Joseph Doherty
@@ -28,6 +28,32 @@ public sealed class FocasDriverOptions
|
||||
/// <see cref="FocasAlarmProjectionMode.ActivePlusHistory"/>.
|
||||
/// </summary>
|
||||
public FocasAlarmProjectionOptions AlarmProjection { get; init; } = new();
|
||||
|
||||
/// <summary>
|
||||
/// Driver-level write opt-in (issue #268, plan PR F4-a). Defaults to
|
||||
/// <c>Enabled = false</c> — the driver short-circuits every <c>IWritable.WriteAsync</c>
|
||||
/// call to <see cref="FocasStatusMapper.BadNotWritable"/> until the deployment explicitly
|
||||
/// flips this on. Combined with the per-tag <see cref="FocasTagDefinition.Writable"/>
|
||||
/// gate (also default-off), every CNC write requires two opt-ins.
|
||||
/// </summary>
|
||||
public FocasWritesOptions Writes { get; init; } = new();
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Driver-level write controls (issue #268, plan PR F4-a). Per the F4-a decision record
|
||||
/// writes ship behind a flag with a safe default: an operator who pulls the FOCAS driver
|
||||
/// into production without touching <c>Writes.Enabled</c> gets read-only behaviour, and
|
||||
/// even with the flag flipped on each individual tag must still set
|
||||
/// <see cref="FocasTagDefinition.Writable"/> = <c>true</c>.
|
||||
/// </summary>
|
||||
public sealed record FocasWritesOptions
|
||||
{
|
||||
/// <summary>
|
||||
/// Driver-level master switch. Default <c>false</c> — every write returns
|
||||
/// <see cref="FocasStatusMapper.BadNotWritable"/> with the status text
|
||||
/// <c>"writes disabled at driver level"</c>.
|
||||
/// </summary>
|
||||
public bool Enabled { get; init; } = false;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
@@ -141,12 +167,22 @@ public sealed record FocasDeviceOptions(
|
||||
/// <c>X0.0</c> / <c>R100</c> / <c>PARAM:1815/0</c> / <c>MACRO:500</c> /
|
||||
/// <c>DIAG:1031</c> / <c>DIAG:280/2</c>.
|
||||
/// </summary>
|
||||
/// <remarks>
|
||||
/// <paramref name="Writable"/> defaults to <c>false</c> per issue #268 / plan PR F4-a — a
|
||||
/// newly-onboarded tag is read-only until the deployment explicitly opts it in, matching
|
||||
/// the driver-level <see cref="FocasWritesOptions.Enabled"/> safer-by-default posture.
|
||||
/// <paramref name="WriteIdempotent"/> is plumbed through the
|
||||
/// <see cref="Core.Resilience.CapabilityInvoker.ExecuteWriteAsync"/> retry path at the
|
||||
/// server layer (see <see cref="Core.Abstractions.WriteIdempotentAttribute"/>); a
|
||||
/// <c>true</c> value lets the Polly pipeline retry on transient failures while
|
||||
/// <c>false</c> (the default) disables retry per decisions #44/#45.
|
||||
/// </remarks>
|
||||
public sealed record FocasTagDefinition(
|
||||
string Name,
|
||||
string DeviceHostAddress,
|
||||
string Address,
|
||||
FocasDataType DataType,
|
||||
bool Writable = true,
|
||||
bool Writable = false,
|
||||
bool WriteIdempotent = false);
|
||||
|
||||
public sealed class FocasProbeOptions
|
||||
|
||||
Reference in New Issue
Block a user