github.com/extrame/fabric-ca@v2.0.0-alpha+incompatible/scripts/fvt/postgres_test.sh

github.com/extrame/fabric-ca@v2.0.0-alpha+incompatible/scripts/fvt/postgres_test.sh (about)

     1  #!/bin/bash
     2  #
     3  # Copyright IBM Corp. All Rights Reserved.
     4  #
     5  # SPDX-License-Identifier: Apache-2.0
     6  #
     7  
     8  TESTCASE="postgres"
     9  FABRIC_CA="$GOPATH/src/github.com/hyperledger/fabric-ca"
    10  FABRIC_CAEXEC="$FABRIC_CA/bin/fabric-ca"
    11  SCRIPTDIR="$FABRIC_CA/scripts/fvt"
    12  . $SCRIPTDIR/fabric-ca_utils
    13  RC=0
    14  
    15  export FABRIC_CA_SERVER_HOME="/tmp/$TESTCASE"
    16  
    17  PGSQLSERVERCONFIG="$FABRIC_CA_SERVER_HOME/pgsqlserverconfig.yaml"
    18  SERVERLOG="$FABRIC_CA_SERVER_HOME/serverlog.txt"
    19  MSP="$FABRIC_CA_SERVER_HOME/msp"
    20  SERVERCERT="$FABRIC_CA_SERVER_HOME/fabric-ca-cert.pem"
    21  DBNAME="fabric_ca"
    22  
    23  function cleanup {
    24      rm $SERVERCERT
    25      rm -rf $MSP
    26      rm $SERVERLOG
    27  }
    28  
    29  function configureDB {
    30      psql -c "CREATE USER testuser WITH PASSWORD 'testuserpw' LOGIN"
    31      psql -c "CREATE DATABASE testdb"
    32      psql -d testdb -c "DROP DATABASE $DBNAME"
    33      psql -d testdb -c "DROP DATABASE postgres"
    34  }
    35  
    36  function resetDB {
    37      psql -d testdb -c "ALTER DATABASE template1_temp RENAME TO template1"
    38      psql -d testdb -c "CREATE DATABASE $DBNAME"
    39      psql -d testdb -c "CREATE DATABASE postgres"
    40      psql -d testdb -c "ALTER USER testuser WITH NOCREATEDB"
    41  }
    42  
    43  function genConfig {
    44      postgresTls='sslmode=disable'
    45     case "$FABRIC_TLS" in
    46        true) postgresTls='sslmode=require' ;;
    47     esac
    48  
    49     mkdir -p $FABRIC_CA_SERVER_HOME
    50     cat > $PGSQLSERVERCONFIG <<EOF
    51  debug: true
    52  
    53  db:
    54    type: postgres
    55    datasource: host=localhost port=$POSTGRES_PORT user=testuser password=testuserpw dbname=fabric_ca $postgresTls
    56    tls:
    57       enabled: $FABRIC_TLS
    58       certfiles:
    59         - $TLS_ROOTCERT
    60       client:
    61         certfile: $TLS_CLIENTCERT
    62         keyfile: $TLS_CLIENTKEY
    63  
    64  tls:
    65    enabled: $FABRIC_TLS
    66    certfile: $TLS_SERVERCERT
    67    keyfile: $TLS_SERVERKEY
    68  
    69  registry:
    70    # Maximum number of times a password/secret can be reused for enrollment
    71    # (default: -1, which means there is no limit)
    72    maxenrollments: -1
    73  
    74    # Contains identity information which is used when LDAP is disabled
    75    identities:
    76       - name: a
    77         pass: b
    78         type: client
    79         affiliation: ""
    80         maxenrollments: -1
    81         attrs:
    82            hf.Registrar.Roles: "client,user,peer,validator,auditor"
    83            hf.Registrar.DelegateRoles: "client,user,validator,auditor"
    84            hf.Revoker: true
    85            hf.IntermediateCA: true
    86  
    87  affiliations:
    88     org1:
    89        - department1
    90        - department2
    91     org2:
    92        - department1
    93  EOF
    94  }
    95  
    96  genConfig
    97  cleanup
    98  configureDB
    99  
   100  # TEST 1: Database user does not have permission to create DB and also
   101  # no database exists with the same name as user
   102  $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $PGSQLSERVERCONFIG 2>&1 | tee $SERVERLOG &
   103  pollFabricCa "" "" $CA_DEFAULT_PORT
   104  $SCRIPTDIR/fabric-ca_setup.sh -K
   105  grep "pq: permission denied to create database" $SERVERLOG &> /dev/null
   106  if [ $? != 0 ]; then
   107      ErrorMsg "'testuser' should not have been able to create database, does not have permissions"
   108  fi
   109  
   110  # TEST 2: There are no database to establish a connection, an error is expected
   111  # Three database are tried, the database specified in connection string, postgres,
   112  # and template1
   113  psql -d testdb -c "ALTER DATABASE template1 RENAME TO template1_temp"
   114  $SCRIPTDIR/fabric-ca_setup.sh -S -X -g $PGSQLSERVERCONFIG 2>&1 | tee $SERVERLOG &
   115  pollFabricCa "" "" $CA_DEFAULT_PORT
   116  grep "Please create one of these database before continuing" $SERVERLOG &> /dev/null
   117  if [ $? != 0 ]; then
   118      ErrorMsg "None of the database expected exist, should have thrown an error in the logs"
   119  fi
   120  
   121  # TEST 3: User has permissions to create DB and at least of the expected database
   122  # exists, should successfully initialize database now
   123  psql -d testdb -c "ALTER DATABASE template1_temp RENAME TO template1"
   124  psql -d testdb -c "ALTER USER testuser WITH CREATEDB"
   125  
   126  # Enroll should try to reinitialize the DB before processing enroll request and should succeed
   127  enroll a b 2>&1 | grep "Stored client certificate"
   128  if [ $? != 0 ]; then
   129      ErrorMsg "Enroll request should have passed"
   130  fi
   131  
   132  $SCRIPTDIR/fabric-ca_setup.sh -K
   133  grep "Initialized postgres database" $SERVERLOG &> /dev/null
   134  if [ $? != 0 ]; then
   135      ErrorMsg "Postgres database should have been successfully initialized"
   136  fi
   137  
   138  resetDB
   139  CleanUp $RC
   140  exit $RC