RDKEMW-12168 Port the getAccountID Script functionality to RFC Module

rfcMgr/rfc_common.cpp

@@ -256,9 +256,14 @@ int executeCommandAndGetOutput(SYSCMD eSysCmd,  const char *pArgs, std::string&
 }
 
 bool CheckSpecialCharacters(const std::string& str) {
+
+    if (str.length() >= ACCOUNT_ID_MAX_LEN) {
+        return true;  // invalid: length limit exceeded
+    }
+
     for (char c : str)
     {
-        if(!std::isalnum(c))
+        if(!std::isalnum(c) && c != '_' && c != '-')
         {
             return true; // Return true if a non-alphanumeric character is found
         }

rfcMgr/rfc_common.h

@@ -62,6 +62,7 @@
 #define SECURE_RFC_PATH "/opt/secure/RFC"
 
 #define DEFAULT_DL_ALLOC    1024
+#define ACCOUNT_ID_MAX_LEN  32
 
 typedef enum {
     eRdkSsaCli,

rfcMgr/rfc_xconf_handler.cpp

@@ -823,21 +823,31 @@ void RuntimeFeatureControlProcessor::GetAccountID()
     } 
     else 
     {
-        i = strnlen(tempbuf, szBufSize);
-        RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "GetAccountID: AccountID = %s\n", tempbuf);
-        _accountId = tempbuf;
-#ifdef RDKB_SUPPORT	
-        if (access("/tmp/RFC/.timeValue", F_OK) != 0)
+        if (CheckSpecialCharacters(tempbuf))
         {
-            // Time file doesn't exist, set AccountID to Unknown
+            RDK_LOG(RDK_LOG_ERROR, LOG_RFCMGR, "[%s][%d] Invalid characters in newly received accountId: %s\n", __FUNCTION__, __LINE__, tempbuf);
             _accountId = "Unknown";
-            RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "GetAccountID: /tmp/RFC/.timeValue file not found, setting AccountID to Unknown\n");
         }
-        saveAccountIdToFile(_accountId, RFC_ACCOUNT_ID_KEY_STR, "string");
-#endif	
-        if((_accountId.empty()) || (_last_firmware.compare( _firmware_version) != 0))
+        else
         {
-            _accountId="Unknown";
+            i = strnlen(tempbuf, szBufSize);
+            RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "GetAccountID: AccountID = %s\n", tempbuf);
+            _accountId = tempbuf;
+#ifdef RDKB_SUPPORT
+            if (access("/tmp/RFC/.timeValue", F_OK) != 0)
+            {
+                // Time file doesn't exist, set AccountID to Unknown
+                _accountId = "Unknown";
+                RDK_LOG(RDK_LOG_INFO, LOG_RFCMGR, "GetAccountID: /tmp/RFC/.timeValue file not found, setting AccountID to Unknown\n");
+            }
+
+            saveAccountIdToFile(_accountId, RFC_ACCOUNT_ID_KEY_STR, "string");
+#endif
+
+            if((_accountId.empty()) || (_last_firmware.compare( _firmware_version) != 0))
+            {
+                _accountId = "Unknown";
+            }
         }
     }
 

run_l2.sh

@@ -63,8 +63,7 @@ pytest --json-report --json-report-summary --json-report-file $RESULT_DIR/rfc_co
 echo "ENABLE_MAINTENANCE=true" >> /etc/device.properties
 
 pytest --json-report --json-report-summary --json-report-file $RESULT_DIR/rfc_xconf_reboot.json test/functional-tests/tests/test_rfc_xconf_reboot.py
-
+pytest --json-report --json-report-summary --json-report-file $RESULT_DIR/rfc_invalid_accountid.json test/functional-tests/tests/test_rfc_invalid_accountid.py
 pytest --json-report --json-report-summary --json-report-file $RESULT_DIR/rfc_override_rfc_prop.json test/functional-tests/tests/test_rfc_override_rfc_prop.py
 
 pytest --json-report --json-report-summary --json-report-file $RESULT_DIR/rfc_rfc_webpa.json test/functional-tests/tests/test_rfc_webpa.py
-

test/functional-tests/features/rfc_invalid_accountid.feature

@@ -0,0 +1,55 @@
+####################################################################################
+# If not stated otherwise in this file or this component's Licenses file the
+# following copyright and licenses apply:
+#
+# Copyright 2024 RDK Management
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+####################################################################################
+
+Feature: Invalid Account ID Validation
+  As a system administrator
+  I want to ensure that invalid account IDs are properly rejected
+  So that the system maintains data integrity and security
+
+  Background:
+    Given the RFC system is initialized
+    And the telemetry system is running
+
+  Scenario: Set invalid account ID with special characters
+    Given I have an account ID with invalid characters "306045!@#06186635988"
+    When I set the account ID using TR181 parameter "Device.DeviceInfo.X_RDKCENTRAL-COM_RFC.Feature.AccountInfo.AccountID"
+    Then the set operation should succeed
+    And the invalid characters should be logged
+
+  Scenario: XCONF request validates invalid account ID
+    Given the TR181 INI file does not exist
+    And the RFC old firmware file is backed up
+    When the RFC binary is executed
+    Then the TR181 INI file should be created
+    And the RFC log file should contain "Invalid characters in newly received accountId"
+
+  Scenario Outline: Validate various invalid account ID formats
+    Given I have an account ID "<account_id>"
+    When I attempt to set it via TR181
+    Then the system should log "Invalid characters in newly received accountId"
+    And the operation should be handled appropriately
+
+    Examples:
+      | account_id            |
+      | 306045!@#06186635988 |
+      | test@#$%account      |
+      | 123<>456             |
+      | acc&*()id            |
+      | id;DROP TABLE;       |
+

test/functional-tests/tests/test_rfc_invalid_accountid.py

@@ -0,0 +1,44 @@
+####################################################################################
+# If not stated otherwise in this file or this component's Licenses file the
+# following copyright and licenses apply:
+#
+# Copyright 2024 RDK Management
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+####################################################################################
+
+import os
+from rfc_test_helper import *
+
+
+def test_set_invalid_accountid_value():
+    command_to_check = "tr181 -d -s -t string -v 306045!@#06186635988 Device.DeviceInfo.X_RDKCENTRAL-COM_RFC.Feature.AccountInfo.AccountID"
+    result = run_shell_command(command_to_check)
+    assert "Set operation success" in result, '"Set operation success" not found in the output'
+
+def test_xconf_request_response():
+    """
+    Test the communication between RFC Manager and XCONF.
+
+    This function checks the creation of the TR181 INI file,
+    verifies the firmware version update, and checks the key-value pair in the TR181 INI file.
+    """
+    try:
+        rfc_run_binary()
+        invalid_accid_msg_status = "Invalid characters in newly received accountId"
+
+        assert grep_log_file(RFC_LOG_FILE, invalid_accid_msg_status), f"Expected '{invalid_accid_msg_status}' in log file."
+    except Exception as e:
+        print(f"Exception during Validate the XConf request and response: {e}")
+        assert False, f"Exception during Validate the XConf request and response: {e}"
+