open62541pp 0.18.0
C++ wrapper of open62541
Loading...
Searching...
No Matches
Public Member Functions | List of all members
opcua::AccessControlDefault Class Reference

#include <accesscontrol_default.hpp>

Inheritance diagram for opcua::AccessControlDefault:
[legend]

Detailed Description

Default access control.

This class implements the same logic as UA_AccessControl_default(). The log-in can be anonymous or username-password. A logged-in user has all access rights.

Warning
Use less permissive access control in production!
Examples
server_accesscontrol.cpp.

Definition at line 24 of file accesscontrol_default.hpp.

Public Member Functions

 AccessControlDefault (bool allowAnonymous=true, std::vector< Login > logins={})
 
Span< UserTokenPolicygetUserTokenPolicies () override
 
StatusCode activateSession (Session &session, const EndpointDescription &endpointDescription, const ByteString &secureChannelRemoteCertificate, const ExtensionObject &userIdentityToken) override
 
void closeSession (Session &session) override
 
Bitmask< WriteMaskgetUserRightsMask (Session &session, const NodeId &nodeId) override
 
Bitmask< AccessLevelgetUserAccessLevel (Session &session, const NodeId &nodeId) override
 
bool getUserExecutable (Session &session, const NodeId &methodId) override
 
bool getUserExecutableOnObject (Session &session, const NodeId &methodId, const NodeId &objectId) override
 
bool allowAddNode (Session &session, const AddNodesItem &item) override
 
bool allowAddReference (Session &session, const AddReferencesItem &item) override
 
bool allowDeleteNode (Session &session, const DeleteNodesItem &item) override
 
bool allowDeleteReference (Session &session, const DeleteReferencesItem &item) override
 
bool allowBrowseNode (Session &session, const NodeId &nodeId) override
 
bool allowTransferSubscription (Session &oldSession, Session &newSession) override
 
bool allowHistoryUpdate (Session &session, const NodeId &nodeId, PerformUpdateType performInsertReplace, const DataValue &value) override
 
bool allowHistoryDelete (Session &session, const NodeId &nodeId, DateTime startTimestamp, DateTime endTimestamp, bool isDeleteModified) override
 
- Public Member Functions inherited from opcua::AccessControlBase
UA_AccessControl create (bool ownsAdapter) override
 
- Public Member Functions inherited from opcua::PluginAdapter< UA_AccessControl >
 PluginAdapter ()=default
 
 PluginAdapter (const PluginAdapter &)=default
 
 PluginAdapter (PluginAdapter &&) noexcept=default
 
virtual ~PluginAdapter ()=default
 
PluginAdapteroperator= (const PluginAdapter &)=default
 
PluginAdapteroperator= (PluginAdapter &&) noexcept=default
 

Additional Inherited Members

- Public Types inherited from opcua::PluginAdapter< UA_AccessControl >
using PluginType = UA_AccessControl
 

Constructor & Destructor Documentation

◆ AccessControlDefault()

opcua::AccessControlDefault::AccessControlDefault ( bool  allowAnonymous = true,
std::vector< Login logins = {} 
)
explicit

Member Function Documentation

◆ getUserTokenPolicies()

Span< UserTokenPolicy > opcua::AccessControlDefault::getUserTokenPolicies ( )
overridevirtual

Get available user token policies.

If the securityPolicyUri is empty, the highest available security policy will be used to transfer user tokens.

Note
The returned span must be valid throughout the lifetime of the instance.

Implements opcua::AccessControlBase.

◆ activateSession()

StatusCode opcua::AccessControlDefault::activateSession ( Session session,
const EndpointDescription endpointDescription,
const ByteString secureChannelRemoteCertificate,
const ExtensionObject userIdentityToken 
)
overridevirtual

Authenticate a session.

The new session is rejected if a status code other than UA_STATUSCODE_GOOD is returned.

Implements opcua::AccessControlBase.

◆ closeSession()

void opcua::AccessControlDefault::closeSession ( Session session)
overridevirtual

Deauthenticate a session and cleanup session context.

Implements opcua::AccessControlBase.

◆ getUserRightsMask()

Bitmask< WriteMask > opcua::AccessControlDefault::getUserRightsMask ( Session session,
const NodeId nodeId 
)
overridevirtual

Access control for all nodes.

Implements opcua::AccessControlBase.

◆ getUserAccessLevel()

Bitmask< AccessLevel > opcua::AccessControlDefault::getUserAccessLevel ( Session session,
const NodeId nodeId 
)
overridevirtual

Additional access control for variable nodes.

Implements opcua::AccessControlBase.

◆ getUserExecutable()

bool opcua::AccessControlDefault::getUserExecutable ( Session session,
const NodeId methodId 
)
overridevirtual

Additional access control for method nodes.

Implements opcua::AccessControlBase.

◆ getUserExecutableOnObject()

bool opcua::AccessControlDefault::getUserExecutableOnObject ( Session session,
const NodeId methodId,
const NodeId objectId 
)
overridevirtual

Additional access control for calling a method node in the context of a specific object.

Implements opcua::AccessControlBase.

◆ allowAddNode()

bool opcua::AccessControlDefault::allowAddNode ( Session session,
const AddNodesItem item 
)
overridevirtual

Allow adding a node.

Implements opcua::AccessControlBase.

◆ allowAddReference()

bool opcua::AccessControlDefault::allowAddReference ( Session session,
const AddReferencesItem item 
)
overridevirtual

Allow adding a reference.

Implements opcua::AccessControlBase.

◆ allowDeleteNode()

bool opcua::AccessControlDefault::allowDeleteNode ( Session session,
const DeleteNodesItem item 
)
overridevirtual

Allow deleting a node.

Implements opcua::AccessControlBase.

◆ allowDeleteReference()

bool opcua::AccessControlDefault::allowDeleteReference ( Session session,
const DeleteReferencesItem item 
)
overridevirtual

Allow deleting a reference.

Implements opcua::AccessControlBase.

◆ allowBrowseNode()

bool opcua::AccessControlDefault::allowBrowseNode ( Session session,
const NodeId nodeId 
)
overridevirtual

Allow browsing a node.

Implements opcua::AccessControlBase.

◆ allowTransferSubscription()

bool opcua::AccessControlDefault::allowTransferSubscription ( Session oldSession,
Session newSession 
)
overridevirtual

Allow transfer of a subscription to another session.

Implements opcua::AccessControlBase.

◆ allowHistoryUpdate()

bool opcua::AccessControlDefault::allowHistoryUpdate ( Session session,
const NodeId nodeId,
PerformUpdateType  performInsertReplace,
const DataValue value 
)
overridevirtual

Allow insert, replace, update of historical data.

Implements opcua::AccessControlBase.

◆ allowHistoryDelete()

bool opcua::AccessControlDefault::allowHistoryDelete ( Session session,
const NodeId nodeId,
DateTime  startTimestamp,
DateTime  endTimestamp,
bool  isDeleteModified 
)
overridevirtual

Allow delete of historical data.

Implements opcua::AccessControlBase.