ACL: Targets in ACL entries are NULLable

rs-matter/src/acl.rs

@@ -22,7 +22,7 @@ use crate::{
     error::{Error, ErrorCode},
     fabric,
     interaction_model::messages::GenericPath,
-    tlv::{self, FromTLV, TLVElement, TLVList, TLVWriter, TagType, ToTLV},
+    tlv::{self, FromTLV, Nullable, TLVElement, TLVList, TLVWriter, TagType, ToTLV},
     transport::session::{Session, SessionMode, MAX_CAT_IDS_PER_NOC},
     utils::writebuf::WriteBuf,
 };
@@ -282,7 +282,15 @@ impl Target {
 }
 
 type Subjects = [Option<u64>; SUBJECTS_PER_ENTRY];
-type Targets = [Option<Target>; TARGETS_PER_ENTRY];
+
+type Targets = Nullable<[Option<Target>; TARGETS_PER_ENTRY]>;
+impl Targets {
+    fn init_notnull() -> Self {
+        const INIT_TARGETS: Option<Target> = None;
+        Nullable::NotNull([INIT_TARGETS; TARGETS_PER_ENTRY])
+    }
+}
+
 #[derive(ToTLV, FromTLV, Clone, Debug, PartialEq)]
 #[tlvargs(start = 1)]
 pub struct AclEntry {
@@ -298,14 +306,12 @@ pub struct AclEntry {
 impl AclEntry {
     pub fn new(fab_idx: u8, privilege: Privilege, auth_mode: AuthMode) -> Self {
         const INIT_SUBJECTS: Option<u64> = None;
-        const INIT_TARGETS: Option<Target> = None;
-
         Self {
             fab_idx: Some(fab_idx),
             privilege,
             auth_mode,
             subjects: [INIT_SUBJECTS; SUBJECTS_PER_ENTRY],
-            targets: [INIT_TARGETS; TARGETS_PER_ENTRY],
+            targets: Targets::init_notnull(),
         }
     }
 
@@ -324,12 +330,20 @@ impl AclEntry {
     }
 
     pub fn add_target(&mut self, target: Target) -> Result<(), Error> {
+        if self.targets.is_null() {
+            self.targets = Targets::init_notnull();
+        }
         let index = self
             .targets
+            .as_ref()
+            .notnull()
+            .unwrap()
             .iter()
             .position(|s| s.is_none())
             .ok_or(ErrorCode::NoSpace)?;
-        self.targets[index] = Some(target);
+
+        self.targets.as_mut().notnull().unwrap()[index] = Some(target);
+
         Ok(())
     }
 
@@ -358,12 +372,17 @@ impl AclEntry {
     fn match_access_desc(&self, object: &AccessDesc) -> bool {
         let mut allow = false;
         let mut entries_exist = false;
-        for t in self.targets.iter().flatten() {
+        match self.targets.as_ref().notnull() {
-            entries_exist = true;
+            None => allow = true, // Allow if targets are NULL
-            if (t.endpoint.is_none() || t.endpoint == object.path.endpoint)
+            Some(targets) => {
-                && (t.cluster.is_none() || t.cluster == object.path.cluster)
+                for t in targets.iter().flatten() {
-            {
+                    entries_exist = true;
-                allow = true
+                    if (t.endpoint.is_none() || t.endpoint == object.path.endpoint)
+                        && (t.cluster.is_none() || t.cluster == object.path.cluster)
+                    {
+                        allow = true
+                    }
+                }
             }
         }
         if !entries_exist {

rs-matter/src/tlv/traits.rs

@@ -265,6 +265,20 @@ pub enum Nullable<T> {
 }
 
 impl<T> Nullable<T> {
+    pub fn as_mut(&mut self) -> Nullable<&mut T> {
+        match self {
+            Nullable::Null => Nullable::Null,
+            Nullable::NotNull(t) => Nullable::NotNull(t),
+        }
+    }
+
+    pub fn as_ref(&self) -> Nullable<&T> {
+        match self {
+            Nullable::Null => Nullable::Null,
+            Nullable::NotNull(t) => Nullable::NotNull(t),
+        }
+    }
+
     pub fn is_null(&self) -> bool {
         match self {
             Nullable::Null => true,
@@ -272,7 +286,7 @@ impl<T> Nullable<T> {
         }
     }
 
-    pub fn unwrap_notnull(self) -> Option<T> {
+    pub fn notnull(self) -> Option<T> {
         match self {
             Nullable::Null => None,
             Nullable::NotNull(t) => Some(t),