From 9420276c4fca0884eb2f201facf85d50e22c2526 Mon Sep 17 00:00:00 2001
From: Marc Lepage <67919234+mlepage-google@users.noreply.github.com>
Date: Fri, 10 Dec 2021 12:11:32 -0500
Subject: [PATCH] Hook up args to access control check calls (#12893)

- Hook up wildcard/group expansion flag in IM read attribute
- Hook up subject descriptor in IM read/write attribute
---
 src/app/util/ember-compatibility-functions.cpp | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/src/app/util/ember-compatibility-functions.cpp b/src/app/util/ember-compatibility-functions.cpp
index b178c78f081596..40f8aab8c6a27a 100644
--- a/src/app/util/ember-compatibility-functions.cpp
+++ b/src/app/util/ember-compatibility-functions.cpp
@@ -393,16 +393,14 @@ CHIP_ERROR ReadSingleClusterData(const SubjectDescriptor & aSubjectDescriptor, c
     }
 
     {
-        Access::SubjectDescriptor subjectDescriptor; // TODO: get actual subject descriptor
         Access::RequestPath requestPath{ .cluster = aPath.mClusterId, .endpoint = aPath.mEndpointId };
         Access::Privilege requestPrivilege = Access::Privilege::kView; // TODO: get actual request privilege
-        bool pathWasExpanded               = false;                    // TODO: get actual expanded flag
-        CHIP_ERROR err                     = Access::GetAccessControl().Check(subjectDescriptor, requestPath, requestPrivilege);
+        CHIP_ERROR err                     = Access::GetAccessControl().Check(aSubjectDescriptor, requestPath, requestPrivilege);
         err                                = CHIP_NO_ERROR; // TODO: remove override
         if (err != CHIP_NO_ERROR)
         {
             ReturnErrorCodeIf(err != CHIP_ERROR_ACCESS_DENIED, err);
-            if (pathWasExpanded)
+            if (aPath.mExpanded)
             {
                 return CHIP_NO_ERROR;
             }
@@ -845,10 +843,9 @@ CHIP_ERROR WriteSingleClusterData(const SubjectDescriptor & aSubjectDescriptor,
     }
 
     {
-        Access::SubjectDescriptor subjectDescriptor; // TODO: get actual subject descriptor
         Access::RequestPath requestPath{ .cluster = aPath.mClusterId, .endpoint = aPath.mEndpointId };
         Access::Privilege requestPrivilege = Access::Privilege::kOperate; // TODO: get actual request privilege
-        CHIP_ERROR err                     = Access::GetAccessControl().Check(subjectDescriptor, requestPath, requestPrivilege);
+        CHIP_ERROR err                     = Access::GetAccessControl().Check(aSubjectDescriptor, requestPath, requestPrivilege);
         err                                = CHIP_NO_ERROR; // TODO: remove override
         if (err != CHIP_NO_ERROR)
         {