ACL: object creation from LwM2M server

[fdur]

• Document: OMA-TS-LightweightM2M-V1_0_2-20171116-D:
• Section of the document, 7.3.1.2.2:

when a LwM2M Server creates under authorization an Object Instance (see section 7.3.2 Authorization) in the LwM2M Client, an Access Control Object Instance MUST be created in the LwM2M Client with the Resources values which MUST be set as given in the table just below

From my understanding, when a LwM2M creates an object instance on client side (like CREATE /9), an object instance needs to be created by the client itself in object 2 for this created object instance. Data in the object instance to be created in object 2:

• Object ID: object ID of the created object instance
• Object instance ID: object instance ID of the created object instance
• ACL owner: server ID of the server which sends the CREATE command
• ACL rights: only one resource instance: resource instance Id = server ID of the server which sends the CREATE command ACL rights: all ? 0x1F

Is it correct ?

[ThGarnier]

Hi Frederic, globally yes, even simpler ! In fact : hypothesis Server 1 is autorized (by the BS) to create instance of Object (e.g. 9) , when Server 1 (Short ID 200) send a CREATE /9, then an AC Object Instance (e.g ID 2) is allocated in/by the Client with ID 0 :9, ID 1:2, ID 3:200 (Server 1 as Access Control Owner on /9/2 has full access right granted for that /9/2 - so no mandatory ACL ID:2 needed for that Server 1 (7.3.2.1 1.A) - Server 1 is then able to manage ACL - to grant access right or the default ones- to the other Servers on /9/2 ) . Clearer ?

[fdur]

Thanks Thierry, this is clearer :) 👍