@@ -353,6 +353,33 @@ def desc_TC_ACE_2_2(self):
353353 async def test_TC_ACE_2_2 (self ):
354354 await self .run_access_test (AccessTestType .WRITE )
355355
356+ def steps_TC_ACE_2_3 (self ):
357+ steps = [TestStep ("precondition" , "DUT is commissioned" , is_commissioning = True ),
358+ TestStep (1 , "TH_commissioner performs a wildcard read" ),
359+ TestStep (2 , "TH_commissioner reads the ACL attribute" ),
360+ TestStep (3 , "Repeat steps 3a and 3b for each permission level" )]
361+ enum = Clusters .AccessControl .Enums .AccessControlEntryPrivilegeEnum
362+ privilege_enum = [p for p in enum if p != enum .kUnknownEnumValue ]
363+ for p in privilege_enum :
364+ steps .append (TestStep (step_number_with_privilege (3 , 'a' , p ),
365+ "TH_commissioner gives TH_second_commissioner the specified privilege" ))
366+ steps .append (TestStep (step_number_with_privilege (3 , 'b' , p ),
367+ """For each standard command on each standard cluster on each endpoint,
368+ TH_second_controller checks the permission requirements for that command.
369+ If the permission required for the command is HIGHER than the permission level being tested,
370+ TH_second_controller sends the command to the DUT using default values.
371+ Regardless of the command contents, the DUT should return an access error since access must be checked
372+ before the command is processed. Receipt of an UNSUPPORTED_COMMAND error is a conformance failure.""" ,
373+ "DUT returns UNSUPPORTED_ACCESS error" ))
374+ return steps
375+
376+ def desc_TC_ACE_2_3 (self ):
377+ return "[TC-ACE-2.3] Command Privilege Enforcement - [DUT as Server]"
378+
379+ @async_test_body
380+ async def test_TC_ACE_2_3 (self ):
381+ await self .run_access_test (AccessTestType .INVOKE )
382+
356383
357384if __name__ == "__main__" :
358385 default_matter_test_main ()
0 commit comments