Fix Bug 492961 Implement Access Control check for Notify requests

Signed-off-by: Mahdi Ben Alaya <benalaya@sensinov.com>

2 files changed, 5 insertions, 0 deletions

diff --git a/org.eclipse.om2m.core/src/main/java/org/eclipse/om2m/core/controller/Controller.java b/org.eclipse.om2m.core/src/main/java/org/eclipse/om2m/core/controller/Controller.java
index d63f62da..3fc3e2c6 100644
--- a/org.eclipse.om2m.core/src/main/java/org/eclipse/om2m/core/controller/Controller.java
+++ b/org.eclipse.om2m.core/src/main/java/org/eclipse/om2m/core/controller/Controller.java
@@ -187,6 +187,8 @@ public abstract class Controller {
 						operationAllowed = true; 
 					} else if (operation.equals(Operation.DISCOVERY) && rule.isDiscovery()){
 						operationAllowed = true;
+					}else if(operation.equals(Operation.NOTIFY) && rule.isNotify()){
+						operationAllowed = true;
 					}
 				}
 				if (originatorFound && operationAllowed){
diff --git a/org.eclipse.om2m.core/src/main/java/org/eclipse/om2m/core/redirector/Redirector.java b/org.eclipse.om2m.core/src/main/java/org/eclipse/om2m/core/redirector/Redirector.java
index 74324aaf..ee9601d3 100644
--- a/org.eclipse.om2m.core/src/main/java/org/eclipse/om2m/core/redirector/Redirector.java
+++ b/org.eclipse.om2m.core/src/main/java/org/eclipse/om2m/core/redirector/Redirector.java
@@ -149,6 +149,9 @@ public class Redirector {
 			dbt.close();

 			throw new ResourceNotFoundException("AE resource " + request.getTargetId() + " not found.");

 		}

+

+		new AEController().checkACP(ae.getAccessControlPolicies(), request.getFrom(), Operation.NOTIFY);

+

 		// Get point of access

 		if(ae.getPointOfAccess().isEmpty() || !(ae.isRequestReachable())){

 			response.setResponseStatusCode(ResponseStatusCode.TARGET_NOT_REACHABLE);