Set UserAccessLevel Attribute for a Node

Questions regarding the use of the C++ SDK for Server or Client development or integration into customer products ...

Moderator: uasdkcpp

Post Reply
sahnnu16
Jr. Member
Jr. Member
Posts: 2
Joined: 16 Sep 2022, 09:19

Set UserAccessLevel Attribute for a Node

Post by sahnnu16 »

Currently I am trying to set Read/Write/Browse access level (after t user goes through the Authentication mechanism implemented locally in the application) for a node in below fashion,

NodeAccessInfoBase* pAccessInfo = new NodeAccessInfoBase();
pAccessInfo->setAccessRestrictions(NodeAccessInfo::PERMISSION_BROWSE | NodeAccessInfo::PERMISSION_READ | NodeAccessInfo::PERMISSION_WRITE);
externalNode->setAccessInfo(pAccessInfo);
pAccessInfo->releaseReference();

But it does not reflect the desired changes in UaExpert clinet side.

In UaExpert "UserAccessLevel" attribute still shows CurrentRead

User avatar
Support Team
Hero Member
Hero Member
Posts: 3056
Joined: 18 Mar 2011, 15:09

Re: Set UserAccessLevel Attribute for a Node

Post by Support Team »

Hello sahnnu,

you are setting the AccessRestriction for the node - I guess you want to set the RolePermissions instead.

AccessRestritions define additional restrictions to access the node independent of the Permission. For example if EncryptionRequired is set the node can only be accessed on an encrypted channel. see: https://reference.opcfoundation.org/Core/Part3/8.56/

Permissions are always assigned for a specific role. So to set them you need to specifiy a role and the permissions for that role.

Example to grant browse permissions for anonymous role and grant permissions to read and write the value for operator role:

Code: Select all

NodeAccessInfoBase* pAccessInfo = new NodeAccessInfoBase();
pAccessInfo->setRolePermissions(
    pServerManager->getIdForWellKnownRole(OpcUaId_WellKnownRole_Anonymous),
    NodeAccessInfo::PERMISSION_BROWSE);
pAccessInfo->setRolePermissions(
    pServerManager->getIdForWellKnownRole(OpcUaId_WellKnownRole_Operator),
    NodeAccessInfo::PERMISSION_BROWSE | NodeAccessInfo::PERMISSION_READ | NodeAccessInfo::PERMISSION_WRITE | NodeAccessInfo::PERMISSION_CALL);
externalNode->setAccessInfo(pAccessInfo);
pAccessInfo->releaseReference();
To understand the details of Role-Based Security please read on here: https://reference.opcfoundation.org/Core/Part18/
Best regards
Unified Automation Support Team

Post Reply