Line data    Source code

       1              : /*
       2              :  *
       3              :  *    Copyright (c) 2026 Project CHIP Authors
       4              :  *    All rights reserved.
       5              :  *
       6              :  *    Licensed under the Apache License, Version 2.0 (the "License");
       7              :  *    you may not use this file except in compliance with the License.
       8              :  *    You may obtain a copy of the License at
       9              :  *
      10              :  *        http://www.apache.org/licenses/LICENSE-2.0
      11              :  *
      12              :  *    Unless required by applicable law or agreed to in writing, software
      13              :  *    distributed under the License is distributed on an "AS IS" BASIS,
      14              :  *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
      15              :  *    See the License for the specific language governing permissions and
      16              :  *    limitations under the License.
      17              :  */
      18              : 
      19              : #pragma once
      20              : 
      21              : #include <access/GroupAuxiliaryAccessControlDelegate.h>
      22              : #include <credentials/GroupDataProvider.h>
      23              : #include <lib/core/DataModelTypes.h>
      24              : 
      25              : namespace chip {
      26              : 
      27              : class FabricTable;
      28              : 
      29              : namespace Access {
      30              : namespace Examples {
      31              : 
      32              : /**
      33              :  * Default SDK implementation of GroupAuxiliaryAccessControlDelegate.
      34              :  *
      35              :  * Reports auxiliary ACL entries for every <fabricIndex, groupId, endpointId>
      36              :  * triple derived from the supplied GroupDataProvider. This is the simplest
      37              :  * "base case" shape of an auxiliary ACL entry set; products that need a
      38              :  * different layout should subclass GroupAuxiliaryAccessControlDelegate
      39              :  * directly rather than reusing this class.
      40              :  */
      41              : class GroupAuxiliaryAccessControlDelegateImpl : public GroupAuxiliaryAccessControlDelegate
      42              : {
      43              : public:
      44              :     GroupAuxiliaryAccessControlDelegateImpl()           = default;
      45            5 :     ~GroupAuxiliaryAccessControlDelegateImpl() override = default;
      46              : 
      47              :     CHIP_ERROR Initialize(Credentials::GroupDataProvider * groupDataProvider, FabricTable * fabricTable) override;
      48              :     void Shutdown() override;
      49            9 :     bool IsInitialized() const override { return mGroupDataProvider != nullptr; }
      50              : 
      51              :     // AccessControl::Delegate
      52              :     CHIP_ERROR AuxiliaryEntries(AccessControl::EntryIterator & iterator, const FabricIndex * fabricIndex) const override;
      53              :     CHIP_ERROR Check(const SubjectDescriptor & subjectDescriptor, const RequestPath & requestPath,
      54              :                      Privilege requestPrivilege) override;
      55              : 
      56              : private:
      57              :     Credentials::GroupDataProvider * mGroupDataProvider = nullptr;
      58              :     FabricTable * mFabricTable                          = nullptr;
      59              : };
      60              : 
      61              : } // namespace Examples
      62              : } // namespace Access
      63              : } // namespace chip