High level convenience accessors for rolepermissions of nodes. More...

Functions
SERVER_EXPORT const struct ua_nodepermission *	ua_node_rp_get (ua_node_t node, uint16_t num_perms, bool is_ns_default)
	Get the nodepermissions of a node. More...

SERVER_EXPORT int	ua_node_rp_set (ua_node_t node, const struct ua_nodepermission *perms, uint16_t num_perms)
	Sets the permissions of a node. More...

SERVER_EXPORT int	ua_node_rp_set_ns_default (ua_node_t node)
	Set a node to use the namespace default permissions. More...

SERVER_EXPORT int	ua_node_rp_add (ua_node_t node, int role_id, uint32_t permissions)
	Add the permissions for a single role to a node. More...

SERVER_EXPORT int	ua_node_rp_set_from_rolepermissiontype (ua_node_t node, const struct ua_rolepermissiontype *rps, uint16_t num_rps)
	Sets the permissions of a node directly from an array of ua_rolepermissiontype. More...

static ua_statuscode	ua_node_allow_browse (ua_node_t node, const struct ua_user_ctx *user)
	Checks whether the `user` is allowed to BROWSE for the `node`. More...

static ua_statuscode	ua_node_allow_readrolepermissions (ua_node_t node, const struct ua_user_ctx *user)
	Checks whether the `user` is allowed to READROLEPERMISSIONS for the `node`. More...

static ua_statuscode	ua_node_allow_writeattribute (ua_node_t node, const struct ua_user_ctx *user)
	Checks whether the `user` is allowed to WRITEATTRIBUTE for the `node`. More...

static ua_statuscode	ua_node_allow_writerolepermissions (ua_node_t node, const struct ua_user_ctx *user)
	Checks whether the `user` is allowed to WRITEROLEPERMISSIONS for the `node`. More...

static ua_statuscode	ua_node_allow_writehistorizing (ua_node_t node, const struct ua_user_ctx *user)
	Checks whether the `user` is allowed to WRITEHISTORIZING for the `node`. More...

static ua_statuscode	ua_node_allow_read (ua_node_t node, const struct ua_user_ctx *user)
	Checks whether the `user` is allowed to READ for the `node`. More...

static ua_statuscode	ua_node_allow_write (ua_node_t node, const struct ua_user_ctx *user)
	Checks whether the `user` is allowed to WRITE for the `node`. More...

static ua_statuscode	ua_node_allow_readhistory (ua_node_t node, const struct ua_user_ctx *user)
	Checks whether the `user` is allowed to READHISTORY for the `node`. More...

static ua_statuscode	ua_node_allow_inserthistory (ua_node_t node, const struct ua_user_ctx *user)
	Checks whether the `user` is allowed to INSERTHISTORY for the `node`. More...

static ua_statuscode	ua_node_allow_modifyhistory (ua_node_t node, const struct ua_user_ctx *user)
	Checks whether the `user` is allowed to MODIFYHISTORY for the `node`. More...

static ua_statuscode	ua_node_allow_deletehistory (ua_node_t node, const struct ua_user_ctx *user)
	Checks whether the `user` is allowed to DELETEHISTORY for the `node`. More...

static ua_statuscode	ua_node_allow_receiveevents (ua_node_t node, const struct ua_user_ctx *user)
	Checks whether the `user` is allowed to RECEIVEEVENTS for the `node`. More...

static ua_statuscode	ua_node_allow_call (ua_node_t node, const struct ua_user_ctx *user)
	Checks whether the `user` is allowed to CALL for the `node`. More...

static ua_statuscode	ua_node_allow_addreference (ua_node_t node, const struct ua_user_ctx *user)
	Checks whether the `user` is allowed to ADDREFERENCE for the `node`. More...

static ua_statuscode	ua_node_allow_removereference (ua_node_t node, const struct ua_user_ctx *user)
	Checks whether the `user` is allowed to REMOVEREFERENCE for the `node`. More...

static ua_statuscode	ua_node_allow_deletenode (ua_node_t node, const struct ua_user_ctx *user)
	Checks whether the `user` is allowed to DELETENODE for the `node`. More...

static ua_statuscode	ua_node_allow_addnode (ua_node_t node, const struct ua_user_ctx *user)
	The AddNode permission is "only used in the DefaultRolePermissions and DefaultUserRolePermissions Properties of a NamespaceMetadata Object", so this permission should never be set at a node and thus this function always returns UA_SCBADUSERACCESSDENIED.

Detailed Description

High level convenience accessors for rolepermissions of nodes.

Function Documentation

◆ ua_node_allow_addreference()

static ua_statuscode ua_node_allow_addreference	(	ua_node_t	node,
		const struct ua_user_ctx *	user
	)

inlinestatic

Checks whether the user is allowed to ADDREFERENCE for the node.

◆ ua_node_allow_browse()

static ua_statuscode ua_node_allow_browse	(	ua_node_t	node,
		const struct ua_user_ctx *	user
	)

inlinestatic

Checks whether the user is allowed to BROWSE for the node.

◆ ua_node_allow_call()

static ua_statuscode ua_node_allow_call	(	ua_node_t	node,
		const struct ua_user_ctx *	user
	)

inlinestatic

Checks whether the user is allowed to CALL for the node.

◆ ua_node_allow_deletehistory()

static ua_statuscode ua_node_allow_deletehistory	(	ua_node_t	node,
		const struct ua_user_ctx *	user
	)

inlinestatic

Checks whether the user is allowed to DELETEHISTORY for the node.

◆ ua_node_allow_deletenode()

static ua_statuscode ua_node_allow_deletenode	(	ua_node_t	node,
		const struct ua_user_ctx *	user
	)

inlinestatic

Checks whether the user is allowed to DELETENODE for the node.

◆ ua_node_allow_inserthistory()

static ua_statuscode ua_node_allow_inserthistory	(	ua_node_t	node,
		const struct ua_user_ctx *	user
	)

inlinestatic

Checks whether the user is allowed to INSERTHISTORY for the node.

◆ ua_node_allow_modifyhistory()

static ua_statuscode ua_node_allow_modifyhistory	(	ua_node_t	node,
		const struct ua_user_ctx *	user
	)

inlinestatic

Checks whether the user is allowed to MODIFYHISTORY for the node.

◆ ua_node_allow_read()

static ua_statuscode ua_node_allow_read	(	ua_node_t	node,
		const struct ua_user_ctx *	user
	)

inlinestatic

Checks whether the user is allowed to READ for the node.

◆ ua_node_allow_readhistory()

static ua_statuscode ua_node_allow_readhistory	(	ua_node_t	node,
		const struct ua_user_ctx *	user
	)

inlinestatic

Checks whether the user is allowed to READHISTORY for the node.

◆ ua_node_allow_readrolepermissions()

static ua_statuscode ua_node_allow_readrolepermissions	(	ua_node_t	node,
		const struct ua_user_ctx *	user
	)

inlinestatic

Checks whether the user is allowed to READROLEPERMISSIONS for the node.

◆ ua_node_allow_receiveevents()

static ua_statuscode ua_node_allow_receiveevents	(	ua_node_t	node,
		const struct ua_user_ctx *	user
	)

inlinestatic

Checks whether the user is allowed to RECEIVEEVENTS for the node.

◆ ua_node_allow_removereference()

static ua_statuscode ua_node_allow_removereference	(	ua_node_t	node,
		const struct ua_user_ctx *	user
	)

inlinestatic

Checks whether the user is allowed to REMOVEREFERENCE for the node.

◆ ua_node_allow_write()

static ua_statuscode ua_node_allow_write	(	ua_node_t	node,
		const struct ua_user_ctx *	user
	)

inlinestatic

Checks whether the user is allowed to WRITE for the node.

◆ ua_node_allow_writeattribute()

static ua_statuscode ua_node_allow_writeattribute	(	ua_node_t	node,
		const struct ua_user_ctx *	user
	)

inlinestatic

Checks whether the user is allowed to WRITEATTRIBUTE for the node.

◆ ua_node_allow_writehistorizing()

static ua_statuscode ua_node_allow_writehistorizing	(	ua_node_t	node,
		const struct ua_user_ctx *	user
	)

inlinestatic

Checks whether the user is allowed to WRITEHISTORIZING for the node.

◆ ua_node_allow_writerolepermissions()

static ua_statuscode ua_node_allow_writerolepermissions	(	ua_node_t	node,
		const struct ua_user_ctx *	user
	)

inlinestatic

Checks whether the user is allowed to WRITEROLEPERMISSIONS for the node.

◆ ua_node_rp_add()

SERVER_EXPORT int ua_node_rp_add	(	ua_node_t	node,
		int	role_id,
		uint32_t	permissions
	)

Add the permissions for a single role to a node.

Existing permissions still apply.

Parameters

node	Node handle to add permissions.
role_id	The internal id of the role.
permissions	ORed permissions from ua_permissiontype

Returns: Zero on success or negative errorcode on error.

◆ ua_node_rp_get()

SERVER_EXPORT const struct ua_nodepermission* ua_node_rp_get	(	ua_node_t	node,
		uint16_t *	num_perms,
		bool *	is_ns_default
	)

Get the nodepermissions of a node.

Depending on what is returned via the num_perms parameter and the return value there are different meanings: returned num_perms !NULL 0 permissions are supported and actually zero permissions on the node !NULL >0 permissions are supported and valid NULL 0 permissions are not supported by the backend NULL not set error when getting the permissions

Permissions may only be valid in the synchronous result, if these are to be stored somewhere else these should be copied.

Parameters

node	Node handle to get the permissions for.
num_perms	Number of permission in the result.
is_ns_default	If true the node uses default permission, which are equal to the returned permissions. May be NULL if the caller does not care.

Returns: Pointer to the array of permissions.

◆ ua_node_rp_set()

SERVER_EXPORT int ua_node_rp_set	(	ua_node_t	node,
		const struct ua_nodepermission *	perms,
		uint16_t	num_perms
	)

Sets the permissions of a node.

Parameters

node	Node handle to set the permissions for.
perms	Array of nodepermissions. This function will make a copy of the array, so the array can be deleted by the caller afterwards.
num_perms	Number of element in the array.

Returns: Zero on success or negative errorcode on failure.

◆ ua_node_rp_set_from_rolepermissiontype()

SERVER_EXPORT int ua_node_rp_set_from_rolepermissiontype	(	ua_node_t	node,
		const struct ua_rolepermissiontype *	rps,
		uint16_t	num_rps
	)

Sets the permissions of a node directly from an array of ua_rolepermissiontype.

const struct ua_rolepermissiontype rp[] = {
{
    UA_NODEID_NUMERIC_INITIALIZER(UA_ID_WELLKNOWNROLE_ANONYMOUS, 0),
    UA_PERMISSIONTYPE_BROWSE
},
{
    UA_NODEID_NUMERIC_INITIALIZER(UA_ID_WELLKNOWNROLE_SECURITYADMIN, 0),
    UA_PERMISSIONTYPE_READ
    | UA_PERMISSIONTYPE_BROWSE
    | UA_PERMISSIONTYPE_READROLEPERMISSIONS
},
};
ret = ua_node_rp_set_from_rolepermissiontype(node, rp, countof(rp));
if (ret != 0) return ret;

Parameters

node	Node handle to set the permissions for.
rps	Array of permissions to set.
num_rps	Number of element in the array.

Returns: Zero on success or negative errorcode on failure.

◆ ua_node_rp_set_ns_default()

SERVER_EXPORT int ua_node_rp_set_ns_default ( ua_node_t node )

Set a node to use the namespace default permissions.

Also frees possible resources associated with previously set individual permissions.

This is also the case if at the source of the node like XML/bin-file no permission for this node are set or for manually created nodes.

Returns: Zero on success or negative errorcode on failure.

Functions

Detailed Description

Function Documentation

◆ ua_node_allow_addreference()

◆ ua_node_allow_browse()

◆ ua_node_allow_call()

◆ ua_node_allow_deletehistory()

◆ ua_node_allow_deletenode()

◆ ua_node_allow_inserthistory()

◆ ua_node_allow_modifyhistory()

◆ ua_node_allow_read()

◆ ua_node_allow_readhistory()

◆ ua_node_allow_readrolepermissions()

◆ ua_node_allow_receiveevents()

◆ ua_node_allow_removereference()

◆ ua_node_allow_write()

◆ ua_node_allow_writeattribute()

◆ ua_node_allow_writehistorizing()

◆ ua_node_allow_writerolepermissions()

◆ ua_node_rp_add()

◆ ua_node_rp_get()

◆ ua_node_rp_set()

◆ ua_node_rp_set_from_rolepermissiontype()

◆ ua_node_rp_set_ns_default()