dohertj2/lmxopcua
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix(core): resolve Medium code-review finding (Core-003)

Browse Source 
Add FolderSegment member to NodeAclScopeKind; update WalkSystemPlatform
to report NodeAclScopeKind.FolderSegment (not Equipment) for each
visited Galaxy folder level, so MatchedGrant.Scope in
AuthorizationDecision.Provenance correctly distinguishes Galaxy folder
grants from UNS Equipment grants in the audit trail and Admin UI
diagnostics.  Three regression tests added to PermissionTrieTests.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Joseph Doherty
2026-05-22 08:23:45 -04:00
parent a0b3a4c8a7
commit 09cd579220
3 changed files with 60 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/Core/ZB.MOM.WW.OtOpcUa.Configuration/Enums/NodeAclScopeKind.cs
View File

@@ -8,5 +8,11 @@ public enum NodeAclScopeKind
UnsArea,
UnsLine,
Equipment,
/// <summary>
/// A Galaxy (SystemPlatform-kind) folder segment anchored below a namespace.
/// Distinguishes folder grants from UNS <see cref="Equipment"/> grants in the
/// <c>AuthorizationDecision.Provenance</c> audit trail and Admin UI diagnostics.
/// </summary>
FolderSegment,
Tag,
}

11
src/Core/ZB.MOM.WW.OtOpcUa.Core/Authorization/PermissionTrie.cs
View File

@@ -79,16 +79,15 @@ public sealed class PermissionTrie
private static void WalkSystemPlatform(PermissionTrieNode ns, NodeScope scope, HashSet<string> groups, List<MatchedGrant> matches)
{
// FolderSegments are nested under the namespace; each is its own trie level. Reuse the
// UnsArea scope kind for the flags — NodeAcl rows for Galaxy tags carry ScopeKind.Tag
// for leaf grants and ScopeKind.Namespace for folder-root grants; deeper folder grants
// are modeled as Equipment-level rows today since NodeAclScopeKind doesn't enumerate
// a dedicated FolderSegment kind. Future-proof TODO tracked in Stream B follow-up.
// FolderSegments are nested under the namespace; each is its own trie level. Use the
// dedicated FolderSegment scope kind so Galaxy folder grants report their true scope in
// AuthorizationDecision.Provenance — distinguishing them from UNS Equipment grants in
// the audit trail and Admin UI "Probe this permission" diagnostic.
var current = ns;
foreach (var segment in scope.FolderSegments)
{
if (!current.Children.TryGetValue(segment, out var child)) return;
CollectAtLevel(child, NodeAclScopeKind.Equipment, groups, matches);
CollectAtLevel(child, NodeAclScopeKind.FolderSegment, groups, matches);
current = child;
}