Access Control service is to ensure exclusive access of the services provided by the component. The component grants access to the client which presents with matching session UUID and has the highest authority code. The client becomes the controlling client of the component. Only the command messages from the controlling client are processed.
The Access Control service receives the Session UUID broadcasted from the Platform Control service. If, for some reason, Session UUID is not received from the Platform Control, the Access Control service sends Reject Control messages to the controlling client.
Once granted control, the controlling client needs to repeatably sending Request Control to maintain the control. If Access Control Service did not receive Request Control from the controlling client for a timeout period, Reject Control message is sent to the controlling client. The Reject Control indicates that the client does not have control anymore.
The control can be grabbed by a client with higher authority code than the controlling client. In this case, Reject Control messages is sent to the controlling client as the Confirm Control message is sent to the client with higher authority code.
The controlling client can send Release Control message to the service to indicate that the client does not need to have control anymore. In this case, the Reject Control will also be sent to the controlling client to indicate that Access Control service is not controlled by the client anymore.
Access control is not available when the owning is in Emergency, this is due to the fact that the Management service is in Emergency. In this situation, no control is granted to the new client and the controlling client remains control.
Inherit from: none
11.1 Service Behavior
11.1.1 State Diagram
Figure 10 Access Control State Diagram
11.1.2 State Actions
|AVAIL NO CONTROL||
|AVAIL UNDER CONTROL||
|NOT AVAIL NO CONTROL||
|NOT AVAIL UNDER CONTROL||
11.1.3 Internal Events
|ieEmergency||emergency = [set | clear]||Transition to NOT AVAIL NO CONTROL or NOT AVAIL UNDER CONTROL if set. OR Transition to AVAIL NO CONTRO or AVAIL UNDER CONTROL.|
|ieShutdown||Transition to NOT AVAIL NO CONTROL|
|ieRenderUseless||Transition to NOT AVAIL NO CONTROL|
|ieReceiveMessage||Process messages: Query Control, Request Control, and Release Control.|
|A||Request Control received and its authority code > current authority.||Session UUID valid||Sender becomes the client of the service. The current authority is to the authority code of the Request Control message.|
|B||Timeout – No Request Control is received within control timeout. Released – Release control is received from the client.||Session UUID valid||Set current authority to default authority.|
|C||ieEmergency(set)||Session UUID valid|
|D||ieEmergency(clear)||Session UUID valid|
|E||ieEmergency(set)||Session UUID valid|
|F||ieEmergency(clear)||Session UUID valid|
|G||Session UUID||Invalidate Session UUID and client. Send Reject Control to the controlling client.|
|G||ieShutdow or ieRenderUseless received||Invalidate Session UUID and client. Send Reject Control to the controlling client.|
11.2.1 Incoming Message Set
|Set Session Uuid|
11.2.2 Outgoing Message Set
- CYCLEINTERVAL double, time interval in seconds of each cycle, default=0.1.
- DEFAULTAUTHORITY uint8, the lowest authority to obtain control, default=1,
- SESSIONTIMEOUT double, timeout in seconds not receiving session id update, default=2.0.
- CONTROLTIMEOUT double, timeout in seconds not receiving request control, default=2.0.
- CHECKSESSIONINTERVAL double, time interval in seconds to check if session id is not updated, default=0.5.
- CHECKCONTROLINTERVAL double, time interval in seconds to check if request control is not received, default=0.5.