The implemented cluster.
ReadonlyeventsAccess the behavior's events.
ReadonlyaccessThe cluster shall send AccessControlEntryChanged events whenever its ACL attribute data is changed by an Administrator.
• Each added entry shall generate an event with ChangeType Added.
• Each changed entry shall generate an event with ChangeType Changed.
• Each removed entry shall generate an event with ChangeType Removed.
ReadonlyaccessThe cluster shall send AccessControlExtensionChanged events whenever its extension attribute data is changed by an Administrator.
• Each added extension shall generate an event with ChangeType Added.
• Each changed extension shall generate an event with ChangeType Changed.
• Each removed extension shall generate an event with ChangeType Removed.
Supported features as a flag object.
ReadonlystateAccess the behavior's state.
Readonlyacl: TypeFromFields<{ An attempt to add an Access Control Entry when no more entries are available shall result in a RESOURCE_EXHAUSTED error being reported and the ACL attribute shall NOT have the entry added to it. See access control limits.
See the AccessControlEntriesPerFabric attribute for the actual value of the number of entries per fabric supported by the server.
Each Access Control Entry codifies a single grant of privilege on this Node, and is used by the Access Control Privilege Granting algorithm to determine if a subject has privilege to interact with targets on the Node.
Optional Readonlyextension?: TypeFromFields<{ If present, the Access Control Extensions may be used by Administrators to store arbitrary data related to fabric’s Access Control Entries.
The Access Control Extension list shall support a single extension entry per supported fabric.
ReadonlyaccessThis attribute shall provide the minimum number of ACL Entries per fabric that are supported by this server.
Since reducing this value over time may invalidate ACL entries already written, this value shall NOT decrease across time as software updates occur that could impact this value. If this is a concern for a given implementation, it is recommended to only use the minimum value required and avoid reporting a higher value than the required minimum.
ReadonlysubjectsThis attribute shall provide the minimum number of Subjects per entry that are supported by this server.
Since reducing this value over time may invalidate ACL entries already written, this value shall NOT decrease across time as software updates occur that could impact this value. If this is a concern for a given implementation, it is recommended to only use the minimum value required and avoid reporting a higher value than the required minimum.
ReadonlytargetsThis attribute shall provide the minimum number of Targets per entry that are supported by this server.
Since reducing this value over time may invalidate ACL entries already written, this value shall NOT decrease across time as software updates occur that could impact this value. If this is a concern for a given implementation, it is recommended to only use the minimum value required and avoid reporting a higher value than the required minimum.
Static ReadonlyclusterBase cluster state include all attribute values but may be extended by subclasses.
Static ReadonlydefaultsStatic Optional ReadonlydependenciesStatic ReadonlyearlyStatic ReadonlyEventsStatic ReadonlyExtensionStatic ReadonlyidThe behavior ID for ClusterBehaviors is the name of the cluster.
Static ReadonlyInterfaceStatic ReadonlynameStatic Optional ReadonlyschemaStatic ReadonlyStateStatic ReadonlysupervisorStaticsupportsDoes this behavior support functionality of a specific implementation?
The AccessControlManager instance that is used to manage the ACL for this behavior.
If set to true, the ACL will not be updated immediately when it changes, but only when the aclUpdateDelayed
property is set to false again.
This is a hack to prevent the ACL from updating while we are in the middle of a write transaction and will be
removed again once we somehow handle relevant sub transactions.
If set to true, the ACL will not be updated immediately when it changes, but only when the aclUpdateDelayed
property is set to false again.
This is a hack to prevent the ACL from updating while we are in the middle of a write transaction and will be
removed again once we somehow handle relevant sub transactions.
Release resources. This is the public API for releasing application resources held by behaviors in internal state.
Implements the access control check for the given context, location and endpoint and is called by the InteractionServer. The method returns the list of granted Access privileges for the given context, location and endpoint.
Optionalendpoint: EndpointInterfaceProtectedcallbackCreate a generic callback function that has the same properties as a Reactor.
Like a reactor, the callback's "this" will be bound to an active Behavior instance. Because of this: The reactor MUST be a real JS function - arrow functions will not work!
ProtectedextensionThis method allows to implement the validation of manufacturer specific ACL extensions when access control is checked to decide if access is allowed or not. The default implementation always returns true. Override this method in your own behavior to implement custom validation.
ProtectedextensionThis method allows to implement the validation of manufacturer specific ACL extensions when an extension entry is added or changed. The default implementation checks whether the extension is a valid TLV and possible to decode.
In case of an Error throws StatusResponseError.
Override this method in your own behavior to implement custom validation.
Behaviors are ephemeral and should not perform initialization in their constructor. They can override this method instead.
This method may be synchronous or asyncronous. If asynchronous, the behavior will not be available for external use until initialization completes.
ProtectedreactInstall a Reactor.
Important: The reactor MUST be a real JS function - arrow functions will not work!
StaticalterStaticenableStaticforStaticsetStaticwith
This is the default server implementation of AccessControlBehavior.