src/darwin/Framework/CHIP/ServerEndpoint/MTRAccessGrant.h - third_party/github/project-chip/connectedhomeip - Git at Google

 /**
  *    Copyright (c) 2024 Project CHIP Authors
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
  *    you may not use this file except in compliance with the License.
  *    You may obtain a copy of the License at
  *
  *        http://www.apache.org/licenses/LICENSE-2.0
  *
  *    Unless required by applicable law or agreed to in writing, software
  *    distributed under the License is distributed on an "AS IS" BASIS,
  *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  *    See the License for the specific language governing permissions and
  *    limitations under the License.
  */

 #import <Foundation/Foundation.h>
 #import <Matter/MTRBaseClusters.h>
 #import <Matter/MTRDefines.h>

 NS_ASSUME_NONNULL_BEGIN

 /**
  * An access grant, which can be represented as an entry in the Matter Access
  * Control cluster.
  */
 NS_SWIFT_SENDABLE
 MTR_NEWLY_AVAILABLE
 @interface MTRAccessGrant : NSObject <NSCopying>

 - (instancetype)init NS_UNAVAILABLE;
 + (instancetype)new NS_UNAVAILABLE;

 /**
  * Grant access at the provided level to a specific node on the fabric.  The
  * provided nodeID must be an operational node identifier.
  */
 + (nullable MTRAccessGrant *)accessGrantForNodeID:(NSNumber *)nodeID privilege:(MTRAccessControlEntryPrivilege)privilege;

 /**
  * Grant access to any node on the fabric that has a matching CASE Authenticated
  * Tag in its operational certificate.  The provided caseAuthenticatedTag must
  * be a 32-bit unsigned integer with lower 16 bits not 0, per the Matter
  * specification.
  */
 + (nullable MTRAccessGrant *)accessGrantForCASEAuthenticatedTag:(NSNumber *)caseAuthenticatedTag privilege:(MTRAccessControlEntryPrivilege)privilege;

 /**
  * Grant access to any node on the fabric that is communicating with us via
  * group messages sent to the given group.  The provided groupID must be a valid
  * group identifier in the range 1-65535.
  */
 + (nullable MTRAccessGrant *)accessGrantForGroupID:(NSNumber *)groupID privilege:(MTRAccessControlEntryPrivilege)privilege;

 /**
  * Grant access to any node on the fabric, as long as it's communicating with us
  * over a unicast authenticated channel.
  */
 + (MTRAccessGrant *)accessGrantForAllNodesWithPrivilege:(MTRAccessControlEntryPrivilege)privilege;

 /**
  * The matter access control subject ID that access has been granted for.  Nil
  * when access has been granted for all subjects (e.g. via initForAllNodesWithPrivilege).
  */
 @property (nonatomic, copy, readonly, nullable) NSNumber * subjectID;

 /**
  * The privilege that has been granted
  */
 @property (nonatomic, assign, readonly) MTRAccessControlEntryPrivilege grantedPrivilege;

 /**
  * The type of authentication mode the access grant is
  * for. MTRAccessControlEntryAuthModeCASE for unicast messages and
  * MTRAccessControlEntryAuthModeGroup for groupcast ones.
  */
 @property (nonatomic, assign, readonly) MTRAccessControlEntryAuthMode authenticationMode;

 @end

 NS_ASSUME_NONNULL_END
	/**
	* Copyright (c) 2024 Project CHIP Authors
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	#import <Foundation/Foundation.h>
	#import <Matter/MTRBaseClusters.h>
	#import <Matter/MTRDefines.h>

	NS_ASSUME_NONNULL_BEGIN

	/**
	* An access grant, which can be represented as an entry in the Matter Access
	* Control cluster.
	*/
	NS_SWIFT_SENDABLE
	MTR_NEWLY_AVAILABLE
	@interface MTRAccessGrant : NSObject <NSCopying>

	- (instancetype)init NS_UNAVAILABLE;
	+ (instancetype)new NS_UNAVAILABLE;

	/**
	* Grant access at the provided level to a specific node on the fabric. The
	* provided nodeID must be an operational node identifier.
	*/
	+ (nullable MTRAccessGrant )accessGrantForNodeID:(NSNumber )nodeID privilege:(MTRAccessControlEntryPrivilege)privilege;

	/**
	* Grant access to any node on the fabric that has a matching CASE Authenticated
	* Tag in its operational certificate. The provided caseAuthenticatedTag must
	* be a 32-bit unsigned integer with lower 16 bits not 0, per the Matter
	* specification.
	*/
	+ (nullable MTRAccessGrant )accessGrantForCASEAuthenticatedTag:(NSNumber )caseAuthenticatedTag privilege:(MTRAccessControlEntryPrivilege)privilege;

	/**
	* Grant access to any node on the fabric that is communicating with us via
	* group messages sent to the given group. The provided groupID must be a valid
	* group identifier in the range 1-65535.
	*/
	+ (nullable MTRAccessGrant )accessGrantForGroupID:(NSNumber )groupID privilege:(MTRAccessControlEntryPrivilege)privilege;

	/**
	* Grant access to any node on the fabric, as long as it's communicating with us
	* over a unicast authenticated channel.
	*/
	+ (MTRAccessGrant *)accessGrantForAllNodesWithPrivilege:(MTRAccessControlEntryPrivilege)privilege;

	/**
	* The matter access control subject ID that access has been granted for. Nil
	* when access has been granted for all subjects (e.g. via initForAllNodesWithPrivilege).
	*/
	@property (nonatomic, copy, readonly, nullable) NSNumber * subjectID;

	/**
	* The privilege that has been granted
	*/
	@property (nonatomic, assign, readonly) MTRAccessControlEntryPrivilege grantedPrivilege;

	/**
	* The type of authentication mode the access grant is
	* for. MTRAccessControlEntryAuthModeCASE for unicast messages and
	* MTRAccessControlEntryAuthModeGroup for groupcast ones.
	*/
	@property (nonatomic, assign, readonly) MTRAccessControlEntryAuthMode authenticationMode;

	@end

	NS_ASSUME_NONNULL_END