github.com/bestbeforetoday/fabric-ca@v2.0.0-alpha+incompatible/scripts/fvt/backwards_comp_test.sh (about) 1 #!/bin/bash 2 # 3 # Copyright IBM Corp. All Rights Reserved. 4 # 5 # SPDX-License-Identifier: Apache-2.0 6 # 7 8 TESTCASE="backwards_comp" 9 FABRIC_CA="$GOPATH/src/github.com/hyperledger/fabric-ca" 10 SCRIPTDIR="$FABRIC_CA/scripts/fvt" 11 . $SCRIPTDIR/fabric-ca_utils 12 RC=0 13 14 export FABRIC_CA_SERVER_HOME="/tmp/$TESTCASE" 15 export CA_CFG_PATH="/tmp/$TESTCASE" 16 17 TESTCONFIG="$FABRIC_CA_SERVER_HOME/testconfig.yaml" 18 DBNAME=fabric_ca 19 20 function genConfig { 21 local version=$1 22 : ${version:=""} 23 postgresTls='sslmode=disable' 24 case "$FABRIC_TLS" in 25 true) postgresTls='sslmode=require'; mysqlTls='?tls=custom' ;; 26 esac 27 28 mkdir -p $FABRIC_CA_SERVER_HOME 29 # Create base configuration using mysql 30 cat > $TESTCONFIG <<EOF 31 debug: true 32 33 db: 34 type: mysql 35 datasource: root:mysql@tcp(localhost:$MYSQL_PORT)/$DBNAME$mysqlTls 36 tls: 37 enabled: $FABRIC_TLS 38 certfiles: 39 - $TLS_ROOTCERT 40 client: 41 certfile: $TLS_CLIENTCERT 42 keyfile: $TLS_CLIENTKEY 43 44 registry: 45 # Maximum number of times a password/secret can be reused for enrollment 46 # (default: -1, which means there is no limit) 47 maxenrollments: -1 48 49 # Contains identity information which is used when LDAP is disabled 50 identities: 51 - name: a 52 pass: b 53 type: client 54 affiliation: "" 55 maxenrollments: -1 56 attrs: 57 hf.Registrar.Roles: "client,user,peer,validator,auditor" 58 hf.Registrar.DelegateRoles: "client,user,validator,auditor" 59 hf.Revoker: true 60 hf.IntermediateCA: true 61 62 affiliations: 63 org1: 64 - department1 65 - department2 66 org2: 67 - department1 68 EOF 69 70 if [ "$version" != "" ]; then 71 sed -i "1s/^/version: \"$version\"\n/" $TESTCONFIG 72 fi 73 74 if [[ $driver = "sqlite3" ]]; then 75 sed -i "s/type: mysql/type: sqlite3/ 76 s/datasource:.*/datasource: $DBNAME/" $TESTCONFIG 77 fi 78 79 if [[ $driver = "postgres" ]]; then 80 sed -i "s/type: mysql/type: postgres/ 81 s/datasource:.*/datasource: host=localhost port=$POSTGRES_PORT user=postgres password=postgres dbname=$DBNAME $postgresTls/" $TESTCONFIG 82 fi 83 84 } 85 86 function resetDB { 87 case "$driver" in 88 sqlite3) 89 rm -rf $FABRIC_CA_SERVER_HOME/$DBNAME ;; 90 postgres) 91 psql -d postgres -c "DROP DATABASE $DBNAME" ;; 92 mysql) 93 mysql --host=localhost --user=root --password=mysql -e "DROP DATABASE $DBNAME" ;; 94 *) 95 echo "Invalid database type" 96 exit 1 97 ;; 98 esac 99 } 100 101 function createDB { 102 case "$driver" in 103 sqlite3) 104 mkdir -p $FABRIC_CA_SERVER_HOME ;; 105 postgres) 106 psql -d postgres -c "CREATE DATABASE $DBNAME" ;; 107 mysql) 108 mysql --host=localhost --user=root --password=mysql -e "CREATE DATABASE $DBNAME" ;; 109 *) 110 echo "Invalid database type" 111 exit 1 112 ;; 113 esac 114 } 115 116 # loadUsers creates table using old schema and populates the users table with users 117 function loadUsers { 118 case "$driver" in 119 sqlite3) 120 mkdir -p $FABRIC_CA_SERVER_HOME 121 sqlite3 $FABRIC_CA_SERVER_HOME/$DBNAME 'CREATE TABLE IF NOT EXISTS users (id VARCHAR(255), token bytea, type VARCHAR(256), affiliation VARCHAR(1024), attributes TEXT, state INTEGER, max_enrollments INTEGER);' 122 sqlite3 $FABRIC_CA_SERVER_HOME/$DBNAME "INSERT INTO users (id, token, type, affiliation, attributes, state, max_enrollments) 123 VALUES ('registrar', '', 'user', 'org2', '[{\"name\": \"hf.Registrar.Roles\", \"value\": \"user,peer,client\"},{\"name\": \"hf.Revoker\", \"value\": \"true\"}]', '0', '-1');" 124 sqlite3 $FABRIC_CA_SERVER_HOME/$DBNAME "INSERT INTO users (id, token, type, affiliation, attributes, state, max_enrollments) 125 VALUES ('notregistrar', '', 'user', 'org2', '[{\"name\": \"hf.Revoker\", \"value\": \"true\"}]', '0', '-1');" 126 127 sed -i "s/type: mysql/type: sqlite3/ 128 s/datasource:.*/datasource: $DBNAME/" $TESTCONFIG 129 ;; 130 postgres) 131 psql -d postgres -c "CREATE DATABASE $DBNAME" 132 psql -d $DBNAME -c "CREATE TABLE IF NOT EXISTS users (id VARCHAR(255), token bytea, type VARCHAR(256), affiliation VARCHAR(1024), attributes TEXT, state INTEGER, max_enrollments INTEGER)" 133 psql -d $DBNAME -c "INSERT INTO users (id, token, type, affiliation, attributes, state, max_enrollments) VALUES ('registrar', '', 'user', 'org2', '[{\"name\": \"hf.Registrar.Roles\", \"value\": \"user,peer,client\"},{\"name\": \"hf.Revoker\", \"value\": \"true\"}]', '0', '-1')" 134 psql -d $DBNAME -c "INSERT INTO users (id, token, type, affiliation, attributes, state, max_enrollments) VALUES ('notregistrar', '', 'user', 'org2', '[{\"name\": \"hf.Revoker\", \"value\": \"true\"}]', '0', '-1')" 135 136 sed -i "s/type: mysql/type: postgres/ 137 s/datasource:.*/datasource: host=localhost port=$POSTGRES_PORT user=postgres password=postgres dbname=$DBNAME $postgresTls/" $TESTCONFIG 138 ;; 139 mysql) 140 mysql --host=localhost --user=root --password=mysql -e "CREATE DATABASE $DBNAME" 141 mysql --host=localhost --user=root --password=mysql --database=$DBNAME -e "CREATE TABLE IF NOT EXISTS users (id VARCHAR(255) NOT NULL, token blob, type VARCHAR(256), affiliation VARCHAR(1024), attributes TEXT, state INTEGER, max_enrollments INTEGER, PRIMARY KEY (id)) DEFAULT CHARSET=utf8 COLLATE utf8_bin" 142 mysql --host=localhost --user=root --password=mysql --database=$DBNAME -e "INSERT INTO users (id, token, type, affiliation, attributes, state, max_enrollments) VALUES ('registrar', '', 'user', 'org2', '[{\"name\": \"hf.Registrar.Roles\", \"value\": \"user,peer,client\"},{\"name\": \"hf.Revoker\", \"value\": \"true\"}]', '0', '-1')" 143 mysql --host=localhost --user=root --password=mysql --database=$DBNAME -e "INSERT INTO users (id, token, type, affiliation, attributes, state, max_enrollments) VALUES ('notregistrar', '', 'user', 'org2', '[{\"name\": \"hf.Revoker\", \"value\": \"true\"}]', '0', '-1')" 144 ;; 145 *) 146 echo "Invalid database type" 147 exit 1 148 ;; 149 esac 150 } 151 152 function validateUsers { 153 local result=$1 154 : ${result:= 0} 155 case "$driver" in 156 sqlite3) 157 sqlite3 $FABRIC_CA_SERVER_HOME/$DBNAME "SELECT attributes FROM users WHERE (id = 'registrar');" | grep '"name":"hf.Registrar.Attributes","value":"*"' 158 if test $? -eq 1; then 159 ErrorMsg "Failed to correctly migrate user 'registar' on sqlite" 160 fi 161 sqlite3 $FABRIC_CA_SERVER_HOME/$DBNAME "SELECT attributes FROM users WHERE (id = 'notregistrar');" | grep '"name":"hf.Registrar.Attributes","value":"*"' 162 if test $? -eq 0; then 163 ErrorMsg "Failed to correctly migrate user 'notregistar' on sqlite" 164 fi 165 sqlite3 $FABRIC_CA_SERVER_HOME/$DBNAME "SELECT attributes FROM users WHERE (id = 'a');" | grep '"name":"hf.Registrar.Attributes","value":"*"' 166 if test $? -eq $result; then 167 ErrorMsg "Failed to correctly migrate user 'a' on sqlite" 168 fi 169 ;; 170 postgres) 171 psql -d $DBNAME -c "SELECT attributes FROM users WHERE (id = 'registrar')" | grep '"name":"hf.Registrar.Attributes","value":"*"' 172 if test $? -eq 1; then 173 ErrorMsg "Failed to correctly migrate user 'registrar' on postgres" 174 fi 175 psql -d $DBNAME -c "SELECT attributes FROM users WHERE (id = 'notregistrar')" | grep '"name":"hf.Registrar.Attributes","value":"*"' 176 if test $? -eq 0; then 177 ErrorMsg "Failed to correctly migrate user 'notregistrar' on postgres" 178 fi 179 psql -d $DBNAME -c "SELECT attributes FROM users WHERE (id = 'a')" | grep '"name":"hf.Registrar.Attributes","value":"*"' 180 if test $? -eq $result; then 181 ErrorMsg "Failed to correctly migrate user 'a' on postgres" 182 fi 183 ;; 184 mysql) 185 mysql --host=localhost --user=root --password=mysql --database=$DBNAME -e "SELECT attributes FROM users WHERE (id = 'registrar')" | grep '"name":"hf.Registrar.Attributes","value":"*"' 186 if test $? -eq 1; then 187 ErrorMsg "Failed to correctly migrate user 'registrar' on mysql" 188 fi 189 mysql --host=localhost --user=root --password=mysql --database=$DBNAME -e "SELECT attributes FROM users WHERE (id = 'notregistrar')" | grep '"name":"hf.Registrar.Attributes","value":"*"' 190 if test $? -eq 0; then 191 ErrorMsg "Failed to correctly migrate user 'notregistrar' on mysql" 192 fi 193 mysql --host=localhost --user=root --password=mysql --database=$DBNAME -e "SELECT attributes FROM users WHERE (id = 'a')" | grep '"name":"hf.Registrar.Attributes","value":"*"' 194 if test $? -eq $result; then 195 ErrorMsg "Failed to correctly migrate user 'a' on mysql" 196 fi 197 ;; 198 *) 199 echo "Invalid database type" 200 exit 1 201 ;; 202 esac 203 } 204 205 # Starting server with a configuration file that is a higher version than the server executable should fail 206 genConfig "9.9.9.9" 207 fabric-ca-server start -b a:b -c $TESTCONFIG -d 208 if test $? -ne 1; then 209 ErrorMsg "Should have failed to start server, configuration file version is higher than the server executable version" 210 fi 211 212 # Test that the server should fail to initialize if the database level is higher than the server executable level 213 for driver in sqlite3 postgres mysql; do 214 215 # Initializing a server with a database that has a higher level than the server executable 216 resetDB 217 createDB 218 219 case "$driver" in 220 sqlite3) 221 rm -rf $FABRIC_CA_SERVER_HOME 222 mkdir -p $FABRIC_CA_SERVER_HOME 223 sqlite3 $FABRIC_CA_SERVER_HOME/fabric_ca 'CREATE TABLE IF NOT EXISTS properties (property VARCHAR(255), value VARCHAR(256), PRIMARY KEY(property));' 224 sqlite3 $FABRIC_CA_SERVER_HOME/fabric_ca 'INSERT INTO properties (property, value) Values ("identity.level", "9");' 225 ;; 226 postgres) 227 psql -d postgres -c "DROP DATABASE fabric_ca" 228 psql -d postgres -c "CREATE DATABASE fabric_ca" 229 psql -d fabric_ca -c "CREATE TABLE IF NOT EXISTS properties (property VARCHAR(255), value VARCHAR(256), PRIMARY KEY(property))" 230 psql -d fabric_ca -c "INSERT INTO properties (property, value) Values ('identity.level', '9')" 231 ;; 232 mysql) 233 mysql --host=localhost --user=root --password=mysql -e "DROP DATABASE fabric_ca" 234 mysql --host=localhost --user=root --password=mysql -e "CREATE DATABASE fabric_ca" 235 mysql --host=localhost --user=root --password=mysql --database=fabric_ca -e "CREATE TABLE IF NOT EXISTS properties (property VARCHAR(255), value VARCHAR(256), PRIMARY KEY(property))" 236 mysql --host=localhost --user=root --password=mysql --database=fabric_ca -e "INSERT INTO properties (property, value) Values ('identity.level', '9')" 237 ;; 238 *) 239 echo "Invalid database type" 240 exit 1 241 ;; 242 esac 243 244 $SCRIPTDIR/fabric-ca_setup.sh -I -D -d $driver 245 if test $? -eq 0; then 246 ErrorMsg "Should have failed to initialize server because the database level is higher than the server" 247 fi 248 $SCRIPTDIR/fabric-ca_setup.sh -K 249 250 resetDB 251 252 # Starting server with latest level on the configuration file, all registrars currently 253 # in database will be migrated and any new users defined in the configuration will be loaded as is 254 # and will not have migration performed on them 255 genConfig "1.1.0" 256 loadUsers 257 258 $SCRIPTDIR/fabric-ca_setup.sh -I -D -g $TESTCONFIG 259 if test $? -eq 1; then 260 ErrorMsg "Failed to start server, with the latest configuration file version" 261 fi 262 $SCRIPTDIR/fabric-ca_setup.sh -K 263 264 validateUsers 265 resetDB 266 done 267 268 CleanUp $RC 269 exit $RC