-
Bug
-
Resolution: Unresolved
-
None
-
unspecified
-
None
-
Operating System: All
Platform: All
-
7904
IoTDM is not doing validation on "allowed number of elements" & "respective value" While creating ACP with optional attribute - "accessControlContexts/accessControlWindow"
"accessControlContexts/accessControlWindow" is of type "m2m:scheduleEntry"
As per spec - "m2m:scheduleEntry" support following elements and values -
======================================================================
Table 7.4.9.1-4: Definition of m2m:scheduleEntry string format
Field Name Range of values Note
Second 0 to 59
Minute 0 to 59
Hour 0 to 23
Day of the month 1 to 31
Month of the year 1 to 12
Day of the week 0 to 6 0 means Sunday
Year 20000 to 9999
======================================================================
Actual behavior of IoTDM -
Currently, IoTDM is allowing me to set more then 7 values without doing any range check on the value. Following is what IoTDM is returning for a configured ACP.
{"m2m:acp":{"ct":"20170306T092810","ty":1,"pv":{"acr":[{"acco":[
{"acw":"0-69 0-59 0-24 1-32 1-13 0-7 2017-2018 1"}],"acor":["admin"],"acop":63}]},"ri":"01gr","lt":"20170306T092810","pi":"/InCSE1/01ge","pvs":{"acr":[{"acco":[
{"acw":"* * * * * * * * 2017-2018"}],"acor":["admin"],"acop":63}]},"rn":"Acp3.03.01","et":"29991231T111111"}}
Please notice following values - "acw":"0-69 0-59 0-24 1-32 1-13 0-7 2017-2018 1"
Expected behavior of IoTDM -
1) IoTDM should impose restriction to set exactly 7 values.
2) Also, it would be good to perform range check on values, and appropriate error in response if criteria for successful configuration does not pass.