Sākums Izpētīt Palīdzība
Pierakstīties
thomas
/
open62541
Vērot 1
Pievienot zvaigznīti 0
Atdalīts 0
Faili Problēmas 0 Izmaiņu pieprasījumi 0 Vikivietne
Koks: e7a732917c
Atzari Tagi
open62541
/
plugins
/
ua_accesscontrol_default.c

ua_accesscontrol_default.c 4.3 KB
Vēsture Neapstrādāts

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118 
  1. /* This Source Code Form is subject to the terms of the Mozilla Public 
    2. 

  2. * License, v. 2.0. If a copy of the MPL was not distributed with this 
    3. 

  3.  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 
    4. 

  4. /* This work is licensed under a Creative Commons CCZero 1.0 Universal License.
    5. 

  5.  * See http://creativecommons.org/publicdomain/zero/1.0/ for more information. */
    6. 

  6. 

  7. #include "ua_accesscontrol_default.h"
    8. 

  8. 

  9. /* We allow login anonymous and with the following username / password. The
    10. 

  10.  * access rights are maximally permissive in this example plugin. */
    11. 

  11. 

  12. #define ANONYMOUS_POLICY "open62541-anonymous-policy"
    13. 

  13. #define USERNAME_POLICY "open62541-username-policy"
    14. 

  14. 

  15. #define UA_STRING_STATIC(s) {sizeof(s)-1, (UA_Byte*)s}
    16. 

  16. const UA_String anonymous_policy = UA_STRING_STATIC(ANONYMOUS_POLICY);
    17. 

  17. const UA_String username_policy = UA_STRING_STATIC(USERNAME_POLICY);
    18. 

  18. 

  19. UA_StatusCode
    20. 

  20. activateSession_default(const UA_NodeId *sessionId, const UA_ExtensionObject *userIdentityToken,
    21. 

  21.                         void **sessionHandle) {
    22. 

  22.     /* Could the token be decoded? */
    23. 

  23.     if(userIdentityToken->encoding < UA_EXTENSIONOBJECT_DECODED)
    24. 

  24.         return UA_STATUSCODE_BADIDENTITYTOKENINVALID;
    25. 

  25. 

  26.     /* anonymous login */
    27. 

  27.     if(enableAnonymousLogin &&
    28. 

  28.        userIdentityToken->content.decoded.type == &UA_TYPES[UA_TYPES_ANONYMOUSIDENTITYTOKEN]) {
    29. 

  29.         const UA_AnonymousIdentityToken *token = (UA_AnonymousIdentityToken *)userIdentityToken->content.decoded.data;
    30. 

  30. 

  31.         /* Compatibility notice: Siemens OPC Scout v10 provides an empty
    32. 

  32.          * policyId. This is not compliant. For compatibility we will assume
    33. 

  33.          * that empty policyId == ANONYMOUS_POLICY */
    34. 

  34.         if(token->policyId.data && !UA_String_equal(&token->policyId, &anonymous_policy))
    35. 

  35.             return UA_STATUSCODE_BADIDENTITYTOKENINVALID;
    36. 

  36. 

  37.         *sessionHandle = NULL;
    38. 

  38.         return UA_STATUSCODE_GOOD;
    39. 

  39.     }
    40. 

  40. 

  41.     /* username and password */
    42. 

  42.     if(enableUsernamePasswordLogin &&
    43. 

  43.        userIdentityToken->content.decoded.type == &UA_TYPES[UA_TYPES_USERNAMEIDENTITYTOKEN]) {
    44. 

  44.         const UA_UserNameIdentityToken *token = (UA_UserNameIdentityToken *)userIdentityToken->content.decoded.data;
    45. 

  45.         if(!UA_String_equal(&token->policyId, &username_policy))
    46. 

  46.             return UA_STATUSCODE_BADIDENTITYTOKENINVALID;
    47. 

  47. 

  48.         /* empty username and password */
    49. 

  49.         if(token->userName.length == 0 && token->password.length == 0)
    50. 

  50.             return UA_STATUSCODE_BADIDENTITYTOKENINVALID;
    51. 

  51. 

  52.         /* trying to match pw/username */
    53. 

  53.         UA_Boolean match = false;
    54. 

  54.         for(size_t i = 0; i < usernamePasswordsSize; i++) {
    55. 

  55.             const UA_String *user = &usernamePasswords[i].username;
    56. 

  56.             const UA_String *pw = &usernamePasswords[i].password;
    57. 

  57.             if(UA_String_equal(&token->userName, user) && UA_String_equal(&token->password, pw)) {
    58. 

  58.                 match = true;
    59. 

  59.                 break;
    60. 

  60.             }
    61. 

  61.         }
    62. 

  62.         if(!match)
    63. 

  63.             return UA_STATUSCODE_BADUSERACCESSDENIED;
    64. 

  64. 

  65.         *sessionHandle = NULL;
    66. 

  66.         return UA_STATUSCODE_GOOD;
    67. 

  67.     }
    68. 

  68. 

  69.     /* Unsupported token type */
    70. 

  70.     return UA_STATUSCODE_BADIDENTITYTOKENINVALID;
    71. 

  71. }
    72. 

  72. 

  73. void
    74. 

  74. closeSession_default(const UA_NodeId *sessionId, void *sessionHandle) {
    75. 

  75.     /* no handle to clean up */
    76. 

  76. }
    77. 

  77. 

  78. UA_UInt32
    79. 

  79. getUserRightsMask_default(const UA_NodeId *sessionId, void *sessionHandle, const UA_NodeId *nodeId) {
    80. 

  80.     return 0xFFFFFFFF;
    81. 

  81. }
    82. 

  82. 

  83. UA_Byte
    84. 

  84. getUserAccessLevel_default(const UA_NodeId *sessionId, void *sessionHandle, const UA_NodeId *nodeId) {
    85. 

  85.     return 0xFF;
    86. 

  86. }
    87. 

  87. 

  88. UA_Boolean
    89. 

  89. getUserExecutable_default(const UA_NodeId *sessionId, void *sessionHandle, const UA_NodeId *nodeId) {
    90. 

  90.     return true;
    91. 

  91. }
    92. 

  92. 

  93. UA_Boolean
    94. 

  94. getUserExecutableOnObject_default(const UA_NodeId *sessionId, void *sessionHandle,
    95. 

  95.                                   const UA_NodeId *methodId, const UA_NodeId *objectId) {
    96. 

  96.     return true;
    97. 

  97. }
    98. 

  98. 

  99. UA_Boolean
    100. 

  100. allowAddNode_default(const UA_NodeId *sessionId, void *sessionHandle, const UA_AddNodesItem *item) {
    101. 

  101.     return true;
    102. 

  102. }
    103. 

  103. 

  104. UA_Boolean
    105. 

  105. allowAddReference_default(const UA_NodeId *sessionId, void *sessionHandle, const UA_AddReferencesItem *item) {
    106. 

  106.     return true;
    107. 

  107. }
    108. 

  108. 

  109. UA_Boolean
    110. 

  110. allowDeleteNode_default(const UA_NodeId *sessionId, void *sessionHandle, const UA_DeleteNodesItem *item) {
    111. 

  111.     return true;
    112. 

  112. }
    113. 

  113.       
    114. 

  114. UA_Boolean
    115. 

  115. allowDeleteReference_default(const UA_NodeId *sessionId, void *sessionHandle, const UA_DeleteReferencesItem *item) {
    116. 

  116.     return true;
    117. 

  117. }
    118. 

  118.