[BUG] TC-IDM-6.2 step 13 and 14 getting INVALID_ACTION #29203
Comments
For step 13, the request has a single concrete path for an event you don't have ACLs for, correct? Per spec, that should result in INVALID_ACTION. See "8.4.3.2. Incoming Read Request and Subscribe Request Action Processing" which says:
Same thing for step 14. Looks like the test plan (steps 14 and 16, which does not match the step numbering in the YAML, sigh) does not match the spec. Filed https://github.com/CHIP-Specifications/chip-test-plans/issues/3442 to get the test plan fixed, then we need to fix the YAML... |
|
@bzbarsky-apple From the test plan of step 13: "ACL command giving only access for ACL cluster, So except ACL cluster command if try to send any other command will get status as unsupported access." |
|
The test plan is wrong, and it's wrong because it's not doing a command. It's doing a subscribe. For a subscribe, the right thing here per spec is INVALID_ACTION. |
|
@bzbarsky-apple the spec says 'If both AttributeRequests and EventRequests are empty' then return INVALID_ACTION' but the scenario in the test plan is 'EventRequests set to path which requires a privilege that is not granted for the cluster in the path'
|
|
@cjandhyala Please read what I quoted above. Just to re-emphasize:
So if all the paths provided lead to errors, it's an INVALID_ACTION. This is actually a very important security measure to prevent clients with no access to the device from being able to DoS it by taking up subscription slots. |
|
I completely agree here and also summarized that in #34015 |
Reproduction steps
After applying the commit 5deb59b
In Step 13 and 14, I am still getting INVALID_ACTION after ACL command.
Tested with v1.2 TE2 all-cluster-app:
TC-IDM-6.2-step13-14.txt
Bug prevalence
always
GitHub hash of the SDK that was being used
5b4f800
Platform
ameba, other
Platform Version(s)
No response
Anything else?
No response
The text was updated successfully, but these errors were encountered: