From 8a1c7aa1890943e720602485dc49ecf7b5ff6695 Mon Sep 17 00:00:00 2001 From: Andrei Litvin Date: Mon, 4 Mar 2024 21:21:30 -0500 Subject: [PATCH] Remove `privilege-constants.h` in favor of using `access/Privilege.h` (#32408) * Start consolidating privilege constants * Update mappings * Updated names * Code now compiles * RequiredPrivilege should be just a namespace * Fix darwin types as well * Apparently without inline we get duplicate definitions. fixed * Undo parts of a bad merge * Apparently deps are needed * Cleanup again * Remove invalid todo ... this does not apply anymore now * Restyle --- .../all-clusters-app/app-templates/access.h | 240 +++++++++--------- .../lighting-app/app-templates/access.h | 122 ++++----- src/app/BUILD.gn | 2 - src/app/RequiredPrivilege.cpp | 27 -- src/app/RequiredPrivilege.h | 57 ++--- src/app/chip_data_model.gni | 2 + .../integration/RequiredPrivilegeStubs.cpp | 16 +- src/app/util/privilege-constants.h | 23 -- src/app/util/privilege-storage.cpp | 42 ++- src/app/util/privilege-storage.h | 10 +- .../zap-templates/templates/app/access.zapt | 22 +- .../ServerEndpoint/MTRServerAccessControl.mm | 26 +- 12 files changed, 257 insertions(+), 332 deletions(-) delete mode 100644 src/app/RequiredPrivilege.cpp delete mode 100644 src/app/util/privilege-constants.h diff --git a/scripts/tools/zap/tests/outputs/all-clusters-app/app-templates/access.h b/scripts/tools/zap/tests/outputs/all-clusters-app/app-templates/access.h index f2260156616eed..aab16a6d6ae567 100644 --- a/scripts/tools/zap/tests/outputs/all-clusters-app/app-templates/access.h +++ b/scripts/tools/zap/tests/outputs/all-clusters-app/app-templates/access.h @@ -20,7 +20,7 @@ // Prevent multiple inclusion #pragma once -#include +#include // Prevent changing generated format // clang-format off @@ -147,8 +147,8 @@ #define GENERATED_ACCESS_READ_ATTRIBUTE__PRIVILEGE { \ /* Cluster: On/Off, Attribute: StartUpOnOff, Privilege: view */ \ /* Cluster: Level Control, Attribute: StartUpCurrentLevel, Privilege: view */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Access Control, Attribute: ACL, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Access Control, Attribute: Extension, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Access Control, Attribute: ACL, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Access Control, Attribute: Extension, Privilege: administer */ \ /* Cluster: Access Control, Attribute: SubjectsPerAccessControlEntry, Privilege: view */ \ /* Cluster: Access Control, Attribute: TargetsPerAccessControlEntry, Privilege: view */ \ /* Cluster: Access Control, Attribute: AccessControlEntriesPerFabric, Privilege: view */ \ @@ -157,13 +157,13 @@ /* Cluster: Basic Information, Attribute: LocalConfigDisabled, Privilege: view */ \ /* Cluster: OTA Software Update Requestor, Attribute: DefaultOTAProviders, Privilege: view */ \ /* Cluster: General Commissioning, Attribute: Breadcrumb, Privilege: view */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Attribute: MaxNetworks, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Attribute: Networks, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Attribute: MaxNetworks, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Attribute: Networks, Privilege: administer */ \ /* Cluster: Network Commissioning, Attribute: InterfaceEnabled, Privilege: view */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Attribute: LastNetworkingStatus, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Attribute: LastNetworkID, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Attribute: LastConnectErrorValue, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Operational Credentials, Attribute: NOCs, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Attribute: LastNetworkingStatus, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Attribute: LastNetworkID, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Attribute: LastConnectErrorValue, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Operational Credentials, Attribute: NOCs, Privilege: administer */ \ /* Cluster: Group Key Management, Attribute: GroupKeyMap, Privilege: view */ \ /* Cluster: User Label, Attribute: LabelList, Privilege: view */ \ /* Cluster: Door Lock, Attribute: DoorOpenEvents, Privilege: view */ \ @@ -198,7 +198,7 @@ /* Cluster: Color Control, Attribute: ColorPointBY, Privilege: view */ \ /* Cluster: Color Control, Attribute: ColorPointBIntensity, Privilege: view */ \ /* Cluster: Color Control, Attribute: StartUpColorTemperatureMireds, Privilege: view */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Application Basic, Attribute: AllowedVendorList, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Application Basic, Attribute: AllowedVendorList, Privilege: administer */ \ } //////////////////////////////////////////////////////////////////////////////// @@ -325,62 +325,62 @@ // Parallel array data (cluster, attribute, *privilege*) for write attribute #define GENERATED_ACCESS_WRITE_ATTRIBUTE__PRIVILEGE { \ - kMatterAccessPrivilegeManage, /* Cluster: On/Off, Attribute: StartUpOnOff, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Level Control, Attribute: StartUpCurrentLevel, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Binding, Attribute: Binding, Privilege: manage */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Access Control, Attribute: ACL, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Access Control, Attribute: Extension, Privilege: administer */ \ - kMatterAccessPrivilegeManage, /* Cluster: Basic Information, Attribute: NodeLabel, Privilege: manage */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Basic Information, Attribute: Location, Privilege: administer */ \ - kMatterAccessPrivilegeManage, /* Cluster: Basic Information, Attribute: LocalConfigDisabled, Privilege: manage */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: OTA Software Update Requestor, Attribute: DefaultOTAProviders, Privilege: administer */ \ - kMatterAccessPrivilegeManage, /* Cluster: Localization Configuration, Attribute: ActiveLocale, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Time Format Localization, Attribute: HourFormat, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Time Format Localization, Attribute: ActiveCalendarType, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Unit Localization, Attribute: TemperatureUnit, Privilege: manage */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: General Commissioning, Attribute: Breadcrumb, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Attribute: InterfaceEnabled, Privilege: administer */ \ - kMatterAccessPrivilegeManage, /* Cluster: Group Key Management, Attribute: GroupKeyMap, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: User Label, Attribute: LabelList, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Door Lock, Attribute: DoorOpenEvents, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Door Lock, Attribute: DoorClosedEvents, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Door Lock, Attribute: OpenPeriod, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Door Lock, Attribute: Language, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Door Lock, Attribute: AutoRelockTime, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Door Lock, Attribute: SoundVolume, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Door Lock, Attribute: OperatingMode, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Door Lock, Attribute: EnableOneTouchLocking, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Door Lock, Attribute: EnableInsideStatusLED, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Door Lock, Attribute: EnablePrivacyModeButton, Privilege: manage */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Door Lock, Attribute: WrongCodeEntryLimit, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Door Lock, Attribute: UserCodeTemporaryDisableTime, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Door Lock, Attribute: RequirePINforRemoteOperation, Privilege: administer */ \ - kMatterAccessPrivilegeManage, /* Cluster: Window Covering, Attribute: Mode, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Pump Configuration and Control, Attribute: LifetimeRunningHours, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Pump Configuration and Control, Attribute: LifetimeEnergyConsumed, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Pump Configuration and Control, Attribute: OperationMode, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Pump Configuration and Control, Attribute: ControlMode, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Thermostat, Attribute: MinHeatSetpointLimit, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Thermostat, Attribute: MaxHeatSetpointLimit, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Thermostat, Attribute: MinCoolSetpointLimit, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Thermostat, Attribute: MaxCoolSetpointLimit, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Thermostat, Attribute: MinSetpointDeadBand, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Thermostat, Attribute: ControlSequenceOfOperation, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Thermostat, Attribute: SystemMode, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Thermostat User Interface Configuration, Attribute: KeypadLockout, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Thermostat User Interface Configuration, Attribute: ScheduleProgrammingVisibility, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Color Control, Attribute: WhitePointX, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Color Control, Attribute: WhitePointY, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Color Control, Attribute: ColorPointRX, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Color Control, Attribute: ColorPointRY, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Color Control, Attribute: ColorPointRIntensity, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Color Control, Attribute: ColorPointGX, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Color Control, Attribute: ColorPointGY, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Color Control, Attribute: ColorPointGIntensity, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Color Control, Attribute: ColorPointBX, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Color Control, Attribute: ColorPointBY, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Color Control, Attribute: ColorPointBIntensity, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Color Control, Attribute: StartUpColorTemperatureMireds, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: On/Off, Attribute: StartUpOnOff, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Level Control, Attribute: StartUpCurrentLevel, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Binding, Attribute: Binding, Privilege: manage */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Access Control, Attribute: ACL, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Access Control, Attribute: Extension, Privilege: administer */ \ + chip::Access::Privilege::kManage, /* Cluster: Basic Information, Attribute: NodeLabel, Privilege: manage */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Basic Information, Attribute: Location, Privilege: administer */ \ + chip::Access::Privilege::kManage, /* Cluster: Basic Information, Attribute: LocalConfigDisabled, Privilege: manage */ \ + chip::Access::Privilege::kAdminister, /* Cluster: OTA Software Update Requestor, Attribute: DefaultOTAProviders, Privilege: administer */ \ + chip::Access::Privilege::kManage, /* Cluster: Localization Configuration, Attribute: ActiveLocale, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Time Format Localization, Attribute: HourFormat, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Time Format Localization, Attribute: ActiveCalendarType, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Unit Localization, Attribute: TemperatureUnit, Privilege: manage */ \ + chip::Access::Privilege::kAdminister, /* Cluster: General Commissioning, Attribute: Breadcrumb, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Attribute: InterfaceEnabled, Privilege: administer */ \ + chip::Access::Privilege::kManage, /* Cluster: Group Key Management, Attribute: GroupKeyMap, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: User Label, Attribute: LabelList, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Door Lock, Attribute: DoorOpenEvents, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Door Lock, Attribute: DoorClosedEvents, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Door Lock, Attribute: OpenPeriod, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Door Lock, Attribute: Language, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Door Lock, Attribute: AutoRelockTime, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Door Lock, Attribute: SoundVolume, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Door Lock, Attribute: OperatingMode, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Door Lock, Attribute: EnableOneTouchLocking, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Door Lock, Attribute: EnableInsideStatusLED, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Door Lock, Attribute: EnablePrivacyModeButton, Privilege: manage */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Door Lock, Attribute: WrongCodeEntryLimit, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Door Lock, Attribute: UserCodeTemporaryDisableTime, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Door Lock, Attribute: RequirePINforRemoteOperation, Privilege: administer */ \ + chip::Access::Privilege::kManage, /* Cluster: Window Covering, Attribute: Mode, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Pump Configuration and Control, Attribute: LifetimeRunningHours, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Pump Configuration and Control, Attribute: LifetimeEnergyConsumed, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Pump Configuration and Control, Attribute: OperationMode, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Pump Configuration and Control, Attribute: ControlMode, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Thermostat, Attribute: MinHeatSetpointLimit, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Thermostat, Attribute: MaxHeatSetpointLimit, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Thermostat, Attribute: MinCoolSetpointLimit, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Thermostat, Attribute: MaxCoolSetpointLimit, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Thermostat, Attribute: MinSetpointDeadBand, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Thermostat, Attribute: ControlSequenceOfOperation, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Thermostat, Attribute: SystemMode, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Thermostat User Interface Configuration, Attribute: KeypadLockout, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Thermostat User Interface Configuration, Attribute: ScheduleProgrammingVisibility, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Color Control, Attribute: WhitePointX, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Color Control, Attribute: WhitePointY, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Color Control, Attribute: ColorPointRX, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Color Control, Attribute: ColorPointRY, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Color Control, Attribute: ColorPointRIntensity, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Color Control, Attribute: ColorPointGX, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Color Control, Attribute: ColorPointGY, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Color Control, Attribute: ColorPointGIntensity, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Color Control, Attribute: ColorPointBX, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Color Control, Attribute: ColorPointBY, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Color Control, Attribute: ColorPointBIntensity, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Color Control, Attribute: StartUpColorTemperatureMireds, Privilege: manage */ \ } //////////////////////////////////////////////////////////////////////////////// @@ -499,58 +499,58 @@ // Parallel array data (cluster, command, *privilege*) for invoke command #define GENERATED_ACCESS_INVOKE_COMMAND__PRIVILEGE { \ - kMatterAccessPrivilegeManage, /* Cluster: Identify, Command: Identify, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Identify, Command: TriggerEffect, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Groups, Command: AddGroup, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Groups, Command: RemoveGroup, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Groups, Command: RemoveAllGroups, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Groups, Command: AddGroupIfIdentifying, Privilege: manage */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: General Commissioning, Command: ArmFailSafe, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: General Commissioning, Command: SetRegulatoryConfig, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: General Commissioning, Command: CommissioningComplete, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Command: ScanNetworks, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Command: AddOrUpdateWiFiNetwork, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Command: AddOrUpdateThreadNetwork, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Command: RemoveNetwork, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Command: ConnectNetwork, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Command: ReorderNetwork, Privilege: administer */ \ - kMatterAccessPrivilegeManage, /* Cluster: General Diagnostics, Command: TestEventTrigger, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Software Diagnostics, Command: ResetWatermarks, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Thread Network Diagnostics, Command: ResetCounts, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Ethernet Network Diagnostics, Command: ResetCounts, Privilege: manage */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Administrator Commissioning, Command: OpenCommissioningWindow, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Administrator Commissioning, Command: OpenBasicCommissioningWindow, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Administrator Commissioning, Command: RevokeCommissioning, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Operational Credentials, Command: AttestationRequest, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Operational Credentials, Command: CertificateChainRequest, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Operational Credentials, Command: CSRRequest, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Operational Credentials, Command: AddNOC, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Operational Credentials, Command: UpdateNOC, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Operational Credentials, Command: UpdateFabricLabel, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Operational Credentials, Command: RemoveFabric, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Operational Credentials, Command: AddTrustedRootCertificate, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Group Key Management, Command: KeySetWrite, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Group Key Management, Command: KeySetRead, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Group Key Management, Command: KeySetRemove, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Group Key Management, Command: KeySetReadAllIndices, Privilege: administer */ \ - kMatterAccessPrivilegeManage, /* Cluster: Scenes Management, Command: AddScene, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Scenes Management, Command: RemoveScene, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Scenes Management, Command: RemoveAllScenes, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Scenes Management, Command: StoreScene, Privilege: manage */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Door Lock, Command: SetWeekDaySchedule, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Door Lock, Command: GetWeekDaySchedule, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Door Lock, Command: ClearWeekDaySchedule, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Door Lock, Command: SetYearDaySchedule, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Door Lock, Command: GetYearDaySchedule, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Door Lock, Command: SetUser, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Door Lock, Command: GetUser, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Door Lock, Command: ClearUser, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Door Lock, Command: SetCredential, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Door Lock, Command: GetCredentialStatus, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Door Lock, Command: ClearCredential, Privilege: administer */ \ - kMatterAccessPrivilegeManage, /* Cluster: Media Input, Command: RenameInput, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Fault Injection, Command: FailAtFault, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Fault Injection, Command: FailRandomlyAtFault, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Identify, Command: Identify, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Identify, Command: TriggerEffect, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Groups, Command: AddGroup, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Groups, Command: RemoveGroup, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Groups, Command: RemoveAllGroups, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Groups, Command: AddGroupIfIdentifying, Privilege: manage */ \ + chip::Access::Privilege::kAdminister, /* Cluster: General Commissioning, Command: ArmFailSafe, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: General Commissioning, Command: SetRegulatoryConfig, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: General Commissioning, Command: CommissioningComplete, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Command: ScanNetworks, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Command: AddOrUpdateWiFiNetwork, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Command: AddOrUpdateThreadNetwork, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Command: RemoveNetwork, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Command: ConnectNetwork, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Command: ReorderNetwork, Privilege: administer */ \ + chip::Access::Privilege::kManage, /* Cluster: General Diagnostics, Command: TestEventTrigger, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Software Diagnostics, Command: ResetWatermarks, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Thread Network Diagnostics, Command: ResetCounts, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Ethernet Network Diagnostics, Command: ResetCounts, Privilege: manage */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Administrator Commissioning, Command: OpenCommissioningWindow, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Administrator Commissioning, Command: OpenBasicCommissioningWindow, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Administrator Commissioning, Command: RevokeCommissioning, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Operational Credentials, Command: AttestationRequest, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Operational Credentials, Command: CertificateChainRequest, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Operational Credentials, Command: CSRRequest, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Operational Credentials, Command: AddNOC, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Operational Credentials, Command: UpdateNOC, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Operational Credentials, Command: UpdateFabricLabel, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Operational Credentials, Command: RemoveFabric, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Operational Credentials, Command: AddTrustedRootCertificate, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Group Key Management, Command: KeySetWrite, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Group Key Management, Command: KeySetRead, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Group Key Management, Command: KeySetRemove, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Group Key Management, Command: KeySetReadAllIndices, Privilege: administer */ \ + chip::Access::Privilege::kManage, /* Cluster: Scenes Management, Command: AddScene, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Scenes Management, Command: RemoveScene, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Scenes Management, Command: RemoveAllScenes, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Scenes Management, Command: StoreScene, Privilege: manage */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Door Lock, Command: SetWeekDaySchedule, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Door Lock, Command: GetWeekDaySchedule, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Door Lock, Command: ClearWeekDaySchedule, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Door Lock, Command: SetYearDaySchedule, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Door Lock, Command: GetYearDaySchedule, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Door Lock, Command: SetUser, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Door Lock, Command: GetUser, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Door Lock, Command: ClearUser, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Door Lock, Command: SetCredential, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Door Lock, Command: GetCredentialStatus, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Door Lock, Command: ClearCredential, Privilege: administer */ \ + chip::Access::Privilege::kManage, /* Cluster: Media Input, Command: RenameInput, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Fault Injection, Command: FailAtFault, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Fault Injection, Command: FailRandomlyAtFault, Privilege: manage */ \ } //////////////////////////////////////////////////////////////////////////////// @@ -569,8 +569,8 @@ // Parallel array data (cluster, event, *privilege*) for read event #define GENERATED_ACCESS_READ_EVENT__PRIVILEGE { \ - kMatterAccessPrivilegeAdminister, /* Cluster: Access Control, Event: AccessControlEntryChanged, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Access Control, Event: AccessControlExtensionChanged, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Access Control, Event: AccessControlEntryChanged, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Access Control, Event: AccessControlExtensionChanged, Privilege: administer */ \ } //////////////////////////////////////////////////////////////////////////////// diff --git a/scripts/tools/zap/tests/outputs/lighting-app/app-templates/access.h b/scripts/tools/zap/tests/outputs/lighting-app/app-templates/access.h index d2b8c67daa3fa7..581e688d25dcf2 100644 --- a/scripts/tools/zap/tests/outputs/lighting-app/app-templates/access.h +++ b/scripts/tools/zap/tests/outputs/lighting-app/app-templates/access.h @@ -20,7 +20,7 @@ // Prevent multiple inclusion #pragma once -#include +#include // Prevent changing generated format // clang-format off @@ -83,8 +83,8 @@ #define GENERATED_ACCESS_READ_ATTRIBUTE__PRIVILEGE { \ /* Cluster: On/Off, Attribute: StartUpOnOff, Privilege: view */ \ /* Cluster: Level Control, Attribute: StartUpCurrentLevel, Privilege: view */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Access Control, Attribute: ACL, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Access Control, Attribute: Extension, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Access Control, Attribute: ACL, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Access Control, Attribute: Extension, Privilege: administer */ \ /* Cluster: Access Control, Attribute: SubjectsPerAccessControlEntry, Privilege: view */ \ /* Cluster: Access Control, Attribute: TargetsPerAccessControlEntry, Privilege: view */ \ /* Cluster: Access Control, Attribute: AccessControlEntriesPerFabric, Privilege: view */ \ @@ -93,13 +93,13 @@ /* Cluster: Basic Information, Attribute: LocalConfigDisabled, Privilege: view */ \ /* Cluster: OTA Software Update Requestor, Attribute: DefaultOTAProviders, Privilege: view */ \ /* Cluster: General Commissioning, Attribute: Breadcrumb, Privilege: view */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Attribute: MaxNetworks, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Attribute: Networks, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Attribute: MaxNetworks, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Attribute: Networks, Privilege: administer */ \ /* Cluster: Network Commissioning, Attribute: InterfaceEnabled, Privilege: view */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Attribute: LastNetworkingStatus, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Attribute: LastNetworkID, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Attribute: LastConnectErrorValue, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Operational Credentials, Attribute: NOCs, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Attribute: LastNetworkingStatus, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Attribute: LastNetworkID, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Attribute: LastConnectErrorValue, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Operational Credentials, Attribute: NOCs, Privilege: administer */ \ /* Cluster: Group Key Management, Attribute: GroupKeyMap, Privilege: view */ \ /* Cluster: User Label, Attribute: LabelList, Privilege: view */ \ /* Cluster: Color Control, Attribute: StartUpColorTemperatureMireds, Privilege: view */ \ @@ -149,22 +149,22 @@ // Parallel array data (cluster, attribute, *privilege*) for write attribute #define GENERATED_ACCESS_WRITE_ATTRIBUTE__PRIVILEGE { \ - kMatterAccessPrivilegeManage, /* Cluster: On/Off, Attribute: StartUpOnOff, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Level Control, Attribute: StartUpCurrentLevel, Privilege: manage */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Access Control, Attribute: ACL, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Access Control, Attribute: Extension, Privilege: administer */ \ - kMatterAccessPrivilegeManage, /* Cluster: Basic Information, Attribute: NodeLabel, Privilege: manage */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Basic Information, Attribute: Location, Privilege: administer */ \ - kMatterAccessPrivilegeManage, /* Cluster: Basic Information, Attribute: LocalConfigDisabled, Privilege: manage */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: OTA Software Update Requestor, Attribute: DefaultOTAProviders, Privilege: administer */ \ - kMatterAccessPrivilegeManage, /* Cluster: Localization Configuration, Attribute: ActiveLocale, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Time Format Localization, Attribute: HourFormat, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Time Format Localization, Attribute: ActiveCalendarType, Privilege: manage */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: General Commissioning, Attribute: Breadcrumb, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Attribute: InterfaceEnabled, Privilege: administer */ \ - kMatterAccessPrivilegeManage, /* Cluster: Group Key Management, Attribute: GroupKeyMap, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: User Label, Attribute: LabelList, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Color Control, Attribute: StartUpColorTemperatureMireds, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: On/Off, Attribute: StartUpOnOff, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Level Control, Attribute: StartUpCurrentLevel, Privilege: manage */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Access Control, Attribute: ACL, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Access Control, Attribute: Extension, Privilege: administer */ \ + chip::Access::Privilege::kManage, /* Cluster: Basic Information, Attribute: NodeLabel, Privilege: manage */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Basic Information, Attribute: Location, Privilege: administer */ \ + chip::Access::Privilege::kManage, /* Cluster: Basic Information, Attribute: LocalConfigDisabled, Privilege: manage */ \ + chip::Access::Privilege::kAdminister, /* Cluster: OTA Software Update Requestor, Attribute: DefaultOTAProviders, Privilege: administer */ \ + chip::Access::Privilege::kManage, /* Cluster: Localization Configuration, Attribute: ActiveLocale, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Time Format Localization, Attribute: HourFormat, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Time Format Localization, Attribute: ActiveCalendarType, Privilege: manage */ \ + chip::Access::Privilege::kAdminister, /* Cluster: General Commissioning, Attribute: Breadcrumb, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Attribute: InterfaceEnabled, Privilege: administer */ \ + chip::Access::Privilege::kManage, /* Cluster: Group Key Management, Attribute: GroupKeyMap, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: User Label, Attribute: LabelList, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Color Control, Attribute: StartUpColorTemperatureMireds, Privilege: manage */ \ } //////////////////////////////////////////////////////////////////////////////// @@ -247,40 +247,40 @@ // Parallel array data (cluster, command, *privilege*) for invoke command #define GENERATED_ACCESS_INVOKE_COMMAND__PRIVILEGE { \ - kMatterAccessPrivilegeManage, /* Cluster: Identify, Command: Identify, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Identify, Command: TriggerEffect, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Groups, Command: AddGroup, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Groups, Command: RemoveGroup, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Groups, Command: RemoveAllGroups, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Groups, Command: AddGroupIfIdentifying, Privilege: manage */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: General Commissioning, Command: ArmFailSafe, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: General Commissioning, Command: SetRegulatoryConfig, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: General Commissioning, Command: CommissioningComplete, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Command: ScanNetworks, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Command: AddOrUpdateWiFiNetwork, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Command: AddOrUpdateThreadNetwork, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Command: RemoveNetwork, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Command: ConnectNetwork, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Network Commissioning, Command: ReorderNetwork, Privilege: administer */ \ - kMatterAccessPrivilegeManage, /* Cluster: General Diagnostics, Command: TestEventTrigger, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Software Diagnostics, Command: ResetWatermarks, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Thread Network Diagnostics, Command: ResetCounts, Privilege: manage */ \ - kMatterAccessPrivilegeManage, /* Cluster: Ethernet Network Diagnostics, Command: ResetCounts, Privilege: manage */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Administrator Commissioning, Command: OpenCommissioningWindow, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Administrator Commissioning, Command: OpenBasicCommissioningWindow, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Administrator Commissioning, Command: RevokeCommissioning, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Operational Credentials, Command: AttestationRequest, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Operational Credentials, Command: CertificateChainRequest, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Operational Credentials, Command: CSRRequest, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Operational Credentials, Command: AddNOC, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Operational Credentials, Command: UpdateNOC, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Operational Credentials, Command: UpdateFabricLabel, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Operational Credentials, Command: RemoveFabric, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Operational Credentials, Command: AddTrustedRootCertificate, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Group Key Management, Command: KeySetWrite, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Group Key Management, Command: KeySetRead, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Group Key Management, Command: KeySetRemove, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Group Key Management, Command: KeySetReadAllIndices, Privilege: administer */ \ + chip::Access::Privilege::kManage, /* Cluster: Identify, Command: Identify, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Identify, Command: TriggerEffect, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Groups, Command: AddGroup, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Groups, Command: RemoveGroup, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Groups, Command: RemoveAllGroups, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Groups, Command: AddGroupIfIdentifying, Privilege: manage */ \ + chip::Access::Privilege::kAdminister, /* Cluster: General Commissioning, Command: ArmFailSafe, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: General Commissioning, Command: SetRegulatoryConfig, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: General Commissioning, Command: CommissioningComplete, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Command: ScanNetworks, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Command: AddOrUpdateWiFiNetwork, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Command: AddOrUpdateThreadNetwork, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Command: RemoveNetwork, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Command: ConnectNetwork, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Network Commissioning, Command: ReorderNetwork, Privilege: administer */ \ + chip::Access::Privilege::kManage, /* Cluster: General Diagnostics, Command: TestEventTrigger, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Software Diagnostics, Command: ResetWatermarks, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Thread Network Diagnostics, Command: ResetCounts, Privilege: manage */ \ + chip::Access::Privilege::kManage, /* Cluster: Ethernet Network Diagnostics, Command: ResetCounts, Privilege: manage */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Administrator Commissioning, Command: OpenCommissioningWindow, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Administrator Commissioning, Command: OpenBasicCommissioningWindow, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Administrator Commissioning, Command: RevokeCommissioning, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Operational Credentials, Command: AttestationRequest, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Operational Credentials, Command: CertificateChainRequest, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Operational Credentials, Command: CSRRequest, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Operational Credentials, Command: AddNOC, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Operational Credentials, Command: UpdateNOC, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Operational Credentials, Command: UpdateFabricLabel, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Operational Credentials, Command: RemoveFabric, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Operational Credentials, Command: AddTrustedRootCertificate, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Group Key Management, Command: KeySetWrite, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Group Key Management, Command: KeySetRead, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Group Key Management, Command: KeySetRemove, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Group Key Management, Command: KeySetReadAllIndices, Privilege: administer */ \ } //////////////////////////////////////////////////////////////////////////////// @@ -299,8 +299,8 @@ // Parallel array data (cluster, event, *privilege*) for read event #define GENERATED_ACCESS_READ_EVENT__PRIVILEGE { \ - kMatterAccessPrivilegeAdminister, /* Cluster: Access Control, Event: AccessControlEntryChanged, Privilege: administer */ \ - kMatterAccessPrivilegeAdminister, /* Cluster: Access Control, Event: AccessControlExtensionChanged, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Access Control, Event: AccessControlEntryChanged, Privilege: administer */ \ + chip::Access::Privilege::kAdminister, /* Cluster: Access Control, Event: AccessControlExtensionChanged, Privilege: administer */ \ } //////////////////////////////////////////////////////////////////////////////// diff --git a/src/app/BUILD.gn b/src/app/BUILD.gn index 4f45321a181663..77572aacc512a6 100644 --- a/src/app/BUILD.gn +++ b/src/app/BUILD.gn @@ -171,7 +171,6 @@ static_library("interaction-model") { "PendingResponseTrackerImpl.h", "ReadClient.h", # TODO: cpp is only included conditionally. Needs logic # fixing - "RequiredPrivilege.cpp", "RequiredPrivilege.h", "StatusResponse.cpp", "StatusResponse.h", @@ -231,7 +230,6 @@ static_library("interaction-model") { "dynamic_server/AccessControl.cpp", "dynamic_server/AccessControl.h", "dynamic_server/DynamicDispatcher.cpp", - "util/privilege-constants.h", "util/privilege-storage.cpp", "util/privilege-storage.h", ] diff --git a/src/app/RequiredPrivilege.cpp b/src/app/RequiredPrivilege.cpp deleted file mode 100644 index 012a48c421c130..00000000000000 --- a/src/app/RequiredPrivilege.cpp +++ /dev/null @@ -1,27 +0,0 @@ -/* - * - * Copyright (c) 2022 Project CHIP Authors - * All rights reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "RequiredPrivilege.h" - -namespace chip { -namespace app { - -constexpr Access::Privilege RequiredPrivilege::kPrivilegeMapper[]; - -} // namespace app -} // namespace chip diff --git a/src/app/RequiredPrivilege.h b/src/app/RequiredPrivilege.h index 9d61dae3b52ce9..e28c69d730c240 100644 --- a/src/app/RequiredPrivilege.h +++ b/src/app/RequiredPrivilege.h @@ -31,49 +31,26 @@ namespace chip { namespace app { - -class RequiredPrivilege +namespace RequiredPrivilege { +inline chip::Access::Privilege ForReadAttribute(const ConcreteAttributePath & path) { - using Privilege = Access::Privilege; - - static constexpr Privilege kPrivilegeMapper[] = { Privilege::kView, Privilege::kOperate, Privilege::kManage, - Privilege::kAdminister }; - - static_assert(ArraySize(kPrivilegeMapper) > kMatterAccessPrivilegeView && - kPrivilegeMapper[kMatterAccessPrivilegeView] == Privilege::kView, - "Must map privilege correctly"); - static_assert(ArraySize(kPrivilegeMapper) > kMatterAccessPrivilegeOperate && - kPrivilegeMapper[kMatterAccessPrivilegeOperate] == Privilege::kOperate, - "Must map privilege correctly"); - static_assert(ArraySize(kPrivilegeMapper) > kMatterAccessPrivilegeManage && - kPrivilegeMapper[kMatterAccessPrivilegeManage] == Privilege::kManage, - "Must map privilege correctly"); - static_assert(ArraySize(kPrivilegeMapper) > kMatterAccessPrivilegeAdminister && - kPrivilegeMapper[kMatterAccessPrivilegeAdminister] == Privilege::kAdminister, - "Must map privilege correctly"); - static_assert(ArraySize(kPrivilegeMapper) > kMatterAccessPrivilegeMaxValue, "Must map all privileges"); - -public: - static Privilege ForReadAttribute(const ConcreteAttributePath & path) - { - return kPrivilegeMapper[MatterGetAccessPrivilegeForReadAttribute(path.mClusterId, path.mAttributeId)]; - } + return MatterGetAccessPrivilegeForReadAttribute(path.mClusterId, path.mAttributeId); +} - static Privilege ForWriteAttribute(const ConcreteAttributePath & path) - { - return kPrivilegeMapper[MatterGetAccessPrivilegeForWriteAttribute(path.mClusterId, path.mAttributeId)]; - } - - static Privilege ForInvokeCommand(const ConcreteCommandPath & path) - { - return kPrivilegeMapper[MatterGetAccessPrivilegeForInvokeCommand(path.mClusterId, path.mCommandId)]; - } +inline chip::Access::Privilege ForWriteAttribute(const ConcreteAttributePath & path) +{ + return MatterGetAccessPrivilegeForWriteAttribute(path.mClusterId, path.mAttributeId); +} - static Privilege ForReadEvent(const ConcreteEventPath & path) - { - return kPrivilegeMapper[MatterGetAccessPrivilegeForReadEvent(path.mClusterId, path.mEventId)]; - } -}; +inline chip::Access::Privilege ForInvokeCommand(const ConcreteCommandPath & path) +{ + return MatterGetAccessPrivilegeForInvokeCommand(path.mClusterId, path.mCommandId); +} +inline chip::Access::Privilege ForReadEvent(const ConcreteEventPath & path) +{ + return MatterGetAccessPrivilegeForReadEvent(path.mClusterId, path.mEventId); +} +} // namespace RequiredPrivilege } // namespace app } // namespace chip diff --git a/src/app/chip_data_model.gni b/src/app/chip_data_model.gni index 3665fabc47d488..eb8036b79990e0 100644 --- a/src/app/chip_data_model.gni +++ b/src/app/chip_data_model.gni @@ -123,6 +123,7 @@ template("chip_data_model") { deps = [ ":${_data_model_name}_codegen_generate", ":${_data_model_name}_zapgen_generate", + "${chip_root}/src/access", "${chip_root}/src/lib/core:chip_config_header", ] } @@ -398,6 +399,7 @@ template("chip_data_model") { public_deps += [ ":${_data_model_name}_codegen", ":${_data_model_name}_zapgen", + "${chip_root}/src/access", "${chip_root}/src/app", "${chip_root}/src/app/common:attribute-type", "${chip_root}/src/app/common:cluster-objects", diff --git a/src/app/tests/integration/RequiredPrivilegeStubs.cpp b/src/app/tests/integration/RequiredPrivilegeStubs.cpp index 17dbc27490520c..2cc23056e5d34a 100644 --- a/src/app/tests/integration/RequiredPrivilegeStubs.cpp +++ b/src/app/tests/integration/RequiredPrivilegeStubs.cpp @@ -17,22 +17,22 @@ #include -int MatterGetAccessPrivilegeForReadAttribute(chip::ClusterId cluster, chip::AttributeId attribute) +chip::Access::Privilege MatterGetAccessPrivilegeForReadAttribute(chip::ClusterId cluster, chip::AttributeId attribute) { - return kMatterAccessPrivilegeAdminister; + return chip::Access::Privilege::kAdminister; } -int MatterGetAccessPrivilegeForWriteAttribute(chip::ClusterId cluster, chip::AttributeId attribute) +chip::Access::Privilege MatterGetAccessPrivilegeForWriteAttribute(chip::ClusterId cluster, chip::AttributeId attribute) { - return kMatterAccessPrivilegeAdminister; + return chip::Access::Privilege::kAdminister; } -int MatterGetAccessPrivilegeForInvokeCommand(chip::ClusterId cluster, chip::CommandId command) +chip::Access::Privilege MatterGetAccessPrivilegeForInvokeCommand(chip::ClusterId cluster, chip::CommandId command) { - return kMatterAccessPrivilegeAdminister; + return chip::Access::Privilege::kAdminister; } -int MatterGetAccessPrivilegeForReadEvent(chip::ClusterId cluster, chip::EventId event) +chip::Access::Privilege MatterGetAccessPrivilegeForReadEvent(chip::ClusterId cluster, chip::EventId event) { - return kMatterAccessPrivilegeAdminister; + return chip::Access::Privilege::kAdminister; } diff --git a/src/app/util/privilege-constants.h b/src/app/util/privilege-constants.h deleted file mode 100644 index a9f56b509ca4cc..00000000000000 --- a/src/app/util/privilege-constants.h +++ /dev/null @@ -1,23 +0,0 @@ -/** - * - * Copyright (c) 2024 Project CHIP Authors - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#pragma once - -inline constexpr int kMatterAccessPrivilegeView = 0; -inline constexpr int kMatterAccessPrivilegeOperate = 1; -inline constexpr int kMatterAccessPrivilegeManage = 2; -inline constexpr int kMatterAccessPrivilegeAdminister = 3; -inline constexpr int kMatterAccessPrivilegeMaxValue = kMatterAccessPrivilegeAdminister; diff --git a/src/app/util/privilege-storage.cpp b/src/app/util/privilege-storage.cpp index f2493bcbb2e5b1..2bf38a1802347f 100644 --- a/src/app/util/privilege-storage.cpp +++ b/src/app/util/privilege-storage.cpp @@ -25,8 +25,6 @@ #include -#include - using chip::AttributeId; using chip::ClusterId; using chip::CommandId; @@ -36,9 +34,9 @@ namespace { #ifdef GENERATED_ACCESS_READ_ATTRIBUTE__CLUSTER namespace GeneratedAccessReadAttribute { -constexpr ClusterId kCluster[] = GENERATED_ACCESS_READ_ATTRIBUTE__CLUSTER; -constexpr AttributeId kAttribute[] = GENERATED_ACCESS_READ_ATTRIBUTE__ATTRIBUTE; -constexpr uint8_t kPrivilege[] = GENERATED_ACCESS_READ_ATTRIBUTE__PRIVILEGE; +constexpr ClusterId kCluster[] = GENERATED_ACCESS_READ_ATTRIBUTE__CLUSTER; +constexpr AttributeId kAttribute[] = GENERATED_ACCESS_READ_ATTRIBUTE__ATTRIBUTE; +constexpr chip::Access::Privilege kPrivilege[] = GENERATED_ACCESS_READ_ATTRIBUTE__PRIVILEGE; static_assert(ArraySize(kCluster) == ArraySize(kAttribute) && ArraySize(kAttribute) == ArraySize(kPrivilege), "Generated parallel arrays must be same size"); } // namespace GeneratedAccessReadAttribute @@ -46,9 +44,9 @@ static_assert(ArraySize(kCluster) == ArraySize(kAttribute) && ArraySize(kAttribu #ifdef GENERATED_ACCESS_WRITE_ATTRIBUTE__CLUSTER namespace GeneratedAccessWriteAttribute { -constexpr ClusterId kCluster[] = GENERATED_ACCESS_WRITE_ATTRIBUTE__CLUSTER; -constexpr AttributeId kAttribute[] = GENERATED_ACCESS_WRITE_ATTRIBUTE__ATTRIBUTE; -constexpr uint8_t kPrivilege[] = GENERATED_ACCESS_WRITE_ATTRIBUTE__PRIVILEGE; +constexpr ClusterId kCluster[] = GENERATED_ACCESS_WRITE_ATTRIBUTE__CLUSTER; +constexpr AttributeId kAttribute[] = GENERATED_ACCESS_WRITE_ATTRIBUTE__ATTRIBUTE; +constexpr chip::Access::Privilege kPrivilege[] = GENERATED_ACCESS_WRITE_ATTRIBUTE__PRIVILEGE; static_assert(ArraySize(kCluster) == ArraySize(kAttribute) && ArraySize(kAttribute) == ArraySize(kPrivilege), "Generated parallel arrays must be same size"); } // namespace GeneratedAccessWriteAttribute @@ -56,9 +54,9 @@ static_assert(ArraySize(kCluster) == ArraySize(kAttribute) && ArraySize(kAttribu #ifdef GENERATED_ACCESS_INVOKE_COMMAND__CLUSTER namespace GeneratedAccessInvokeCommand { -constexpr ClusterId kCluster[] = GENERATED_ACCESS_INVOKE_COMMAND__CLUSTER; -constexpr CommandId kCommand[] = GENERATED_ACCESS_INVOKE_COMMAND__COMMAND; -constexpr uint8_t kPrivilege[] = GENERATED_ACCESS_INVOKE_COMMAND__PRIVILEGE; +constexpr ClusterId kCluster[] = GENERATED_ACCESS_INVOKE_COMMAND__CLUSTER; +constexpr CommandId kCommand[] = GENERATED_ACCESS_INVOKE_COMMAND__COMMAND; +constexpr chip::Access::Privilege kPrivilege[] = GENERATED_ACCESS_INVOKE_COMMAND__PRIVILEGE; static_assert(ArraySize(kCluster) == ArraySize(kCommand) && ArraySize(kCommand) == ArraySize(kPrivilege), "Generated parallel arrays must be same size"); } // namespace GeneratedAccessInvokeCommand @@ -66,9 +64,9 @@ static_assert(ArraySize(kCluster) == ArraySize(kCommand) && ArraySize(kCommand) #ifdef GENERATED_ACCESS_READ_EVENT__CLUSTER namespace GeneratedAccessReadEvent { -constexpr ClusterId kCluster[] = GENERATED_ACCESS_READ_EVENT__CLUSTER; -constexpr EventId kEvent[] = GENERATED_ACCESS_READ_EVENT__EVENT; -constexpr uint8_t kPrivilege[] = GENERATED_ACCESS_READ_EVENT__PRIVILEGE; +constexpr ClusterId kCluster[] = GENERATED_ACCESS_READ_EVENT__CLUSTER; +constexpr EventId kEvent[] = GENERATED_ACCESS_READ_EVENT__EVENT; +constexpr chip::Access::Privilege kPrivilege[] = GENERATED_ACCESS_READ_EVENT__PRIVILEGE; static_assert(ArraySize(kCluster) == ArraySize(kEvent) && ArraySize(kEvent) == ArraySize(kPrivilege), "Generated parallel arrays must be same size"); } // namespace GeneratedAccessReadEvent @@ -76,7 +74,7 @@ static_assert(ArraySize(kCluster) == ArraySize(kEvent) && ArraySize(kEvent) == A } // anonymous namespace -int MatterGetAccessPrivilegeForReadAttribute(ClusterId cluster, AttributeId attribute) +chip::Access::Privilege MatterGetAccessPrivilegeForReadAttribute(ClusterId cluster, AttributeId attribute) { #ifdef GENERATED_ACCESS_READ_ATTRIBUTE__CLUSTER using namespace GeneratedAccessReadAttribute; @@ -88,10 +86,10 @@ int MatterGetAccessPrivilegeForReadAttribute(ClusterId cluster, AttributeId attr } } #endif - return kMatterAccessPrivilegeView; + return chip::Access::Privilege::kView; } -int MatterGetAccessPrivilegeForWriteAttribute(ClusterId cluster, AttributeId attribute) +chip::Access::Privilege MatterGetAccessPrivilegeForWriteAttribute(ClusterId cluster, AttributeId attribute) { #ifdef GENERATED_ACCESS_WRITE_ATTRIBUTE__CLUSTER using namespace GeneratedAccessWriteAttribute; @@ -103,10 +101,10 @@ int MatterGetAccessPrivilegeForWriteAttribute(ClusterId cluster, AttributeId att } } #endif - return kMatterAccessPrivilegeOperate; + return chip::Access::Privilege::kOperate; } -int MatterGetAccessPrivilegeForInvokeCommand(ClusterId cluster, CommandId command) +chip::Access::Privilege MatterGetAccessPrivilegeForInvokeCommand(ClusterId cluster, CommandId command) { #ifdef GENERATED_ACCESS_INVOKE_COMMAND__CLUSTER using namespace GeneratedAccessInvokeCommand; @@ -118,10 +116,10 @@ int MatterGetAccessPrivilegeForInvokeCommand(ClusterId cluster, CommandId comman } } #endif - return kMatterAccessPrivilegeOperate; + return chip::Access::Privilege::kOperate; } -int MatterGetAccessPrivilegeForReadEvent(ClusterId cluster, EventId event) +chip::Access::Privilege MatterGetAccessPrivilegeForReadEvent(ClusterId cluster, EventId event) { #ifdef GENERATED_ACCESS_READ_EVENT__CLUSTER using namespace GeneratedAccessReadEvent; @@ -133,5 +131,5 @@ int MatterGetAccessPrivilegeForReadEvent(ClusterId cluster, EventId event) } } #endif - return kMatterAccessPrivilegeView; + return chip::Access::Privilege::kView; } diff --git a/src/app/util/privilege-storage.h b/src/app/util/privilege-storage.h index 6222d891b9c92a..815ae2bd998530 100644 --- a/src/app/util/privilege-storage.h +++ b/src/app/util/privilege-storage.h @@ -16,10 +16,10 @@ */ #pragma once -#include +#include #include -int MatterGetAccessPrivilegeForReadAttribute(chip::ClusterId cluster, chip::AttributeId attribute); -int MatterGetAccessPrivilegeForWriteAttribute(chip::ClusterId cluster, chip::AttributeId attribute); -int MatterGetAccessPrivilegeForInvokeCommand(chip::ClusterId cluster, chip::CommandId command); -int MatterGetAccessPrivilegeForReadEvent(chip::ClusterId cluster, chip::EventId event); +chip::Access::Privilege MatterGetAccessPrivilegeForReadAttribute(chip::ClusterId cluster, chip::AttributeId attribute); +chip::Access::Privilege MatterGetAccessPrivilegeForWriteAttribute(chip::ClusterId cluster, chip::AttributeId attribute); +chip::Access::Privilege MatterGetAccessPrivilegeForInvokeCommand(chip::ClusterId cluster, chip::CommandId command); +chip::Access::Privilege MatterGetAccessPrivilegeForReadEvent(chip::ClusterId cluster, chip::EventId event); diff --git a/src/app/zap-templates/templates/app/access.zapt b/src/app/zap-templates/templates/app/access.zapt index 96ad5f54ae5075..6f46a7e0b9b477 100644 --- a/src/app/zap-templates/templates/app/access.zapt +++ b/src/app/zap-templates/templates/app/access.zapt @@ -3,7 +3,7 @@ // Prevent multiple inclusion #pragma once -#include +#include // Prevent changing generated format // clang-format off @@ -89,11 +89,11 @@ {{#if (isStrEqual role "view")}} /* Cluster: {{parent.parent.name}}, Attribute: {{parent.name}}, Privilege: {{role}} */ \ {{else if (isStrEqual role "operate")}} - kMatterAccessPrivilegeOperate, /* Cluster: {{parent.parent.name}}, Attribute: {{parent.name}}, Privilege: {{role}} */ \ + chip::Access::Privilege::kOperate, /* Cluster: {{parent.parent.name}}, Attribute: {{parent.name}}, Privilege: {{role}} */ \ {{else if (isStrEqual role "manage")}} - kMatterAccessPrivilegeManage, /* Cluster: {{parent.parent.name}}, Attribute: {{parent.name}}, Privilege: {{role}} */ \ + chip::Access::Privilege::kManage, /* Cluster: {{parent.parent.name}}, Attribute: {{parent.name}}, Privilege: {{role}} */ \ {{else if (isStrEqual role "administer")}} - kMatterAccessPrivilegeAdminister, /* Cluster: {{parent.parent.name}}, Attribute: {{parent.name}}, Privilege: {{role}} */ \ + chip::Access::Privilege::kAdminister, /* Cluster: {{parent.parent.name}}, Attribute: {{parent.name}}, Privilege: {{role}} */ \ {{else}} ERROR: access has unrecognized role/privilege [ Cluster: {{parent.parent.name}}, Attribute: {{parent.name}} ] {{/if}} @@ -192,9 +192,9 @@ {{else if (isStrEqual role "operate")}} /* Cluster: {{parent.parent.name}}, Attribute: {{parent.name}}, Privilege: {{role}} */ \ {{else if (isStrEqual role "manage")}} - kMatterAccessPrivilegeManage, /* Cluster: {{parent.parent.name}}, Attribute: {{parent.name}}, Privilege: {{role}} */ \ + chip::Access::Privilege::kManage, /* Cluster: {{parent.parent.name}}, Attribute: {{parent.name}}, Privilege: {{role}} */ \ {{else if (isStrEqual role "administer")}} - kMatterAccessPrivilegeAdminister, /* Cluster: {{parent.parent.name}}, Attribute: {{parent.name}}, Privilege: {{role}} */ \ + chip::Access::Privilege::kAdminister, /* Cluster: {{parent.parent.name}}, Attribute: {{parent.name}}, Privilege: {{role}} */ \ {{else}} ERROR: access has unrecognized role/privilege [ Cluster: {{parent.parent.name}}, Attribute: {{parent.name}} ] {{/if}} @@ -293,9 +293,9 @@ {{else if (isStrEqual role "operate")}} /* Cluster: {{parent.parent.name}}, Command: {{parent.commandName}}, Privilege: {{role}} */ \ {{else if (isStrEqual role "manage")}} - kMatterAccessPrivilegeManage, /* Cluster: {{parent.parent.name}}, Command: {{parent.commandName}}, Privilege: {{role}} */ \ + chip::Access::Privilege::kManage, /* Cluster: {{parent.parent.name}}, Command: {{parent.commandName}}, Privilege: {{role}} */ \ {{else if (isStrEqual role "administer")}} - kMatterAccessPrivilegeAdminister, /* Cluster: {{parent.parent.name}}, Command: {{parent.commandName}}, Privilege: {{role}} */ \ + chip::Access::Privilege::kAdminister, /* Cluster: {{parent.parent.name}}, Command: {{parent.commandName}}, Privilege: {{role}} */ \ {{else}} ERROR: access has unrecognized role/privilege [ Cluster: {{parent.parent.name}}, Command: {{parent.commandName}} ] {{/if}} @@ -392,11 +392,11 @@ {{#if (isStrEqual role "view")}} /* Cluster: {{parent.parent.name}}, Event: {{parent.name}}, Privilege: {{role}} */ \ {{else if (isStrEqual role "operate")}} - kMatterAccessPrivilegeOperate, /* Cluster: {{parent.parent.name}}, Event: {{parent.name}}, Privilege: {{role}} */ \ + chip::Access::Privilege::kOperate, /* Cluster: {{parent.parent.name}}, Event: {{parent.name}}, Privilege: {{role}} */ \ {{else if (isStrEqual role "manage")}} - kMatterAccessPrivilegeManage, /* Cluster: {{parent.parent.name}}, Event: {{parent.name}}, Privilege: {{role}} */ \ + chip::Access::Privilege::kManage, /* Cluster: {{parent.parent.name}}, Event: {{parent.name}}, Privilege: {{role}} */ \ {{else if (isStrEqual role "administer")}} - kMatterAccessPrivilegeAdminister, /* Cluster: {{parent.parent.name}}, Event: {{parent.name}}, Privilege: {{role}} */ \ + chip::Access::Privilege::kAdminister, /* Cluster: {{parent.parent.name}}, Event: {{parent.name}}, Privilege: {{role}} */ \ {{else}} ERROR: access has unrecognized role/privilege [ Cluster: {{parent.parent.name}}, Event: {{parent.name}} ] {{/if}} diff --git a/src/darwin/Framework/CHIP/ServerEndpoint/MTRServerAccessControl.mm b/src/darwin/Framework/CHIP/ServerEndpoint/MTRServerAccessControl.mm index 984716511a7495..abf386be53b735 100644 --- a/src/darwin/Framework/CHIP/ServerEndpoint/MTRServerAccessControl.mm +++ b/src/darwin/Framework/CHIP/ServerEndpoint/MTRServerAccessControl.mm @@ -134,36 +134,36 @@ bool GrantSubjectMatchesDescriptor(MTRAccessGrant * grant, const SubjectDescript } // anonymous namespace -int MatterGetAccessPrivilegeForReadEvent(ClusterId cluster, EventId event) +chip::Access::Privilege MatterGetAccessPrivilegeForReadEvent(ClusterId cluster, EventId event) { // We don't support any event bits yet. - return kMatterAccessPrivilegeAdminister; + return chip::Access::Privilege::kAdminister; } -int MatterGetAccessPrivilegeForInvokeCommand(ClusterId cluster, CommandId command) +chip::Access::Privilege MatterGetAccessPrivilegeForInvokeCommand(ClusterId cluster, CommandId command) { // For now we only have OTA, which uses Operate. - return kMatterAccessPrivilegeOperate; + return chip::Access::Privilege::kOperate; } -int MatterGetAccessPrivilegeForReadAttribute(ClusterId cluster, AttributeId attribute) +chip::Access::Privilege MatterGetAccessPrivilegeForReadAttribute(ClusterId cluster, AttributeId attribute) { NSNumber * _Nullable neededPrivilege = [[MTRDeviceControllerFactory sharedInstance] neededReadPrivilegeForClusterID:@(cluster) attributeID:@(attribute)]; if (neededPrivilege == nil) { // No privileges declared for this attribute on this cluster. Treat as // "needs admin privileges", so we fail closed. - return kMatterAccessPrivilegeAdminister; + return chip::Access::Privilege::kAdminister; } switch (neededPrivilege.unsignedLongLongValue) { case MTRAccessControlEntryPrivilegeView: - return kMatterAccessPrivilegeView; + return chip::Access::Privilege::kView; case MTRAccessControlEntryPrivilegeOperate: - return kMatterAccessPrivilegeOperate; + return chip::Access::Privilege::kOperate; case MTRAccessControlEntryPrivilegeManage: - return kMatterAccessPrivilegeManage; + return chip::Access::Privilege::kManage; case MTRAccessControlEntryPrivilegeAdminister: - return kMatterAccessPrivilegeAdminister; + return chip::Access::Privilege::kAdminister; case MTRAccessControlEntryPrivilegeProxyView: // Just treat this as an unknown value; there is no value for this in privilege-storage. FALLTHROUGH; @@ -174,13 +174,13 @@ int MatterGetAccessPrivilegeForReadAttribute(ClusterId cluster, AttributeId attr // To be safe, treat unknown values as "needs admin privileges". That way the failure case // disallows access that maybe should be allowed, instead of allowing access that maybe // should be disallowed. - return kMatterAccessPrivilegeAdminister; + return chip::Access::Privilege::kAdminister; } -int MatterGetAccessPrivilegeForWriteAttribute(ClusterId cluster, AttributeId attribute) +chip::Access::Privilege MatterGetAccessPrivilegeForWriteAttribute(ClusterId cluster, AttributeId attribute) { // We don't have any writable attributes yet, but default to Operate. - return kMatterAccessPrivilegeOperate; + return chip::Access::Privilege::kOperate; } void InitializeServerAccessControl()