add support to ingest supported with roles (#601)

* add support to ingest supported with roles
rdkcentral · Aug 28, 2024 · 14dff82 · 14dff82
1 parent 3a007f8
commit 14dff82
Show file tree

Hide file tree

Showing 5 changed files with 126 additions and 16 deletions.
diff --git a/core/main/src/firebolt/handlers/authentication_rpc.rs b/core/main/src/firebolt/handlers/authentication_rpc.rs
@@ -63,10 +63,12 @@ impl AuthenticationServer for AuthenticationImpl {
         match token_request._type {
             TokenType::Platform => {
                 let cap = FireboltCap::Short("token:platform".into());
-                let supported_caps = self
+                let supported_perms = self
                     .platform_state
                     .get_device_manifest()
                     .get_supported_caps();
+                let supported_caps: Vec<FireboltCap> =
+                    supported_perms.into_iter().map(|x| x.cap).collect();
                 if supported_caps.contains(&cap) {
                     self.token(TokenType::Platform, ctx).await
                 } else {
@@ -81,10 +83,13 @@ impl AuthenticationServer for AuthenticationImpl {
             TokenType::Device => self.token(TokenType::Device, ctx).await,
             TokenType::Distributor => {
                 let cap = FireboltCap::Short("token:session".into());
-                let supported_caps = self
+                let supported_perms = self
                     .platform_state
                     .get_device_manifest()
                     .get_supported_caps();
+
+                let supported_caps: Vec<FireboltCap> =
+                    supported_perms.into_iter().map(|x| x.cap).collect();
                 if supported_caps.contains(&cap) {
                     self.token(TokenType::Distributor, ctx).await
                 } else {

diff --git a/core/main/src/state/cap/generic_cap_state.rs b/core/main/src/state/cap/generic_cap_state.rs
@@ -29,6 +29,8 @@ use ripple_sdk::{
     },
     log::debug,
 };
+use serde::Deserialize;
+use serde_json::json;
 
 use crate::state::platform_state::PlatformState;
 
@@ -54,14 +56,14 @@ impl GenericCapState {
         cap_state
     }
 
-    pub fn ingest_supported(&self, request: Vec<FireboltCap>) {
+    pub fn ingest_supported(&self, request: Vec<FireboltPermission>) {
         let mut supported = self.supported.write().unwrap();
         supported.extend(
             request
                 .iter()
-                .map(|a| a.as_str())
+                .map(|a: &FireboltPermission| serde_json::to_string(a).unwrap())
                 .collect::<HashSet<String>>(),
-        )
+        );
     }
 
     pub fn ingest_availability(&self, request: Vec<FireboltCap>, is_available: bool) {
@@ -79,8 +81,19 @@ impl GenericCapState {
     pub fn check_for_processor(&self, request: Vec<String>) -> HashMap<String, bool> {
         let supported = self.supported.read().unwrap();
         let mut result = HashMap::new();
+        let supported_cap: Vec<String> = supported
+            .clone()
+            .iter()
+            .map(|f| {
+                FireboltPermission::deserialize(json!(f))
+                    .unwrap()
+                    .cap
+                    .as_str()
+            })
+            .collect();
+
         for cap in request {
-            result.insert(cap.clone(), supported.contains(&cap));
+            result.insert(cap.clone(), supported_cap.contains(&cap));
         }
         result
     }
@@ -89,7 +102,7 @@ impl GenericCapState {
         let supported = self.supported.read().unwrap();
         let not_supported: Vec<FireboltCap> = request
             .iter()
-            .filter(|fb_perm| !supported.contains(&fb_perm.cap.as_str()))
+            .filter(|fb_perm| !supported.contains(&serde_json::to_string(fb_perm).unwrap()))
             .map(|fb_perm| fb_perm.cap.clone())
             .collect();
 

diff --git a/core/sdk/src/api/device/device_accessory.rs b/core/sdk/src/api/device/device_accessory.rs
@@ -188,7 +188,8 @@ pub enum AccessoryProtocol {
 
 impl AccessoryProtocol {
     pub fn get_supported_protocol(value: DeviceManifest) -> Self {
-        let supported_caps = value.get_supported_caps();
+        let supported_perms = value.get_supported_caps();
+        let supported_caps: Vec<FireboltCap> = supported_perms.into_iter().map(|x| x.cap).collect();
         if supported_caps.contains(&FireboltCap::short("remote:rf4ce")) {
             AccessoryProtocol::RF4CE
         } else {

diff --git a/core/sdk/src/api/firebolt/fb_capabilities.rs b/core/sdk/src/api/firebolt/fb_capabilities.rs
@@ -19,6 +19,7 @@ use std::hash::{Hash, Hasher};
 
 use regex::Regex;
 use serde::{Deserialize, Deserializer, Serialize, Serializer};
+use serde_json::json;
 
 use super::fb_openrpc::CapabilitySet;
 use crate::api::gateway::rpc_error::RpcError;
@@ -159,6 +160,75 @@ pub struct FireboltPermission {
     pub role: CapabilityRole,
 }
 
+impl FireboltPermission {
+    pub fn from_vec_string(
+        perm_strings: Vec<String>,
+        role_based_support: bool,
+    ) -> Vec<FireboltPermission> {
+        let mut perm_list: Vec<FireboltPermission> = Vec::new();
+        for permission in perm_strings {
+            if role_based_support {
+                let perm = FireboltPermission::deserialize(json!(permission));
+                if let Ok(p) = perm {
+                    perm_list.push(p);
+                }
+                if permission.ends_with("[manage]") {
+                    let mut cap = permission.clone();
+
+                    cap.truncate(permission.len() - "[manage]".len());
+                    let perm = FireboltPermission::deserialize(json!(cap));
+                    if let Ok(p) = perm {
+                        perm_list.push(p);
+                    }
+                } else if permission.ends_with("[provide]") {
+                    let mut cap = permission.clone();
+
+                    cap.truncate(permission.len() - "[provide]".len());
+                    let perm = FireboltPermission::deserialize(json!(cap));
+                    if let Ok(p) = perm {
+                        perm_list.push(p);
+                    }
+                    let perm = FireboltPermission::deserialize(json!(format!(
+                        "{}{}",
+                        cap.as_str(),
+                        "[manage]"
+                    )
+                    .as_str()));
+                    if let Ok(p) = perm {
+                        perm_list.push(p);
+                    }
+                }
+            } else {
+                let perm = FireboltPermission::deserialize(json!(permission));
+                if let Ok(p) = perm {
+                    perm_list.push(p);
+                }
+
+                let perm = FireboltPermission::deserialize(json!(format!(
+                    "{}{}",
+                    permission.as_str(),
+                    "[manage]"
+                )
+                .as_str()));
+                if let Ok(p) = perm {
+                    perm_list.push(p);
+                };
+
+                let perm = FireboltPermission::deserialize(json!(format!(
+                    "{}{}",
+                    permission.as_str(),
+                    "[provide]"
+                )
+                .as_str()));
+                if let Ok(p) = perm {
+                    perm_list.push(p);
+                };
+            }
+        }
+        perm_list
+    }
+}
+
 impl From<RoleInfo> for FireboltPermission {
     fn from(role_info: RoleInfo) -> Self {
         FireboltPermission {

diff --git a/core/sdk/src/api/manifest/device_manifest.rs b/core/sdk/src/api/manifest/device_manifest.rs
@@ -28,7 +28,7 @@ use crate::{
     api::{
         device::device_user_grants_data::{GrantExclusionFilter, GrantPolicies},
         distributor::distributor_privacy::DataEventType,
-        firebolt::fb_capabilities::{FireboltCap, FireboltPermission},
+        firebolt::fb_capabilities::FireboltPermission,
         storage_property::StorageProperty,
     },
     utils::error::RippleError,
@@ -332,6 +332,8 @@ pub struct DefaultValues {
     pub media_progress_as_watched_events: bool,
     #[serde(default)]
     pub accessibility_audio_description_settings: bool,
+    #[serde(default)]
+    pub role_based_support: bool,
 }
 
 pub fn name_default() -> String {
@@ -441,6 +443,7 @@ impl Default for DefaultValues {
             lifecycle_transition_validate: false,
             media_progress_as_watched_events: false,
             accessibility_audio_description_settings: false,
+            role_based_support: false,
         }
     }
 }
@@ -787,8 +790,10 @@ impl DeviceManifest {
         }
     }
 
-    pub fn get_supported_caps(&self) -> Vec<FireboltCap> {
-        FireboltCap::from_vec_string(self.clone().capabilities.supported)
+    pub fn get_supported_caps(&self) -> Vec<FireboltPermission> {
+        let supported = self.clone().capabilities.supported;
+        let role_based_support = self.configuration.default_values.role_based_support;
+        FireboltPermission::from_vec_string(supported, role_based_support)
     }
 
     pub fn get_caps_requiring_grant(&self) -> Vec<String> {
@@ -834,6 +839,7 @@ impl DeviceManifest {
 #[cfg(test)]
 pub(crate) mod tests {
     use super::*;
+    use crate::api::firebolt::fb_capabilities::{CapabilityRole, FireboltCap};
     pub trait Mockable {
         fn mock() -> DeviceManifest
         where
@@ -906,6 +912,7 @@ pub(crate) mod tests {
                         lifecycle_transition_validate: true,
                         media_progress_as_watched_events: true,
                         accessibility_audio_description_settings: false,
+                        role_based_support: false,
                     },
                     settings_defaults_per_app: HashMap::new(),
                     model_friendly_names: {
@@ -934,7 +941,7 @@ pub(crate) mod tests {
                     metrics_logging_percentage: 10,
                 },
                 capabilities: CapabilityConfiguration {
-                    supported: vec!["main".to_string()],
+                    supported: vec!["main[manage]".to_string(), "test".to_string()],
                     grant_policies: None,
                     grant_exclusion_filters: vec![GrantExclusionFilter {
                         id: Some("test-id".to_string()),
@@ -1010,11 +1017,25 @@ pub(crate) mod tests {
     }
 
     #[test]
-    fn test_get_supported_caps() {
+    fn test_get_supported_caps_use_role_based_support_false() {
         let manifest = DeviceManifest::mock();
-        let supported_caps = manifest.get_supported_caps();
-
-        assert_eq!(supported_caps, vec![FireboltCap::Full("main".to_string())]);
+        let supported_perms = manifest.get_supported_caps();
+        assert!(supported_perms.contains(&FireboltPermission {
+            cap: FireboltCap::Full("main".to_owned()),
+            role: CapabilityRole::Manage
+        }));
+        assert!(supported_perms.contains(&FireboltPermission {
+            cap: FireboltCap::Full("test".to_owned()),
+            role: CapabilityRole::Manage
+        }));
+        assert!(supported_perms.contains(&FireboltPermission {
+            cap: FireboltCap::Full("test".to_owned()),
+            role: CapabilityRole::Use
+        }));
+        assert!(supported_perms.contains(&FireboltPermission {
+            cap: FireboltCap::Full("test".to_owned()),
+            role: CapabilityRole::Provide
+        }));
     }
 
     #[test]