search

OPCFoundation / UA-ModelCompiler

ModelCompiler converts XML files into C# and ANSI C
MIT License
151 stars 94 forks source link

Need help setting RolePermissions #126

Closed xendri closed 1 year ago

xendri commented 1 year ago

Hi,

I am currently trying to set RolePermissions for objects. But none of the examples describe more than the DefaultRolePermissions for the NamespaceMetaData object

As a minimal example I tried setting a RolePermission for an instantiated object in the DemoModel under Tests/DemoModel/DemoModel.xml on Tag 2.3.0. I modified the object definition with SymbolicName signal to the following:

  <opc:Object SymbolicName="Signal" TypeDefinition="ua:BaseObjectType">
    <opc:Children>
      <opc:Property SymbolicName="Red" DataType="ua:String" ModellingRule="Mandatory" />
      <opc:Property SymbolicName="Yellow" DataType="ua:UInt32" ModellingRule="Mandatory" />
      <opc:Property SymbolicName="Green" DataType="ua:Guid" ModellingRule="Mandatory" />
    </opc:Children>
    <opc:References>
      <opc:Reference IsInverse="true">
        <opc:ReferenceType>ua:Organizes</opc:ReferenceType>
        <opc:TargetId>ua:ObjectsFolder</opc:TargetId>
      </opc:Reference>
      <opc:Reference IsInverse="true">
        <opc:ReferenceType>ua:Organizes</opc:ReferenceType>
        <opc:TargetId>ua:Server_VendorServerInfo</opc:TargetId>
      </opc:Reference>
      <opc:Reference IsInverse="true">
        <opc:ReferenceType>ua:HasNotifier</opc:ReferenceType>
        <opc:TargetId>TrafficView</opc:TargetId>
      </opc:Reference>
    </opc:References>
    <opc:RolePermissions>
      <opc:RolePermission Role="ua:Anonymous">
        <opc:Permission>AllRead</opc:Permission>
      </opc:RolePermission>
      <opc:RolePermission Role="ua:AuthenticatedUser">
        <opc:Permission>All</opc:Permission>
      </opc:RolePermission>
    </opc:RolePermissions>
  </opc:Object>

If I read the UA Model Design.xsd file correctly, that should set the permissions for the default roles of Anonymous and AuthenticatedUser. I build the model with compiler packaged in the docker container, specifically ghcr.io/opcfoundation/ua-modelcompiler:latest, which is tagged with 2.3.0. In the generated NodeSet.xml and NodeSet2.xml all mentions of RolePermissions seem empty.

Am I missing something? Are the roles missing, and the permissions therefore pruned? Do I need to specify the roles first? Any ideas to set RolePermissions for my objects would be greatly appreciated.

Thanks!

opcfoundation-org commented 1 year ago

Complete support for RolePermissions is in beta in the member-only repo. There are some discussions on the correct way to do it so the beta will change before it is released.

xendri commented 1 year ago

Thanks for the info, we will ask via our member contact then.