From afb94e761813b9783ad6d4bdae29ecdd4973e7d7 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 5 Aug 2024 16:31:10 +0200
Subject: [PATCH 1/2] Bump missed test dependencies in fuzz test project
 (#2701)

* Bump Microsoft.NET.Test.Sdk from 17.9.0 to 17.10.0

Bumps [Microsoft.NET.Test.Sdk](https://github.com/microsoft/vstest) from 17.9.0 to 17.10.0.
- [Release notes](https://github.com/microsoft/vstest/releases)
- [Changelog](https://github.com/microsoft/vstest/blob/main/docs/releases.md)
- [Commits](https://github.com/microsoft/vstest/compare/v17.9.0...v17.10.0)

---
updated-dependencies:
- dependency-name: Microsoft.NET.Test.Sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update Opc.Ua.Encoders.Fuzz.Tests.csproj

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .../Encoders/Fuzz.Tests/Opc.Ua.Encoders.Fuzz.Tests.csproj   | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/Fuzzing/Encoders/Fuzz.Tests/Opc.Ua.Encoders.Fuzz.Tests.csproj b/Fuzzing/Encoders/Fuzz.Tests/Opc.Ua.Encoders.Fuzz.Tests.csproj
index 53a627827..f99d964b1 100644
--- a/Fuzzing/Encoders/Fuzz.Tests/Opc.Ua.Encoders.Fuzz.Tests.csproj
+++ b/Fuzzing/Encoders/Fuzz.Tests/Opc.Ua.Encoders.Fuzz.Tests.csproj
@@ -18,10 +18,10 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.9.0" />
+    <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.10.0" />
     <PackageReference Include="NUnit" Version="4.1.0" />
-    <PackageReference Include="NUnit.Console" Version="3.17.0" />
-    <PackageReference Include="NUnit3TestAdapter" Version="4.5.0">
+    <PackageReference Include="NUnit.Console" Version="3.18.1" />
+    <PackageReference Include="NUnit3TestAdapter" Version="4.6.0">
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
     </PackageReference>

From 02761c7d6f848e5a32afc5721750cac2ad07f439 Mon Sep 17 00:00:00 2001
From: romanett <romanett98@gmail.com>
Date: Mon, 5 Aug 2024 18:07:29 +0200
Subject: [PATCH 2/2] [Server] Limit Access to server diagnostics array to
 Admin User (#2695)

Test the array nodes for proper access

* Revert "Bump NunitXml.TestLogger from 3.1.20 to 4.0.254 (#2691)" to fix test ci issue

This reverts commit d967bd527727f7c19956e98e64983646e093b642.

---------

Co-authored-by: Martin Regen <mregen@microsoft.com>
---
 Libraries/Opc.Ua.Server/Diagnostics/AuditEvents.cs   |  6 +++---
 .../Diagnostics/DiagnosticsNodeManager.cs            | 12 ++++++++----
 Tests/Opc.Ua.PubSub.Tests/Opc.Ua.PubSub.Tests.csproj |  2 +-
 3 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/Libraries/Opc.Ua.Server/Diagnostics/AuditEvents.cs b/Libraries/Opc.Ua.Server/Diagnostics/AuditEvents.cs
index d5a5aa95d..e80b13b3a 100644
--- a/Libraries/Opc.Ua.Server/Diagnostics/AuditEvents.cs
+++ b/Libraries/Opc.Ua.Server/Diagnostics/AuditEvents.cs
@@ -1095,8 +1095,8 @@ public static void ReportCertificateUpdateRequestedAuditEvent(
                        "CertificateUpdateRequestedAuditEvent",
                        "en-US",
                        "CertificateUpdateRequestedAuditEvent.");
-                
-                
+
+
 
                 e.Initialize(
                    systemContext,
@@ -1374,7 +1374,7 @@ public static void ReportAuditCloseSecureChannelEvent(
                 }
                 if (exception is ServiceResultException sre)
                 {
-                    statusCode = sre.InnerResult.StatusCode;
+                    statusCode = sre.InnerResult?.StatusCode ?? StatusCodes.Uncertain;
                 }
 
                 ISystemContext systemContext = server.DefaultAuditContext;
diff --git a/Libraries/Opc.Ua.Server/Diagnostics/DiagnosticsNodeManager.cs b/Libraries/Opc.Ua.Server/Diagnostics/DiagnosticsNodeManager.cs
index 734769d10..a72d7215e 100644
--- a/Libraries/Opc.Ua.Server/Diagnostics/DiagnosticsNodeManager.cs
+++ b/Libraries/Opc.Ua.Server/Diagnostics/DiagnosticsNodeManager.cs
@@ -783,6 +783,8 @@ public void CreateServerDiagnostics(
                 if (array1 != null)
                 {
                     array1.OnSimpleReadValue = OnReadDiagnosticsArray;
+                    // Hook the OnReadUserRolePermissions callback to control which user roles can access the services on this node
+                    array1.OnReadUserRolePermissions = OnReadUserRolePermissions;
                 }
 
                 // set up handler for session security diagnostics array.
@@ -793,6 +795,8 @@ public void CreateServerDiagnostics(
                 if (array2 != null)
                 {
                     array2.OnSimpleReadValue = OnReadDiagnosticsArray;
+                    // Hook the OnReadUserRolePermissions callback to control which user roles can access the services on this node
+                    array2.OnReadUserRolePermissions = OnReadUserRolePermissions;
                 }
 
                 // set up handler for subscription security diagnostics array.
@@ -1406,20 +1410,20 @@ private ServiceResult OnReadUserRolePermissions(
             NodeState node,
             ref RolePermissionTypeCollection value)
         {
-            bool admitUser;
+            bool adminUser;
 
             if ((node.NodeId == VariableIds.Server_ServerDiagnostics_ServerDiagnosticsSummary) ||
                  (node.NodeId == VariableIds.Server_ServerDiagnostics_SubscriptionDiagnosticsArray))
             {
-                admitUser = HasApplicationSecureAdminAccess(context);
+                adminUser = HasApplicationSecureAdminAccess(context);
             }
             else
             {
-                admitUser = (node.NodeId == context.SessionId) ||
+                adminUser = (node.NodeId == context.SessionId) ||
                             HasApplicationSecureAdminAccess(context);
             }
 
-            if (admitUser)
+            if (adminUser)
             {
                 var rolePermissionTypes = from roleId in m_kWellKnownRoles
                                           select new RolePermissionType() {
diff --git a/Tests/Opc.Ua.PubSub.Tests/Opc.Ua.PubSub.Tests.csproj b/Tests/Opc.Ua.PubSub.Tests/Opc.Ua.PubSub.Tests.csproj
index 1f57dfd36..89c6a4201 100644
--- a/Tests/Opc.Ua.PubSub.Tests/Opc.Ua.PubSub.Tests.csproj
+++ b/Tests/Opc.Ua.PubSub.Tests/Opc.Ua.PubSub.Tests.csproj
@@ -15,7 +15,7 @@
       <PrivateAssets>all</PrivateAssets>
       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
     </PackageReference>
-    <PackageReference Include="NunitXml.TestLogger" Version="4.0.254" />
+    <PackageReference Include="NunitXml.TestLogger" Version="3.1.20" />
     <PackageReference Include="Moq" Version="4.20.70" />
     <PackageReference Include="coverlet.collector" Version="6.0.2">
       <PrivateAssets>all</PrivateAssets>