessage(apExchangeContext, std::move(aPayload), aIsTimedWrite);
169 :
170 : // The write transaction will be alive only when the message was handled successfully and there are more chunks.
171 965 : if (!(status == Status::Success && mStateFlags.Has(StateBits::kHasMoreChunks)))
172 : {
173 102 : Close();
174 : }
175 :
176 965 : return status;
177 : }
178 :
179 2913 : CHIP_ERROR WriteHandler::OnMessageReceived(Messaging::ExchangeContext * apExchangeContext, const PayloadHeader & aPayloadHeader,
180 : System::PacketBufferHandle && aPayload)
181 : {
182 2913 : CHIP_ERROR err = CHIP_NO_ERROR;
183 :
184 2913 : VerifyOrDieWithMsg(apExchangeContext == mExchangeCtx.Get(), DataManagement,
185 : "Incoming exchange context should be same as the initial request.");
186 2913 : VerifyOrDieWithMsg(!apExchangeContext->IsGroupExchangeContext(), DataManagement,
187 : "OnMessageReceived should not be called on GroupExchangeContext");
188 2913 : if (!aPayloadHeader.HasMessageType(Protocols::InteractionModel::MsgType::WriteRequest))
189 : {
190 1 : if (aPayloadHeader.HasMessageType(Protocols::InteractionModel::MsgType::StatusResponse))
191 : {
192 0 : CHIP_ERROR statusError = CHIP_NO_ERROR;
193 : // Parse the status response so we can log it properly.
194 0 : TEMPORARY_RETURN_IGNORED StatusResponse::ProcessStatusResponse(std::move(aPayload), statusError);
195 : }
196 1 : ChipLogDetail(DataManagement, "Unexpected message type %d", aPayloadHeader.GetMessageType());
197 1 : TEMPORARY_RETURN_IGNORED StatusResponse::Send(Status::InvalidAction, apExchangeContext, false /*aExpectResponse*/);
198 1 : Close();
199 1 : return CHIP_ERROR_INVALID_MESSAGE_TYPE;
200 : }
201 :
202 : Status status =
203 2912 : HandleWriteRequestMessage(apExchangeContext, std::move(aPayload), false /* chunked write should not be timed write */);
204 2912 : if (status == Status::Success)
205 : {
206 : // We have no more chunks, the write response has been sent in HandleWriteRequestMessage, so close directly.
207 2912 : if (!mStateFlags.Has(StateBits::kHasMoreChunks))
208 : {
209 853 : Close();
210 : }
211 : }
212 : else
213 : {
214 0 : err = StatusResponse::Send(status, apExchangeContext, false /*aExpectResponse*/);
215 0 : Close();
216 : }
217 2912 : return err;
218 : }
219 :
220 8 : void WriteHandler::OnResponseTimeout(Messaging::ExchangeContext * apExchangeContext)
221 : {
222 8 : ChipLogError(DataManagement, "Time out! failed to receive status response from Exchange: " ChipLogFormatExchange,
223 : ChipLogValueExchange(apExchangeContext));
224 8 : Close();
225 8 : }
226 :
227 3874 : CHIP_ERROR WriteHandler::FinalizeMessage(System::PacketBufferTLVWriter && aMessageWriter, System::PacketBufferHandle & packet)
228 : {
229 3874 : VerifyOrReturnError(mState == State::AddStatus, CHIP_ERROR_INCORRECT_STATE);
230 3874 : ReturnErrorOnFailure(mWriteResponseBuilder.GetWriteResponses().EndOfAttributeStatuses());
231 3874 : ReturnErrorOnFailure(mWriteResponseBuilder.EndOfWriteResponseMessage());
232 3874 : ReturnErrorOnFailure(aMessageWriter.Finalize(&packet));
233 3874 : return CHIP_NO_ERROR;
234 : }
235 :
236 3874 : CHIP_ERROR WriteHandler::SendWriteResponse(System::PacketBufferTLVWriter && aMessageWriter)
237 : {
238 3874 : CHIP_ERROR err = CHIP_NO_ERROR;
239 3874 : System::PacketBufferHandle packet;
240 :
241 3874 : VerifyOrExit(mState == State::AddStatus, err = CHIP_ERROR_INCORRECT_STATE);
242 :
243 3874 : err = FinalizeMessage(std::move(aMessageWriter), packet);
244 3874 : SuccessOrExit(err);
245 :
246 3874 : VerifyOrExit(mExchangeCtx, err = CHIP_ERROR_INCORRECT_STATE);
247 3874 : mExchangeCtx->UseSuggestedResponseTimeout(app::kExpectedIMProcessingTime);
248 7748 : err = mExchangeCtx->SendMessage(Protocols::InteractionModel::MsgType::WriteResponse, std::move(packet),
249 3874 : mStateFlags.Has(StateBits::kHasMoreChunks) ? Messaging::SendMessageFlags::kExpectResponse
250 : : Messaging::SendMessageFlags::kNone);
251 3874 : SuccessOrExit(err);
252 :
253 3874 : MoveToState(State::Sending);
254 :
255 3874 : exit:
256 7748 : return err;
257 3874 : }
258 :
259 937 : void WriteHandler::DeliverListWriteBegin(const ConcreteAttributePath & aPath)
260 : {
261 937 : if (mDataModelProvider != nullptr)
262 : {
263 937 : mDataModelProvider->ListAttributeWriteNotification(aPath, DataModel::ListWriteOperation::kListWriteBegin,
264 937 : GetAccessingFabricIndex());
265 : }
266 937 : }
267 :
268 942 : void WriteHandler::DeliverListWriteEnd(const ConcreteAttributePath & aPath, bool writeWasSuccessful)
269 : {
270 942 : if (mDataModelProvider != nullptr)
271 : {
272 942 : mDataModelProvider->ListAttributeWriteNotification(aPath,
273 : writeWasSuccessful ? DataModel::ListWriteOperation::kListWriteSuccess
274 : : DataModel::ListWriteOperation::kListWriteFailure,
275 942 : GetAccessingFabricIndex());
276 : }
277 942 : }
278 :
279 1917 : void WriteHandler::DeliverFinalListWriteEnd(bool writeWasSuccessful)
280 : {
281 1917 : if (mProcessingAttributePath.HasValue() && mStateFlags.Has(StateBits::kProcessingAttributeIsList))
282 : {
283 934 : DeliverListWriteEnd(mProcessingAttributePath.Value(), writeWasSuccessful);
284 : }
285 1917 : mProcessingAttributePath.ClearValue();
286 1917 : }
287 :
288 0 : CHIP_ERROR WriteHandler::DeliverFinalListWriteEndForGroupWrite(bool writeWasSuccessful)
289 : {
290 0 : VerifyOrReturnError(mProcessingAttributePath.HasValue() && mStateFlags.Has(StateBits::kProcessingAttributeIsList),
291 : CHIP_NO_ERROR);
292 :
293 0 : Credentials::GroupDataProvider::GroupEndpoint mapping;
294 0 : Credentials::GroupDataProvider * groupDataProvider = Credentials::GetGroupDataProvider();
295 : Credentials::GroupDataProvider::EndpointIterator * iterator;
296 :
297 0 : GroupId groupId = mExchangeCtx->GetSessionHandle()->AsIncomingGroupSession()->GetGroupId();
298 0 : FabricIndex fabricIndex = GetAccessingFabricIndex();
299 :
300 0 : auto processingConcreteAttributePath = mProcessingAttributePath.Value();
301 0 : mProcessingAttributePath.ClearValue();
302 :
303 0 : iterator = groupDataProvider->IterateEndpoints(fabricIndex);
304 0 : VerifyOrReturnError(iterator != nullptr, CHIP_ERROR_NO_MEMORY);
305 :
306 0 : while (iterator->Next(mapping))
307 : {
308 0 : if (groupId != mapping.group_id)
309 : {
310 0 : continue;
311 : }
312 :
313 0 : processingConcreteAttributePath.mEndpointId = mapping.endpoint_id;
314 :
315 0 : VerifyOrReturnError(mDelegate, CHIP_ERROR_INCORRECT_STATE);
316 0 : if (!mDelegate->HasConflictWriteRequests(this, processingConcreteAttributePath))
317 : {
318 0 : DeliverListWriteEnd(processingConcreteAttributePath, writeWasSuccessful);
319 : }
320 : }
321 0 : iterator->Release();
322 0 : return CHIP_NO_ERROR;
323 : }
324 : namespace {
325 :
326 : // To reduce the various use of previousProcessed.HasValue() && previousProcessed.Value() == nextAttribute to save code size.
327 14503 : bool IsSameAttribute(const Optional<ConcreteAttributePath> & previousProcessed, const ConcreteDataAttributePath & nextAttribute)
328 : {
329 14503 : return previousProcessed.HasValue() && previousProcessed.Value() == nextAttribute;
330 : }
331 :
332 5207 : bool ShouldReportListWriteEnd(const Optional<ConcreteAttributePath> & previousProcessed, bool previousProcessedAttributeIsList,
333 : const ConcreteDataAttributePath & nextAttribute)
334 : {
335 5207 : return previousProcessedAttributeIsList && !IsSameAttribute(previousProcessed, nextAttribute) && previousProcessed.HasValue();
336 : }
337 :
338 5207 : bool ShouldReportListWriteBegin(const Optional<ConcreteAttributePath> & previousProcessed, bool previousProcessedAttributeIsList,
339 : const ConcreteDataAttributePath & nextAttribute)
340 : {
341 5207 : return !IsSameAttribute(previousProcessed, nextAttribute) && nextAttribute.IsListOperation();
342 : }
343 :
344 : } // namespace
345 :
346 3874 : CHIP_ERROR WriteHandler::ProcessAttributeDataIBs(TLV::TLVReader & aAttributeDataIBsReader)
347 : {
348 3874 : CHIP_ERROR err = CHIP_NO_ERROR;
349 :
350 3874 : VerifyOrReturnError(mExchangeCtx, CHIP_ERROR_INTERNAL);
351 3874 : const Access::SubjectDescriptor subjectDescriptor = mExchangeCtx->GetSessionHandle()->GetSubjectDescriptor();
352 :
353 18188 : while (CHIP_NO_ERROR == (err = aAttributeDataIBsReader.Next()))
354 : {
355 5220 : chip::TLV::TLVReader dataReader;
356 5220 : AttributeDataIB::Parser element;
357 5220 : AttributePathIB::Parser attributePath;
358 5220 : ConcreteDataAttributePath dataAttributePath;
359 5220 : TLV::TLVReader reader = aAttributeDataIBsReader;
360 :
361 5220 : err = element.Init(reader);
362 5220 : SuccessOrExit(err);
363 :
364 5220 : err = element.GetPath(&attributePath);
365 5220 : SuccessOrExit(err);
366 :
367 5220 : err = attributePath.GetConcreteAttributePath(dataAttributePath);
368 5220 : SuccessOrExit(err);
369 :
370 5220 : err = element.GetData(&dataReader);
371 5220 : SuccessOrExit(err);
372 :
373 5220 : if (!dataAttributePath.IsListOperation() && IsListAttributePath(dataAttributePath).value_or(false))
374 : {
375 1065 : dataAttributePath.mListOp = ConcreteDataAttributePath::ListOperation::ReplaceAll;
376 : }
377 :
378 5220 : VerifyOrExit(mDelegate, err = CHIP_ERROR_INCORRECT_STATE);
379 14552 : if (mDelegate->HasConflictWriteRequests(this, dataAttributePath) ||
380 : // Per chunking protocol, we are processing the list entries, but the initial empty list is not processed, so we reject
381 : // it with Busy status code.
382 9332 : (dataAttributePath.IsListItemOperation() && !IsSameAttribute(mProcessingAttributePath, dataAttributePath)))
383 : {
384 13 : err = AddStatusInternal(dataAttributePath, StatusIB(Status::Busy));
385 13 : continue;
386 : }
387 :
388 5207 : if (ShouldReportListWriteEnd(mProcessingAttributePath, mStateFlags.Has(StateBits::kProcessingAttributeIsList),
389 : dataAttributePath))
390 : {
391 8 : DeliverListWriteEnd(mProcessingAttributePath.Value(), mStateFlags.Has(StateBits::kAttributeWriteSuccessful));
392 : }
393 :
394 5207 : if (ShouldReportListWriteBegin(mProcessingAttributePath, mStateFlags.Has(StateBits::kProcessingAttributeIsList),
395 : dataAttributePath))
396 : {
397 937 : DeliverListWriteBegin(dataAttributePath);
398 937 : mStateFlags.Set(StateBits::kAttributeWriteSuccessful);
399 : }
400 :
401 5207 : mStateFlags.Set(StateBits::kProcessingAttributeIsList, dataAttributePath.IsListOperation());
402 5207 : mProcessingAttributePath.SetValue(dataAttributePath);
403 :
404 5207 : DataModelCallbacks::GetInstance()->AttributeOperation(DataModelCallbacks::OperationType::Write,
405 : DataModelCallbacks::OperationOrder::Pre, dataAttributePath);
406 :
407 5207 : TLV::TLVWriter backup;
408 5207 : DataVersion version = 0;
409 5207 : mWriteResponseBuilder.GetWriteResponses().Checkpoint(backup);
410 5207 : err = element.GetDataVersion(&version);
411 10414 : if (CHIP_NO_ERROR == err)
412 : {
413 12 : dataAttributePath.mDataVersion.SetValue(version);
414 : }
415 10390 : else if (CHIP_END_OF_TLV == err)
416 : {
417 5195 : err = CHIP_NO_ERROR;
418 : }
419 5207 : SuccessOrExit(err);
420 5207 : err = WriteClusterData(subjectDescriptor, dataAttributePath, dataReader);
421 10414 : if (err != CHIP_NO_ERROR)
422 : {
423 0 : mWriteResponseBuilder.GetWriteResponses().Rollback(backup);
424 0 : err = AddStatusInternal(dataAttributePath, StatusIB(err));
425 : }
426 :
427 5207 : DataModelCallbacks::GetInstance()->AttributeOperation(DataModelCallbacks::OperationType::Write,
428 : DataModelCallbacks::OperationOrder::Post, dataAttributePath);
429 5207 : SuccessOrExit(err);
430 : }
431 :
432 7748 : if (CHIP_END_OF_TLV == err)
433 : {
434 3874 : err = CHIP_NO_ERROR;
435 : }
436 :
437 3874 : SuccessOrExit(err);
438 :
439 3874 : if (!mStateFlags.Has(StateBits::kHasMoreChunks))
440 : {
441 952 : DeliverFinalListWriteEnd(mStateFlags.Has(StateBits::kAttributeWriteSuccessful));
442 : }
443 :
444 2922 : exit:
445 3874 : return err;
446 : }
447 :
448 0 : CHIP_ERROR WriteHandler::ProcessGroupAttributeDataIBs(TLV::TLVReader & aAttributeDataIBsReader)
449 : {
450 0 : CHIP_ERROR err = CHIP_NO_ERROR;
451 :
452 0 : VerifyOrReturnError(mExchangeCtx, CHIP_ERROR_INTERNAL);
453 : const Access::SubjectDescriptor subjectDescriptor =
454 0 : mExchangeCtx->GetSessionHandle()->AsIncomingGroupSession()->GetSubjectDescriptor();
455 :
456 0 : GroupId groupId = mExchangeCtx->GetSessionHandle()->AsIncomingGroupSession()->GetGroupId();
457 0 : FabricIndex fabric = GetAccessingFabricIndex();
458 :
459 0 : while (CHIP_NO_ERROR == (err = aAttributeDataIBsReader.Next()))
460 : {
461 0 : chip::TLV::TLVReader dataReader;
462 0 : AttributeDataIB::Parser element;
463 0 : AttributePathIB::Parser attributePath;
464 0 : ConcreteDataAttributePath dataAttributePath;
465 0 : TLV::TLVReader reader = aAttributeDataIBsReader;
466 :
467 0 : err = element.Init(reader);
468 0 : SuccessOrExit(err);
469 :
470 0 : err = element.GetPath(&attributePath);
471 0 : SuccessOrExit(err);
472 :
473 0 : err = attributePath.GetGroupAttributePath(dataAttributePath);
474 0 : SuccessOrExit(err);
475 :
476 0 : err = element.GetData(&dataReader);
477 0 : SuccessOrExit(err);
478 :
479 0 : if (!dataAttributePath.IsListOperation() && dataReader.GetType() == TLV::TLVType::kTLVType_Array)
480 : {
481 0 : dataAttributePath.mListOp = ConcreteDataAttributePath::ListOperation::ReplaceAll;
482 : }
483 :
484 0 : ChipLogDetail(DataManagement,
485 : "Received group attribute write for Group=%u Cluster=" ChipLogFormatMEI " attribute=" ChipLogFormatMEI,
486 : groupId, ChipLogValueMEI(dataAttributePath.mClusterId), ChipLogValueMEI(dataAttributePath.mAttributeId));
487 :
488 0 : AutoReleaseGroupEndpointIterator iterator(Credentials::GetGroupDataProvider()->IterateEndpoints(fabric));
489 0 : VerifyOrExit(!iterator.IsNull(), err = CHIP_ERROR_NO_MEMORY);
490 :
491 0 : bool shouldReportListWriteEnd = ShouldReportListWriteEnd(
492 0 : mProcessingAttributePath, mStateFlags.Has(StateBits::kProcessingAttributeIsList), dataAttributePath);
493 0 : bool shouldReportListWriteBegin = false; // This will be set below.
494 :
495 0 : std::optional<bool> isListAttribute = std::nullopt;
496 :
497 0 : Credentials::GroupDataProvider::GroupEndpoint mapping;
498 0 : while (iterator.Next(mapping))
499 : {
500 0 : if (groupId != mapping.group_id)
501 : {
502 0 : continue;
503 : }
504 :
505 0 : dataAttributePath.mEndpointId = mapping.endpoint_id;
506 :
507 : // Try to get the metadata from for the attribute from one of the expanded endpoints (it doesn't really matter which
508 : // endpoint we pick, as long as it's valid) and update the path info according to it and recheck if we need to report
509 : // list write begin.
510 0 : if (!isListAttribute.has_value())
511 : {
512 0 : isListAttribute = IsListAttributePath(dataAttributePath);
513 0 : bool currentAttributeIsList = isListAttribute.value_or(false);
514 :
515 0 : if (!dataAttributePath.IsListOperation() && currentAttributeIsList)
516 : {
517 0 : dataAttributePath.mListOp = ConcreteDataAttributePath::ListOperation::ReplaceAll;
518 : }
519 : ConcreteDataAttributePath pathForCheckingListWriteBegin(kInvalidEndpointId, dataAttributePath.mClusterId,
520 0 : dataAttributePath.mEndpointId, dataAttributePath.mListOp,
521 0 : dataAttributePath.mListIndex);
522 : shouldReportListWriteBegin =
523 0 : ShouldReportListWriteBegin(mProcessingAttributePath, mStateFlags.Has(StateBits::kProcessingAttributeIsList),
524 : pathForCheckingListWriteBegin);
525 : }
526 :
527 0 : if (shouldReportListWriteEnd)
528 : {
529 0 : auto processingConcreteAttributePath = mProcessingAttributePath.Value();
530 0 : processingConcreteAttributePath.mEndpointId = mapping.endpoint_id;
531 0 : VerifyOrExit(mDelegate, err = CHIP_ERROR_INCORRECT_STATE);
532 0 : if (mDelegate->HasConflictWriteRequests(this, processingConcreteAttributePath))
533 : {
534 0 : DeliverListWriteEnd(processingConcreteAttributePath, true /* writeWasSuccessful */);
535 : }
536 : }
537 :
538 0 : VerifyOrExit(mDelegate, err = CHIP_ERROR_INCORRECT_STATE);
539 0 : if (mDelegate->HasConflictWriteRequests(this, dataAttributePath))
540 : {
541 0 : ChipLogDetail(DataManagement,
542 : "Writing attribute endpoint=%u Cluster=" ChipLogFormatMEI " attribute=" ChipLogFormatMEI
543 : " is conflict with other write transactions.",
544 : mapping.endpoint_id, ChipLogValueMEI(dataAttributePath.mClusterId),
545 : ChipLogValueMEI(dataAttributePath.mAttributeId));
546 0 : continue;
547 : }
548 :
549 0 : if (shouldReportListWriteBegin)
550 : {
551 0 : DeliverListWriteBegin(dataAttributePath);
552 : }
553 :
554 0 : ChipLogDetail(DataManagement,
555 : "Processing group attribute write for endpoint=%u Cluster=" ChipLogFormatMEI
556 : " attribute=" ChipLogFormatMEI,
557 : mapping.endpoint_id, ChipLogValueMEI(dataAttributePath.mClusterId),
558 : ChipLogValueMEI(dataAttributePath.mAttributeId));
559 :
560 0 : chip::TLV::TLVReader tmpDataReader(dataReader);
561 :
562 0 : DataModelCallbacks::GetInstance()->AttributeOperation(DataModelCallbacks::OperationType::Write,
563 : DataModelCallbacks::OperationOrder::Pre, dataAttributePath);
564 0 : err = WriteClusterData(subjectDescriptor, dataAttributePath, tmpDataReader);
565 0 : if (err != CHIP_NO_ERROR)
566 : {
567 0 : ChipLogError(DataManagement,
568 : "WriteClusterData Endpoint=%u Cluster=" ChipLogFormatMEI " Attribute =" ChipLogFormatMEI
569 : " failed: %" CHIP_ERROR_FORMAT,
570 : mapping.endpoint_id, ChipLogValueMEI(dataAttributePath.mClusterId),
571 : ChipLogValueMEI(dataAttributePath.mAttributeId), err.Format());
572 : }
573 0 : DataModelCallbacks::GetInstance()->AttributeOperation(DataModelCallbacks::OperationType::Write,
574 : DataModelCallbacks::OperationOrder::Post, dataAttributePath);
575 : }
576 :
577 0 : dataAttributePath.mEndpointId = kInvalidEndpointId;
578 0 : mStateFlags.Set(StateBits::kProcessingAttributeIsList, dataAttributePath.IsListOperation());
579 0 : mProcessingAttributePath.SetValue(dataAttributePath);
580 0 : }
581 :
582 0 : if (CHIP_END_OF_TLV == err)
583 : {
584 0 : err = CHIP_NO_ERROR;
585 : }
586 :
587 0 : err = DeliverFinalListWriteEndForGroupWrite(true);
588 :
589 0 : exit:
590 : // The DeliverFinalListWriteEndForGroupWrite above will deliver the successful state of the list write and clear the
591 : // mProcessingAttributePath making the following call no-op. So we call it again after the exit label to deliver a failure state
592 : // to the clusters. Ignore the error code since we need to deliver other more important failures.
593 0 : TEMPORARY_RETURN_IGNORED DeliverFinalListWriteEndForGroupWrite(false);
594 0 : return err;
595 : }
596 :
597 3877 : Status WriteHandler::ProcessWriteRequest(System::PacketBufferHandle && aPayload, bool aIsTimedWrite)
598 : {
599 3877 : CHIP_ERROR err = CHIP_NO_ERROR;
600 3877 : System::PacketBufferTLVReader reader;
601 :
602 3877 : WriteRequestMessage::Parser writeRequestParser;
603 3877 : AttributeDataIBs::Parser AttributeDataIBsParser;
604 3877 : TLV::TLVReader AttributeDataIBsReader;
605 : // Default to InvalidAction for our status; that's what we want if any of
606 : // the parsing of our overall structure or paths fails. Once we have a
607 : // successfully parsed path, the only way we will get a failure return is if
608 : // our path handling fails to AddStatus on us.
609 : //
610 : // TODO: That's not technically InvalidAction, and we should probably make
611 : // our callees hand out Status as well.
612 3877 : Status status = Status::InvalidAction;
613 :
614 3877 : mLastSuccessfullyWrittenPath = std::nullopt;
615 :
616 3877 : reader.Init(std::move(aPayload));
617 :
618 3877 : err = writeRequestParser.Init(reader);
619 3877 : SuccessOrExit(err);
620 :
621 : #if CHIP_CONFIG_IM_PRETTY_PRINT
622 3876 : TEMPORARY_RETURN_IGNORED writeRequestParser.PrettyPrint();
623 : #endif // CHIP_CONFIG_IM_PRETTY_PRINT
624 : bool boolValue;
625 :
626 3876 : boolValue = mStateFlags.Has(StateBits::kSuppressResponse);
627 3876 : err = writeRequestParser.GetSuppressResponse(&boolValue);
628 7752 : if (err == CHIP_END_OF_TLV)
629 : {
630 4 : err = CHIP_NO_ERROR;
631 : }
632 3876 : SuccessOrExit(err);
633 3876 : mStateFlags.Set(StateBits::kSuppressResponse, boolValue);
634 :
635 3876 : boolValue = mStateFlags.Has(StateBits::kIsTimedRequest);
636 3876 : err = writeRequestParser.GetTimedRequest(&boolValue);
637 3876 : SuccessOrExit(err);
638 3876 : mStateFlags.Set(StateBits::kIsTimedRequest, boolValue);
639 :
640 3876 : boolValue = mStateFlags.Has(StateBits::kHasMoreChunks);
641 3876 : err = writeRequestParser.GetMoreChunkedMessages(&boolValue);
642 7752 : if (err == CHIP_ERROR_END_OF_TLV)
643 : {
644 4 : err = CHIP_NO_ERROR;
645 : }
646 3876 : SuccessOrExit(err);
647 3876 : mStateFlags.Set(StateBits::kHasMoreChunks, boolValue);
648 :
649 9720 : if (mStateFlags.Has(StateBits::kHasMoreChunks) &&
650 5844 : (mExchangeCtx->IsGroupExchangeContext() || mStateFlags.Has(StateBits::kIsTimedRequest)))
651 : {
652 : // Sanity check: group exchange context should only have one chunk.
653 : // Also, timed requests should not have more than one chunk.
654 0 : ExitNow(err = CHIP_ERROR_INVALID_MESSAGE_TYPE);
655 : }
656 :
657 3876 : err = writeRequestParser.GetWriteRequests(&AttributeDataIBsParser);
658 3876 : SuccessOrExit(err);
659 :
660 3876 : if (mStateFlags.Has(StateBits::kIsTimedRequest) != aIsTimedWrite)
661 : {
662 : // The message thinks it should be part of a timed interaction but it's
663 : // not, or vice versa.
664 2 : status = Status::TimedRequestMismatch;
665 2 : goto exit;
666 : }
667 :
668 3874 : AttributeDataIBsParser.GetReader(&AttributeDataIBsReader);
669 :
670 3874 : if (mExchangeCtx->IsGroupExchangeContext())
671 : {
672 0 : err = ProcessGroupAttributeDataIBs(AttributeDataIBsReader);
673 : }
674 : else
675 : {
676 3874 : err = ProcessAttributeDataIBs(AttributeDataIBsReader);
677 : }
678 3874 : SuccessOrExit(err);
679 3874 : SuccessOrExit(err = writeRequestParser.ExitContainer());
680 :
681 7748 : if (err == CHIP_NO_ERROR)
682 : {
683 3874 : status = Status::Success;
684 : }
685 :
686 0 : exit:
687 7754 : if (err != CHIP_NO_ERROR)
688 : {
689 1 : ChipLogError(DataManagement, "Failed to process write request: %" CHIP_ERROR_FORMAT, err.Format());
690 : }
691 7754 : return status;
692 3877 : }
693 :
694 0 : CHIP_ERROR WriteHandler::AddStatus(const ConcreteDataAttributePath & aPath,
695 : const Protocols::InteractionModel::ClusterStatusCode & aStatus)
696 : {
697 0 : return AddStatusInternal(aPath, StatusIB{ aStatus });
698 : }
699 :
700 0 : CHIP_ERROR WriteHandler::AddClusterSpecificSuccess(const ConcreteDataAttributePath & aPath, ClusterStatus aClusterStatus)
701 : {
702 0 : return AddStatus(aPath, Protocols::InteractionModel::ClusterStatusCode::ClusterSpecificSuccess(aClusterStatus));
703 : }
704 :
705 0 : CHIP_ERROR WriteHandler::AddClusterSpecificFailure(const ConcreteDataAttributePath & aPath, ClusterStatus aClusterStatus)
706 : {
707 0 : return AddStatus(aPath, Protocols::InteractionModel::ClusterStatusCode::ClusterSpecificFailure(aClusterStatus));
708 : }
709 :
710 5220 : CHIP_ERROR WriteHandler::AddStatusInternal(const ConcreteDataAttributePath & aPath, const StatusIB & aStatus)
711 : {
712 5220 : AttributeStatusIBs::Builder & writeResponses = mWriteResponseBuilder.GetWriteResponses();
713 5220 : AttributeStatusIB::Builder & attributeStatusIB = writeResponses.CreateAttributeStatus();
714 :
715 5220 : if (!aStatus.IsSuccess())
716 : {
717 49 : mStateFlags.Clear(StateBits::kAttributeWriteSuccessful);
718 : }
719 :
720 5220 : ReturnErrorOnFailure(writeResponses.GetError());
721 :
722 5220 : AttributePathIB::Builder & path = attributeStatusIB.CreatePath();
723 5220 : ReturnErrorOnFailure(attributeStatusIB.GetError());
724 5220 : ReturnErrorOnFailure(path.Encode(aPath));
725 :
726 5220 : StatusIB::Builder & statusIBBuilder = attributeStatusIB.CreateErrorStatus();
727 5220 : ReturnErrorOnFailure(attributeStatusIB.GetError());
728 5220 : statusIBBuilder.EncodeStatusIB(aStatus);
729 5220 : ReturnErrorOnFailure(statusIBBuilder.GetError());
730 5220 : ReturnErrorOnFailure(attributeStatusIB.EndOfAttributeStatusIB());
731 :
732 5220 : MoveToState(State::AddStatus);
733 5220 : return CHIP_NO_ERROR;
734 : }
735 :
736 1880 : FabricIndex WriteHandler::GetAccessingFabricIndex() const
737 : {
738 1880 : return mExchangeCtx->GetSessionHandle()->GetFabricIndex();
739 : }
740 :
741 11024 : const char * WriteHandler::GetStateStr() const
742 : {
743 : #if CHIP_DETAIL_LOGGING
744 11024 : switch (mState)
745 : {
746 965 : case State::Uninitialized:
747 965 : return "Uninitialized";
748 :
749 965 : case State::Initialized:
750 965 : return "Initialized";
751 :
752 5220 : case State::AddStatus:
753 5220 : return "AddStatus";
754 3874 : case State::Sending:
755 3874 : return "Sending";
756 : }
757 : #endif // CHIP_DETAIL_LOGGING
758 0 : return "N/A";
759 : }
760 :
761 11024 : void WriteHandler::MoveToState(const State aTargetState)
762 : {
763 11024 : mState = aTargetState;
764 11024 : ChipLogDetail(DataManagement, "IM WH moving to [%s]", GetStateStr());
765 11024 : }
766 :
767 5207 : DataModel::ActionReturnStatus WriteHandler::CheckWriteAllowed(const Access::SubjectDescriptor & aSubject,
768 : const ConcreteDataAttributePath & aPath)
769 : {
770 :
771 : // Execute the ACL Access Granting Algorithm before existence checks, assuming the required_privilege for the element is
772 : // View, to determine if the subject would have had at least some access against the concrete path. This is done so we don't
773 : // leak information if we do fail existence checks.
774 : // SPEC-DIVERGENCE: For non-concrete paths, the spec mandates only one ACL check (the one after the existence check), unlike the
775 : // concrete path case, when there is one ACL check before existence check and a second one after. However, because this code is
776 : // also used in the group path case, we end up performing an ADDITIONAL ACL check before the existence check. In practice, this
777 : // divergence is not observable.
778 5207 : Status writeAccessStatus = CheckWriteAccess(aSubject, aPath, Access::Privilege::kView);
779 5207 : VerifyOrReturnValue(writeAccessStatus == Status::Success, writeAccessStatus);
780 :
781 5204 : DataModel::AttributeFinder finder(mDataModelProvider);
782 :
783 5204 : std::optional<DataModel::AttributeEntry> attributeEntry = finder.Find(aPath);
784 :
785 : // if path is not valid, return a spec-compliant return code.
786 5204 : if (!attributeEntry.has_value())
787 : {
788 3 : return DataModel::ValidateClusterPath(mDataModelProvider, aPath, Status::UnsupportedAttribute);
789 : }
790 :
791 : // Allow writes on writable attributes only
792 5201 : VerifyOrReturnValue(attributeEntry->GetWritePrivilege().has_value(), Status::UnsupportedWrite);
793 :
794 : // Execute the ACL Access Granting Algorithm against the concrete path a second time, using the actual required_privilege
795 5201 : writeAccessStatus = CheckWriteAccess(aSubject, aPath, *attributeEntry->GetWritePrivilege());
796 5201 : VerifyOrReturnValue(writeAccessStatus == Status::Success, writeAccessStatus);
797 :
798 : // SPEC:
799 : // If the path indicates specific attribute data that requires a Timed Write
800 : // transaction to write and this action is not part of a Timed Write transaction,
801 : // an AttributeStatusIB SHALL be generated with the NEEDS_TIMED_INTERACTION Status Code.
802 5201 : VerifyOrReturnValue(IsTimedWrite() || !attributeEntry->HasFlags(DataModel::AttributeQualityFlags::kTimed),
803 : Status::NeedsTimedInteraction);
804 :
805 : // SPEC:
806 : // Else if the attribute in the path indicates a fabric-scoped list and there is no accessing
807 : // fabric, an AttributeStatusIB SHALL be generated with the UNSUPPORTED_ACCESS Status Code,
808 : // with the Path field indicating only the path to the attribute.
809 10359 : if (attributeEntry->HasFlags(DataModel::AttributeQualityFlags::kListAttribute) &&
810 5158 : attributeEntry->HasFlags(DataModel::AttributeQualityFlags::kFabricScoped))
811 : {
812 0 : VerifyOrReturnError(aSubject.fabricIndex != kUndefinedFabricIndex, Status::UnsupportedAccess);
813 : }
814 :
815 : // SPEC:
816 : // Else if the DataVersion field of the AttributeDataIB is present and does not match the
817 : // data version of the indicated cluster instance, an AttributeStatusIB SHALL be generated
818 : // with the DATA_VERSION_MISMATCH Status Code.
819 5201 : if (aPath.mDataVersion.HasValue())
820 : {
821 12 : DataModel::ServerClusterFinder clusterFinder(mDataModelProvider);
822 12 : std::optional<DataModel::ServerClusterEntry> cluster_entry = clusterFinder.Find(aPath);
823 :
824 : // path is valid based on above checks (we have an attribute entry)
825 12 : VerifyOrDie(cluster_entry.has_value());
826 12 : VerifyOrReturnValue(cluster_entry->dataVersion == aPath.mDataVersion.Value(), Status::DataVersionMismatch);
827 12 : }
828 :
829 5195 : return Status::Success;
830 5204 : }
831 :
832 10408 : Status WriteHandler::CheckWriteAccess(const Access::SubjectDescriptor & aSubject, const ConcreteAttributePath & aPath,
833 : const Access::Privilege aRequiredPrivilege)
834 : {
835 :
836 10408 : bool checkAcl = true;
837 10408 : if (mLastSuccessfullyWrittenPath.has_value())
838 : {
839 : // only validate ACL if path has changed
840 : //
841 : // Note that this is NOT operator==: we could do `checkAcl == (aPath != *mLastSuccessfullyWrittenPath)`
842 : // however that seems to use more flash.
843 2648 : if ((aPath.mEndpointId == mLastSuccessfullyWrittenPath->mEndpointId) &&
844 5296 : (aPath.mClusterId == mLastSuccessfullyWrittenPath->mClusterId) &&
845 2648 : (aPath.mAttributeId == mLastSuccessfullyWrittenPath->mAttributeId))
846 : {
847 2632 : checkAcl = false;
848 : }
849 : }
850 :
851 10408 : if (checkAcl)
852 : {
853 7776 : Access::RequestPath requestPath{ .cluster = aPath.mClusterId,
854 7776 : .endpoint = aPath.mEndpointId,
855 : .requestType = Access::RequestType::kAttributeWriteRequest,
856 7776 : .entityId = aPath.mAttributeId };
857 :
858 7776 : CHIP_ERROR err = Access::GetAccessControl().Check(aSubject, requestPath, aRequiredPrivilege);
859 :
860 15552 : if (err == CHIP_NO_ERROR)
861 : {
862 7773 : return Status::Success;
863 : }
864 :
865 6 : if (err == CHIP_ERROR_ACCESS_DENIED)
866 : {
867 3 : return Status::UnsupportedAccess;
868 : }
869 :
870 0 : if (err == CHIP_ERROR_ACCESS_RESTRICTED_BY_ARL)
871 : {
872 0 : return Status::AccessRestricted;
873 : }
874 :
875 0 : return Status::Failure;
876 : }
877 :
878 2632 : return Status::Success;
879 : }
880 :
881 5207 : CHIP_ERROR WriteHandler::WriteClusterData(const Access::SubjectDescriptor & aSubject, const ConcreteDataAttributePath & aPath,
882 : TLV::TLVReader & aData)
883 : {
884 : // Writes do not have a checked-path. If data model interface is enabled (both checked and only version)
885 : // the write is done via the DataModel interface
886 5207 : VerifyOrReturnError(mDataModelProvider != nullptr, CHIP_ERROR_INCORRECT_STATE);
887 :
888 5207 : ChipLogDetail(DataManagement, "Writing attribute: Cluster=" ChipLogFormatMEI " Endpoint=0x%x AttributeId=" ChipLogFormatMEI,
889 : ChipLogValueMEI(aPath.mClusterId), aPath.mEndpointId, ChipLogValueMEI(aPath.mAttributeId));
890 :
891 5207 : DataModel::ActionReturnStatus status = CheckWriteAllowed(aSubject, aPath);
892 5207 : if (status.IsSuccess())
893 : {
894 5195 : DataModel::WriteAttributeRequest request;
895 :
896 5195 : request.path = aPath;
897 5195 : request.subjectDescriptor = &aSubject;
898 5195 : request.writeFlags.Set(DataModel::WriteFlags::kTimed, IsTimedWrite());
899 :
900 5195 : AttributeValueDecoder decoder(aData, aSubject);
901 5195 : status = mDataModelProvider->WriteAttribute(request, decoder);
902 : }
903 :
904 5207 : mLastSuccessfullyWrittenPath = status.IsSuccess() ? std::make_optional(aPath) : std::nullopt;
905 :
906 5207 : return AddStatusInternal(aPath, StatusIB(status.GetStatusCode()));
907 : }
908 :
909 : } // namespace app
910 : } // namespace chip
|
