dohertj2/lmxopcua
1
0
Fork 0
Code Issues 1 Pull Requests 2 Actions Packages Projects Releases Wiki Activity
Files
4cf0b4eb7321ea3df576820c8330b268a3e8014b
lmxopcua/tests/ZB.MOM.WW.OtOpcUa.Driver.Galaxy.Host.Tests/EndToEndIpcTests.cs
Joseph Doherty d11dd0520b Galaxy IPC unblock — live dev-box E2E path 
Three root-cause fixes to get an elevated dev-box shell past session open
through to real MXAccess reads:

1. PipeAcl — drop BUILTIN\Administrators deny ACE. UAC's filtered token
   carries the Admins SID as deny-only, so the deny fired even from
   non-elevated admin-account shells. The per-connection SID check in
   PipeServer.VerifyCaller remains the real authorization boundary.

2. PipeServer — swap the Hello-read / VerifyCaller order. ImpersonateNamedPipeClient
   returns ERROR_CANNOT_IMPERSONATE until at least one frame has been read
   from the pipe; reading Hello first satisfies that rule. Previously the
   ACL deny-first path masked this race — removing the deny ACE exposed it.

3. GalaxyIpcClient — add a background reader + single pending-response
   slot. A RuntimeStatusChange event between OpenSessionRequest and
   OpenSessionResponse used to satisfy the caller's single ReadFrameAsync
   and fail CallAsync with "Expected OpenSessionResponse, got
   RuntimeStatusChange". The reader now routes response kinds (and
   ErrorResponse) to the pending TCS and everything else to a handler the
   driver registers in InitializeAsync. The Proxy was already set up to
   raise managed events from RaiseDataChange / RaiseAlarmEvent /
   OnHostConnectivityUpdate — those helpers had no caller until now.

4. RedundancyPublisherHostedService — swallow BadServerHalted while
   polling host.Server.CurrentInstance. StandardServer throws that code
   during startup rather than returning null, so the first poll attempt
   crashed the BackgroundService (and the host) before OnServerStarted
   ran. This race was latent behind the Galaxy init failure above.

Updates docs that described the Admins deny ACE + mandatory non-elevated
shells, and drops the admin-skip guards from every Galaxy integration +
E2E fixture that had them (IpcHandshakeIntegrationTests, EndToEndIpcTests,
ParityFixture, LiveStackFixture, HostSubprocessParityTests).

Adds GalaxyIpcClientRoutingTests covering the router's
request/response match, ErrorResponse, event-between-call, idle event,
and peer-close paths.

Verified live on the dev box against the p7-smoke cluster (gen 6):
driver registered=1 failedInit=0, Phase 7 bridge subscribed, OPC UA
server up on 4840, MXAccess read round-trip returns real data with
Status=0x00000000.

Task #112 — partial: Galaxy live stack is functional end-to-end. The
supplied test-galaxy.ps1 script still fails because the UNS walker
encodes TagConfig JSON as the tag's NodeId instead of the seeded TagId
(pre-existing; separate issue from this commit).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-24 16:30:16 -04:00

171 lines
6.6 KiB
C#
Raw Blame History

using System;
using System.IO;
using System.IO.Pipes;
using System.Security.Principal;
using System.Threading;
using System.Threading.Tasks;
using MessagePack;
using Serilog;
using Serilog.Core;
using Shouldly;
using Xunit;
using ZB.MOM.WW.OtOpcUa.Driver.Galaxy.Host.Backend;
using ZB.MOM.WW.OtOpcUa.Driver.Galaxy.Host.Ipc;
using ZB.MOM.WW.OtOpcUa.Driver.Galaxy.Shared;
using ZB.MOM.WW.OtOpcUa.Driver.Galaxy.Shared.Contracts;
namespace ZB.MOM.WW.OtOpcUa.Driver.Galaxy.Host.Tests
{
/// <summary>
/// Drives every <see cref="MessageKind"/> the Phase 2 plan exposes through the full
/// Host-side stack (<see cref="PipeServer"/> + <see cref="GalaxyFrameHandler"/> +
/// <see cref="StubGalaxyBackend"/>) using a hand-rolled IPC client built on Shared's
/// <see cref="FrameReader"/>/<see cref="FrameWriter"/>. The Proxy's <c>GalaxyIpcClient</c>
/// is net10-only and cannot load in this net48 x86 test process, so we exercise the same
/// wire protocol through the framing primitives directly. The dispatcher/backend response
/// shapes are the production code path verbatim.
/// </summary>
[Trait("Category", "Integration")]
public sealed class EndToEndIpcTests
{
private sealed class TestStack : IDisposable
{
public PipeServer Server = null!;
public NamedPipeClientStream Stream = null!;
public FrameReader Reader = null!;
public FrameWriter Writer = null!;
public Task ServerTask = null!;
public CancellationTokenSource Cts = null!;
public void Dispose()
{
Cts.Cancel();
try { ServerTask.GetAwaiter().GetResult(); } catch { /* shutdown */ }
Server.Dispose();
Stream.Dispose();
Reader.Dispose();
Writer.Dispose();
Cts.Dispose();
}
}
private static async Task<TestStack> StartAsync()
{
using var identity = WindowsIdentity.GetCurrent();
var sid = identity.User!;
var pipe = $"OtOpcUaGalaxyE2E-{Guid.NewGuid():N}";
const string secret = "e2e-secret";
Logger log = new LoggerConfiguration().CreateLogger();
var cts = new CancellationTokenSource(TimeSpan.FromSeconds(15));
var server = new PipeServer(pipe, sid, secret, log);
var serverTask = Task.Run(() => server.RunAsync(
new GalaxyFrameHandler(new StubGalaxyBackend(), log), cts.Token));
var stream = new NamedPipeClientStream(".", pipe, PipeDirection.InOut, PipeOptions.Asynchronous);
await stream.ConnectAsync(5_000, cts.Token);
var reader = new FrameReader(stream, leaveOpen: true);
var writer = new FrameWriter(stream, leaveOpen: true);
await writer.WriteAsync(MessageKind.Hello,
new Hello { PeerName = "e2e", SharedSecret = secret }, cts.Token);
var ack = await reader.ReadFrameAsync(cts.Token);
if (ack is null || ack.Value.Kind != MessageKind.HelloAck)
throw new InvalidOperationException("Hello handshake failed");
return new TestStack
{
Server = server,
Stream = stream,
Reader = reader,
Writer = writer,
ServerTask = serverTask,
Cts = cts,
};
}
private static async Task<TResp> RoundTripAsync<TReq, TResp>(
TestStack s, MessageKind reqKind, TReq req, MessageKind respKind)
{
await s.Writer.WriteAsync(reqKind, req, s.Cts.Token);
var frame = await s.Reader.ReadFrameAsync(s.Cts.Token);
frame.HasValue.ShouldBeTrue();
frame!.Value.Kind.ShouldBe(respKind);
return MessagePackSerializer.Deserialize<TResp>(frame.Value.Body);
}
[Fact]
public async Task OpenSession_succeeds_with_an_assigned_session_id()
{
using var s = await StartAsync();
var resp = await RoundTripAsync<OpenSessionRequest, OpenSessionResponse>(
s, MessageKind.OpenSessionRequest,
new OpenSessionRequest { DriverInstanceId = "gal-e2e", DriverConfigJson = "{}" },
MessageKind.OpenSessionResponse);
resp.Success.ShouldBeTrue();
resp.SessionId.ShouldBeGreaterThan(0L);
}
[Fact]
public async Task Discover_against_stub_returns_an_error_response()
{
using var s = await StartAsync();
var resp = await RoundTripAsync<DiscoverHierarchyRequest, DiscoverHierarchyResponse>(
s, MessageKind.DiscoverHierarchyRequest,
new DiscoverHierarchyRequest { SessionId = 1 },
MessageKind.DiscoverHierarchyResponse);
resp.Success.ShouldBeFalse();
resp.Error.ShouldContain("MXAccess code lift pending");
}
[Fact]
public async Task WriteValues_returns_per_tag_BadInternalError_status()
{
using var s = await StartAsync();
var resp = await RoundTripAsync<WriteValuesRequest, WriteValuesResponse>(
s, MessageKind.WriteValuesRequest,
new WriteValuesRequest
{
SessionId = 1,
Writes = new[] { new GalaxyDataValue { TagReference = "TagA" } },
},
MessageKind.WriteValuesResponse);
resp.Results.Length.ShouldBe(1);
resp.Results[0].StatusCode.ShouldBe(0x80020000u);
}
[Fact]
public async Task Subscribe_returns_a_subscription_id()
{
using var s = await StartAsync();
var sub = await RoundTripAsync<SubscribeRequest, SubscribeResponse>(
s, MessageKind.SubscribeRequest,
new SubscribeRequest { SessionId = 1, TagReferences = new[] { "TagA" }, RequestedIntervalMs = 500 },
MessageKind.SubscribeResponse);
sub.Success.ShouldBeTrue();
sub.SubscriptionId.ShouldBeGreaterThan(0L);
}
[Fact]
public async Task Recycle_returns_the_grace_window_from_the_backend()
{
using var s = await StartAsync();
var resp = await RoundTripAsync<RecycleHostRequest, RecycleStatusResponse>(
s, MessageKind.RecycleHostRequest,
new RecycleHostRequest { Kind = "Soft", Reason = "test" },
MessageKind.RecycleStatusResponse);
resp.Accepted.ShouldBeTrue();
resp.GraceSeconds.ShouldBe(15);
}
}
}
Reference in New Issue View Git Blame Copy Permalink