github.com/darrenli6/fabric-sdk-example@v0.0.0-20220109053535-94b13b56df8c/protos/msp/msp_principal.proto (about) 1 /* 2 Copyright IBM Corp. 2016 All Rights Reserved. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 18 syntax = "proto3"; 19 20 option go_package = "github.com/hyperledger/fabric/protos/msp"; 21 option java_package = "org.hyperledger.fabric.protos.common"; 22 23 package common; 24 25 26 // msp_principal.proto contains proto messages defining the generalized 27 // MSP notion of identity called an MSPPrincipal. It is used as part of 28 // the chain configuration, in particular as the identity parameters to 29 // the configuration.proto file. This does not represent the MSP 30 // configuration for a chain, but is understood by MSPs 31 32 // MSPPrincipal aims to represent an MSP-centric set of identities. 33 // In particular, this structure allows for definition of 34 // - a group of identities that are member of the same MSP 35 // - a group of identities that are member of the same organization unit 36 // in the same MSP 37 // - a group of identities that are administering a specific MSP 38 // - a specific identity 39 // Expressing these groups is done given two fields of the fields below 40 // - Classification, that defines the type of classification of identities 41 // in an MSP this principal would be defined on; Classification can take 42 // three values: 43 // (i) ByMSPRole: that represents a classification of identities within 44 // MSP based on one of the two pre-defined MSP rules, "member" and "admin" 45 // (ii) ByOrganizationUnit: that represents a classification of identities 46 // within MSP based on the organization unit an identity belongs to 47 // (iii)ByIdentity that denotes that MSPPrincipal is mapped to a single 48 // identity/certificate; this would mean that the Principal bytes 49 // message 50 message MSPPrincipal { 51 52 enum Classification { 53 ROLE = 0; // Represents the one of the dedicated MSP roles, the 54 // one of a member of MSP network, and the one of an 55 // administrator of an MSP network 56 ORGANIZATION_UNIT = 1; // Denotes a finer grained (affiliation-based) 57 // groupping of entities, per MSP affiliation 58 // E.g., this can well be represented by an MSP's 59 // Organization unit 60 IDENTITY = 2; // Denotes a principal that consists of a single 61 // identity 62 } 63 64 // Classification describes the way that one should process 65 // Principal. An Classification value of "ByOrganizationUnit" reflects 66 // that "Principal" contains the name of an organization this MSP 67 // handles. A Classification value "ByIdentity" means that 68 // "Principal" contains a specific identity. Default value 69 // denotes that Principal contains one of the groups by 70 // default supported by all MSPs ("admin" or "member"). 71 Classification principal_classification = 1; 72 73 // Principal completes the policy principal definition. For the default 74 // principal types, Principal can be either "Admin" or "Member". 75 // For the ByOrganizationUnit/ByIdentity values of Classification, 76 // PolicyPrincipal acquires its value from an organization unit or 77 // identity, respectively. 78 bytes principal = 2; 79 } 80 81 82 // OrganizationUnit governs the organization of the Principal 83 // field of a policy principal when a specific organization unity members 84 // are to be defined within a policy principal. 85 message OrganizationUnit { 86 87 // MSPIdentifier represents the identifier of the MSP this organization unit 88 // refers to 89 string msp_identifier = 1; 90 91 // OrganizationUnitIdentifier defines the organizational unit under the 92 // MSP identified with MSPIdentifier 93 string organizational_unit_identifier = 2; 94 95 // CertifiersIdentifier is the hash of certificates chain of trust 96 // related to this organizational unit 97 bytes certifiers_identifier = 3; 98 } 99 100 // MSPRole governs the organization of the Principal 101 // field of an MSPPrincipal when it aims to define one of the 102 // two dedicated roles within an MSP: Admin and Members. 103 message MSPRole { 104 105 // MSPIdentifier represents the identifier of the MSP this principal 106 // refers to 107 string msp_identifier = 1; 108 109 enum MSPRoleType { 110 MEMBER = 0; // Represents an MSP Member 111 ADMIN = 1; // Represents an MSP Admin 112 } 113 114 // MSPRoleType defines which of the available, pre-defined MSP-roles 115 // an identiy should posess inside the MSP with identifier MSPidentifier 116 MSPRoleType role = 2; 117 118 } 119 120 121 // TODO: Bring msp.SerializedIdentity from fabric/msp/identities.proto here. Reason below. 122 // SerializedIdentity represents an serialized version of an identity; 123 // this consists of an MSP-identifier this identity would correspond to 124 // and the bytes of the actual identity. A serialized form of 125 // SerializedIdentity would govern "Principal" field of a PolicyPrincipal 126 // of classification "ByIdentity".