security: Correct behavior of PibImpl::setDefaultIdentity
The high level logic of Pib class ensures that an identity exists (i.e.,
creates when missing). With this correction, specific realizations
of the low-level logic (PibSqlite and PibMemory) simply throw an error
if the caller attempts to set a non-existing identity as default.
Change-Id: I9d07ca8db4817b7938c04b05341444f1150948f8
Refs: #4136
diff --git a/ndn-cxx/security/pib/impl/pib-memory.cpp b/ndn-cxx/security/pib/impl/pib-memory.cpp
index c509851..0e10861 100644
--- a/ndn-cxx/security/pib/impl/pib-memory.cpp
+++ b/ndn-cxx/security/pib/impl/pib-memory.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2019 Regents of the University of California.
+ * Copyright (c) 2013-2020 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -106,7 +106,9 @@
void
PibMemory::setDefaultIdentity(const Name& identityName)
{
- addIdentity(identityName);
+ if (!hasIdentity(identityName)) {
+ NDN_THROW(Pib::Error("Cannot set non-existing identity `" + identityName.toUri() + "` as default"));
+ }
m_defaultIdentity = identityName;
m_hasDefaultIdentity = true;
}
diff --git a/ndn-cxx/security/pib/impl/pib-sqlite3.cpp b/ndn-cxx/security/pib/impl/pib-sqlite3.cpp
index 0246b9a..a05fa16 100644
--- a/ndn-cxx/security/pib/impl/pib-sqlite3.cpp
+++ b/ndn-cxx/security/pib/impl/pib-sqlite3.cpp
@@ -327,6 +327,9 @@
void
PibSqlite3::setDefaultIdentity(const Name& identityName)
{
+ if (!hasIdentity(identityName)) {
+ NDN_THROW(Pib::Error("Cannot set non-existing identity `" + identityName.toUri() + "` as default"));
+ }
Sqlite3Statement statement(m_database, "UPDATE identities SET is_default=1 WHERE identity=?");
statement.bind(1, identityName.wireEncode(), SQLITE_TRANSIENT);
statement.step();
diff --git a/ndn-cxx/security/pib/pib-impl.hpp b/ndn-cxx/security/pib/pib-impl.hpp
index 3b29ce5..b70d271 100644
--- a/ndn-cxx/security/pib/pib-impl.hpp
+++ b/ndn-cxx/security/pib/pib-impl.hpp
@@ -118,9 +118,9 @@
/**
* @brief Set an identity with name @p identityName as the default identity.
*
- * If @p identityName identity does not exist, it will be created.
- *
* @param identityName The name for the default identity.
+ * @throw Error If @p identityName identity does not exist.
+ *
*/
virtual void
setDefaultIdentity(const Name& identityName) = 0;
diff --git a/tests/unit/security/pib/pib-impl.t.cpp b/tests/unit/security/pib/pib-impl.t.cpp
index 24d2b86..e16f658 100644
--- a/tests/unit/security/pib/pib-impl.t.cpp
+++ b/tests/unit/security/pib/pib-impl.t.cpp
@@ -129,6 +129,9 @@
this->pib.addIdentity(this->id2);
BOOST_CHECK_EQUAL(this->pib.getDefaultIdentity(), this->id2);
+ // try to set non-existing identity as a default
+ BOOST_CHECK_THROW(this->pib.setDefaultIdentity("/non-existing-identity"), Pib::Error);
+
// get all identities, should contain id1 and id2
std::set<Name> idNames = this->pib.getIdentities();
BOOST_CHECK_EQUAL(idNames.size(), 2);