Class AccessControlManager

Implements Access Control Logic as per Matter Specification

See

MatterSpecification.v12.Core § 6.6.5.2.

Index

Constructors

Methods

allowsPrivilege getGrantedPrivileges updateAccessControlList

Constructors

constructor

new AccessControlManager(aclList?, extensionEntryAccessCheck?): AccessControlManager
Parameters
- aclList: AccessControl.AccessControlEntry[] = []
- OptionalextensionEntryAccessCheck: ((aclList: AclList, aclEntry: AclEntry, subjectDesc: IncomingSubjectDescriptor, endpoint: EndpointInterface, clusterId: ClusterId) => boolean)
  - - (aclList, aclEntry, subjectDesc, endpoint, clusterId): boolean
    - Parameters
      aclList: AclList
      aclEntry: AclEntry
      subjectDesc: IncomingSubjectDescriptor
      endpoint: EndpointInterface
      clusterId: ClusterId
      Returns boolean
Returns AccessControlManager
- Defined in packages/protocol/src/interaction/AccessControlManager.ts:62

Methods

allowsPrivilege

allowsPrivilege(session, endpoint, clusterId, privilege): boolean
Check if the given ACL entry is allowed to be used for the given subject descriptor, endpoint, and cluster ID.
Parameters
- session: SecureSession
- endpoint: EndpointInterface
- clusterId: ClusterId
- privilege: AccessLevel
Returns boolean
- Defined in packages/protocol/src/interaction/AccessControlManager.ts:141

getGrantedPrivileges

getGrantedPrivileges(session, endpoint, clusterId): AccessLevel[]
Determines the granted privileges for the given session, endpoint, and cluster ID and returns them.
Parameters
- session: SecureSession
- endpoint: EndpointInterface
- clusterId: ClusterId
Returns AccessLevel[]
- Defined in packages/protocol/src/interaction/AccessControlManager.ts:169

updateAccessControlList

updateAccessControlList(aclList?): void
Public method used to update the Access Control List on changes.
Parameters
- aclList: AccessControl.AccessControlEntry[] = []
Returns void
- Defined in packages/protocol/src/interaction/AccessControlManager.ts:81