obuspa: Updated max CT role

- Updated role json to include role name and instance number - Removed full_access.json - Reuse full_access Role from core code
2025-12-10 07:44:50 +01:00 · 2025-02-24 20:49:41 +05:30 · 2025-02-24 20:49:41 +05:30 · c1a8c1aa86
commit c1a8c1aa86
parent 08fb82fae4
5 changed files with 36 additions and 23 deletions
--- a/obuspa/Makefile
+++ b/obuspa/Makefile
@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=obuspa
-PKG_VERSION:=9.0.4.8
+PKG_VERSION:=9.0.4.9

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/obuspa.git
-PKG_SOURCE_VERSION:=e6dd22754d3a4fee1c804f8f17fe57b3f38a2c1f
+PKG_SOURCE_VERSION:=79e066a3997b46ea3bcc48c4589c5a4c4cb05630
 PKG_MAINTAINER:=Vivek Dutta <vivek.dutta@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
--- a/obuspa/files/etc/obuspa/usp_utils.sh
+++ b/obuspa/files/etc/obuspa/usp_utils.sh
@ -157,7 +157,6 @@ configure_roles()

 	if [ "${rname}" = "full_access" ]; then
 		rinst=1
-		rname="Full Access"
 	elif [ "${rname}" = "Untrusted" ]; then
 		rinst=2
 	else
@ -176,19 +175,32 @@ configure_roles_dir()
 {
 	local rinst rname

-	if [ "$#" -ne 2 ]; then
+	if [ "$#" -ne 1 ]; then
 	    echo "Illegal number of parameters"
 	    exit 1
 	fi

-	rname="${1}"
-	rinst="${2}"
+	if [ "${1}" = "full_access" ]; then
+		rinst=1
+		rname="full_access"
+	elif [ "${1}" = "Untrusted" ]; then
+		rinst=2
+		rname="Untrusted"
+	else
+		json_get_var rname name
+		json_get_var rinst instance
+
+		if [ -z "${rname}" ] || [ -z "${rinst}" ]; then
+			echo "Deprecated role format ignoring ${1}.json ..."
+			return 0
+		fi
+	fi

 	db_add Device.LocalAgent.ControllerTrust.Role.${rinst}.Alias cpe-${rinst}
 	db_add Device.LocalAgent.ControllerTrust.Role.${rinst}.Enable 1
 	db_add Device.LocalAgent.ControllerTrust.Role.${rinst}.Name ${rname}

-	json_for_each_item configure_permission permission "${name}" ${rinst}
+	json_for_each_item configure_permission permission "${name}" "$((rinst))"
 	json_select ..
 }

@ -207,16 +219,14 @@ configure_ctrust_role()
 		json_load_file "${1}"
 		json_for_each_item configure_roles roles
 	else
-		num=3
 		for f in $(ls -1 ${FW_DEFAULT_ROLE_DIR}); do
 			echo "Loading $f ....."
 			json_init
 			json_load_file "${FW_DEFAULT_ROLE_DIR}/${f}"
 			json_select tr181
-			configure_roles_dir "${f/.json/}" "${num}"
-			num=$((num + 1))
+			configure_roles_dir "${f/.json/}"
 		done
 	fi
 }

-# configure_ctrust_role "${@}"
+configure_ctrust_role "${@}"
--- a/obuspa/files/etc/users/roles/extender.json
+++ b/obuspa/files/etc/users/roles/extender.json
@ -1,5 +1,7 @@
 {
  "tr181": {
+    "name": "extender",
+    "instance": 3,
    "permission": [
      {
        "object": "Device.",
--- a/obuspa/files/etc/users/roles/full_access.json
+++ b/obuspa/files/etc/users/roles/full_access.json
@ -1,12 +0,0 @@
-{
-  "tr181": {
-    "permission": [
-      {
-        "object": "Device.",
-        "perm": [
-          "PERMIT_ALL"
-        ]
-      }
-    ]
-  }
-}
--- a/obuspa/patches/1003-ct-full-access-rename.patch
+++ b/obuspa/patches/1003-ct-full-access-rename.patch
@ -0,0 +1,13 @@
+diff --git a/src/core/data_model.c b/src/core/data_model.c
+index 360c5e2..136de0d 100644
+--- a/src/core/data_model.c
+++ b/src/core/data_model.c
+@@ -5180,7 +5180,7 @@ int RegisterDefaultControllerTrust(void)
+     int err = USP_ERR_OK;
+ 
+     // Register 'Full Access' role
+-    err |= USP_DM_RegisterRoleName(ROLE_FULL_ACCESS, "Full Access");
+    err |= USP_DM_RegisterRoleName(ROLE_FULL_ACCESS, "full_access");
+     err |= USP_DM_AddControllerTrustPermission(ROLE_FULL_ACCESS, dm_root, PERMIT_ALL);
+ 
+     // Register 'Untrusted' role