#include <src/lib/core/WeaveServerBase.h>

A common base class for implementing Weave server delegate objects.



Direct Known Subclasses:

Protected types

  kAccessControlResult_NotDetermined = 0,
  kAccessControlResult_Accepted = 1,
  kAccessControlResult_Rejected = 2,
  kAccessControlResult_Rejected_RespSent = 3,
  kAccessControlResult_Rejected_Silent = 4
AccessControlResult typedef

Protected functions

EnforceAccessControl(ExchangeContext *ec, uint32_t msgProfileId, uint8_t msgType, const WeaveMessageInfo *msgInfo, AccessControlResult & result)
virtual void
Virtual method for determining message-level access control policy for incoming server request messages.

Protected types




uint8_t AccessControlResult

Protected functions


virtual void EnforceAccessControl(
  ExchangeContext *ec,
  uint32_t msgProfileId,
  uint8_t msgType,
  const WeaveMessageInfo *msgInfo,
  AccessControlResult & result

Virtual method for determining message-level access control policy for incoming server request messages.

This method is called by the Weave server infrastructure to determine whether an incoming request message should be accepted and processed normally, or rejected. Delegate classes associated with Weave server implementations must override this method to implement an appropriate access control policies for their protocols. Applications may further override this method to support custom policies beyond those provide by the standard server implementations.

Implementations of this method are expected to return a result value of Accepted or Rejected based on the outcome of access control policy evaluation. Returning a result of Rejected causes a StatusReport to be sent to the requester containing the status Common/AccessDenied. Alternatively, method implementations can choose to send their own responses, which can be a StatusReport or any other type of message. In this case, the method should return a result of Reject_RespSent to signal that a response has already been sent. Finally, implementations can return Reject_Silent to indicate that the request should be rejected without sending a response to the requester.

Classes that override the EnforceAccessControl() method are required in call cases to call the like-named method on their immediate parent class, be that the WeaveServerDelegateBase class, or a class derived from that class. Overriding methods should first update the result value with their determination of the access control policy, and then call on their base class to make its determination.

[in] ec
The ExchangeContext over which the message was received.
[in] msgProfileId
The profile id of the received message.
[in] msgType
The message type of the received message.
[in] msgInfo
A WeaveMessageInfo structure containing information about the received message.
[in,out] result
An enumerated value describing the result of access control policy evaluation for the received message. Upon entry to the method, the value represents the tentative result at the current point in the evaluation process. Upon return, the result is expected to represent the final assessment of access control policy for the message.