The RoleSet Object defined in Table 10is a RoleSetTypewhich is formally defined in Table F.1.
Table F.1– RoleSetType Definition
|
Value |
|||||
|
BrowseName |
RoleSetType |
||||
|
IsAbstract |
False |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
Modelling Rule |
|
Subtype of BaseObjectType defined in 6.2. |
|||||
|
|
|
|
|
|
|
|
HasComponent |
Object |
<RoleName> |
|
RoleType |
OptionalPlaceholder |
|
HasComponent |
Method |
AddRole |
Defined in F.2.2 |
Mandatory |
|
|
HasComponent |
Method |
RemoveRole |
Defined in F.2.3. |
Mandatory |
|
The AddRole Methodallows configuration Clientsto add a new Roleto the Server.
The RemoveRole Methodallows configuration Clientsto remove a Rolefrom the Server.
This Methodis used to add a Role to the RoleSet Object.
The combination of the NamespaceUri andRoleNameparameters are used to construct the BrowseNamefor the new Node. The BrowseName shall be unique within the RoleSet Object.
This Methodaffects security and shall only be browseable and callable by authorized administrators.
OPC 10000-3defines well-known Roles. If this Methodis used to add a well-known Role, the name of the Rolefrom OPC 10000-3is used together with the OPC UA namespace URI. The Servershall use the NodeIdsfor the well-known Rolesin this case. The NodeIdsfor the well-known Rolesare defined in OPC 10000-6.
Signature
AddRole(
[in]String RoleName
[in]String NamespaceUri
[out]NodeId RoleNodeId
);
|
Argument |
Description |
|
RoleName |
The name of the Role. |
|
NamespaceUri |
The NamespaceUriqualifies the RoleName. If this value is null or empty then the resulting BrowseNamewill be qualified by the Server’s NamespaceUri. |
|
RoleNodeId |
Method Result Codes
|
ResultCode |
Description |
|
Bad_InvalidArgument |
The RoleNameor NamespaceUri is not valid. The text associated with the error shall indicate the exact problem. |
|
Bad_NotSupported |
|
|
Bad_UserAccessDenied |
The caller does not have the necessary Permissions. |
This Methodis used to remove a Role from the RoleSet Object.
The RoleNodeIdis the NodeIdof the Role Objectto remove.
The Servermay prohibit the removal of some Rolesbecause they are necessary for the Serverto function.
If a Roleis removed all Permissionsassociated with the Roleare deleted as well. Ideally these changes should take effect immediately, however, some lag may occur.
This Method affects security and shall only be browseable and callable by authorized administrators.
Signature
RemoveRole(
[in]NodeId RoleNodeId
);
|
Argument |
Description |
|
RoleNodeId |
The NodeIdof the Role Object. |
Method Result Codes
|
ResultCode |
Description |
|
Bad_NodeIdUnknown |
|
|
Bad_NotSupported |
The Serverdoes not allow the Role Objectto be removed. |
|
Bad_UserAccessDenied |
The caller does not have the necessary Permissions. |
|
Bad_RequestNotAllowed |
The specified Role Object cannot be removed. |