MSA-1325: test

Merge pull request #897 from rohandesai/PENG-158
PENG-158 UBI should not allow undefined commands
2026-03-10 05:11:51 +00:00 · 2016-06-01 23:25:15 -05:00 · 2016-06-01 15:22:45 -07:00 · 2016-06-01 12:18:54 -07:00 · 2016-05-19 11:59:13 -07:00
2 changed files with 125 additions and 19 deletions
--- a/smartapps/-/-.src/-.groovy
+++ b/smartapps/-/-.src/-.groovy
@@ -0,0 +1,50 @@
+/**
+ *  이혜진
+ *
+ *  Copyright 2016 Leehyejin
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ *  in compliance with the License. You may obtain a copy of the License at:
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software distributed under the License is distributed
+ *  on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License
+ *  for the specific language governing permissions and limitations under the License.
+ *
+ */
+definition(
+    name: "이혜진",
+    namespace: "이혜진",
+    author: "Leehyejin",
+    description: "test",
+    category: "",
+    iconUrl: "https://s3.amazonaws.com/smartapp-icons/Convenience/Cat-Convenience.png",
+    iconX2Url: "https://s3.amazonaws.com/smartapp-icons/Convenience/Cat-Convenience@2x.png",
+    iconX3Url: "https://s3.amazonaws.com/smartapp-icons/Convenience/Cat-Convenience@2x.png")
+
+
+preferences {
+	section("Title") {
+		// TODO: put inputs here
+	}
+}
+
+def installed() {
+	log.debug "Installed with settings: ${settings}"
+
+	initialize()
+}
+
+def updated() {
+	log.debug "Updated with settings: ${settings}"
+
+	unsubscribe()
+	initialize()
+}
+
+def initialize() {
+	// TODO: subscribe to attributes, devices, locations, etc.
+}
+
+// TODO: implement event handlers
--- a/smartapps/smartthings/ubi.src/ubi.groovy
+++ b/smartapps/smartthings/ubi.src/ubi.groovy
@@ -107,8 +107,8 @@ mappings {
 	path("/locks") {
 		action: [
 			GET: "listLocks",
-			PUT: "updateLock",
-			POST: "updateLock"
+			PUT: "updateLocks",
+			POST: "updateLocks"
 		]
 	}
 	path("/locks/:id") {
@@ -442,31 +442,87 @@ def executePhrase() {
 }

 private void updateAll(devices) {
+	def type = params.param1
 	def command = request.JSON?.command
-	if (command)
-	{
-		command = command.toLowerCase()
-		devices."$command"()
+	if (!devices) {
+		httpError(404, "Devices not found")
+	}
+	if (command){
+		devices.each { device ->
+			executeCommand(device, type, command)
+		}
 	}
 }

 private void update(devices) {
 	log.debug "update, request: ${request.JSON}, params: ${params}, devices: $devices.id"
-	//def command = request.JSON?.command
-	def command = params.command
-	if (command)
-	{
-		command = command.toLowerCase()
-		def device = devices.find { it.id == params.id }
-		if (!device)
-		{
+	def type = params.param1
+	def command = request.JSON?.command
+	def device = devices?.find { it.id == params.id }
+
+	if (!device) {
 			httpError(404, "Device not found")
-		}
-		else
-		{
-			device."$command"()
-		}
 	}
+
+	if (command) {
+		executeCommand(device, type, command)
+	}
+}
+
+/**
+ * Validating the command passed by the user based on capability.
+ * @return boolean
+ */
+def validateCommand(device, deviceType, command) {
+	def capabilityCommands = getDeviceCapabilityCommands(device.capabilities)
+	def currentDeviceCapability = getCapabilityName(deviceType)
+	if (capabilityCommands[currentDeviceCapability]) {
+		return command in capabilityCommands[currentDeviceCapability] ? true : false
+	} else {
+		// Handling other device types here, which don't accept commands
+		httpError(400, "Bad request.")
+	}
+}
+
+/**
+ * Need to get the attribute name to do the lookup. Only
+ * doing it for the device types which accept commands
+ * @return attribute name of the device type
+ */
+def getCapabilityName(type) {
+    switch(type) {
+		case "switches":
+			return "Switch"
+		case "locks":
+			return "Lock"
+		default:
+			return type
+	}
+}
+
+/**
+ * Constructing the map over here of
+ * supported commands by device capability
+ * @return a map of device capability -> supported commands
+ */
+def getDeviceCapabilityCommands(deviceCapabilities) {
+	def map = [:]
+	deviceCapabilities.collect {
+		map[it.name] = it.commands.collect{ it.name.toString() }
+	}
+	return map
+}
+
+/**
+ * Validates and executes the command
+ * on the device or devices
+ */
+def executeCommand(device, type, command) {
+	if (validateCommand(device, type, command)) {
+		device."$command"()
+	} else {
+		httpError(403, "Access denied. This command is not supported by current capability.")
+	}	
 }

 private show(devices, type) {
Author	SHA1	Message	Date
Leehyejin	ab9dfa93ad	MSA-1325: test	2016-06-01 23:25:15 -05:00
rohandesai	031a15ec86	Merge pull request #897 from rohandesai/PENG-158 PENG-158 UBI should not allow undefined commands	2016-06-01 15:22:45 -07:00
Vinay Rao	fc2db2575d	Merge pull request #949 from SmartThingsCommunity/staging Rolling down hotfix to master	2016-06-01 12:18:54 -07:00
Rohan Desai	32f0385e30	PENG-158 UBI should not allow undefined commands - now validating commands per capability of the device in the smartapp removed commented out code	2016-05-19 11:59:13 -07:00