open62541pp 0.15.0
C++ wrapper of open62541
Loading...
Searching...
No Matches
opcua::AccessControlDefault Class Reference

#include <accesscontrol_default.hpp>

Inheritance diagram for opcua::AccessControlDefault:
[legend]

Detailed Description

Default access control.

This class implements the same logic as UA_AccessControl_default(). The log-in can be anonymous or username-password. A logged-in user has all access rights.

Warning
Use less permissive access control in production!
Examples
server_accesscontrol.cpp.

Definition at line 24 of file accesscontrol_default.hpp.

Public Member Functions

 AccessControlDefault (bool allowAnonymous=true, std::vector< Login > logins={})
 
Span< UserTokenPolicygetUserTokenPolicies () override
 
StatusCode activateSession (Session &session, const EndpointDescription &endpointDescription, const ByteString &secureChannelRemoteCertificate, const ExtensionObject &userIdentityToken) override
 
void closeSession (Session &session) override
 
Bitmask< WriteMaskgetUserRightsMask (Session &session, const NodeId &nodeId) override
 
Bitmask< AccessLevelgetUserAccessLevel (Session &session, const NodeId &nodeId) override
 
bool getUserExecutable (Session &session, const NodeId &methodId) override
 
bool getUserExecutableOnObject (Session &session, const NodeId &methodId, const NodeId &objectId) override
 
bool allowAddNode (Session &session, const AddNodesItem &item) override
 
bool allowAddReference (Session &session, const AddReferencesItem &item) override
 
bool allowDeleteNode (Session &session, const DeleteNodesItem &item) override
 
bool allowDeleteReference (Session &session, const DeleteReferencesItem &item) override
 
bool allowBrowseNode (Session &session, const NodeId &nodeId) override
 
bool allowTransferSubscription (Session &oldSession, Session &newSession) override
 
bool allowHistoryUpdate (Session &session, const NodeId &nodeId, PerformUpdateType performInsertReplace, const DataValue &value) override
 
bool allowHistoryDelete (Session &session, const NodeId &nodeId, DateTime startTimestamp, DateTime endTimestamp, bool isDeleteModified) override
 
- Public Member Functions inherited from opcua::AccessControlBase
UA_AccessControl create () override
 
void clear (UA_AccessControl &ac) noexcept override
 
- Public Member Functions inherited from opcua::PluginAdapter< UA_AccessControl >
 PluginAdapter ()=default
 
 PluginAdapter (const PluginAdapter &)=default
 
 PluginAdapter (PluginAdapter &&) noexcept=default
 
virtual ~PluginAdapter ()=default
 
PluginAdapteroperator= (const PluginAdapter &)=default
 
PluginAdapteroperator= (PluginAdapter &&) noexcept=default
 
virtual void clear (UA_AccessControl *&plugin) noexcept
 

Additional Inherited Members

- Public Types inherited from opcua::PluginAdapter< UA_AccessControl >
using PluginType
 

Constructor & Destructor Documentation

◆ AccessControlDefault()

opcua::AccessControlDefault::AccessControlDefault ( bool allowAnonymous = true,
std::vector< Login > logins = {} )
explicit

Member Function Documentation

◆ getUserTokenPolicies()

Span< UserTokenPolicy > opcua::AccessControlDefault::getUserTokenPolicies ( )
overridevirtual

Get available user token policies.

If the securityPolicyUri is empty, the highest available security policy will be used to transfer user tokens.

Note
The returned span must be valid throughout the lifetime of the instance.

Implements opcua::AccessControlBase.

◆ activateSession()

StatusCode opcua::AccessControlDefault::activateSession ( Session & session,
const EndpointDescription & endpointDescription,
const ByteString & secureChannelRemoteCertificate,
const ExtensionObject & userIdentityToken )
overridevirtual

Authenticate a session.

The new session is rejected if a status code other than UA_STATUSCODE_GOOD is returned.

Implements opcua::AccessControlBase.

◆ closeSession()

void opcua::AccessControlDefault::closeSession ( Session & session)
overridevirtual

Deauthenticate a session and cleanup session context.

Implements opcua::AccessControlBase.

◆ getUserRightsMask()

Bitmask< WriteMask > opcua::AccessControlDefault::getUserRightsMask ( Session & session,
const NodeId & nodeId )
overridevirtual

Access control for all nodes.

Implements opcua::AccessControlBase.

◆ getUserAccessLevel()

Bitmask< AccessLevel > opcua::AccessControlDefault::getUserAccessLevel ( Session & session,
const NodeId & nodeId )
overridevirtual

Additional access control for variable nodes.

Implements opcua::AccessControlBase.

◆ getUserExecutable()

bool opcua::AccessControlDefault::getUserExecutable ( Session & session,
const NodeId & methodId )
overridevirtual

Additional access control for method nodes.

Implements opcua::AccessControlBase.

◆ getUserExecutableOnObject()

bool opcua::AccessControlDefault::getUserExecutableOnObject ( Session & session,
const NodeId & methodId,
const NodeId & objectId )
overridevirtual

Additional access control for calling a method node in the context of a specific object.

Implements opcua::AccessControlBase.

◆ allowAddNode()

bool opcua::AccessControlDefault::allowAddNode ( Session & session,
const AddNodesItem & item )
overridevirtual

Allow adding a node.

Implements opcua::AccessControlBase.

◆ allowAddReference()

bool opcua::AccessControlDefault::allowAddReference ( Session & session,
const AddReferencesItem & item )
overridevirtual

Allow adding a reference.

Implements opcua::AccessControlBase.

◆ allowDeleteNode()

bool opcua::AccessControlDefault::allowDeleteNode ( Session & session,
const DeleteNodesItem & item )
overridevirtual

Allow deleting a node.

Implements opcua::AccessControlBase.

◆ allowDeleteReference()

bool opcua::AccessControlDefault::allowDeleteReference ( Session & session,
const DeleteReferencesItem & item )
overridevirtual

Allow deleting a reference.

Implements opcua::AccessControlBase.

◆ allowBrowseNode()

bool opcua::AccessControlDefault::allowBrowseNode ( Session & session,
const NodeId & nodeId )
overridevirtual

Allow browsing a node.

Implements opcua::AccessControlBase.

◆ allowTransferSubscription()

bool opcua::AccessControlDefault::allowTransferSubscription ( Session & oldSession,
Session & newSession )
overridevirtual

Allow transfer of a subscription to another session.

Implements opcua::AccessControlBase.

◆ allowHistoryUpdate()

bool opcua::AccessControlDefault::allowHistoryUpdate ( Session & session,
const NodeId & nodeId,
PerformUpdateType performInsertReplace,
const DataValue & value )
overridevirtual

Allow insert, replace, update of historical data.

Implements opcua::AccessControlBase.

◆ allowHistoryDelete()

bool opcua::AccessControlDefault::allowHistoryDelete ( Session & session,
const NodeId & nodeId,
DateTime startTimestamp,
DateTime endTimestamp,
bool isDeleteModified )
overridevirtual

Allow delete of historical data.

Implements opcua::AccessControlBase.