From fce09ac3807b11839bfe2ac3545ac0fb11f80767 Mon Sep 17 00:00:00 2001 From: mtirum011 Date: Tue, 13 Jan 2026 14:08:42 +0000 Subject: [PATCH] RDKEMW-12168 Port the getAccountID Script functionality to RFC Module --- rfcMgr/rfc_common.cpp | 7 ++- rfcMgr/rfc_common.h | 1 + rfcMgr/rfc_xconf_handler.cpp | 32 +++++++---- run_l2.sh | 9 +-- .../features/rfc_invalid_accountid.feature | 55 +++++++++++++++++++ .../tests/test_rfc_invalid_accountid.py | 44 +++++++++++++++ 6 files changed, 130 insertions(+), 18 deletions(-) create mode 100644 test/functional-tests/features/rfc_invalid_accountid.feature create mode 100644 test/functional-tests/tests/test_rfc_invalid_accountid.py diff --git a/rfcMgr/rfc_common.cpp b/rfcMgr/rfc_common.cpp index ae171058..996158fd 100644 --- a/rfcMgr/rfc_common.cpp +++ b/rfcMgr/rfc_common.cpp @@ -256,9 +256,14 @@ int executeCommandAndGetOutput(SYSCMD eSysCmd, const char *pArgs, std::string& } bool CheckSpecialCharacters(const std::string& str) { + + if (str.length() >= ACCOUNT_ID_MAX_LEN) { + return true; // invalid: length limit exceeded + } + for (char c : str) { - if(!std::isalnum(c)) + if(!std::isalnum(c) && c != '_' && c != '-') { return true; // Return true if a non-alphanumeric character is found } diff --git a/rfcMgr/rfc_common.h b/rfcMgr/rfc_common.h index 06f8c721..caab19d9 100644 --- a/rfcMgr/rfc_common.h +++ b/rfcMgr/rfc_common.h @@ -62,6 +62,7 @@ #define SECURE_RFC_PATH "/opt/secure/RFC" #define DEFAULT_DL_ALLOC 1024 +#define ACCOUNT_ID_MAX_LEN 32 typedef enum { eRdkSsaCli, diff --git a/rfcMgr/rfc_xconf_handler.cpp b/rfcMgr/rfc_xconf_handler.cpp index d70fb8cb..d9db46b5 100644 --- a/rfcMgr/rfc_xconf_handler.cpp +++ b/rfcMgr/rfc_xconf_handler.cpp @@ -823,21 +823,31 @@ void RuntimeFeatureControlProcessor::GetAccountID() } else { - i = strnlen(tempbuf, szBufSize); - RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "GetAccountID: AccountID = %s\n", tempbuf); - _accountId = tempbuf; -#ifdef RDKB_SUPPORT - if (access("/tmp/RFC/.timeValue", F_OK) != 0) + if (CheckSpecialCharacters(tempbuf)) { - // Time file doesn't exist, set AccountID to Unknown + RDK_LOG(RDK_LOG_ERROR, LOG_RFCMGR, "[%s][%d] Invalid characters in newly received accountId: %s\n", __FUNCTION__, __LINE__, tempbuf); _accountId = "Unknown"; - RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "GetAccountID: /tmp/RFC/.timeValue file not found, setting AccountID to Unknown\n"); } - saveAccountIdToFile(_accountId, RFC_ACCOUNT_ID_KEY_STR, "string"); -#endif - if((_accountId.empty()) || (_last_firmware.compare( _firmware_version) != 0)) + else { - _accountId="Unknown"; + i = strnlen(tempbuf, szBufSize); + RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "GetAccountID: AccountID = %s\n", tempbuf); + _accountId = tempbuf; +#ifdef RDKB_SUPPORT + if (access("/tmp/RFC/.timeValue", F_OK) != 0) + { + // Time file doesn't exist, set AccountID to Unknown + _accountId = "Unknown"; + RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "GetAccountID: /tmp/RFC/.timeValue file not found, setting AccountID to Unknown\n"); + } + + saveAccountIdToFile(_accountId, RFC_ACCOUNT_ID_KEY_STR, "string"); +#endif + + if((_accountId.empty()) || (_last_firmware.compare( _firmware_version) != 0)) + { + _accountId = "Unknown"; + } } } diff --git a/run_l2.sh b/run_l2.sh index d2d24633..5e12f20b 100644 --- a/run_l2.sh +++ b/run_l2.sh @@ -52,11 +52,9 @@ pytest --json-report --json-report-summary --json-report-file $RESULT_DIR/rfc_xc pytest --json-report --json-report-summary --json-report-file $RESULT_DIR/rfc_valid_accountid.json test/functional-tests/tests/test_rfc_valid_accountid.py -pytest --json-report --json-report-summary --json-report-file $RESULT_DIR/rfc_trigger_reboot_unknown_accountid.json test/functional-tests/tests/test_rfc_trigger_reboot.py - -cat /opt/logs/rfcscript.txt.1 +pytest --json-report --json-report-summary --json-report-file $RESULT_DIR/rfc_factory_reset.json test/functional-tests/tests/test_rfc_factory_reset.py -cat /opt/logs/rfcscript.txt.0 +pytest --json-report --json-report-summary --json-report-file $RESULT_DIR/rfc_trigger_reboot_unknown_accountid.json test/functional-tests/tests/test_rfc_trigger_reboot.py pytest --json-report --json-report-summary --json-report-file $RESULT_DIR/rfc_feature_enable.json test/functional-tests/tests/test_rfc_feature_enable.py @@ -65,8 +63,7 @@ pytest --json-report --json-report-summary --json-report-file $RESULT_DIR/rfc_co echo "ENABLE_MAINTENANCE=true" >> /etc/device.properties pytest --json-report --json-report-summary --json-report-file $RESULT_DIR/rfc_xconf_reboot.json test/functional-tests/tests/test_rfc_xconf_reboot.py - +pytest --json-report --json-report-summary --json-report-file $RESULT_DIR/rfc_invalid_accountid.json test/functional-tests/tests/test_rfc_invalid_accountid.py pytest --json-report --json-report-summary --json-report-file $RESULT_DIR/rfc_override_rfc_prop.json test/functional-tests/tests/test_rfc_override_rfc_prop.py pytest --json-report --json-report-summary --json-report-file $RESULT_DIR/rfc_rfc_webpa.json test/functional-tests/tests/test_rfc_webpa.py - diff --git a/test/functional-tests/features/rfc_invalid_accountid.feature b/test/functional-tests/features/rfc_invalid_accountid.feature new file mode 100644 index 00000000..f219f0d7 --- /dev/null +++ b/test/functional-tests/features/rfc_invalid_accountid.feature @@ -0,0 +1,55 @@ +#################################################################################### +# If not stated otherwise in this file or this component's Licenses file the +# following copyright and licenses apply: +# +# Copyright 2024 RDK Management +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +#################################################################################### + +Feature: Invalid Account ID Validation + As a system administrator + I want to ensure that invalid account IDs are properly rejected + So that the system maintains data integrity and security + + Background: + Given the RFC system is initialized + And the telemetry system is running + + Scenario: Set invalid account ID with special characters + Given I have an account ID with invalid characters "306045!@#06186635988" + When I set the account ID using TR181 parameter "Device.DeviceInfo.X_RDKCENTRAL-COM_RFC.Feature.AccountInfo.AccountID" + Then the set operation should succeed + And the invalid characters should be logged + + Scenario: XCONF request validates invalid account ID + Given the TR181 INI file does not exist + And the RFC old firmware file is backed up + When the RFC binary is executed + Then the TR181 INI file should be created + And the RFC log file should contain "Invalid characters in newly received accountId" + + Scenario Outline: Validate various invalid account ID formats + Given I have an account ID "" + When I attempt to set it via TR181 + Then the system should log "Invalid characters in newly received accountId" + And the operation should be handled appropriately + + Examples: + | account_id | + | 306045!@#06186635988 | + | test@#$%account | + | 123<>456 | + | acc&*()id | + | id;DROP TABLE; | + diff --git a/test/functional-tests/tests/test_rfc_invalid_accountid.py b/test/functional-tests/tests/test_rfc_invalid_accountid.py new file mode 100644 index 00000000..9d8ad4ac --- /dev/null +++ b/test/functional-tests/tests/test_rfc_invalid_accountid.py @@ -0,0 +1,44 @@ +#################################################################################### +# If not stated otherwise in this file or this component's Licenses file the +# following copyright and licenses apply: +# +# Copyright 2024 RDK Management +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +#################################################################################### + +import os +from rfc_test_helper import * + + +def test_set_invalid_accountid_value(): + command_to_check = "tr181 -d -s -t string -v 306045!@#06186635988 Device.DeviceInfo.X_RDKCENTRAL-COM_RFC.Feature.AccountInfo.AccountID" + result = run_shell_command(command_to_check) + assert "Set operation success" in result, '"Set operation success" not found in the output' + +def test_xconf_request_response(): + """ + Test the communication between RFC Manager and XCONF. + + This function checks the creation of the TR181 INI file, + verifies the firmware version update, and checks the key-value pair in the TR181 INI file. + """ + try: + rfc_run_binary() + invalid_accid_msg_status = "Invalid characters in newly received accountId" + + assert grep_log_file(RFC_LOG_FILE, invalid_accid_msg_status), f"Expected '{invalid_accid_msg_status}' in log file." + except Exception as e: + print(f"Exception during Validate the XConf request and response: {e}") + assert False, f"Exception during Validate the XConf request and response: {e}" +