diff --git a/src/app/clusters/door-lock-server/door-lock-server.cpp b/src/app/clusters/door-lock-server/door-lock-server.cpp index dff524821b9bfd..62f4032a33d3e0 100644 --- a/src/app/clusters/door-lock-server/door-lock-server.cpp +++ b/src/app/clusters/door-lock-server/door-lock-server.cpp @@ -230,7 +230,7 @@ bool DoorLockServer::GetNumberOfHolidaySchedulesSupported(chip::EndpointId endpo bool DoorLockServer::SendLockAlarmEvent(chip::EndpointId endpointId, DlAlarmCode alarmCode) { - Events::DoorLockAlarm::Type event { alarmCode }; + Events::DoorLockAlarm::Type event{ alarmCode }; SendEvent(endpointId, event); return true; @@ -1585,7 +1585,8 @@ bool DoorLockServer::findUserIndexByCredential(chip::EndpointId endpointId, DlCr } bool DoorLockServer::findUserIndexByCredential(chip::EndpointId endpointId, DlCredentialType credentialType, - chip::ByteSpan credentialData, uint16_t & userIndex, uint16_t & credentialIndex) + chip::ByteSpan credentialData, uint16_t & userIndex, uint16_t & credentialIndex, + EmberAfPluginDoorLockUserInfo & userInfo) { uint16_t maxNumberOfUsers = 0; VerifyOrReturnError(GetAttribute(endpointId, Attributes::NumberOfTotalUsersSupported::Id, @@ -1641,6 +1642,7 @@ bool DoorLockServer::findUserIndexByCredential(chip::EndpointId endpointId, DlCr { userIndex = i; credentialIndex = i; + userInfo = user; return true; } } @@ -3144,7 +3146,16 @@ bool DoorLockServer::HandleRemoteLockOperation(chip::app::CommandHandler * comma chip::to_underlying(opType))); // Look up the user index and credential index -- it should be used in the Lock Operation event - findUserIndexByCredential(endpoint, DlCredentialType::kPin, pinCode.Value(), pinUserIdx, pinCredIdx); + EmberAfPluginDoorLockUserInfo user; + findUserIndexByCredential(endpoint, DlCredentialType::kPin, pinCode.Value(), pinUserIdx, pinCredIdx, user); + + // If the user status is OccupiedDisabled we should deny the access and send out the appropriate event + VerifyOrExit(user.userStatus != DlUserStatus::kOccupiedDisabled, { + reason = DlOperationError::kDisabledUserDenied; + emberAfDoorLockClusterPrintln( + "Unable to perform remote lock operation: user is disabled [endpoint=%d, lock_op=%d, userIndex=%d]", endpoint, + to_underlying(opType), pinUserIdx); + }); // [EM]: I don't think we should prevent door lock/unlocking if we couldn't find credential associated with user. I // think if the app thinks that PIN is correct the door should be unlocked. diff --git a/src/app/clusters/door-lock-server/door-lock-server.h b/src/app/clusters/door-lock-server/door-lock-server.h index 05de8bcfd1645a..e86146ece7a8f5 100644 --- a/src/app/clusters/door-lock-server/door-lock-server.h +++ b/src/app/clusters/door-lock-server/door-lock-server.h @@ -196,7 +196,7 @@ class DoorLockServer uint16_t & userIndex); bool findUserIndexByCredential(chip::EndpointId endpointId, DlCredentialType credentialType, chip::ByteSpan credentialData, - uint16_t & userIndex, uint16_t & credentialIndex); + uint16_t & userIndex, uint16_t & credentialIndex, EmberAfPluginDoorLockUserInfo & userInfo); EmberAfStatus createUser(chip::EndpointId endpointId, chip::FabricIndex creatorFabricIdx, chip::NodeId sourceNodeId, uint16_t userIndex, const Nullable & userName, const Nullable & userUniqueId, diff --git a/src/app/tests/suites/DL_LockUnlock.yaml b/src/app/tests/suites/DL_LockUnlock.yaml index c6026c1558465f..526ae34ce35da8 100644 --- a/src/app/tests/suites/DL_LockUnlock.yaml +++ b/src/app/tests/suites/DL_LockUnlock.yaml @@ -146,17 +146,104 @@ tests: response: error: FAILURE - # Clean-up - label: "Set OperatingMode to Normal" command: "writeAttribute" attribute: "OperatingMode" arguments: value: 0 - - label: "Clean the created credential" - command: "ClearCredential" + - label: "Create a disabled user and credential" + command: "SetCredential" timedInteractionTimeoutMs: 10000 arguments: values: + - name: "operationType" + value: 0 - name: "credential" - value: { CredentialType: 1, CredentialIndex: 1 } + value: { CredentialType: 1, CredentialIndex: 2 } + - name: "credentialData" + value: "654321" + - name: "userIndex" + value: null + - name: "userStatus" + value: 3 + - name: "userType" + value: null + response: + values: + - name: "status" + value: 0x00 + - name: "userIndex" + value: 2 + - name: "nextCredentialIndex" + value: 3 + + - label: "Try to unlock the door with disabled user PIN" + command: "UnlockDoor" + timedInteractionTimeoutMs: 10000 + arguments: + values: + - name: "pinCode" + value: "654321" + response: + error: FAILURE + + - label: "Verify that lock state attribute value is set to Locked" + command: "readAttribute" + attribute: "LockState" + response: + value: 1 + + - label: "Unlock the door with enabled user PIN" + command: "UnlockDoor" + timedInteractionTimeoutMs: 10000 + arguments: + values: + - name: "pinCode" + value: "123456" + + - label: "Verify that lock state attribute value is set to Unlocked" + command: "readAttribute" + attribute: "LockState" + response: + value: 2 + + - label: "Try to lock the door with disabled user PIN" + command: "LockDoor" + timedInteractionTimeoutMs: 10000 + arguments: + values: + - name: "pinCode" + value: "654321" + response: + error: FAILURE + + - label: "Verify that lock state attribute value stays Unlocked" + command: "readAttribute" + attribute: "LockState" + response: + value: 2 + + - label: "Lock the door with enabled user PIN" + command: "LockDoor" + timedInteractionTimeoutMs: 10000 + arguments: + values: + - name: "pinCode" + value: "123456" + + - label: "Verify that lock state attribute value is set to Locked" + command: "readAttribute" + attribute: "LockState" + response: + value: 1 + + # Clean-up + + - label: "Clean all the users and credentials" + command: "ClearUser" + timedInteractionTimeoutMs: 10000 + arguments: + values: + - name: "userIndex" + value: 0xFFFE