github.com/adnan-c/fabric_e2e_couchdb@v0.6.1-preview.0.20170228180935-21ce6b23cf91/examples/chaincode/go/asset_management02/cert_handler.go (about) 1 /* 2 Copyright IBM Corp. 2016 All Rights Reserved. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package main 18 19 import ( 20 "errors" 21 22 "github.com/hyperledger/fabric/accesscontrol/crypto/attr" 23 "github.com/hyperledger/fabric/accesscontrol/impl" 24 "github.com/hyperledger/fabric/core/chaincode/shim" 25 ) 26 27 // consts associated with TCert 28 const ( 29 role = "role" 30 contactInfo = "contactInfo" 31 ) 32 33 //CertHandler provides APIs used to perform operations on incoming TCerts 34 type certHandler struct { 35 } 36 37 // NewCertHandler creates a new reference to CertHandler 38 func NewCertHandler() *certHandler { 39 return &certHandler{} 40 } 41 42 // isAuthorized checks if the transaction invoker has the appropriate role 43 // stub: chaincodestub 44 // requiredRole: required role; this function will return true if invoker has this role 45 func (t *certHandler) isAuthorized(stub shim.ChaincodeStubInterface, requiredRole string) (bool, error) { 46 //read transaction invoker's role, and verify that is the same as the required role passed in 47 return impl.NewAccessControlShim(stub).VerifyAttribute(role, []byte(requiredRole)) 48 } 49 50 // getContactInfo retrieves the contact info stored as an attribute in a Tcert 51 // cert: TCert 52 func (t *certHandler) getContactInfo(cert []byte) (string, error) { 53 if len(cert) == 0 { 54 return "", errors.New("cert is empty") 55 } 56 57 contactInfo, err := attr.GetValueFrom(contactInfo, cert) 58 if err != nil { 59 myLogger.Errorf("system error %v", err) 60 return "", errors.New("unable to find user contact information") 61 } 62 63 return string(contactInfo), err 64 } 65 66 // getAccountIDsFromAttribute retrieves account IDs stored in TCert attributes 67 // cert: TCert to read account IDs from 68 // attributeNames: attribute names inside TCert that stores the entity's account IDs 69 func (t *certHandler) getAccountIDsFromAttribute(cert []byte, attributeNames []string) ([]string, error) { 70 if cert == nil || attributeNames == nil { 71 return nil, errors.New("cert or accountIDs list is empty") 72 } 73 74 //decleare return object (slice of account IDs) 75 var acctIds []string 76 77 // for each attribute name, look for that attribute name inside TCert, 78 // the correspounding value of that attribute is the account ID 79 for _, attributeName := range attributeNames { 80 myLogger.Debugf("get value from attribute = v%", attributeName) 81 //get the attribute value from the corresbonding attribute name 82 accountID, err := attr.GetValueFrom(attributeName, cert) 83 if err != nil { 84 myLogger.Errorf("system error %v", err) 85 return nil, errors.New("unable to find user contact information") 86 } 87 88 acctIds = append(acctIds, string(accountID)) 89 } 90 91 myLogger.Debugf("ids = %v", acctIds) 92 return acctIds, nil 93 }