npm - @vitormnm/node-red-simple-opcua - Versions diffs - 1.6.3 → 1.7.0 - Mend

@vitormnm/node-red-simple-opcua 1.6.3 → 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (42) hide show

package/server/opcua-server.html CHANGED Viewed

@@ -7,45 +7,21 @@
         <label for="node-input-serverName"><i class="fa fa-server"></i> Server name</label>
         <input type="text" id="node-input-serverName" placeholder="Node-RED OPC UA Server">
     </div>
-    <div class="form-row">
-        <label for="node-input-resourcePath"><i class="fa fa-server"></i> Resource path</label>
-        <input type="text" id="node-input-resourcePath" placeholder="Resource path OPC UA Server">
-    </div>
     <div class="form-row">
         <label for="node-input-port"><i class="fa fa-plug"></i> Port</label>
         <input type="number" id="node-input-port" min="1" placeholder="4840">
     </div>
     <div class="form-row">
-        <label for="node-input-maxConnections"><i class="fa fa-users"></i> Number connections</label>
-        <input type="number" id="node-input-maxConnections" min="1" placeholder="10">
-    </div>
-    <div class="form-row">
-        <label for="node-input-securityPolicy"><i class="fa fa-lock"></i> Security</label>
-        <select id="node-input-securityPolicy">
-            <option value="None">None</option>
-            <option value="Basic128Rsa15">Basic128Rsa15</option>
-            <option value="Basic256">Basic256</option>
-            <option value="Basic256Sha256">Basic256Sha256</option>
-            <option value="Aes128_Sha256_RsaOaep">Aes128_Sha256_RsaOaep</option>
-            <option value="Aes256_Sha256_RsaPss">Aes256_Sha256_RsaPss</option>
-        </select>
-    </div>
-    <div class="form-row">
-        <label for="node-input-securityMode"><i class="fa fa-shield"></i> Security mode</label>
-        <select id="node-input-securityMode">
-            <option value="None">None</option>
-            <option value="Sign">Sign</option>
-            <option value="SignAndEncrypt">SignAndEncrypt</option>
-        </select>
+        <label style="width: auto;"><i class="fa fa-cogs"></i> Settings</label>
+        <a href="#" id="node-input-open-settings-modal" class="editor-button"><i class="fa fa-cog"></i> Open server settings</a>
     </div>
     <div class="form-row">
-        <label for="node-input-allowAnonymous"><i class="fa fa-user-secret"></i> Anonymous</label>
-        <input type="checkbox" id="node-input-allowAnonymous" style="display:inline-block; width:auto; vertical-align:top; margin-top:8px;">
-        <span style="margin-left: 8px;">Allow anonymous login</span>
+        <label style="width: auto;"><i class="fa fa-shield"></i> Security</label>
+        <a href="#" id="node-input-open-auth-modal" class="editor-button"><i class="fa fa-lock"></i> Manage security and users</a>
     </div>
     <div class="form-row">
-        <label style="width: auto;"><i class="fa fa-users"></i> Users</label>
-        <a href="#" id="node-input-open-auth-modal" class="editor-button"><i class="fa fa-user-plus"></i> Manage users and groups</a>
+        <label style="width: auto;"><i class="fa fa-certificate"></i> Certificates</label>
+        <a href="#" id="node-input-open-cert-modal" class="editor-button"><i class="fa fa-folder-open"></i> Manage client certificates</a>
     </div>
@@ -71,15 +47,38 @@
     <div id="node-input-auth-modal" class="opcua-tree-modal" style="display:none;">
         <div class="opcua-tree-modal__dialog">
             <div class="opcua-tree-modal__header">
-                <div class="opcua-tree-modal__title"><i class="fa fa-users"></i> User And Group Management</div>
+                <div class="opcua-tree-modal__title"><i class="fa fa-shield"></i> Security & User Management</div>
                 <a href="#" id="node-input-close-auth-modal" class="editor-button editor-button-small"><i class="fa fa-times"></i> Close</a>
             </div>
-            <div class="opcua-tree-modal__toolbar">
-                <a href="#" id="node-input-add-auth-group" class="editor-button editor-button-small"><i class="fa fa-plus"></i> Add group</a>
-                <a href="#" id="node-input-add-auth-user" class="editor-button editor-button-small"><i class="fa fa-plus"></i> Add user</a>
-            </div>
-            <div class="opcua-tree-modal__body">
-                <div class="opcua-auth-layout">
+            <div class="opcua-tree-modal__body" style="display: flex; flex-direction: column; gap: 14px;">
+                <div class="opcua-config-card">
+                    <div class="opcua-tree-details-title opcua-card-title"><i class="fa fa-shield"></i> Security Settings</div>
+                    <div class="opcua-config-form">
+                        <div class="opcua-config-row">
+                            <label class="opcua-config-label" for="node-input-securityPolicy"><i class="fa fa-lock"></i> Security Policy</label>
+                            <input class="opcua-config-input" type="text" id="node-input-securityPolicy">
+                        </div>
+                        <div class="opcua-config-row">
+                            <label class="opcua-config-label" for="node-input-securityMode"><i class="fa fa-shield"></i> Security Mode</label>
+                            <input class="opcua-config-input" type="text" id="node-input-securityMode">
+                        </div>
+                        <div class="opcua-config-row opcua-config-row--checkbox">
+                            <label class="opcua-config-label" for="node-input-allowAnonymous"><i class="fa fa-user-secret"></i> Allow anonymous login</label>
+                            <input class="opcua-config-input" type="checkbox" id="node-input-allowAnonymous">
+                        </div>
+                        <div class="opcua-config-row opcua-config-row--checkbox">
+                            <label class="opcua-config-label" for="node-input-automaticallyAcceptUnknownCertificate"><i class="fa fa-certificate"></i> Automatically accept unknown certificates</label>
+                            <input class="opcua-config-input" type="checkbox" id="node-input-automaticallyAcceptUnknownCertificate">
+                        </div>
+                    </div>
+                </div>
+                <div style="display: flex; gap: 10px; margin-bottom: 2px;">
+                    <a href="#" id="node-input-add-auth-group" class="editor-button editor-button-small"><i class="fa fa-plus"></i> Add group</a>
+                    <a href="#" id="node-input-add-auth-user" class="editor-button editor-button-small"><i class="fa fa-plus"></i> Add user</a>
+                </div>
+                <div class="opcua-auth-layout" style="flex: 1 1 auto;">
                     <div class="opcua-auth-panel">
                         <div class="opcua-tree-details-title">Groups</div>
                         <div id="opcua-auth-groups" class="opcua-auth-list"></div>
@@ -93,6 +92,83 @@
         </div>
     </div>
+    <div id="node-input-settings-modal" class="opcua-tree-modal" style="display:none;">
+        <div class="opcua-tree-modal__dialog">
+            <div class="opcua-tree-modal__header">
+                <div class="opcua-tree-modal__title"><i class="fa fa-cogs"></i> Server Settings</div>
+                <a href="#" id="node-input-close-settings-modal" class="editor-button editor-button-small"><i class="fa fa-times"></i> Close</a>
+            </div>
+            <div class="opcua-tree-modal__body" style="display: flex; flex-direction: column; gap: 14px;">
+                <div class="opcua-config-card">
+                    <div class="opcua-tree-details-title opcua-card-title"><i class="fa fa-cogs"></i> General Settings</div>
+                    <div class="opcua-config-form">
+                        <div class="opcua-config-row">
+                            <label class="opcua-config-label" for="node-input-resourcePath"><i class="fa fa-server"></i> Resource path</label>
+                            <input class="opcua-config-input" type="text" id="node-input-resourcePath" placeholder="Resource path OPC UA Server">
+                        </div>
+                        <div class="opcua-config-row">
+                            <label class="opcua-config-label" for="node-input-maxConnections"><i class="fa fa-users"></i> Number connections</label>
+                            <input class="opcua-config-input" type="number" id="node-input-maxConnections" min="1" placeholder="10">
+                        </div>
+                        <div class="opcua-config-row">
+                            <label class="opcua-config-label" for="node-input-minSessionTimeout"><i class="fa fa-clock-o"></i> Min Session Timeout (ms)</label>
+                            <input class="opcua-config-input" type="number" id="node-input-minSessionTimeout" min="0" placeholder="100">
+                        </div>
+                        <div class="opcua-config-row">
+                            <label class="opcua-config-label" for="node-input-defaultSessionTimeout"><i class="fa fa-clock-o"></i> Default Session Timeout (ms)</label>
+                            <input class="opcua-config-input" type="number" id="node-input-defaultSessionTimeout" min="0" placeholder="30000">
+                        </div>
+                        <div class="opcua-config-row">
+                            <label class="opcua-config-label" for="node-input-maxSessionTimeout"><i class="fa fa-clock-o"></i> Max Session Timeout (ms)</label>
+                            <input class="opcua-config-input" type="number" id="node-input-maxSessionTimeout" min="0" placeholder="3000000">
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+    <div id="node-input-cert-modal" class="opcua-tree-modal" style="display:none;">
+        <div class="opcua-tree-modal__dialog">
+            <div class="opcua-tree-modal__header">
+                <div class="opcua-tree-modal__title"><i class="fa fa-certificate"></i> Client Certificate Management</div>
+                <a href="#" id="node-input-close-cert-modal" class="editor-button editor-button-small"><i class="fa fa-times"></i> Close</a>
+            </div>
+            <div class="opcua-tree-modal__body">
+                <div class="opcua-auth-layout">
+                    <div class="opcua-auth-panel">
+                        <div class="opcua-tree-details-title">Folders</div>
+                        <div id="opcua-cert-folders" class="opcua-auth-list">
+                            <div class="opcua-cert-item is-selected" data-folder="rejected">
+                                <i class="fa fa-ban" style="color: #d9534f; width: 16px; text-align: center;"></i> Rejected Certificates
+                            </div>
+                            <div class="opcua-cert-item" data-folder="trusted">
+                                <i class="fa fa-check-circle" style="color: #5cb85c; width: 16px; text-align: center;"></i> Trusted Certificates
+                            </div>
+                        </div>
+                    </div>
+                    <div class="opcua-auth-panel">
+                        <div class="opcua-tree-details-title">Certificates</div>
+                        <div id="opcua-cert-files" class="opcua-auth-list" style="display: flex; flex-direction: column; gap: 2px;">
+                            <!-- List of certificates -->
+                        </div>
+                        <div id="opcua-cert-details" class="opcua-auth-card" style="margin-top: 10px; display: none;">
+                            <div class="form-row" style="margin-bottom: 8px;">
+                                <label style="width: auto; font-weight: bold;"><i class="fa fa-certificate"></i> Selected Certificate:</label>
+                                <span id="opcua-selected-cert-name" style="word-break: break-all; margin-left: 8px;"></span>
+                            </div>
+                            <div class="form-row" style="margin-bottom: 0; display: flex; align-items: center; gap: 8px;">
+                                <label style="width: auto;">Move to:</label>
+                                <select id="opcua-cert-target-folder" style="width: 150px; margin: 0;"></select>
+                                <a href="#" id="opcua-cert-move-btn" class="editor-button"><i class="fa fa-exchange"></i> Move</a>
+                            </div>
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
     <div id="node-input-tree-modal" class="opcua-tree-modal" style="display:none;">
         <div class="opcua-tree-modal__dialog">
             <div class="opcua-tree-modal__header">
@@ -148,12 +224,58 @@
 <script type="text/html" data-help-name="opc-ua-server">
-    <p>Creates a configurable OPC UA server using <code>node-opcua</code>.</p>
-    <p>The node starts an OPC UA server when deployed and exposes a dynamic tree under the configured namespace.</p>
+    <p>Creates a fully dynamic, configurable OPC UA server using <code>node-opcua</code>.</p>
+    <p>The server parses a JSON tree structure defined in the modal editor or provided dynamically to construct the OPC UA Address Space at runtime without manual coding.</p>
     <h3>Inputs</h3>
-    <p><code>msg.payload</code>: JSON object describing the OPC UA tree. When provided, the node validates the structure and rebuilds the dynamic namespace.</p>
-    <h3>Details</h3>
-    <p>Supported variable types: <code>Int16</code>, <code>Int32</code>, <code>Int64</code>, <code>Float</code>, <code>Boolean</code>, <code>String</code>.</p>
-    <p>Supported access modes: <code>readonly</code> and <code>readwrite</code>.</p>
-    <p>Authentication can be configured in the editor with multiple local users and groups stored in Node-RED credentials, and anonymous login can be disabled.</p>
+    <dl class="message-properties">
+        <dt>payload <span class="property-type">object | string</span></dt>
+        <dd>A JSON object or string describing the target OPC UA tree configuration. The server will validate the payload and dynamically rebuild the entire address space.</dd>
+    </dl>
+    <h3>Address Space Categories</h3>
+    <h4>1. Folders & Objects</h4>
+    <ul>
+        <li><strong>Folders:</strong> Standard structural directories used to group objects and variables.</li>
+        <li><strong>Objects:</strong> Real-world component representations. Objects and folders can be nested hierarchically.</li>
+    </ul>
+    <h4>2. Variables</h4>
+    <ul>
+        <li><strong>Data Types:</strong> Supported data types include <code>Int16</code>, <code>UInt16</code>, <code>Int32</code>, <code>UInt32</code>, <code>Float</code>, <code>Boolean</code>, <code>String</code>, <code>ByteString</code>, and <code>LocalizedText</code>.</li>
+        <li><strong>Access Control:</strong> Variable access can be set to <code>readonly</code> or <code>readwrite</code>.</li>
+    </ul>
+    <h4>3. ObjectTypes (Templates)</h4>
+    <ul>
+        <li>Define reusable object type definitions (templates) under the <code>Types/ObjectTypes</code> visual folder.</li>
+        <li>Instantiate these types under folders/objects. Changes to the ObjectType structure will automatically propagate to all instances.</li>
+        <li><strong>Alarms on ObjectTypes:</strong> When configuring an alarm inside an ObjectType, the alarm variable path must reference the variable using the format <code>'ObjectTypeName'.'VariableName'</code> (e.g. <code>motor.status</code>).</li>
+    </ul>
+    <h4>4. Enumerations (DataTypes)</h4>
+    <ul>
+        <li>Define custom enumeration data types mapping integer states to display strings (e.g. <code>0: Stopped</code>, <code>1: Running</code>).</li>
+        <li>Variables can select these custom Enumerations as their data type.</li>
+    </ul>
+    <h4>5. Methods</h4>
+    <ul>
+        <li>Define callable server methods with custom <strong>Input Arguments</strong> and <strong>Output Arguments</strong>.</li>
+        <li>Incoming method calls are routed automatically to matching <code>opcua-server-io</code> nodes (set to <code>method-input</code> mode) where flow logic handles execution and returns the result via <code>method-output</code>.</li>
+    </ul>
+    <h4>6. Alarms</h4>
+    <ul>
+        <li><strong>Level Alarms:</strong> Monitor numeric variables and trigger limit events (<code>highHighLimit</code>, <code>highLimit</code>, <code>lowLimit</code>, <code>lowLowLimit</code>) with custom severity.</li>
+        <li><strong>Digital Alarms:</strong> Triggered when a boolean/numeric variable matches or deviates from a configured normal state.</li>
+    </ul>
+    <h3>Security & Access Control</h3>
+    <ul>
+        <li><strong>Authentication:</strong> Supports anonymous login and authenticated username/password login. Passwords can be hashed automatically.</li>
+        <li><strong>Access Permissions:</strong> Each folder, variable, method, or alarm can restrict access to specified user groups (comma-separated list, e.g. <code>operator,engineer</code>). If no users are configured, permission checks are disabled.</li>
+        <li><strong>Client Certificates:</strong> Open the Certificate modal to inspect, trust, or reject incoming client certificates. Trusted certificates reside in the simple_opcua server storage.</li>
+    </ul>
 </script>

package/server/opcua-server.js CHANGED Viewed

@@ -8,12 +8,29 @@ module.exports = function (RED) {
     const { fork } = require("child_process");
     const path = require("path");
+    const getCertificatesFolder = (serverName) => {
+        const safeServerName = (serverName || "default")
+            .replace(/[\\/:\*\?"<>|]/g, "_")
+            .replace(/^\.+$/, "");
+        try {
+            const userDir = (RED.settings && RED.settings.userDir) || path.join(require('os').homedir(), ".node-red");
+            let flowFile = (RED.settings && RED.settings.flowFile) || "flows.json";
+            if (typeof flowFile !== "string") {
+                flowFile = "flows.json";
+            }
+            const flowFileFolder = path.isAbsolute(flowFile) ? path.dirname(flowFile) : path.join(userDir, path.dirname(flowFile));
+            return path.join(flowFileFolder, "simple_opcua", "server", safeServerName);
+        } catch (err) {
+            return path.join(require('os').homedir(), ".node-red", "simple_opcua", "server", safeServerName);
+        }
+    };
     function OpcUaServerNode(config) {
         RED.nodes.createNode(this, config);
         const node = this;
         const parser = new OpcUaServerConfigParser(node);
         const settings = parser.parseNodeConfig(config, this.credentials || {});
+        settings.certificatesFolder = getCertificatesFolder(settings.serverName);
@@ -129,8 +146,10 @@ module.exports = function (RED) {
                 done();
             } catch (error) {
-                reportError(node, "Input processing failed", error);
-                done(error);
+                reportError(node, "Input processing failed", error, msg);
+                if (done) {
+                    done();
+                }
             }
         });
@@ -152,9 +171,13 @@ module.exports = function (RED) {
-    function reportError(node, message, error) {
+    function reportError(node, message, error, msg) {
         const details = error && error.message ? error.message : String(error);
-        node.error(message + ": " + details);
+        if (msg) {
+            node.error(message + ": " + details, msg);
+        } else {
+            node.error(message + ": " + details);
+        }
         node.status({ fill: "red", shape: "ring", text: message });
     }
@@ -170,6 +193,93 @@ module.exports = function (RED) {
         res.sendFile(jsPath);
     });
+    RED.httpAdmin.get("/opc-ua-server/certificates", function (req, res) {
+        const serverName = req.query.serverName || "default";
+        const certificatesFolder = getCertificatesFolder(serverName);
+        const fs = require("fs");
+        const trustedDir = path.join(certificatesFolder, "trusted", "certs");
+        const rejectedDir = path.join(certificatesFolder, "rejected");
+        // Ensure directories exist
+        try {
+            if (!fs.existsSync(trustedDir)) {
+                fs.mkdirSync(trustedDir, { recursive: true });
+            }
+            if (!fs.existsSync(rejectedDir)) {
+                fs.mkdirSync(rejectedDir, { recursive: true });
+            }
+        } catch (e) {
+            // Ignore directory creation errors (fallback to empty)
+        }
+        const listFiles = (dir) => {
+            try {
+                if (!fs.existsSync(dir)) {
+                    return [];
+                }
+                return fs.readdirSync(dir).filter(file => {
+                    const stats = fs.statSync(path.join(dir, file));
+                    return stats.isFile() && (file.endsWith(".der") || file.endsWith(".pem") || file.endsWith(".crt"));
+                });
+            } catch (err) {
+                return [];
+            }
+        };
+        res.json({
+            trusted: listFiles(trustedDir),
+            rejected: listFiles(rejectedDir)
+        });
+    });
+    RED.httpAdmin.post("/opc-ua-server/certificates/move", function (req, res) {
+        const { serverName, filename, fromFolder, toFolder } = req.body;
+        const certificatesFolder = getCertificatesFolder(serverName);
+        const fs = require("fs");
+        if (!filename || !fromFolder || !toFolder) {
+            return res.status(400).json({ error: "Missing required fields" });
+        }
+        const getFolderDir = (folderName) => {
+            if (folderName === "trusted") {
+                return path.join(certificatesFolder, "trusted", "certs");
+            }
+            if (folderName === "rejected") {
+                return path.join(certificatesFolder, "rejected");
+            }
+            return null;
+        };
+        const srcDir = getFolderDir(fromFolder);
+        const destDir = getFolderDir(toFolder);
+        if (!srcDir || !destDir) {
+            return res.status(400).json({ error: "Invalid folders specified" });
+        }
+        const srcPath = path.join(srcDir, filename);
+        const destPath = path.join(destDir, filename);
+        try {
+            if (!fs.existsSync(srcPath)) {
+                return res.status(404).json({ error: "Source certificate not found" });
+            }
+            // Ensure destination directory exists
+            if (!fs.existsSync(destDir)) {
+                fs.mkdirSync(destDir, { recursive: true });
+            }
+            fs.renameSync(srcPath, destPath);
+            res.json({ success: true });
+        } catch (err) {
+            res.status(500).json({ error: "Failed to move certificate: " + err.message });
+        }
+    });
     RED.nodes.registerType("opc-ua-server", OpcUaServerNode, {

package/server/view/opcua-server.css CHANGED Viewed

@@ -442,6 +442,9 @@ body.opcua-tree-modal-open {
 .opcua-auth-card .form-row {
     margin-bottom: 8px;
+    display: flex;
+    align-items: center;
+    gap: 8px;
 }
 .opcua-auth-card .form-row:last-child {
@@ -450,15 +453,18 @@ body.opcua-tree-modal-open {
 .opcua-auth-card label {
     width: 90px;
+    margin: 0;
+    flex-shrink: 0;
 }
-.opcua-auth-card input,
-.opcua-auth-card select {
-    width: calc(100% - 100px);
-}
+.opcua-auth-card input[type="text"],
+.opcua-auth-card input[type="password"],
+.opcua-auth-card input[type="number"],
+.opcua-auth-card select,
 .opcua-auth-card .red-ui-typedInput-container {
-    width: calc(100% - 100px) !important;
+    flex: 1 1 auto;
+    margin: 0;
+    width: auto !important;
 }
 @media (max-width: 900px) {
@@ -493,4 +499,81 @@ body.opcua-tree-modal-open {
     .opcua-tree-actions {
         margin-left: 0;
     }
+}
+.opcua-cert-item {
+    padding: 8px 12px;
+    border-bottom: 1px solid var(--red-ui-form-input-border-color, #e0e0e0);
+    cursor: pointer;
+    display: flex;
+    align-items: center;
+    gap: 8px;
+    user-select: none;
+    transition: background-color 0.2s;
+}
+.opcua-cert-item:last-child {
+    border-bottom: none;
+}
+.opcua-cert-item:hover {
+    background: var(--red-ui-list-item-background-hover, #f0f0f0);
+}
+.opcua-cert-item.is-selected {
+    background: var(--red-ui-list-item-background-selected, #d9ecff);
+    color: var(--red-ui-list-item-color-selected, inherit);
+    font-weight: 500;
+}
+.opcua-cert-item i {
+    font-size: 14px;
+}
+/* Standardized configuration card styling */
+.opcua-config-card {
+    padding: 14px;
+    background: var(--red-ui-form-input-background, #fcfcfc);
+    border: 1px solid var(--red-ui-form-input-border-color, #d9d9d9);
+    border-radius: 6px;
+    box-shadow: 0 1px 3px rgba(0,0,0,0.05);
+}
+.opcua-config-card .opcua-card-title {
+    margin-top: 0;
+    margin-bottom: 12px;
+    font-weight: bold;
+    border-bottom: 1px solid var(--red-ui-form-input-border-color, #eee);
+    padding-bottom: 6px;
+}
+.opcua-config-form {
+    display: flex;
+    flex-direction: column;
+    gap: 10px;
+}
+.opcua-config-row {
+    margin: 0 !important;
+    display: flex;
+    align-items: center;
+}
+.opcua-config-row--checkbox {
+    height: 34px;
+}
+.opcua-config-label {
+    width: 240px;
+    margin: 0 !important;
+    font-weight: 500;
+    flex-shrink: 0;
+    display: inline-block;
+    vertical-align: middle;
+}
+.opcua-config-input {
+    width: 300px !important;
+    margin: 0 !important;
+}
+.opcua-config-input[type="checkbox"] {
+    width: auto !important;
+    display: inline-block;
 }