github.com/Hnampk/fabric@v2.1.1+incompatible/core/aclmgmt/resourceprovider_test.go (about) 1 /* 2 Copyright IBM Corp. 2016 All Rights Reserved. 3 4 SPDX-License-Identifier: Apache-2.0 5 */ 6 7 package aclmgmt 8 9 import ( 10 "fmt" 11 "os" 12 "testing" 13 14 "github.com/golang/protobuf/proto" 15 "github.com/hyperledger/fabric-protos-go/common" 16 "github.com/hyperledger/fabric-protos-go/peer" 17 "github.com/hyperledger/fabric/core/aclmgmt/mocks" 18 "github.com/hyperledger/fabric/internal/pkg/identity" 19 msptesttools "github.com/hyperledger/fabric/msp/mgmt/testtools" 20 "github.com/hyperledger/fabric/protoutil" 21 "github.com/stretchr/testify/assert" 22 ) 23 24 func newPolicyProvider(pEvaluator policyEvaluator) aclmgmtPolicyProvider { 25 return &aclmgmtPolicyProviderImpl{pEvaluator} 26 } 27 28 // ------- mocks --------- 29 30 //mockPolicyEvaluatorImpl implements policyEvaluator 31 type mockPolicyEvaluatorImpl struct { 32 pmap map[string]string 33 peval map[string]error 34 } 35 36 func (pe *mockPolicyEvaluatorImpl) PolicyRefForAPI(resName string) string { 37 return pe.pmap[resName] 38 } 39 40 func (pe *mockPolicyEvaluatorImpl) Evaluate(polName string, sd []*protoutil.SignedData) error { 41 err, ok := pe.peval[polName] 42 if !ok { 43 return PolicyNotFound(polName) 44 } 45 46 //this could be non nil or some error 47 return err 48 } 49 50 //go:generate counterfeiter -o mocks/signer_serializer.go --fake-name SignerSerializer . signerSerializer 51 52 type signerSerializer interface { 53 identity.SignerSerializer 54 } 55 56 //go:generate counterfeiter -o mocks/defaultaclprovider.go --fake-name DefaultACLProvider . defaultACLProvider 57 58 func TestPolicyBase(t *testing.T) { 59 peval := &mockPolicyEvaluatorImpl{pmap: map[string]string{"res": "pol"}, peval: map[string]error{"pol": nil}} 60 pprov := newPolicyProvider(peval) 61 sProp, _ := protoutil.MockSignedEndorserProposalOrPanic("A", &peer.ChaincodeSpec{}, []byte("Alice"), []byte("msg1")) 62 err := pprov.CheckACL("pol", sProp) 63 assert.NoError(t, err) 64 65 signer := &mocks.SignerSerializer{} 66 env, err := protoutil.CreateSignedEnvelope(common.HeaderType_CONFIG, "myc", signer, &common.ConfigEnvelope{}, 0, 0) 67 assert.NoError(t, err) 68 err = pprov.CheckACL("pol", env) 69 assert.NoError(t, err) 70 } 71 72 func TestPolicyBad(t *testing.T) { 73 peval := &mockPolicyEvaluatorImpl{pmap: map[string]string{"res": "pol"}, peval: map[string]error{"pol": nil}} 74 pprov := newPolicyProvider(peval) 75 76 //bad policy 77 err := pprov.CheckACL("pol", []byte("not a signed proposal")) 78 assert.Error(t, err, InvalidIdInfo("pol").Error()) 79 80 sProp, _ := protoutil.MockSignedEndorserProposalOrPanic("A", &peer.ChaincodeSpec{}, []byte("Alice"), []byte("msg1")) 81 err = pprov.CheckACL("badpolicy", sProp) 82 assert.Error(t, err) 83 84 sProp, _ = protoutil.MockSignedEndorserProposalOrPanic("A", &peer.ChaincodeSpec{}, []byte("Alice"), []byte("msg1")) 85 sProp.ProposalBytes = []byte("bad proposal bytes") 86 err = pprov.CheckACL("res", sProp) 87 assert.Error(t, err) 88 89 sProp, _ = protoutil.MockSignedEndorserProposalOrPanic("A", &peer.ChaincodeSpec{}, []byte("Alice"), []byte("msg1")) 90 prop := &peer.Proposal{} 91 if proto.Unmarshal(sProp.ProposalBytes, prop) != nil { 92 t.FailNow() 93 } 94 prop.Header = []byte("bad hdr") 95 sProp.ProposalBytes = protoutil.MarshalOrPanic(prop) 96 err = pprov.CheckACL("res", sProp) 97 assert.Error(t, err) 98 } 99 100 // test to ensure ptypes are processed by default provider 101 func TestForceDefaultsForPType(t *testing.T) { 102 defAclProvider := &mocks.DefaultACLProvider{} 103 defAclProvider.CheckACLReturns(nil) 104 defAclProvider.IsPtypePolicyReturns(true) 105 rp := &resourceProvider{defaultProvider: defAclProvider} 106 err := rp.CheckACL("aptype", "somechannel", struct{}{}) 107 assert.NoError(t, err) 108 } 109 110 func init() { 111 // setup the MSP manager so that we can sign/verify 112 err := msptesttools.LoadMSPSetupForTesting() 113 if err != nil { 114 fmt.Printf("Could not load msp config, err %s", err) 115 os.Exit(-1) 116 return 117 } 118 }