github.com/cactusblossom/fabric-ca@v0.0.0-20200611062428-0082fc643826/scripts/fvt/backwards_comp_test.sh (about) 1 #!/bin/bash 2 # 3 # Copyright IBM Corp. All Rights Reserved. 4 # 5 # SPDX-License-Identifier: Apache-2.0 6 # 7 8 TESTCASE="backwards_comp" 9 FABRIC_CA="$GOPATH/src/github.com/hyperledger/fabric-ca" 10 SCRIPTDIR="$FABRIC_CA/scripts/fvt" 11 . $SCRIPTDIR/fabric-ca_utils 12 RC=0 13 14 export FABRIC_CA_SERVER_HOME="/tmp/$TESTCASE" 15 export CA_CFG_PATH="/tmp/$TESTCASE" 16 17 TESTCONFIG="$FABRIC_CA_SERVER_HOME/testconfig.yaml" 18 DBNAME=fabric_ca 19 20 function genConfig { 21 local version=$1 22 : ${version:=""} 23 24 mkdir -p $FABRIC_CA_SERVER_HOME 25 # Create base configuration using mysql 26 cat > $TESTCONFIG <<EOF 27 debug: true 28 29 db: 30 type: mysql 31 datasource: root:mysql@tcp(localhost:$MYSQL_PORT)/$DBNAME 32 33 registry: 34 # Maximum number of times a password/secret can be reused for enrollment 35 # (default: -1, which means there is no limit) 36 maxenrollments: -1 37 38 # Contains identity information which is used when LDAP is disabled 39 identities: 40 - name: a 41 pass: b 42 type: client 43 affiliation: "" 44 maxenrollments: -1 45 attrs: 46 hf.Registrar.Roles: "client,user,peer,validator,auditor" 47 hf.Registrar.DelegateRoles: "client,user,validator,auditor" 48 hf.Revoker: true 49 hf.IntermediateCA: true 50 51 affiliations: 52 org1: 53 - department1 54 - department2 55 org2: 56 - department1 57 EOF 58 59 if [ "$version" != "" ]; then 60 sed -i "1s/^/version: \"$version\"\n/" $TESTCONFIG 61 fi 62 63 if [[ $driver = "sqlite3" ]]; then 64 sed -i "s/type: mysql/type: sqlite3/ 65 s/datasource:.*/datasource: $DBNAME/" $TESTCONFIG 66 fi 67 68 if [[ $driver = "postgres" ]]; then 69 sed -i "s/type: mysql/type: postgres/ 70 s/datasource:.*/datasource: host=localhost port=$POSTGRES_PORT user=postgres password=postgres dbname=$DBNAME/" $TESTCONFIG 71 fi 72 73 } 74 75 function resetDB { 76 case "$driver" in 77 sqlite3) 78 rm -rf $FABRIC_CA_SERVER_HOME/$DBNAME ;; 79 postgres) 80 psql -d postgres -c "DROP DATABASE $DBNAME" ;; 81 mysql) 82 mysql --host=localhost --user=root --password=mysql -e "DROP DATABASE $DBNAME" ;; 83 *) 84 echo "Invalid database type" 85 exit 1 86 ;; 87 esac 88 } 89 90 function createDB { 91 case "$driver" in 92 sqlite3) 93 mkdir -p $FABRIC_CA_SERVER_HOME ;; 94 postgres) 95 psql -d postgres -c "CREATE DATABASE $DBNAME" ;; 96 mysql) 97 mysql --host=localhost --user=root --password=mysql -e "CREATE DATABASE $DBNAME" ;; 98 *) 99 echo "Invalid database type" 100 exit 1 101 ;; 102 esac 103 } 104 105 # loadUsers creates table using old schema and populates the users table with users 106 function loadUsers { 107 case "$driver" in 108 sqlite3) 109 mkdir -p $FABRIC_CA_SERVER_HOME 110 sqlite3 $FABRIC_CA_SERVER_HOME/$DBNAME 'CREATE TABLE IF NOT EXISTS users (id VARCHAR(255), token bytea, type VARCHAR(256), affiliation VARCHAR(1024), attributes TEXT, state INTEGER, max_enrollments INTEGER);' 111 sqlite3 $FABRIC_CA_SERVER_HOME/$DBNAME "INSERT INTO users (id, token, type, affiliation, attributes, state, max_enrollments) 112 VALUES ('registrar', '', 'user', 'org2', '[{\"name\": \"hf.Registrar.Roles\", \"value\": \"user,peer,client\"},{\"name\": \"hf.Revoker\", \"value\": \"true\"}]', '0', '-1');" 113 sqlite3 $FABRIC_CA_SERVER_HOME/$DBNAME "INSERT INTO users (id, token, type, affiliation, attributes, state, max_enrollments) 114 VALUES ('notregistrar', '', 'user', 'org2', '[{\"name\": \"hf.Revoker\", \"value\": \"true\"}]', '0', '-1');" 115 116 sed -i "s/type: mysql/type: sqlite3/ 117 s/datasource:.*/datasource: $DBNAME/" $TESTCONFIG 118 ;; 119 postgres) 120 psql -d postgres -c "CREATE DATABASE $DBNAME" 121 psql -d $DBNAME -c "CREATE TABLE IF NOT EXISTS users (id VARCHAR(255), token bytea, type VARCHAR(256), affiliation VARCHAR(1024), attributes TEXT, state INTEGER, max_enrollments INTEGER)" 122 psql -d $DBNAME -c "INSERT INTO users (id, token, type, affiliation, attributes, state, max_enrollments) VALUES ('registrar', '', 'user', 'org2', '[{\"name\": \"hf.Registrar.Roles\", \"value\": \"user,peer,client\"},{\"name\": \"hf.Revoker\", \"value\": \"true\"}]', '0', '-1')" 123 psql -d $DBNAME -c "INSERT INTO users (id, token, type, affiliation, attributes, state, max_enrollments) VALUES ('notregistrar', '', 'user', 'org2', '[{\"name\": \"hf.Revoker\", \"value\": \"true\"}]', '0', '-1')" 124 125 sed -i "s/type: mysql/type: postgres/ 126 s/datasource:.*/datasource: host=localhost port=$POSTGRES_PORT user=postgres password=postgres dbname=$DBNAME $postgresTls/" $TESTCONFIG 127 ;; 128 mysql) 129 mysql --host=localhost --user=root --password=mysql -e "CREATE DATABASE $DBNAME" 130 mysql --host=localhost --user=root --password=mysql --database=$DBNAME -e "CREATE TABLE IF NOT EXISTS users (id VARCHAR(255) NOT NULL, token blob, type VARCHAR(256), affiliation VARCHAR(1024), attributes TEXT, state INTEGER, max_enrollments INTEGER, PRIMARY KEY (id)) DEFAULT CHARSET=utf8 COLLATE utf8_bin" 131 mysql --host=localhost --user=root --password=mysql --database=$DBNAME -e "INSERT INTO users (id, token, type, affiliation, attributes, state, max_enrollments) VALUES ('registrar', '', 'user', 'org2', '[{\"name\": \"hf.Registrar.Roles\", \"value\": \"user,peer,client\"},{\"name\": \"hf.Revoker\", \"value\": \"true\"}]', '0', '-1')" 132 mysql --host=localhost --user=root --password=mysql --database=$DBNAME -e "INSERT INTO users (id, token, type, affiliation, attributes, state, max_enrollments) VALUES ('notregistrar', '', 'user', 'org2', '[{\"name\": \"hf.Revoker\", \"value\": \"true\"}]', '0', '-1')" 133 ;; 134 *) 135 echo "Invalid database type" 136 exit 1 137 ;; 138 esac 139 } 140 141 function validateUsers { 142 local result=$1 143 : ${result:= 0} 144 case "$driver" in 145 sqlite3) 146 sqlite3 $FABRIC_CA_SERVER_HOME/$DBNAME "SELECT attributes FROM users WHERE (id = 'registrar');" | grep '"name":"hf.Registrar.Attributes","value":"*"' 147 if test $? -eq 1; then 148 ErrorMsg "Failed to correctly migrate user 'registar' on sqlite" 149 fi 150 sqlite3 $FABRIC_CA_SERVER_HOME/$DBNAME "SELECT attributes FROM users WHERE (id = 'notregistrar');" | grep '"name":"hf.Registrar.Attributes","value":"*"' 151 if test $? -eq 0; then 152 ErrorMsg "Failed to correctly migrate user 'notregistar' on sqlite" 153 fi 154 sqlite3 $FABRIC_CA_SERVER_HOME/$DBNAME "SELECT attributes FROM users WHERE (id = 'a');" | grep '"name":"hf.Registrar.Attributes","value":"*"' 155 if test $? -eq $result; then 156 ErrorMsg "Failed to correctly migrate user 'a' on sqlite" 157 fi 158 ;; 159 postgres) 160 psql -d $DBNAME -c "SELECT attributes FROM users WHERE (id = 'registrar')" | grep '"name":"hf.Registrar.Attributes","value":"*"' 161 if test $? -eq 1; then 162 ErrorMsg "Failed to correctly migrate user 'registrar' on postgres" 163 fi 164 psql -d $DBNAME -c "SELECT attributes FROM users WHERE (id = 'notregistrar')" | grep '"name":"hf.Registrar.Attributes","value":"*"' 165 if test $? -eq 0; then 166 ErrorMsg "Failed to correctly migrate user 'notregistrar' on postgres" 167 fi 168 psql -d $DBNAME -c "SELECT attributes FROM users WHERE (id = 'a')" | grep '"name":"hf.Registrar.Attributes","value":"*"' 169 if test $? -eq $result; then 170 ErrorMsg "Failed to correctly migrate user 'a' on postgres" 171 fi 172 ;; 173 mysql) 174 mysql --host=localhost --user=root --password=mysql --database=$DBNAME -e "SELECT attributes FROM users WHERE (id = 'registrar')" | grep '"name":"hf.Registrar.Attributes","value":"*"' 175 if test $? -eq 1; then 176 ErrorMsg "Failed to correctly migrate user 'registrar' on mysql" 177 fi 178 mysql --host=localhost --user=root --password=mysql --database=$DBNAME -e "SELECT attributes FROM users WHERE (id = 'notregistrar')" | grep '"name":"hf.Registrar.Attributes","value":"*"' 179 if test $? -eq 0; then 180 ErrorMsg "Failed to correctly migrate user 'notregistrar' on mysql" 181 fi 182 mysql --host=localhost --user=root --password=mysql --database=$DBNAME -e "SELECT attributes FROM users WHERE (id = 'a')" | grep '"name":"hf.Registrar.Attributes","value":"*"' 183 if test $? -eq $result; then 184 ErrorMsg "Failed to correctly migrate user 'a' on mysql" 185 fi 186 ;; 187 *) 188 echo "Invalid database type" 189 exit 1 190 ;; 191 esac 192 } 193 194 # Starting server with a configuration file that is a higher version than the server executable should fail 195 genConfig "9.9.9.9" 196 fabric-ca-server start -b a:b -c $TESTCONFIG -d 197 if test $? -ne 1; then 198 ErrorMsg "Should have failed to start server, configuration file version is higher than the server executable version" 199 fi 200 201 # Test that the server should fail to initialize if the database level is higher than the server executable level 202 for driver in sqlite3 postgres mysql; do 203 204 # Initializing a server with a database that has a higher level than the server executable 205 resetDB 206 createDB 207 208 case "$driver" in 209 sqlite3) 210 rm -rf $FABRIC_CA_SERVER_HOME 211 mkdir -p $FABRIC_CA_SERVER_HOME 212 sqlite3 $FABRIC_CA_SERVER_HOME/fabric_ca 'CREATE TABLE IF NOT EXISTS properties (property VARCHAR(255), value VARCHAR(256), PRIMARY KEY(property));' 213 sqlite3 $FABRIC_CA_SERVER_HOME/fabric_ca 'INSERT INTO properties (property, value) Values ("identity.level", "9");' 214 ;; 215 postgres) 216 psql -d postgres -c "DROP DATABASE fabric_ca" 217 psql -d postgres -c "CREATE DATABASE fabric_ca" 218 psql -d fabric_ca -c "CREATE TABLE IF NOT EXISTS properties (property VARCHAR(255), value VARCHAR(256), PRIMARY KEY(property))" 219 psql -d fabric_ca -c "INSERT INTO properties (property, value) Values ('identity.level', '9')" 220 ;; 221 mysql) 222 mysql --host=localhost --user=root --password=mysql -e "DROP DATABASE fabric_ca" 223 mysql --host=localhost --user=root --password=mysql -e "CREATE DATABASE fabric_ca" 224 mysql --host=localhost --user=root --password=mysql --database=fabric_ca -e "CREATE TABLE IF NOT EXISTS properties (property VARCHAR(255), value VARCHAR(256), PRIMARY KEY(property))" 225 mysql --host=localhost --user=root --password=mysql --database=fabric_ca -e "INSERT INTO properties (property, value) Values ('identity.level', '9')" 226 ;; 227 *) 228 echo "Invalid database type" 229 exit 1 230 ;; 231 esac 232 233 $SCRIPTDIR/fabric-ca_setup.sh -I -D -d $driver 234 if test $? -eq 0; then 235 ErrorMsg "Should have failed to initialize server because the database level is higher than the server" 236 fi 237 $SCRIPTDIR/fabric-ca_setup.sh -K 238 239 resetDB 240 241 # Starting server with latest level on the configuration file, all registrars currently 242 # in database will be migrated and any new users defined in the configuration will be loaded as is 243 # and will not have migration performed on them 244 genConfig "1.1.0" 245 loadUsers 246 247 $SCRIPTDIR/fabric-ca_setup.sh -I -D -g $TESTCONFIG 248 if test $? -eq 1; then 249 ErrorMsg "Failed to start server, with the latest configuration file version" 250 fi 251 $SCRIPTDIR/fabric-ca_setup.sh -K 252 253 validateUsers 254 resetDB 255 done 256 257 CleanUp $RC 258 exit $RC