Phase 0 — mechanical rename ZB.MOM.WW.LmxOpcUa.* → ZB.MOM.WW.OtOpcUa.*

Renames all 11 projects (5 src + 6 tests), the .slnx solution file, all source-file namespaces, all axaml namespace references, and all v1 documentation references in CLAUDE.md and docs/*.md (excluding docs/v2/ which is already in OtOpcUa form). Also updates the TopShelf service registration name from "LmxOpcUa" to "OtOpcUa" per Phase 0 Task 0.6. Preserves runtime identifiers per Phase 0 Out-of-Scope rules to avoid breaking v1/v2 client trust during coexistence: OPC UA `ApplicationUri` defaults (`urn:{GalaxyName}:LmxOpcUa`), server `EndpointPath` (`/LmxOpcUa`), `ServerName` default (feeds cert subject CN), `MxAccessConfiguration.ClientName` default (defensive — stays "LmxOpcUa" for MxAccess audit-trail consistency), client OPC UA identifiers (`ApplicationName = "LmxOpcUaClient"`, `ApplicationUri = "urn:localhost:LmxOpcUaClient"`, cert directory `%LocalAppData%\LmxOpcUaClient\pki\`), and the `LmxOpcUaServer` class name (class rename out of Phase 0 scope per Task 0.5 sed pattern; happens in Phase 1 alongside `LmxNodeManager → GenericDriverNodeManager` Core extraction). 23 LmxOpcUa references retained, all enumerated and justified in `docs/v2/implementation/exit-gate-phase-0.md`. Build clean: 0 errors, 30 warnings (lower than baseline 167). Tests at strict improvement over baseline: 821 passing / 1 failing vs baseline 820 / 2 (one flaky pre-existing failure passed this run; the other still fails — both pre-existing and unrelated to the rename). `Client.UI.Tests`, `Historian.Aveva.Tests`, `Client.Shared.Tests`, `IntegrationTests` all match baseline exactly. Exit gate compliance results recorded in `docs/v2/implementation/exit-gate-phase-0.md` with all 7 checks PASS or DEFERRED-to-PR-review (#7 service install verification needs Windows service permissions on the reviewer's box). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-17 13:57:47 -04:00
parent 5b8d708c58
commit 3b2defd94f
293 changed files with 841 additions and 722 deletions
--- a/src/ZB.MOM.WW.OtOpcUa.Host/Configuration/LdapConfiguration.cs
+++ b/src/ZB.MOM.WW.OtOpcUa.Host/Configuration/LdapConfiguration.cs
@@ -0,0 +1,75 @@
+namespace ZB.MOM.WW.OtOpcUa.Host.Configuration
+{
+    /// <summary>
+    ///     LDAP authentication and group-to-role mapping settings.
+    /// </summary>
+    public class LdapConfiguration
+    {
+        /// <summary>
+        ///     Gets or sets whether LDAP authentication is enabled.
+        ///     When true, user credentials are validated against the configured LDAP server
+        ///     and group membership determines OPC UA permissions.
+        /// </summary>
+        public bool Enabled { get; set; } = false;
+
+        /// <summary>
+        ///     Gets or sets the LDAP server hostname or IP address.
+        /// </summary>
+        public string Host { get; set; } = "localhost";
+
+        /// <summary>
+        ///     Gets or sets the LDAP server port.
+        /// </summary>
+        public int Port { get; set; } = 3893;
+
+        /// <summary>
+        ///     Gets or sets the base DN for LDAP operations.
+        /// </summary>
+        public string BaseDN { get; set; } = "dc=lmxopcua,dc=local";
+
+        /// <summary>
+        ///     Gets or sets the bind DN template. Use {username} as a placeholder.
+        /// </summary>
+        public string BindDnTemplate { get; set; } = "cn={username},dc=lmxopcua,dc=local";
+
+        /// <summary>
+        ///     Gets or sets the service account DN used for LDAP searches (group lookups).
+        /// </summary>
+        public string ServiceAccountDn { get; set; } = "";
+
+        /// <summary>
+        ///     Gets or sets the service account password.
+        /// </summary>
+        public string ServiceAccountPassword { get; set; } = "";
+
+        /// <summary>
+        ///     Gets or sets the LDAP connection timeout in seconds.
+        /// </summary>
+        public int TimeoutSeconds { get; set; } = 5;
+
+        /// <summary>
+        ///     Gets or sets the LDAP group name that grants read-only access.
+        /// </summary>
+        public string ReadOnlyGroup { get; set; } = "ReadOnly";
+
+        /// <summary>
+        ///     Gets or sets the LDAP group name that grants write access for FreeAccess/Operate attributes.
+        /// </summary>
+        public string WriteOperateGroup { get; set; } = "WriteOperate";
+
+        /// <summary>
+        ///     Gets or sets the LDAP group name that grants write access for Tune attributes.
+        /// </summary>
+        public string WriteTuneGroup { get; set; } = "WriteTune";
+
+        /// <summary>
+        ///     Gets or sets the LDAP group name that grants write access for Configure attributes.
+        /// </summary>
+        public string WriteConfigureGroup { get; set; } = "WriteConfigure";
+
+        /// <summary>
+        ///     Gets or sets the LDAP group name that grants alarm acknowledgment access.
+        /// </summary>
+        public string AlarmAckGroup { get; set; } = "AlarmAck";
+    }
+}