node-opcua-server 2.81.0 → 2.83.0

package/source/server_end_point.ts

@@ -27,6 +27,7 @@ import {
 import { UserTokenType } from "node-opcua-service-endpoints";
 import { EndpointDescription } from "node-opcua-service-endpoints";
 import { ApplicationDescription } from "node-opcua-service-endpoints";
+import { UserTokenPolicyOptions } from "node-opcua-types";
 import { IChannelData } from "./i_channel_data";
 import { ISocketData } from "./i_socket_data";
 
@@ -155,26 +156,27 @@ export interface OPCUAServerEndPointOptions {
 }
 
 export interface EndpointDescriptionParams {
-    allowAnonymous?: boolean;
     restricted?: boolean;
     allowUnsecurePassword?: boolean;
     resourcePath?: string;
     alternateHostname?: string[];
     hostname: string;
     securityPolicies: SecurityPolicy[];
+    userTokenTypes: UserTokenType[];
 }
 
 export interface AddStandardEndpointDescriptionsParam {
-    securityModes?: MessageSecurityMode[];
-    securityPolicies?: SecurityPolicy[];
-    disableDiscovery?: boolean;
-
     allowAnonymous?: boolean;
+    disableDiscovery?: boolean;
+    securityModes?: MessageSecurityMode[];
+ 
     restricted?: boolean;
-    hostname?: string;
-    alternateHostname?: string[];
     allowUnsecurePassword?: boolean;
     resourcePath?: string;
+    alternateHostname?: string[];
+    hostname?: string;
+    securityPolicies?: SecurityPolicy[];
+    userTokenTypes?: UserTokenType[];
 }
 
 function getUniqueName(name: string, collection: { [key: string]: number }) {
@@ -367,17 +369,8 @@ export class OPCUAServerEndPoint extends EventEmitter implements ServerSecureCha
     public addEndpointDescription(
         securityMode: MessageSecurityMode,
         securityPolicy: SecurityPolicy,
-        options?: EndpointDescriptionParams
+        options: EndpointDescriptionParams
     ): void {
-        if (!options) {
-            options = {
-                hostname: getFullyQualifiedDomainName(),
-                securityPolicies: [SecurityPolicy.Basic256Sha256]
-            };
-        }
-
-        options.allowAnonymous = options.allowAnonymous === undefined ? true : options.allowAnonymous;
-
         // istanbul ignore next
         if (securityMode === MessageSecurityMode.None && securityPolicy !== SecurityPolicy.None) {
             throw new Error(" invalid security ");
@@ -405,6 +398,8 @@ export class OPCUAServerEndPoint extends EventEmitter implements ServerSecureCha
             throw new Error(" endpoint already exist");
         }
 
+        const userTokenTypes = options.userTokenTypes;
+
         // now build endpointUrl
         this._endpoints.push(
             _makeEndpointDescription({
@@ -419,12 +414,13 @@ export class OPCUAServerEndPoint extends EventEmitter implements ServerSecureCha
                 securityMode,
                 securityPolicy,
 
-                allowAnonymous: options.allowAnonymous,
                 allowUnsecurePassword: options.allowUnsecurePassword,
                 resourcePath: options.resourcePath,
 
                 restricted: !!options.restricted,
-                securityPolicies: options?.securityPolicies || []
+                securityPolicies: options.securityPolicies || [],
+
+                userTokenTypes
             })
         );
     }
@@ -440,6 +436,14 @@ export class OPCUAServerEndPoint extends EventEmitter implements ServerSecureCha
 
         options.securityModes = options.securityModes || defaultSecurityModes;
         options.securityPolicies = options.securityPolicies || defaultSecurityPolicies;
+        options.userTokenTypes = options.userTokenTypes || defaultUserTokenTypes;
+
+        options.allowAnonymous = options.allowAnonymous === undefined ? true : options.allowAnonymous;
+        // make sure we do not have anonymous 
+        if (!options.allowAnonymous) {
+            options.userTokenTypes = options.userTokenTypes.filter((r) => r !== UserTokenType.Anonymous);
+        }
+
 
         const defaultHostname = options.hostname || getFullyQualifiedDomainName();
 
@@ -450,11 +454,17 @@ export class OPCUAServerEndPoint extends EventEmitter implements ServerSecureCha
             options.alternateHostname = [options.alternateHostname];
         }
         // remove duplicates if any (uniq)
-        hostnames = [...new Set(hostnames.concat(options.alternateHostname as string[]))];
+        hostnames = [...new Set(hostnames.concat(options.alternateHostname))];
 
         for (const alternateHostname of hostnames) {
-            const optionsE = options as EndpointDescriptionParams;
-            optionsE.hostname = alternateHostname;
+            const optionsE: EndpointDescriptionParams = {
+                hostname: alternateHostname,
+                securityPolicies: options.securityPolicies,
+                userTokenTypes: options.userTokenTypes,
+                allowUnsecurePassword: options.allowUnsecurePassword,
+                alternateHostname: options.alternateHostname,
+                resourcePath: options.resourcePath
+            };
 
             if (options.securityModes.indexOf(MessageSecurityMode.None) >= 0) {
                 this.addEndpointDescription(MessageSecurityMode.None, SecurityPolicy.None, optionsE);
@@ -966,7 +976,6 @@ interface MakeEndpointDescriptionOptions {
         };
      */
     resourcePath?: string;
-    allowAnonymous?: boolean; // default true
 
     // allow un-encrypted password in userNameIdentity
     allowUnsecurePassword?: boolean; // default false
@@ -981,6 +990,15 @@ interface MakeEndpointDescriptionOptions {
     collection: { [key: string]: number };
 
     securityPolicies: SecurityPolicy[];
+
+    userTokenTypes: UserTokenType[];
+    /**
+     *
+     * default value: false;
+     *
+     * note: setting noUserIdentityTokens=true is useful for pure local discovery servers
+     */
+    noUserIdentityTokens?: boolean;
 }
 
 interface EndpointDescriptionEx extends EndpointDescription {
@@ -1040,72 +1058,85 @@ function _makeEndpointDescription(options: MakeEndpointDescriptionOptions): Endp
 
     const securityPolicyUri = toURI(options.securityPolicy);
 
-    const userIdentityTokens = [];
-
-    if (options.securityPolicy === SecurityPolicy.None) {
-        if (options.allowUnsecurePassword) {
-            userIdentityTokens.push({
-                policyId: u("username_unsecure"),
-                tokenType: UserTokenType.UserName,
+    const userIdentityTokens: UserTokenPolicyOptions[] = [];
 
-                issuedTokenType: null,
-                issuerEndpointUrl: null,
-                securityPolicyUri: null
-            });
+    const registerIdentity2 = (tokenType: UserTokenType, securityPolicy: SecurityPolicy, name: string) => {
+        return registerIdentity({
+            policyId: u(name),
+            tokenType,
+            issuedTokenType: null,
+            issuerEndpointUrl: null,
+            securityPolicyUri: securityPolicy
+        });
+    };
+    const registerIdentity = (r: UserTokenPolicyOptions) => {
+        const tokenType = r.tokenType === undefined ? UserTokenType.Invalid : r.tokenType;
+        const securityPolicy = (r.securityPolicyUri || "") as SecurityPolicy;
+        if (!securityPolicy && options.userTokenTypes.indexOf(tokenType) >= 0) {
+            userIdentityTokens.push(r);
+            return;
         }
+        if (options.securityPolicies.indexOf(securityPolicy) >= 0 && options.userTokenTypes.indexOf(tokenType) >= 0) {
+            userIdentityTokens.push(r);
+        }
+    };
+
+    if (!options.noUserIdentityTokens) {
+        if (options.securityPolicy === SecurityPolicy.None) {
+            if (options.allowUnsecurePassword) {
+                registerIdentity({
+                    policyId: u("username_unsecure"),
+                    tokenType: UserTokenType.UserName,
 
-        const a = (tokenType: UserTokenType, securityPolicy: SecurityPolicy, name: string) => {
-            if (options.securityPolicies.indexOf(securityPolicy) >= 0) {
-                userIdentityTokens.push({
-                    policyId: u(name),
-                    tokenType,
                     issuedTokenType: null,
                     issuerEndpointUrl: null,
-                    securityPolicyUri: securityPolicy
+                    securityPolicyUri: null
                 });
             }
-        };
-        const onlyCertificateLessConnection =
-            options.onlyCertificateLessConnection === undefined ? false : options.onlyCertificateLessConnection;
-
-        if (!onlyCertificateLessConnection) {
-            a(UserTokenType.UserName, SecurityPolicy.Basic256, "username_basic256");
-            a(UserTokenType.UserName, SecurityPolicy.Basic128Rsa15, "username_basic128Rsa15");
-            a(UserTokenType.UserName, SecurityPolicy.Basic256Sha256, "username_basic256Sha256");
-            a(UserTokenType.UserName, SecurityPolicy.Aes128_Sha256_RsaOaep, "username_aes128Sha256RsaOaep");
-
-            // X509
-            a(UserTokenType.Certificate, SecurityPolicy.Basic256, "certificate_basic256");
-            a(UserTokenType.Certificate, SecurityPolicy.Basic128Rsa15, "certificate_basic128Rsa15");
-            a(UserTokenType.Certificate, SecurityPolicy.Basic256Sha256, "certificate_basic256Sha256");
-            a(UserTokenType.Certificate, SecurityPolicy.Aes128_Sha256_RsaOaep, "certificate_aes128Sha256RsaOaep");
-        }
-    } else {
-        // note:
-        //  when channel session security is not "None",
-        //  userIdentityTokens can be left to null.
-        //  in this case this mean that secure policy will be the same as connection security policy
-        userIdentityTokens.push({
-            policyId: u("usernamePassword"),
-            tokenType: UserTokenType.UserName,
 
-            issuedTokenType: null,
-            issuerEndpointUrl: null,
-            securityPolicyUri: null
-        });
+            const onlyCertificateLessConnection =
+                options.onlyCertificateLessConnection === undefined ? false : options.onlyCertificateLessConnection;
+
+            if (!onlyCertificateLessConnection) {
+                registerIdentity2(UserTokenType.UserName, SecurityPolicy.Basic256, "username_basic256");
+                registerIdentity2(UserTokenType.UserName, SecurityPolicy.Basic128Rsa15, "username_basic128Rsa15");
+                registerIdentity2(UserTokenType.UserName, SecurityPolicy.Basic256Sha256, "username_basic256Sha256");
+                registerIdentity2(UserTokenType.UserName, SecurityPolicy.Aes128_Sha256_RsaOaep, "username_aes128Sha256RsaOaep");
+
+                // X509
+                registerIdentity2(UserTokenType.Certificate, SecurityPolicy.Basic256, "certificate_basic256");
+                registerIdentity2(UserTokenType.Certificate, SecurityPolicy.Basic128Rsa15, "certificate_basic128Rsa15");
+                registerIdentity2(UserTokenType.Certificate, SecurityPolicy.Basic256Sha256, "certificate_basic256Sha256");
+                registerIdentity2(
+                    UserTokenType.Certificate,
+                    SecurityPolicy.Aes128_Sha256_RsaOaep,
+                    "certificate_aes128Sha256RsaOaep"
+                );
+            }
+        } else {
+            // note:
+            //  when channel session security is not "None",
+            //  userIdentityTokens can be left to null.
+            //  in this case this mean that secure policy will be the same as connection security policy
+            registerIdentity({
+                policyId: u("usernamePassword"),
+                tokenType: UserTokenType.UserName,
+                issuedTokenType: null,
+                issuerEndpointUrl: null,
+                securityPolicyUri: null
+            });
 
-        userIdentityTokens.push({
-            policyId: u("certificateX509"),
-            tokenType: UserTokenType.Certificate,
+            registerIdentity({
+                policyId: u("certificateX509"),
+                tokenType: UserTokenType.Certificate,
 
-            issuedTokenType: null,
-            issuerEndpointUrl: null,
-            securityPolicyUri: null
-        });
-    }
+                issuedTokenType: null,
+                issuerEndpointUrl: null,
+                securityPolicyUri: null
+            });
+        }
 
-    if (options.allowAnonymous) {
-        userIdentityTokens.push({
+        registerIdentity({
             policyId: u("anonymous"),
             tokenType: UserTokenType.Anonymous,
 
@@ -1114,7 +1145,6 @@ function _makeEndpointDescription(options: MakeEndpointDescriptionOptions): Endp
             securityPolicyUri: null
         });
     }
-
     // return the endpoint object
     const endpoint = new EndpointDescription({
         endpointUrl: options.endpointUrl,
@@ -1172,3 +1202,10 @@ const defaultSecurityPolicies = [
     SecurityPolicy.Aes128_Sha256_RsaOaep
     // NO USED YET SecurityPolicy.Aes256_Sha256_RsaPss
 ];
+
+const defaultUserTokenTypes = [
+    UserTokenType.Anonymous,
+    UserTokenType.UserName,
+    UserTokenType.Certificate
+    // NOT USED YET : UserTokenType.IssuedToken
+];

package/source/server_engine.ts

@@ -96,7 +96,6 @@ import { ServerSession } from "./server_session";
 import { Subscription } from "./server_subscription";
 import { sessionsCompatibleForTransfer } from "./sessions_compatible_for_transfer";
 import { OPCUAServerOptions } from "./opcua_server";
-import { IUserManager } from "node-opcua-address-space/source";
 
 const debugLog = make_debugLog(__filename);
 const errorLog = make_errorLog(__filename);
@@ -123,25 +122,13 @@ function setSubscriptionDurable(
 ) {
     // see https://reference.opcfoundation.org/v104/Core/docs/Part5/9.3/
     // https://reference.opcfoundation.org/v104/Core/docs/Part4/6.8/
-    assert(Array.isArray(inputArguments));
     assert(typeof callback === "function");
-    assert(Object.prototype.hasOwnProperty.call(context, "session"), " expecting a session id in the context object");
-    const session = context.session as ServerSession;
-    if (!session) {
-        return callback(null, { statusCode: StatusCodes.BadInternalError });
-    }
-    const subscriptionId = inputArguments[0].value as UInt32;
-    const lifetimeInHours = inputArguments[1].value as UInt32;
 
-    const subscription = session.getSubscription(subscriptionId);
-    if (!subscription) {
-        // subscription may belongs to a different session  that ours
-        if (this.findSubscription(subscriptionId)) {
-            // if yes, then access to  Subscription data should be denied
-            return callback(null, { statusCode: StatusCodes.BadUserAccessDenied });
-        }
-        return callback(null, { statusCode: StatusCodes.BadSubscriptionIdInvalid });
-    }
+    const data = _getSubscription.call(this, inputArguments, context);
+    if (data.statusCode) return callback(null, { statusCode: data.statusCode });
+    const { subscription } = data;
+
+    const lifetimeInHours = inputArguments[1].value as UInt32;
     if (subscription.monitoredItemCount > 0) {
         // This is returned when a Subscription already contains MonitoredItems.
         return callback(null, { statusCode: StatusCodes.BadInvalidState });
@@ -199,8 +186,7 @@ function setSubscriptionDurable(
     callback(null, callMethodResult);
 }
 
-// binding methods
-function getMonitoredItemsId(
+function requestServerStateChange(
     this: ServerEngine,
     inputArguments: Variant[],
     context: ISessionContext,
@@ -209,23 +195,70 @@ function getMonitoredItemsId(
     assert(Array.isArray(inputArguments));
     assert(typeof callback === "function");
     assert(Object.prototype.hasOwnProperty.call(context, "session"), " expecting a session id in the context object");
-
     const session = context.session as ServerSession;
     if (!session) {
         return callback(null, { statusCode: StatusCodes.BadInternalError });
     }
 
+    return callback(null, { statusCode: StatusCodes.BadNotImplemented });
+}
+
+function _getSubscription(
+    this: ServerEngine,
+    inputArguments: Variant[],
+    context: ISessionContext
+): { subscription: Subscription, statusCode?: never } | { statusCode: StatusCode, subscription?: never } {
+    assert(Array.isArray(inputArguments));
+    assert(Object.prototype.hasOwnProperty.call(context, "session"), " expecting a session id in the context object");
+    const session = context.session as ServerSession;
+    if (!session) {
+        return { statusCode: StatusCodes.BadInternalError };
+    }
     const subscriptionId = inputArguments[0].value;
     const subscription = session.getSubscription(subscriptionId);
     if (!subscription) {
         // subscription may belongs to a different session  that ours
         if (this.findSubscription(subscriptionId)) {
             // if yes, then access to  Subscription data should be denied
-            return callback(null, { statusCode: StatusCodes.BadUserAccessDenied });
+            return { statusCode: StatusCodes.BadUserAccessDenied };
         }
-
-        return callback(null, { statusCode: StatusCodes.BadSubscriptionIdInvalid });
+        return { statusCode: StatusCodes.BadSubscriptionIdInvalid };
     }
+    return { subscription };
+
+}
+function resendData(
+    this: ServerEngine,
+    inputArguments: Variant[],
+    context: ISessionContext,
+    callback: CallbackT<CallMethodResultOptions>
+): void {
+    assert(typeof callback === "function");
+
+    const data = _getSubscription.call(this, inputArguments, context);
+    if (data.statusCode) return callback(null, { statusCode: data.statusCode });
+    const { subscription } = data;
+
+    subscription.resendInitialValues().then(() => {
+        callback(null, { statusCode: StatusCodes.Good });
+    }).catch((err) => callback(err));
+
+}
+
+
+// binding methods
+function getMonitoredItemsId(
+    this: ServerEngine,
+    inputArguments: Variant[],
+    context: ISessionContext,
+    callback: CallbackT<CallMethodResultOptions>
+) {
+    assert(typeof callback === "function");
+
+    const data = _getSubscription.call(this, inputArguments, context);
+    if (data.statusCode) return callback(null, { statusCode: data.statusCode });
+    const { subscription } = data;
+
     const result = subscription.getMonitoredItems();
     assert(result.statusCode);
     assert(result.serverHandles.length === result.clientHandles.length);
@@ -1202,6 +1235,8 @@ export class ServerEngine extends EventEmitter {
 
             this.__internal_bindMethod(makeNodeId(MethodIds.Server_GetMonitoredItems), getMonitoredItemsId.bind(this));
             this.__internal_bindMethod(makeNodeId(MethodIds.Server_SetSubscriptionDurable), setSubscriptionDurable.bind(this));
+            this.__internal_bindMethod(makeNodeId(MethodIds.Server_ResendData), resendData.bind(this));
+            this.__internal_bindMethod(makeNodeId(MethodIds.Server_RequestServerStateChange), requestServerStateChange.bind(this));
 
             // fix getMonitoredItems.outputArguments arrayDimensions
             const fixGetMonitoredItemArgs = () => {
@@ -1415,7 +1450,7 @@ export class ServerEngine extends EventEmitter {
                 (!dataValue.serverTimestamp || dataValue.serverTimestamp.getTime() === minOPCUADate.getTime())
             ) {
                 dataValue.serverTimestamp = context.currentTime.timestamp;
-                dataValue.sourcePicoseconds = 0; // context.currentTime.picosecond // do we really need picosecond here ? this would inflate binary data
+                dataValue.serverPicoseconds = 0; // context.currentTime.picoseconds; 
             }
             dataValues.push(dataValue);
         }
@@ -2246,8 +2281,8 @@ export class ServerEngine extends EventEmitter {
         } else {
             warningLog(
                 chalk.yellow("WARNING:  cannot bind a method with id ") +
-                    chalk.cyan(nodeId.toString()) +
-                    chalk.yellow(". please check your nodeset.xml file or add this node programmatically")
+                chalk.cyan(nodeId.toString()) +
+                chalk.yellow(". please check your nodeset.xml file or add this node programmatically")
             );
             warningLog(traceFromThisProjectOnly());
         }

package/source/server_subscription.ts

@@ -6,7 +6,7 @@
 import { EventEmitter } from "events";
 import * as chalk from "chalk";
 
-import { SessionContext,AddressSpace, BaseNode, Duration, UAObjectType } from "node-opcua-address-space";
+import { SessionContext, AddressSpace, BaseNode, Duration, UAObjectType } from "node-opcua-address-space";
 import { assert } from "node-opcua-assert";
 import { Byte, UInt32 } from "node-opcua-basic-types";
 import { SubscriptionDiagnosticsDataType } from "node-opcua-common";
@@ -81,19 +81,22 @@ function _adjust_maxKeepAliveCount(maxKeepAliveCount?: number /*,publishingInter
     return maxKeepAliveCount;
 }
 
+const MaxUint32 = 0xFFFFFFFF;
+
 function _adjust_lifeTimeCount(lifeTimeCount: number, maxKeepAliveCount: number, publishingInterval: number): number {
     lifeTimeCount = lifeTimeCount || 1;
 
-    // let's make sure that lifeTimeCount is at least three time maxKeepAliveCount
-    // Note : the specs say ( part 3  - CreateSubscriptionParameter )
-    //        "The lifetime count shall be a minimum of three times the keep keep-alive count."
-    lifeTimeCount = Math.max(lifeTimeCount, maxKeepAliveCount * 3);
-
     const minTicks = Math.ceil(Subscription.minimumLifetimeDuration / publishingInterval);
     const maxTicks = Math.floor(Subscription.maximumLifetimeDuration / publishingInterval);
 
     lifeTimeCount = Math.max(minTicks, lifeTimeCount);
     lifeTimeCount = Math.min(maxTicks, lifeTimeCount);
+
+    // let's make sure that lifeTimeCount is at least three time maxKeepAliveCount
+    // Note : the specs say ( part 3  - CreateSubscriptionParameter )
+    //        "The lifetime count shall be a minimum of three times the keep keep-alive count."
+    lifeTimeCount = Math.max(lifeTimeCount, Math.min(maxKeepAliveCount * 3, MaxUint32));
+
     return lifeTimeCount;
 }
 
@@ -1362,7 +1365,7 @@ export class Subscription extends EventEmitter {
         const availableSequenceNumbers = this.getAvailableSequenceNumbers();
         assert(
             !response.notificationMessage ||
-                availableSequenceNumbers[availableSequenceNumbers.length - 1] === response.notificationMessage.sequenceNumber
+            availableSequenceNumbers[availableSequenceNumbers.length - 1] === response.notificationMessage.sequenceNumber
         );
         response.availableSequenceNumbers = availableSequenceNumbers;
 
@@ -1439,7 +1442,7 @@ export class Subscription extends EventEmitter {
             } else {
                 debugLog(
                     "     -> subscription.state === LATE , " +
-                        "because keepAlive Response cannot be send due to lack of PublishRequest"
+                    "because keepAlive Response cannot be send due to lack of PublishRequest"
                 );
                 if (this.messageSent || this.keepAliveCounterHasExpired) {
                     this.state = SubscriptionState.LATE;

package/source/validate_filter.ts

@@ -7,28 +7,46 @@ import { BaseNode, UAVariable } from "node-opcua-address-space";
 import { AttributeIds } from "node-opcua-data-model";
 import { NodeClass } from "node-opcua-data-model";
 import { ExtensionObject } from "node-opcua-extension-object";
-import { NodeId } from "node-opcua-nodeid";
+import { NodeId, NodeIdType } from "node-opcua-nodeid";
 import { DataChangeFilter, EventFilter } from "node-opcua-service-filter";
 import { DeadbandType } from "node-opcua-service-subscription";
 import { StatusCode, StatusCodes } from "node-opcua-status-code";
 import { ReadValueIdOptions } from "node-opcua-types";
+import { DataType } from "node-opcua-basic-types";
+
+function isNumberDataType(node: UAVariable): boolean {
+    if (node.dataType.namespace === 0 && node.dataType.identifierType === NodeIdType.NUMERIC && node.dataType.value < 22) {
+        switch (node.dataType.identifierType === NodeIdType.NUMERIC && node.dataType.value) {
+            case DataType.Float:
+            case DataType.Double:
+            case DataType.Byte:
+            case DataType.SByte:
+            case DataType.Int16:
+            case DataType.Int32:
+            case DataType.Int64:
+            case DataType.UInt16:
+            case DataType.UInt32:
+            case DataType.UInt64:
+                return true;
+            default:
+                return false;
+        }
+    }
+    const dataType = node.addressSpace.findDataType(node.dataType)!;
+    const dataTypeNumber = node.addressSpace.findDataType("Number")!;
+    return dataType.isSupertypeOf(dataTypeNumber);
+}
 
 function __validateDataChangeFilter(filter: DataChangeFilter, itemToMonitor: ReadValueIdOptions, node: UAVariable): StatusCode {
     assert(itemToMonitor.attributeId === AttributeIds.Value);
-
     if (node.nodeClass !== NodeClass.Variable) {
         return StatusCodes.BadNodeIdInvalid;
     }
 
-    assert(node.nodeClass === NodeClass.Variable);
-
-    // if node is not Numerical=> DataChangeFilter
-    assert(node.dataType instanceof NodeId);
-    const dataType = node.addressSpace.findDataType(node.dataType)!;
-
-    const dataTypeNumber = node.addressSpace.findDataType("Number")!;
     if (filter.deadbandType !== DeadbandType.None) {
-        if (!dataType.isSupertypeOf(dataTypeNumber)) {
+        // if node is not Numerical=> DataChangeFilter
+        assert(node.dataType instanceof NodeId);
+        if (!isNumberDataType(node)) {
             return StatusCodes.BadFilterNotAllowed;
         }
     }