Line data Source code
1 : /*
2 : *
3 : * Copyright (c) 2026 Project CHIP Authors
4 : * All rights reserved.
5 : *
6 : * Licensed under the Apache License, Version 2.0 (the "License");
7 : * you may not use this file except in compliance with the License.
8 : * You may obtain a copy of the License at
9 : *
10 : * http://www.apache.org/licenses/LICENSE-2.0
11 : *
12 : * Unless required by applicable law or agreed to in writing, software
13 : * distributed under the License is distributed on an "AS IS" BASIS,
14 : * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 : * See the License for the specific language governing permissions and
16 : * limitations under the License.
17 : */
18 :
19 : #pragma once
20 :
21 : #include <access/AccessControl.h>
22 : #include <lib/core/CHIPError.h>
23 :
24 : namespace chip {
25 :
26 : class FabricTable;
27 :
28 : namespace Credentials {
29 : class GroupDataProvider;
30 : } // namespace Credentials
31 :
32 : namespace Access {
33 :
34 : /**
35 : * Abstract base for an AccessControl::Delegate that supplies auxiliary ACL
36 : * entries derived from groupcast / group-data state.
37 : *
38 : * This interface decouples Server / CommonCaseDeviceServerInitParams from any
39 : * specific implementation: the SDK ships Examples::GroupAuxiliaryAccessControlDelegateImpl
40 : * as the default, and applications may substitute their own subclass.
41 : *
42 : * Lifecycle: Initialize() must be called exactly once before the delegate is
43 : * registered with AccessControl or otherwise used. Server::Init() will call
44 : * Initialize() on a not-yet-initialized delegate received via ServerInitParams,
45 : * passing the Server-owned FabricTable so subclasses can iterate provisioned
46 : * fabric indices efficiently. Applications that pre-initialize their own
47 : * delegate must make IsInitialized() return true to skip this step.
48 : *
49 : * Named Initialize / Shutdown rather than Init / Deinit so they do not shadow
50 : * the no-op AccessControl::Delegate::Init() virtual.
51 : */
52 : class GroupAuxiliaryAccessControlDelegate : public AccessControl::Delegate
53 : {
54 : public:
55 5 : ~GroupAuxiliaryAccessControlDelegate() override = default;
56 :
57 : /**
58 : * Wires the delegate to its collaborators. Implementations must succeed on
59 : * the first call and return CHIP_ERROR_INCORRECT_STATE on subsequent calls
60 : * until Shutdown() has been invoked.
61 : *
62 : * @param groupDataProvider Required. Source of group / endpoint membership data.
63 : * @param fabricTable Optional. Pass a valid FabricTable so auxiliary-entry
64 : * iteration walks only provisioned fabric indices.
65 : * Passing nullptr is allowed but discouraged: iteration
66 : * then walks [kMinValidFabricIndex, kMaxValidFabricIndex]
67 : * linearly.
68 : */
69 : virtual CHIP_ERROR Initialize(Credentials::GroupDataProvider * groupDataProvider, FabricTable * fabricTable) = 0;
70 :
71 : /**
72 : * Releases references taken in Initialize and returns the delegate to its
73 : * uninitialized state. Idempotent. Callers are responsible for unregistering
74 : * the delegate from AccessControl before Shutdown if it was registered.
75 : */
76 : virtual void Shutdown() = 0;
77 :
78 : /** @return true if Initialize has completed successfully. */
79 : virtual bool IsInitialized() const = 0;
80 : };
81 :
82 : } // namespace Access
83 : } // namespace chip
|
